Value of Salesforce Event Monitoring - FairWarning · Value of Salesforce Event Monitoring Get...
Transcript of Value of Salesforce Event Monitoring - FairWarning · Value of Salesforce Event Monitoring Get...
Value of Salesforce Event MonitoringGet complete visibility into the adoption, security & performance of your Salesforce apps
January 13th, 2015
Watch the Replay
Adam TormanDirector Product Management
Today’s Panel
Darin PedersonCloud Security Specialist
FairWarning, [email protected]
Agenda
• Overview of Salesforce Event Monitoring, Adam Torman• How to use Salesforce Event Monitoring for data protection,
Darin Pederson• How to use Salesforce Event Monitoring to measure user
adoption , Darin Pederson• Q & A
Adam Torman Introduction
• Overview of Salesforce Event Monitoring• Director Product Management• @atorman• Salesforcehacker.com – Best Practices Blog
Have you ever….• needed to know what your partners are clicking on?• needed to know what files your employees are downloading?• needed to audit when ex-employees leave the company with your
customer list?• wanted to track the adoption of projects that you roll out on the
Salesforce platform like S1, Chatter, or the FairWarning® app?• wanted to track who did what, when they did it, where they did it
from, how frequently they did it, and how quickly they did it can be a challenge
Why Audit Salesforce
• Salesforce is a mission critical application • Employees, partners, and customers in the form of users all
interact within the same organization• Tracking who did what, when they did it, where they did it from,
how frequently they did it• Audit for compliance, adoption, troubleshooting, or performance
monitoring• Use visualizations to explore and analyze the data
Auditing at Salesforce
Field History Tracking
Setup Audit Trail
Debug Logs
Forensic Investigations
API UsageSystem Overview
Custom Object Usage
Login HistoryAll images licensed from dryicons.com
Event Monitoring
Introducing Event Monitoring
Activity: Track detailed user activity including location, IP range, browser, and app information
Adoption: Track adoption of apps and the success of IT initiatives
Audit: Identify and act on anomalies in user behavior
Performance: Trend performance of your people and your code
Log Types
APEX CALLOUT
APEX EXECUTION
APEX SOAP
APEX TRIGGER
API
ASYNC REPORT
BULK API
CHANGE SET OPERATION
CONTENT DISTRIBUTION
CONTENT DOCUMENT LINK
CONTENT TRANSFER
DASHBOARD
DOCUMENT ATTACHMENT DOWNLOADS
LOGIN
LOGIN AS
LOGOUT
MDAPI OPERATION
MULTI BLOCK REPORT
PACKAGE INSTALL
REPORT
REPORT EXPORT
REST API
SANDBOX
SITES
UI TRACKING (S1 Adoption)
URI
WORKFLOW
VISUALFORCE All images licensed from dryicons.com
Tracking User Behavior
From Marc Benioff Contact Record, Clicked Edit Button
Edit
From Home Tab, Clicked on Marc Benioff Contact Record
/0033000000Vt4Od
Adoption Metrics
List Views Printed
Account Records Printed
Accounts Viewed
Mobile S1 Clicks
# of Users
Other Use Cases
• Application Performance Management• Troubleshoot Issues• Device Adoption• Anomaly Detection
How do I get it?
• Add-on Price for Enterprise, Unlimited, and Performance Editions: 30 Day Data Retention
• Free for Developer Edition: 1 Day Data Retention– http://bit.ly/deSignup
Darin Pederson Introduction
• Cloud Security Specialist• Featured speaker at Information Security and
Privacy national events such as HIMSS, AHIMA, HCCA, InSight, NCHICA and NCHIMA
• 10 plus years of security solution experience
Roles– Director, Manager of Salesforce-CRM– Director of Business Information Systems– Salesforce System Administrators– Information Security
Drivers– Protection against data theft– Utilize highly sensitive information in Salesforce– HIPAA, EU Data Protection Act,
UK Data Protection Act, SOX 404 IT controls, PCI, PIPEDA, FFIEC
– User adoption
Fills an important gap in Salesforce Data Protection
Where FairWarning® Fits In
Example Use Cases
• Forensic investigation of a user’s activities
• Monitoring & alerting on a departing
employee’s exports
• Monitoring of access to sensitive accounts
& contacts
• User access after termination
• User access trends & visualization
• Easy-to-interpret for a business user
• Ad-hoc reporting, monitoring & alerting
• Multi-criteria filtering
• Visualization, trending, graphing
• Standard and Custom Objects
• Multi-org support
• Performance and Usage
How Healthcare Uses Salesforce
Insurers:• Employer accounts• Insureds - patients• ePHI
Providers:
• Competitive loss• Sensitive patient
information• Reputational damage• Regulatory compliance
– HIPAA
What’s at Risk:
• Patient information• Referrals• Physician recruitment
How Wealth Management Uses Salesforce
• Client sensitive information
• Performance and fee information
• LP information• Account and proceeds
disbursement
What’s at Risk• Competitive loss• Clients sensitive information• Reputational damage• Regulatory compliance
Recent Headline News:January 5, 2015 – “... fired one of its financial advisers after it accused him of stealing account data …”