Appearance
Workshop Overview
In this workshop, you'll be empowered to become the front-line defender of your org by mastering the guardrails necessary to prevent over-privileged data leaks. You'll get hands-on experience identifying and mitigating real-world vulnerabilities to ensure your environment remains a trusted foundation for both your users and your agents.
What You'll Do
- Leverage Salesforce configurable tools to identify and address security concerns
- Strengthen your Salesforce instance's security posture by taking action on potential threats
- Enable proactive monitoring using Salesforce's enhanceable security tools
Guided Workshop Setup
- Follow your instructor's instructions to get a Salesforce org provisioned for this workshop.
- Save your username and password.
- In your browser, go to login.salesforce.com and log in to your org.
Security In Action: Data & Access
This workshop is designed to build skills for Salesforce Admins to become the front-line defender for security in their organizations. Security is no longer just about preventing unauthorized logins; it is about ensuring that the data fueling your organization is protected and strictly governed. In a landscape where an over-privileged permission can lead to an AI-driven data leak, a secure org is the essential foundation for customer trust and operational integrity.
Take Action on Health Check Concerns: Implement password policies and tighten session settings to ensure only authorized users gain entry to your CRM.
Audit Data Visibility: Conduct a deep dive into profiles and permission sets to enforce the Principle of Least Privilege, ensuring users only see what they absolutely need.
Monitor for Threats: Configure enhanceable security products including Salesforce Shield to detect and alert on suspicious activity in real-time.
Establish a Security Cadence: Develop a recurring checklist for health checks and user access reviews to maintain a permanent state of readiness.
A Note Before Getting Started
This workshop is a high-level introduction into security basics and best practices. We won't have time to cover full-scale deployment cycles, so we're operating under a strict Sandbox-first rule. Everything we build here stays in a test environment; in the real world, you'd never push these changes straight to Production without a solid deployment strategy.
Take Multi-Factor Authentication (MFA), for example. It's a security powerhouse, but it directly changes how your users start their workday. Before flipping the switch, you need to map out that user experience, prep your documentation, and have your rollout plan ready. Our goal today is to build the blueprint — getting hands-on with security concepts so you're ready to deploy with confidence later.