Salesforce Backup Best Practices
“Are we backed up?” It’s usually not the question you want to ask in the middle of a big data migration or while observing abnormalities in customer data during a synchronization. Unfortunately, for many Salesforce administrators or developers, this is a reality.
Organizations that use Salesforce store large volumes of sensitive information that’s extremely valuable for the survival of their business and clients. It can cause irreparable damage if the data is lost due to human error, cyberattacks, natural disasters, or configuration and sync errors.
You may ask, “How could this happen when Salesforce promises its customers a highly available service?” Salesforce follows the shared responsibility model, where it is responsible for application uptime and availability; however, customers are responsible for data protection.
Read on to learn more about the shared responsibility model, common causes for data loss in Salesforce and best practices to prevent it.
The shared responsibility model
According to the shared responsibility model, the customer is the “controller” of their data, while the vendor/Salesforce acts as the “processor” of that data. The agreement states that Salesforce is completely responsible for application availability and everything that entails. For instance, the integrity of the data center — security, infrastructure and operations — to ensure uptime and performance of its services. In that aspect, the cloud-based customer relationship management (CRM) platform guarantees 99.99% site uptime and availability. However, customers are operationally and contractually liable for data protection and account and access management.
As a processor, Salesforce is responsible for adding, deleting or modifying data upon request. By request, we mean a user pressing the delete key on the keyboard, or any process or script that deletes or modifies data. This also means that Salesforce will consider even malicious or accidental requests as legitimate and process them if authenticated with valid credentials. As a result, accidental, malicious or fraudulent deletions, in all cases, are the responsibility of the customer/controller.
Unfortunately, many businesses don’t fully understand the relationship between vendor and customer or the important differences between “high availability” and “backup.” The 2021 Data Protection Cloud Strategies report by Enterprise Strategy Group found that 35% of organizations surveyed solely rely on the SaaS vendor because they think the SaaS vendor is responsible for protecting their data. This implies they don’t do anything to protect their SaaS data. It’s evident that there’s a big disconnect with regard to who is responsible for which aspects of data protection. Organizations are confusing high availability (HA) of the service with data backup and recoverability.
HA is ensuring the services are available and accessible by users at all times. HA in Salesforce provides continuous platform uptime, enabling businesses to access and manage their Salesforce data at any time and from anywhere.
- What does this mean for an organization like Salesforce?
- Data center management
- Failover management
- Physical security
- And more
- All handled by the vendor
- What does this mean for users?
- Users can log in whenever, wherever
- Application features are always available to users
- Users can work with confidence knowing that their APIs will work every time
In short, this means that the vendor is providing the availability and access to your data. They are not responsible for protecting the “integrity” or “quality” of your data from your own users or authorized inputs.
Common reasons for SaaS data loss
Salesforce is an innovative and powerful SaaS solution; however, it’s not immune to data loss or corruption. Let’s take a closer look at some of the common ways businesses can lose their SaaS data.
Humans are considered the weakest link in data security since we’re bound to make mistakes. It’s no surprise that accidental deletion (20%) is one of the leading causes of data loss in SaaS applications. Unfortunately, human error has been a major contributing factor behind many data breaches as well. According to Verizon’s 2022 Data Breach Investigations Report, more than 80% of breaches involved the human element.
Misconfiguration or sync errors
It’s not uncommon for data loss to occur due to sync errors. When integrating with another application, deploying new devices or simply working within Salesforce, sync errors can be a significant source of risk to business continuity. Misconfigured or inappropriately configured security controls can put your systems and data at risk, leading to data breaches. Threat actors can exploit misconfigurations in servers, applications, network devices and so on, to gain access to sensitive information or launch cyberattacks.
Cyberattacks are a major concern for businesses of all shapes and sizes, with each subsequent attack becoming more sophisticated. Kaspersky researchers found that the total number of attacks on small and midsize businesses increased significantly in the first quarter of 2022. It is estimated that around 300,000 new pieces of malware are created daily to target individuals and organizations. According to Cisco’s 2021 Cybersecurity Threat Trends report, phishing is responsible for 90% of data breaches. Phishing is also the gateway to many types of destructive cyberattacks including ransomware, malware, business email compromise (BEC) and credential compromise.
The Verizon 2021 Data Breach Investigations Report revealed that more than 20% of security incidents involved insiders. Insiders, for instance, disgruntled employees, are far more dangerous than external threats since they are well aware of your organization’s security check gates, defense mechanisms and vulnerabilities, and have legitimate access to your Salesforce data and systems. They can empty their Recycle Bin or hard delete data before leaving the company, which can make data recovery extremely difficult.
Third-party apps that work in tandem with Salesforce, enhance its capabilities. However, there are some third-party apps that can alter data, for instance, in Salesforce Objects and Fields. These apps can overwrite accurate information with inaccurate data, modify or even delete existing data, resulting in catastrophic consequences.
Real-life examples where Salesforce can need backup/restore:
- Data migration: When one company buys another company, it also acquires large volumes of different types of data. Accidental errors during a mass upload can result in data loss or duplication.
- Sync error: Businesses today use multiple third-party apps that synchronize data between different solutions. A bad data sync from a configuration error can result in data corruption.
- Accidental user deletion or modification: For example, an account manager accidentally deleting a customer or entering the wrong address.
- Accidental power-user deletion or modification in bulk: For example, a Salesforce admin running a script using his production credentials instead of test credentials.
Best practices for Salesforce data protection
Salesforce data loss can not only put your organization at risk but can also cause unimaginable damage to your clients and partners. Here are a few best practices that your company can implement to prevent Salesforce data loss.
Use the Salesforce Health Check dashboard
Administrators can use Health Check to scan security settings and conduct a security health check to identify and fix potential vulnerabilities in your Salesforce org. Health Check provides a summary score that shows how healthy your Salesforce org’s security is. It provides a holistic view and allows you to assess your security settings for vulnerabilities and misconfigurations. This helps reduce risk and improve the overall security of your org.
Minimize Salesforce system admins
Having multiple system admin profiles can put your Salesforce data at risk of loss or corruption while complicating data management. If your organization currently provides system admin permissions to multiple users, you must assess their roles and responsibilities or create custom profiles to ensure they have access to only the data that’s absolutely essential.
Set IP range restrictions
As a Salesforce admin, you can use IP range restrictions to make sure users access your Salesforce org instance only from allowed IP addresses. Once you specify the range of valid IP address restrictions for a profile, users won’t be able to log in from any other IP address apart from the ones defined. Restricting administrative access helps minimize the risk of unauthorized access in the event of account compromise.
Back up Salesforce data using third-party solution
Salesforce Backup and Restore provides automated, daily backups; however, with a third-party backup solution, you can create recovery points for backups to occur more frequently. Additionally, while Salesforce replicates data for application availability and disaster recovery, it does not provide customers with backup data designed for restoration. Salesforce also offers native backup and recovery options like weekly export and recycle bin restore, but they are manual, time-consuming and do not guarantee full data recovery. That’s why Salesforce encourages its customers to explore the Salesforce AppExchange to develop an independent backup and recovery strategy for their data protection.
Having a backup solution is essential to prevent data loss and downtime. However, you must also ensure your backup solution can:
- Back up to a location outside of Salesforce.
- Restore granular records, fields, etc.
- Help reduce the burden of storage provisioning and management.
- Protect standard objects, such as accounts, opportunities and contacts.
- Protect custom objects made by the customer. For instance, third-party objects like Docusign envelopes or nCino documents.
- Protect metadata, such as reports, profiles and object definitions.
- Protect and repair Lookup relationships. For example, an account record pointing to an independent Contact record.
- Protect and repair Master-Detail (Parent-Child) relationships. For example, an opportunity associated with an account.
- Handle Salesforce IDs that change.
- Help utilize your limited Salesforce API capacity efficiently.
- When your API capacity is maxed out, applications can stop working until the limit refreshes the next day.
- For example, Spanning never consumes more than 15% by default and lets the customer control the API limit.
Get end-to-end Salesforce data protection with Spanning
Data loss in the cloud is not uncommon. According to the 2022 Thales Cloud Security Report, 45% of organizations surveyed have experienced a data breach involving data in the cloud. Enterprise Strategy Group’s 2021 Data Protection Cloud Strategies report found that only about 40% of organizations surveyed use third-party data protection solutions or services to secure SaaS-resident application data. This means about 60% of organizations that use SaaS solutions like Salesforce do not have an adequate data backup and recovery strategy in place.
Today, businesses large and small store massive amounts of CRM data within Salesforce, which is vital to their success and business continuity. While Salesforce provides complete protection from issues on its end and offers several options for manual backup within the platform, they cannot protect your data from threats beyond their control. Moreover, native backup and last-resort options come with numerous restrictions, limited capabilities and lengthy completion times. For these reasons, Salesforce themselves recommend investing in a full-featured, third-party backup and recovery solution like Spanning Backup for Salesforce.
Spanning Backup for Salesforce is easy to set up, manage and use. It requires no on-premises software or hardware. Spanning empowers administrators as well as end users to restore data and get back to work in just a few clicks. Spanning Backup for Salesforce provides automated backup and recovery that you can trust for Salesforce data, metadata, attachments, customizations and Chatter messages.
Get comprehensive protection for your Salesforce data today.