7 Ways to Keep Salesforce Secure

ByDaryl Moon

If we learned anything in 2025, it’s that the more we rely on Salesforce to run our critical business functions, the more aware and alert we need to be about keeping our data safe and protecting our customers.

I invited Jari Salomaa, the CEO of Valo.ai, to share his deep Salesforce experience with me about ways that we can make our Salesforce environment more secure.  We discuss Connected Apps, the ShinyHunters gang of hackers, best practices, and practical steps that you can take.

Here are our top 7 tips:

  1. Lock down third-party app access (this is critical)
  2. Treat Salesforce permissions as security controls, not admin housekeeping
  3. Restrict data export and bulk access
  4. Harden user authentication, but do not rely on MFA alone
  5. Educate staff on approval-based attacks
  6. Monitor Salesforce like a production system, not just a CRM
  7. Prepare for incidents before they happen

Here is the full video …


Our Courses

Daryl Moon is our instructor for all courses. He has over 40 years of experience as a teacher and IT practitioner, specializing in Salesforce for the past 11 years. He is very active in the Salesforce community and is a popular presenter. Click to view our courses.

Similar Posts

  • |

    Proactive Salesforce Security

    ByDaryl Moon

    The Problem with Salesforce Security Salesforce security has become significantly more complex as environments grow more connected, data-rich, and business-critical. At the same time, Salesforce data breaches have increased, making manual monitoring and reactive security approaches no longer effective. The Connection Graph shows connections between your Salesforce orgs and connected apps. Admins and consultants are…