Seecuring provides Segregation of Duties and Sensitive Access Reviews for Salesforce, delivered through both Technology and a Service, here's why:
Users, Permissions, Permission Sets, Fields, the list go on, securing your Salesforce application involves analyzing many elements. Roles can be buried in Roles, creating layer upon layer of Access to the underlying functionality in the Application. Seecuring works through all of this to give you the most complete picture of whats really going on in your Application - without all the false positives and false negatives.
Many Organizations have chosen to implement Salesforce using the delivered (seeded) security and configurations. The benefit to this approach is that the Application can be deployed quickly without a vast Role Design project. The downside is that many of these Roles contain Separation of Duty violations and access to both configuration and the transaction side.
In addition each new update from Salesforce can bring new Risks to these delivered settings, as updates can be deployed directly to them. This means when the changes hit Production, any Users with these changes may inherit the new functionality.
Seecuring can assist in the following areas:
* Segregation of Duties and Sensitive Access Analysis
* Review the impact of making changes to your security and make the right decisions to get your Controls and Configurations resolved
* Assign actions to your team for resolving issues
* Create exceptions to Violations, stored and ready to be reported on as part of your Access Certification
* Ensure your issues are being resolved by measuring progress over time, if you need a Role removing from a User.
* Data Security Policy review, ensuring users with PII access are highlighted and any violations against legislation or audit can be remediated.
With each new update from Salesforce, and your developers, new functionality is provided. These updates bring in new Permissions and Configuration changes that may also be granted to the users.
If you are using these configurations, then these updates will be inherited by the Users attached to them.
For changes made to the Application that may affect the performance of your processes and transactions. These changes are monitored for those worked on internally, but also those provided by Salesforce.
Seecuring is Technology and a Service, we are dedicated to helping you overcome your Security and Configuration issues to get better control over your Applications. Our subscription based approach ensures that you get ongoing support, including ongoing updates to your Segregation of Duties matrix, training and other support.
Get in touch to find out how we can assist with your Salesforce security and control plans: