For years you’ve known that Salesforce does not include inherent virus scanning to fend off malware, ransomware and other malicious attacks, but you haven’t addressed as it’s just “too big” of an issue. You tell yourself that the network gateway virus scanning application is sufficient. You may have even met with the network security team to inquire about it, and they’ve reassured you their network security will protect all content entering the environment(s). But something’s nagging at you.
You’ve come to understand more about the different ways content (attachments, URLs, etc.) enters a Salesforce environment that do not include entering through employees connected to the network (communities, public websites, email-to-case) and you realize none of these areas are protected by the network gateway and represent giant opportunities for hackers. You tell yourself you’re over reacting and probably worried about nothing. After all, there haven’t been reports of significant attacks which bring down fortune 500 organizations – they’re mostly small businesses and your security team as has assured you your organization is protected. Unfortunately, they’re wrong, and continuing to stay in this state of denial could cost you not only your job, but your company millions in fees and penalties.
Salesforce provides direct access to environments from multiple entry points, such as website forms, that do not touch the network gateway where the virus scanning software is installed. This means members of the public may submit files and content with malicious code (URLs) that will enter the Salesforce environment directly without being scanned. Often times, these files and/or content are forwarded to other organizations your company is working with (financial institutions for example), which they will open and unwittingly unleash the virus. This creates a huge corporate liability for you and your organization.
- Salesforce Communities is another vulnerability example as they can be limited to internal employees, but also members outside of the organization – essentially open to the public where the above issue applies.
- And let’s not forget email to case for customer support. Emails being sent to support emails within the organization which are being forwarded to a Salesforce email address. Depending on the type of email server setup (on-prem vs. MSOffice 365 or Google) built in virus scanners vary on scanning frequency and updates and often times miss recently developed viruses.
- And lastly, think about corporate relationships with partner organizations, etc. and the number of users who may share access to parts of your Salesforce environments. Again, they are accessing directly without going through the network gateway where security software is installed.
There are dozens of examples why network virus scanners fail due to delayed updates, remote employees not updating native software, lack of connection to the network via VPN, but the core issue here is, network security and Salesforce admin professionals do not understand how Salesforce works and how to properly apply security to the environments.
Need some context? Viruses help hackers steal your company’s data.
The global cost of cybercrime was estimated to reach $2 Trillion (USD) in 2019, triple the amount from 2015, and global ransomware damage costs are predicted to hit $11.5 Billion for 2019/$20 Billion by 2021. This is compared to $5 Billion in 2017).
In 2019, the U.S. was hit by an unprecedented and unrelenting barrage of ransomware attacks that impacted at least 966 government agencies, educational establishments and healthcare providers at a potential cost in excess of $7.5 billion. The impacted organizations included:
- 113 state and municipal governments and agencies.
- 764 healthcare providers.
- 89 universities, colleges and school districts, with operations at up to 1,233 individual schools potentially affected.
Hacks and data thefts, enabled by weak security, cover-ups or avoidable mistakes, cost these eight companies a total of nearly $280 million and counting:
- Uber: $148 million
- Yahoo: $85 million
- Tesco Bank: $21 million
- Anthem: $16 million
- Equifax and Facebook: $650,000
- The University of Texas MD Anderson Cancer Center: $4.3 million
- Fresenius Medical Care North America: $3.5 million
- $650 million possible upcoming penalties
See a trend here? Resolve to do something about it in 2020. Connect EZProtect® — the industry’s first and leading virus scanner for Salesforce. It’s simple and fully customizable and includes and API with the ability to not only scan your Salesforce environments in real-time, but other connected cloud-based applications (Mulesoft for example) with a centralized user interface.
It’s your corporation’s responsibility to do everything it can to protect against malicious content, and we we’d like to be sure you continue to have a job, so please consider pulling your Salesforce architects/implementation consultants, and network security teams together to address this head on this year.
This is new territory with no training provided by Salesforce, so we (Adaptus) are leading the way to help educate and continue to evolve the best solution on the market. Set up a date/time to discuss and we’ll help you get the ball rolling.
Happy New Year.
 The State of Ransomware in the US: Report and Statistics 2019
 Steve Morgan, October 19, 2018, CyberSecurity Ventures