By Francois Lopitaux, Chief Product Officer at Odaseva
Data in Salesforce sandbox environments can be an overlooked vulnerability with serious consequences. If you don’t take measures to protect Salesforce sandbox data, then you’re leaving yourself vulnerable to a data compromise.
I recently discussed this topic during the webinar, “Sandbox Data: The Hidden Risk” with my colleague Clémence Dumas, Product Marketing Manager at Odaseva. You can watch the full replay of the webinar here, and I have recapped some of the highlights below. If you have more questions about protecting Salesforce data in your sandboxes, you can request a demo with our team here.
There are four different types of Salesforce sandboxes that employees, contractors, and/or partners utilize throughout the process of building, testing, and releasing code. Depending on the sandbox you’re using, the amount of data it contains can range from a small amount to 100% of your production data.
The four types of Salesforce sandboxes are:
As you can see, a lot of people have access to sandboxes with production data in them! Depending on your organization, this data can contain confidential information like social security numbers and credit card numbers, which you must protect against data breaches.
Data privacy regulations like GDPR and CCPA apply to sandboxes too. There are steps you can take to ensure that your Salesforce sandboxes are compliant:
By implementing these three steps, your Salesforce sandboxes are as protected and secure as production environments.
But sandbox data protection doesn’t end there. A wider range of people need to access sandboxes such as third-party developers (whereas production environments are typically only accessed by end users). These people still have access to your organization’s sensitive information even if they have the appropriate level of permission. Therefore, limiting access is only part of the solution.
That’s where sandbox anonymization comes in, to provide an extra layer of protection.
There are tools that allow you to anonymize the data in Salesforce sandboxes without compromising testing and development. For example you can replace the sandbox data for an email address with different characters, while still retaining the “[email protected]” format so that it’s recognizable as representing an email address.
Before you start using sandbox anonymization tools (such as Odaseva Sandbox Anonymization) you should first reach out to others in your organization such as the legal department, your Data Privacy Officer, and the Center of Excellence to learn what aspects of data are important to them. Find out what data is private, what needs to be deleted or anonymized, etc. Then use these findings to define anonymization rules specific to your organization. This enables you to anonymize data while keeping it meaningful for development and innovation.
The end result is that you have relevant data in your Salesforce environment to test and innovate with, while also protecting customer data against a breach.
Now you know that Salesforce sandboxes contain production data, which means that it’s just as critical to protect them as production environments. Security and confidentiality shouldn’t come at the expense of development and innovation, so get the tools you need to help you protect sandbox data while keeping it meaningful. These three steps will ensure Salesforce sandbox data security: