1. InfoconDB
  2. OWASP
  3. Global AppSec - DC 2019
  4. Salesforce Data Governance: What dark secrets lurk in your instance?

Salesforce Data Governance: What dark secrets lurk in your instance?

Presented at Global AppSec - DC 2019, Sept. 13, 2019, 3:30 p.m. (45 minutes)

Salesforce only has Sales and Marketing information, right? WRONG! Over the years, Salesforce has grown and evolved exponentially. Companies are leveraging Salesforce in many ways, adding even more sensitive customer data to the platform. While Salesforce is very secure, it’s still a platform that can be implemented in a way that puts your org at risk. So how do you know Salesforce is implemented in a way that meets your compliance needs? And how do you actually align your Salesforce implementation to your Security Posture? It all starts with Data Governance, the foundation for Salesforce security. Data Governance provides the ability to effectively manage data using appropriate controls throughout the information lifecycle process to meet various internal and external requirements. We’ll explain the basics and then dive into the more complex topics on how Salesforce, the lifecycle of customer data, and regulatory compliance can all effectively co-exist. We will explain the capabilities available to implement the 4 pillars of Data Governance (Data Inventory, Data Security, Data Privacy and Data Compliance). You’ll walk away with tangible next steps for governing Salesforce, like data classification, access management, encryption at rest, user access management, compliance reporting and more. Learn the nuances of Salesforce and what questions to ask your Salesforce team to ensure Salesforce is implemented in a way that aligns to your Security Posture!

Presenters:

  • Patrick Fields - RevCult
    Patrick Fields is Account Executive – East with RevCult, tasked with leading the firm’s sales efforts with clients based in the Eastern United States. Mr. Fields is an experienced information security sales executive with a background in Governance, Risk and Compliance (GRC), Incident Detection and Response, and Identity and Access Management (IAM) technologies. Patrick believes a sale is only successful once the client is able to demonstrate a reduction in risk delivered by implementation of the solution which has been acquired.

Links:

Similar Presentations: