Value of Salesforce Event MonitoringGet complete visibility into the adoption, security & performance of your Salesforce apps

January 13th, 2015

Watch the Replay

Adam TormanDirector Product Management

Salesforceatorman@salesforce.com

Today’s Panel

Darin PedersonCloud Security Specialist

FairWarning, Inc.Darin@FairWarning.com

Agenda

• Overview of Salesforce Event Monitoring, Adam Torman• How to use Salesforce Event Monitoring for data protection,

Darin Pederson• How to use Salesforce Event Monitoring to measure user

adoption , Darin Pederson• Q & A

Adam Torman Introduction

• Overview of Salesforce Event Monitoring• Director Product Management• @atorman• Salesforcehacker.com – Best Practices Blog

Have you ever….• needed to know what your partners are clicking on?• needed to know what files your employees are downloading?• needed to audit when ex-employees leave the company with your

customer list?• wanted to track the adoption of projects that you roll out on the

Salesforce platform like S1, Chatter, or the FairWarning® app?• wanted to track who did what, when they did it, where they did it

from, how frequently they did it, and how quickly they did it can be a challenge

Why Audit Salesforce

• Salesforce is a mission critical application • Employees, partners, and customers in the form of users all

interact within the same organization• Tracking who did what, when they did it, where they did it from,

how frequently they did it• Audit for compliance, adoption, troubleshooting, or performance

monitoring• Use visualizations to explore and analyze the data

Auditing at Salesforce

Field History Tracking

Setup Audit Trail

Debug Logs

Forensic Investigations

API UsageSystem Overview

Custom Object Usage

Login HistoryAll images licensed from dryicons.com

Event Monitoring

Introducing Event Monitoring

Activity: Track detailed user activity including location, IP range, browser, and app information

Adoption: Track adoption of apps and the success of IT initiatives

Audit: Identify and act on anomalies in user behavior

Performance: Trend performance of your people and your code

Log Types

APEX CALLOUT

APEX EXECUTION

APEX SOAP

APEX TRIGGER

API

ASYNC REPORT

BULK API

CHANGE SET OPERATION

CONTENT DISTRIBUTION

CONTENT DOCUMENT LINK

CONTENT TRANSFER

DASHBOARD

DOCUMENT ATTACHMENT DOWNLOADS

LOGIN

LOGIN AS

LOGOUT

MDAPI OPERATION

MULTI BLOCK REPORT

PACKAGE INSTALL

REPORT

REPORT EXPORT

REST API

SANDBOX

SITES

UI TRACKING (S1 Adoption)

URI

WORKFLOW

VISUALFORCE All images licensed from dryicons.com

Who, What, When, Where

WhoWhen WhereWhat HowLong

Tracking User Behavior

From Marc Benioff Contact Record, Clicked Edit Button

Edit

From Home Tab, Clicked on Marc Benioff Contact Record

/0033000000Vt4Od

Data Leakage Detection

Report URIWhoWhen Where Report ColumnsHow

Export

Report URI

Adoption Metrics

List Views Printed

Account Records Printed

Accounts Viewed

Mobile S1 Clicks

# of Users

Other Use Cases

• Application Performance Management• Troubleshoot Issues• Device Adoption• Anomaly Detection

How do I get it?

• Add-on Price for Enterprise, Unlimited, and Performance Editions: 30 Day Data Retention

• Free for Developer Edition: 1 Day Data Retention– http://bit.ly/deSignup

Darin Pederson Introduction

• Cloud Security Specialist• Featured speaker at Information Security and

Privacy national events such as HIMSS, AHIMA, HCCA, InSight, NCHICA and NCHIMA

• 10 plus years of security solution experience

Roles– Director, Manager of Salesforce-CRM– Director of Business Information Systems– Salesforce System Administrators– Information Security

Drivers– Protection against data theft– Utilize highly sensitive information in Salesforce– HIPAA, EU Data Protection Act,

UK Data Protection Act, SOX 404 IT controls, PCI, PIPEDA, FFIEC

– User adoption

Fills an important gap in Salesforce Data Protection

Where FairWarning® Fits In

The Basics of How it Works

28 Event Monitoring Log Files

Example Use Cases

• Forensic investigation of a user’s activities

• Monitoring & alerting on a departing

employee’s exports

• Monitoring of access to sensitive accounts

& contacts

• User access after termination

• User access trends & visualization

• Easy-to-interpret for a business user

• Ad-hoc reporting, monitoring & alerting

• Multi-criteria filtering

• Visualization, trending, graphing

• Standard and Custom Objects

• Multi-org support

• Performance and Usage

How Healthcare Uses Salesforce

Insurers:• Employer accounts• Insureds - patients• ePHI

Providers:

• Competitive loss• Sensitive patient

information• Reputational damage• Regulatory compliance

– HIPAA

What’s at Risk:

• Patient information• Referrals• Physician recruitment

How Wealth Management Uses Salesforce

• Client sensitive information

• Performance and fee information

• LP information• Account and proceeds

disbursement

What’s at Risk• Competitive loss• Clients sensitive information• Reputational damage• Regulatory compliance

Recent Headline News:January 5, 2015 – “... fired one of its financial advisers after it accused him of stealing account data …”

DEMO

Q&A

Adam Torman, Salesforce Darin Pederson, FairWarning ®