Salesforce Security Guide

Clouds with binary code floating aboveCloud with binary code floating above

No Results

Search Tips:

  • Please consider misspellings
  • Try different search keywords
Salesforce Security Guide
Salesforce Security Basics
Authenticate Users
Give Users Access to Data
Share Objects and Fields
Strengthen Your Data’s Security with Shield Platform Encryption
Audit and Monitor Your Organization’s Security
Real-Time Event Monitoring
Real-Time Event Monitoring Definitions
Considerations for Using Real-Time Event Monitoring
Enable Access to Real-Time Event Monitoring
Stream and Store Event Data
Create Logout Event Triggers
How Chunking Works with ReportEvent and ListViewEvent
Enhanced Transaction Security
Types of Enhanced Transaction Security Policies
ApiEvent Policies
ApiAnomalyEventStore Policies
BulkApiResultEventStore Policies
CredentialStuffingEventStore Policies
FileEvent Policies
ListViewEvent Policies
LoginEvent Policies
PermissionSetEventStore Policies
ReportEvent Policies
ReportAnomalyEventStore Policies
SessionHijackingEventStore Policies
Enhanced Transaction Security Actions and Notifications
Build a Transaction Security Policy with Condition Builder
Create an Enhanced Transaction Security Policy That Uses Apex
Best Practices for Writing and Maintaining Enhanced Transaction Security Policies
Enhanced Transaction Security Metering
Exempt Users from Transaction Security Policies
Test and Troubleshoot Your New Enhanced Policy
Threat Detection
Event Log File Browser
Store and Query Log Data with Event Log Objects
Security Guidelines for Apex and Visualforce Development
API End-of-Life Policy
PDF

ReportEvent Policies

Report event policies monitor when data is viewed or downloaded from your reports.
Available in both Salesforce Classic (not available in all orgs) and Lightning Experience.
Available in: Enterprise, Unlimited, and Developer Editions

Requires Salesforce Shield or Salesforce Event Monitoring add-on subscriptions.

Policy at a Glance

Object Conditions Available in Condition Builder Actions Considerations
ReportEvent Dashboard ID, Dashboard Name, Description, Event Source, Format, Is Scheduled, Name, Name of Columns, Number of Columns, Operation, Owner ID, Queried Entities, Report ID, Rows Processed, Scope, Session Level, Source IP, User ID, Username Block, Notifications, Multi-Factor Authentication (for UI logins) Multi-factor authentication (MFA) policies apply to the following UI-based report actions:
  • Printable View
  • Report Export
  • Report Run (in Salesforce Classic only)
Multi-factor authentication isn’t supported for reports in Lightning pages, so the action is upgraded to Block.

What You Can Do with It

Create a policy that can:
  • Require multi-factor authentication for all users accessing or downloading reports over a specific size. For maximum coverage, write a policy that notifies you and blocks access to reports that process more than a certain number of rows.
  • Block downloads for specific user IDs, report IDs, and dashboard IDs.

The values captured by transaction security policies are unique API names, which can be retrieved by performing REST API Describe calls on the object. When creating a ReportEvent policy, make sure that the values you want the conditions to check for are unique API names, not display labels. For example, a “Name of Column” condition checks for values that match the metadata information retrieved from a Describe call on the report, not the column headers displayed on the report. Refer to the Salesforce Report and Dashboard REST API Developer Guide for more information.

Note