One of the reasons that you’re likely to fall in love with Salesforce is its flexibility.
Salesforce offers ‘no-code’ customizability and an amazing range of third-party apps. Also, it is endlessly configurable. While these are enough reasons to set up your Org, you need to know that it is equally difficult to tighten broad security controls.
With all custom applications, licenses, and unique Salesforce features, it is important to always be active with security reviews.
Luckily, Salesforce allows you to do this natively without overhauling your system. The process is called the Salesforce Health Check.
What is a Salesforce Health Check?
The Salesforce Health Check is essentially a tool that assesses the overall security health of your Org and rates it accordingly. It helps Salesforce users to identify any existing vulnerabilities and monitor how effective the current security settings are.
The tool helps you to scan the settings of your Salesforce Org and instantly notifies you of any security risks that are responsible for affecting the performance. After scanning your settings, it provides a score or rating evaluating the overall system health of your Salesforce Org.
Importance of Salesforce Health Check
With all the workload around a busy team, it can be difficult to maintain a healthy, mission-critical Org. Critical processes flow through the system each day, with ongoing changes made by users and all new upcoming projects.
You may be caught up in managing a team, updating your seniors about project statuses, or attending high-level meetings.
But when was the last time you took a pause from it all and thought “how is the Org doing overall?”
It’s a simple question, but through all of the noise and busy schedules, it’s often left unasked. Just taking a moment to stop and evaluate some basic questions can help to discover many possible vulnerabilities before it starts affecting your system.
You may be:
an Admin responsible for managing the same Salesforce org for many years.
a project manager working hard to manage everything that resolves around your company’s Salesforce system.
a consultant who’s just starting with a new org for the first time.
Whatever your role is, stopping to conduct the Salesforce Health Check is an important exercise that should be performed at least annually.
Steps to Conduct Salesforce Health Check Up
It’s time to have a look at the steps to conduct Salesforce Health Check
Step 1: Verify your Salesforce Contract and Product Usage
It is essential to always be aware of when the contract renews, and what exactly you have purchased from Salesforce.
Here are some points that you’ll cover with this first check:
Evaluate where you are in the buying cycle.
Find out what products you have.
Analyze if you’re actually using those products.
If you are using Lightning Experience, go to the top right and click on the gear icon. Click the link “Your Account” and then click on “View Your Contracts”. You’ll be able to see a list of products your org has purchased.
Now, you can move to Setup > Company information.
In the “User Licenses” section, you’ll find the different license types in the org. You’ll also find the number of available licenses vs. assigned licenses.
From here, you’ll get an idea of how many of each type of the main license is assigned from the Salesforce contract.
Next, you’ll find the “Feature Licenses” section that will provide you with finer detail. You’ll find here details of any additional products that are purchased for supplementing regular Salesforce licenses, like, Live Agent, the use of Knowledge, etc.
If you have any limits on license usage, you have to dive deeper and find out who is using your licenses.
You can find out by creating the report. Go to the Reports tab and select “Users” to be your Report Type.
You will automatically discover the fields you were looking for. But if not, conduct a filter based on “active” users to discover the last login date.
Other Usage Information
On the “Company Information” page in Setup, you should focus on some important usage metrics.
About halfway down the page to the right, you’ll find “API Requests, last 24 hours”.
Here, you’ll find the number of API requests against the maximum allowed number, within the timeframe of any 24-hour period. You should also consider looking at Data and File usage
Step 2:Conduct Security Check
Next, you’ll be covering the aspect of security. Let’s start with conducting the Health Check.
Go to Setup > Health Check. You’ll find a Baseline score for your Salesforce Org. You’ll also find that the Security Settings are divided into three segments – High, Medium, and Low risk.
Multi-Factor Authentication (MFA)
MFA is hands down one of the best ways to safeguard your Salesforce Org from unauthorized users. It helps by pairing your password with another factor (like your email or a text) for added security.
All you have to do is go to Setup > Session Settings > Session Security Levels > Multi-Factor Authentication.
Go to Setup > My Domain.
With My Domain, you can make your Salesforce URL specific to your company.
It not just customized your domain but also helps to secure your Org. Unauthorized users would first need to have knowledge about your “my domain” setup before they try to access your Org.
Step 3:Check Access Controls for Users
This step helps to ensure that all users in the org have an appropriate amount of access.
System Administrators are the users with the most amount of access in Salesforce. In a Salesforce org where the majority of users are Admins, access control can become a nightmare. That’s the reason it should be corrected as soon as possible.
You have to go to Setup > Profiles > “System Administrator” profile > Assigned Users. Here you’ll see which users are assigned with the Admin profile.
Beyond Administrators, there can be other users too with permissions that are “sensitive”, but they might not actually need those.
This is the reason that you have to ensure Profiles contain relevant permissions. You need to know which users are assigned to these profiles so you can know which users have been granted access.
To ensure this, go to Setup > Profiles.
Step 4:Org Build Analysis
The Salesforce Optimizer is a solid tool native to Salesforce that will help you by highlighting the problem areas with your system.
Navigate to Setup > Optimizer for running the tool.
The tool helps to identify Profiles, Fields, Roles, and Permission Sets that are not being utilized. It also helps users by providing suggestions to remedy the problem.