Skip to main content

How Safe is Data in Salesforce?

By March 9, 2021March 8th, 2024Blog

It is a common assumption that corporate data stored in Salesforce is in safe hands. With its 99% uptime, secure login and two-factor authentication, it is difficult to imagine data going astray from the world’s number one CRM.

But it does.

This article looks briefly at the potential for loss of corporate data that resides in Salesforce, and considers whether it is time for a rethink about how Salesforce data is backed up and protected.

Data loss in Salesforce is most commonly lost as a result of human error. A user can accidentally or deliberately remove a contact, account, opportunity record, or several at the same time by using the mass delete function. Data imports can also contribute to data loss. Simple errors such as incorrect field mapping on an import file can result in lost or incomprehensible data, particularly if the import file itself is then misplaced.

On a more technical level, incorrect code can cause the loss and eradication of data, and worse still can be difficult to diagnose and resolve. Integrations are another potential risk with lots of customers running several simultaneously, processing hundreds of thousands of records automatically. At scale, errors can occur quickly and be difficult to spot and rectify.

With all these scenarios in mind it doesn’t help that Salesforce announced in 2020 that it would retire its data recovery service for any instances of lost records. Whilst this service was always poorly publicised and a costly last resort (circa $10,000USD) that could take an unacceptable 8 weeks to recover data, the fact that it was there gave users some degree of comfort.

As it stands today, Salesforce data not protected to a target outside of the platform carries the same risk level as any other data on unprotected platforms.

Time for a rethink?

Salesforce has outgrown its original function as a CRM tool used mainly by management, sales and marketing teams. With many business processes and functions now firmly embedded into the platform, losing Salesforce data is not just inconvenient, it is potentially debilitating to an organisation’s ability to operate. Integrations and managed applications from the AppExchange mean that customers can lose entire business functions that rely on CRM, finance, operations data etc.

Organisations should also consider reputational risk; a scenario where important customer information is lost can be potentially damaging and carry fines for organisations operating in regulated sectors.

All these factors make managing data in Salesforce more important, and the need to ensure the data is backed up and recoverable is becoming increasingly critical. Significant customer responsibility comes from Salesforce adopting the same ‘shared responsibility’ data handling approach as many other SaaS and Cloud providers.

In simple terms, Salesforce is responsible for the security and availability of the overall platform, customers are however responsible for the data integrity and protection of data generated and stored within the platform. Corruption or data loss resulting from customer actions or any of the scenarios described earlier affecting records is not Salesforce’s responsibility.

Taking action to protect Salesforce data

While it may seem like a simple task to simply run replication copies of all data held in Salesforce, the reality is much more complex.

Selecting all data is not possible with a single click of a button and the extraction of data requires use of an API every time a data set is to be exported. This functionality is limited by Salesforce to a maximum of 15,000 bulk API requests per day. In addition, the user managing the backup will only be able to export data that is visible to them unless they have elevated administrative access.

For many larger organisations, this means that it is simply not possible to export all the data in one hit. If regular backups are also required (at least twice a week is highly recommended), this can make the process time consuming, cumbersome and fraught with risk, not ideal for IT teams that are already stretched.

What’s the solution?

Preventing data loss as a result of malicious or accidental deletion in Salesforce is only possible by adopting a modern, comprehensive data protection strategy.

Using ORIIUM SaaS for Salesforce backup, you can simplify the protection of your Salesforce data and be confident it can be easily and rapidly recovered no matter what the scenario.

Among the many cost and time-saving benefits of the service, ORIIUM SaaS integrates with the native Salesforce APIs to protect your data and make it instantly recoverable. Automated processes reduce the management overhead and complexity discussed earlier in this article, while also providing advanced capabilities such as data encryption, search, scheduling, data masking, sandboxing, storage reduction and data comparison.

ORIIUM SaaS for Salesforce backup enables organisations to protect their Salesforce data confidently, ensures recoverability and management of Salesforce data in accordance with your organisations policies and SLAs.

ORIIUM – swap risk for reassurance.