NEWS FROM OUR PARTNER THE EXCHANGE F-SECURE SUMMER 2021 The possible risks facing your organization include: •Device Threats: An employee, for example, may •User Errors: If a cloud server is incorrectly configured upload a corrupt file or link to your Salesforce cloud as a result of user error, an attacker could use this to that, if downloaded or clicked on by other employees, gain access to your resources and infiltrate company would result in infected systems. data. •Insider Threats: A disgruntled employee with access •Ransomware: Cybercriminals are likely to use to your content on the cloud could abuse it for their ransomware to infect documents and files on your own personal benefit by, for example, exfiltrating and Salesforce cloud. This in turn could provide them with selling your data. access to your IT network. These types of threats can severely harm a company’s data infrastructure. That’s why the Shared Responsibility Model is important. This concept states that while the cloud provider is responsible for securing the platform, the customer is responsible for ensuring the integrity and security of content residing on the platform. 72 51.1 42.2 56 Shared Responsibility for of organizations have of organizations store of organizations store of security professionals business applications business intelligence in customer information in listed unauthorized ding to a SANS Institute study:and data in the cloud.the cloud. the cloud. access to data by Secure Salesforce Data outsiders as their primary cloud security Accor concern. With an increasing number of companies prioritizing digital What does shared responsibility mean for you as a customer? transformation, we’re seeing an explosive growth of cloud AppExchange partner F-Secure’s response to the Shared Responsibility Model is its Cloud Protection for services. Migrating into a new system is exciting, but as Salesforce solution. According to F-Secure, the best way cloud customers can participate in their half of the Shared Responsibility Model is by focusing on these four ideas: with all new technologies, there are always risks. •Manage Access: Managing an employees’ access •Use Native Security Tools: Use all the security tools based on their role, content type, or their method of your cloud service provider offers in addition to data Salesforce prioritizes creating a secure platform for its access to company data and content can easily limit encryption tools. insider threats. •Check Uploaded Content: Monitor and scan all customers and their data, but with the extended access •Manage Configuration: Configuring your cloud content that is uploaded to your cloud server to properly can mitigate exposure to a cloud-native prevent the spread of malware. the cloud provides, employees may unintentionally breach. become security risks for their company. Companies must also play a part in securing their Salesforce data. Learn more FROM F-SECURE, A CYBERSECURITY COMPANY, ON THE BEST WAYS TO TAKE AN ACTIVE ROLE IN YOUR COMPANY’S SECURITY.