[Delivering Salesforce secure access to remote workforce

1. Ensure Salesforce Secure Access for Your Remote Workforce Salesforce COVID-19 Global Response April 2020 SCPPE Team

2. Forward-Looking Statement Statement under the Private Securities Litigation Reform Act of 1995: This presentation contains forward-looking statements about the company’s financial and operating results, which may include expected GAAP and non-GAAP financial and other operating and non-operating results, including revenue, net income, diluted earnings per share, operating cash flow growth, operating margin improvement, expected revenue growth, expected current remaining performance obligation growth, expected tax rates, the one-time accounting non-cash charge that was incurred in connection with the Salesforce.org combination; stock-based compensation expenses, amortization of purchased intangibles, shares outstanding, market growth and sustainability goals. The achievement or success of the matters covered by such forward-looking statements involves risks, uncertainties and assumptions. If any such risks or uncertainties materialize or if any of the assumptions prove incorrect, the company’s results could differ materially from the results expressed or implied by the forward-looking statements we make. The risks and uncertainties referred to above include -- but are not limited to -- risks associated with the effect of general economic and market conditions; the impact of geopolitical events; the impact of foreign currency exchange rate and interest rate fluctuations on our results; our business strategy and our plan to build our business, including our strategy to be the leading provider of enterprise cloud computing applications and platforms; the pace of change and innovation in enterprise cloud computing services; the seasonal nature of our sales cycles; the competitive nature of the market in which we participate; our international expansion strategy; the demands on our personnel and infrastructure resulting from significant growth in our customer base and operations, including as a result of acquisitions; our service performance and security, including the resources and costs required to avoid unanticipated downtime and prevent, detect and remediate potential security breaches; the expenses associated with new data centers and third-party infrastructure providers; additional data center capacity; real estate and office facilities space; our operating results and cash flows; new services and product features, including any efforts to expand our services beyond the CRM market; our strategy of acquiring or making investments in complementary businesses, joint ventures, services, technologies and intellectual property rights; the performance and fair value of our investments in complementary businesses through our strategic investment portfolio; our ability to realize the benefits from strategic partnerships, joint ventures and investments; the impact of future gains or losses from our strategic investment portfolio, including gains or losses from overall market conditions that may affect the publicly traded companies within the company's strategic investment portfolio; our ability to execute our business plans; our ability to successfully integrate acquired businesses and technologies, including delays related to the integration of Tableau due to regulatory review by the United Kingdom Competition and Markets Authority; our ability to continue to grow unearned revenue and remaining performance obligation; our ability to protect our intellectual property rights; our ability to develop our brands; our reliance on third-party hardware, software and platform providers; our dependency on the development and maintenance of the infrastructure of the Internet; the effect of evolving domestic and foreign government regulations, including those related to the provision of services on the Internet, those related to accessing the Internet, and those addressing data privacy, cross-border data transfers and import and export controls; the valuation of our deferred tax assets and the release of related valuation allowances; the potential availability of additional tax assets in the future; the impact of new accounting pronouncements and tax laws; uncertainties affecting our ability to estimate our tax rate; the impact of expensing stock options and other equity awards; the sufficiency of our capital resources; factors related to our outstanding debt, revolving credit facility, term loan and loan associated with 50 Fremont; compliance with our debt covenants and lease obligations; current and potential litigation involving us; and the impact of climate change. Further information on these and other factors that could affect the company’s financial results is included in the reports on Forms 10-K, 10-Q and 8-K and in other filings it makes with the Securities and Exchange Commission from time to time. These documents are available on the SEC Filings section of the Investor Information section of the company’s website at www.salesforce.com/investor. Salesforce.com, inc. assumes no obligation and does not intend to update these forward-looking statements, except as required by law.

3. Healthcare and Life Sciences Go-To-Market Agenda 01 Introduction 02 Get to Know Secure Access Domains 03 04 Additional Features Q&A and Resources

4. Healthcare and Life Sciences Go-To-Market Introduction

5. The COVID-19 Company Workforce Challenge Extending Access Points Sharing Best Practices Secure and monitor access controls Overcome current objections We’re here to help Salesforce customers design and deploy remote workforce access.

6. Business or Salesforce Administrators What admins ﬁnd in their remote workforce assessment Small to medium number of Salesforce users Users accessing Salesforce from home Part-time or full-timeSalesforce Administrator Admins need to learn about security features to control access

7. Healthcare and Life Sciences Go-To-Market Get to Know Secure Access Domains

8. Secure Access Domains How to ensure secure access and report on activity 1 Access Users can access Salesforce securely from home. 2 Authentication 3 Device 4 Monitoring Only authorised users log in. Allows access from home (personal hardware), and is not compromised by virus, malware, or keyloggers. Assurance that you can report on user activity.

9. Remote Location Access Checklist ACCESS Login IP Ranges (Profile) Login Hours (Profile) Ensure Single-Sign On (SSO) is accessible outside the office, using webSSO US Export Control Note: No access from Cuba, Iran, North Korea, Sudan, Syria or the region of Crimea

10. 1. Specify a range of allowed IP addresses on a user’s profile to control access 2. Relax IP restriction and use other controls (such as 2FA) 3. Restrict IP range for integration 4. Create clear documentation IP Range Restriction ACCESS Resources: Knowledge Article Google search “What is my IP?” Go to Setup, Profile, “any profile”, and select Login IP Ranges

11. 1. Specify the hours when users can log in, based on the user proﬁle 2. Consider relaxing work hours due to the nature of work at this time 3. Document reasons for any changes Login Hours Restriction ACCESS Resources: Knowledge Article

12. Allowing Authorised Users Identity Verification using a 6 digit pin vs SMS or email Non-web logins (Outlook plugin, 3rd party app, API) - Use a security token if outside Trusted IP Range (append to the end of the password) 2FA (Two-Factor Authentication) - Use another device to confirm login - Salesforce Authenticator or any standard 2FA apps provided by Google or Microsoft - Can be part of your login flow Login Flow - Prevents multiple logins AUTHENTICATION

13. 1. Do not include remote IPs 2. Create clear documentation Trusted IP Ranges AUTHENTICATION Resources: Knowledge Article If a user tries to login from an IP address, device, or browser that Salesforce does not recognise, an activation code is required.

14. 1. Verify desktop or API login from a non-trusted range 2. Required when outside trusted IP 3. Reset password if received unknown token reset email Security Token for API Login AUTHENTICATION Resources: Knowledge Article Password Best Practices: Strong computer generated code, 24 characters Append to the password, such as mypasswordXXXXXXXXXX

15. 1. Require 2FA for every login 2. Use increased authentication (“high assurance”) in Session Settings to secure resources, such as a connected app or reports 3. Use Login Flows to build post-authentication requirements as the user logs in or custom 2FA (sms) Salesforce Authenticator mobile app for Android and iOS Go to Setup and select Session Settings Two-Factor Authentication AUTHENTICATION Resources: Knowledge Article How-to Video Best Practices: A “Must-Have” for all Salesforce Administrator Accounts

16. 1. Collect and update user data ○ Emergency contact number, etc. 2. Implement Notice Board 3. Use stronger authentication ○ Prevents multiple logins ○ Detects and restricts suspicious IP addresses ○ Implements SMS, biometric, or other authentication techniques 4. Monitoring ○ Send a notiﬁcation every time a user logs in outside working hours Login Flows AUTHENTICATION Resources: Knowledge Article Best Practices: Great for unique use cases Use Declarative before code Build post-authentication processes to match your business practices Notice Board

17. Challenges: Allowing Access for Specific Devices HOME VS. PUBLICNETWORK VIRUSES, MALWARE, AND PHISHING DEVICES ● Viruses are the user’s responsibility, attachments can’t spread within Salesforce app ● Malware is the user’s responsibility and Salesforce CSIRT can detect ● Phishing - See Access (Identity Verification, 2FA, SSO) ● For home networks, update Operating System (OS) browser and AV software ● Avoid public access points (Internet Cafe, free WiFi) Best Practices: Keep browser and operating systems up-to-date Define the security contact on your help and training

18. Login history ● Org or User level ● Last six months ● Post-login, reactive ● Knowledge Article Login flows ● Custom logic ● At login level, not applicable to specific business events ● Knowledge Article Event monitoring with Transaction Security (Add-on) ● Real-time detection and prevention of specific business events, such as data export and lead conversion ● Add-on license ● Knowledge Article Reporting on user logins MONITORING Org Level User Level Best Practices: ● Review login history weekly ● Look for failed logins ● Evaluate event monitoring add-on

19. Additional Features

20. Single Sign-on (SSO) ● Lets users access multiple applications with one sign on ● Convenient for users and IT, but comes with the risk of having a single point of failure ● We recommend two-factor authentication (2FA) or multifactor authentication (MFA)

21. Session-based Permission Sets ● Allows only functional access during a predeﬁned session type ● Use case: ○ A web application that accesses conﬁdential information ○ Use a session-based permission set with a token to limit user access for a predetermined length of time ○ When the token expires, users must reauthenticate to access the application again Resources: Knowledge Article

22. Q&A

23. Secure Access Core Resources Trailhead: Secure Your Users' Identity Help and Training: Restrict Where and When Users Can Log In to Salesforce Salesforce Developer Site: Salesforce Security Guide Videos: YouTube Salesforce Channel (for instance, search for 2FA)

24. Introducing Salesforce Care Solutions NEW Rapid Response for Employee & Customer Support includes: myTrailhead, Employee Community, Customer Community, Agent Console, and Premier Success NEW Social Community Engagement Work From Home with Quip Tableau COVID-19 Data Hub Care Response Solution for Healthcare Systems* includes: Health Cloud, Salesforce Shield, Salesforce Communities, and myTrailhead NEW Philanthropy Cloud available in the US only for rallying employees around their communities through giving campaigns plus virtual or skills-based volunteering NEW Essentials free for 3 months up to 10 users, worldwide NEW Tableau Desktop free for 3 months up to 10 users, worldwide Salesforce Care Ecosystem: AppExchange Resource Center Includes Access to Customer Success Resources Employees & Customers Industries Small Business *Speciﬁcally for for emergency response teams, call centers, and care management teams at health systems aﬀected by coronavirus

25. TRAILBLAZER INNOVATION REGIONAL SUCCESS PRODUCT SUCCESS CUSTOMER SUCCESS HUB APAC (English) EMEA (English) Deutsch Español Français Português 日本 Join our family (Ohana) of Customer Success groups in the Trailblazer Community!! Oﬃcial groups featuring Blaze are the best places for Trailblazers to connect, learn, get inspired and stay up to date on the latest customer success resources – all in your own language and region. Start Here success.salesforce.com > Featured Groups

[Delivering Salesforce secure access to remote workforce

Du liest eine Vorschau.

Hier ansehen

[Delivering Salesforce secure access to remote workforce

Weitere Verwandte Inhalte

Diashows für Sie (19)

Ähnlich wie [Delivering Salesforce secure access to remote workforce (20)

Weitere von Anna Loughnan Colquhoun (20)

Aktuellste (20)