{"id":9661,"date":"2022-05-05T13:31:48","date_gmt":"2022-05-05T13:31:48","guid":{"rendered":"https:\/\/www.backupsfdc.io\/?p=9661"},"modified":"2022-05-05T13:31:50","modified_gmt":"2022-05-05T13:31:50","slug":"ransomware-attacks-against-saas-data-4-security-measures-to-take-now","status":"publish","type":"post","link":"https:\/\/54.174.198.203\/ransomware-attacks-against-saas-data-4-security-measures-to-take-now\/","title":{"rendered":"Ransomware Attacks Against SaaS Data: 4 Security Measures to Take Now"},"content":{"rendered":"\n

Ransomware attacks are on the rise, jumping up 62% between 2020 and 2021.* At the same time, enterprises are increasingly adopting cloud infrastructure for mission-critical business processes, collecting and distributing sensitive customer and transactional data within SaaS programs like Salesforce.<\/p>\n\n\n\n

So it’s no surprise that ransomware attackers have shifted their targets to SaaS data<\/strong>. These catastrophic attacks force companies to either pay wildly expensive ransom payments or lose critically-important business data. <\/p>\n\n\n\n

Enterprises need to be aware of the risks of a ransomware attack on the data they store in the cloud, and be prepared to detect malicious activity, interrupt an attack, and recover affected data to avoid embarrassing, expensive business interruptions.<\/strong><\/p>\n\n\n\n

Here are the risks that can lead to a ransomware attack on an organization\u2019s Salesforce data, and four security measures that can prevent, stop, and remediate them.<\/p>\n\n\n\n

Note: Register for our May 18 webinar “How to Protect your SaaS Data from Ransomware Attacks” here<\/a>!<\/em><\/p>\n\n\n\n

\"\"
The State of Ransomware in 2022, Blackfog<\/figcaption><\/figure><\/div>\n\n\n\n

Understanding the risk of a ransomware attack on Salesforce data<\/h1>\n\n\n\n

Ransomware attackers are opportunists. They follow market rules, which means they choose the most optimal balance of effort versus potential revenue. For that reason, Salesforce itself is a highly unlikely<\/em> potential victim of a ransomware attack because bypassing the platform’s strict technical controls is simply too difficult.<\/p>\n\n\n\n

But just because your organization runs on a platform as secure as Salesforce doesn’t mean that your organization\u2019s Salesforce data won’t be the target of a ransomware attack. <\/strong><\/p>\n\n\n\n

How? Attackers may gain access to credentials through phishing techniques<\/strong>, malware <\/strong>installed on a user’s device, API key leaks<\/strong>, or other malicious methods. Attackers can then use the Salesforce API to export the data and overwrite it with an encrypted version. To obtain the decryption key, victims must then pay a ransom in return. Victims will pay to avoid material damage to the company, including business interruption<\/strong>, fines <\/strong>for non-compliance with data security laws that could have prevented the attack, reputational impact<\/strong>, etc.<\/p>\n\n\n\n

And since your organization is responsible for your data – not Salesforce – you need to protect data against such an event. Leaders at many organizations do not realize this.<\/strong> According to a recent ESG research report, 35% of IT leaders mistakenly believe their cloud vendor (such as Salesforce) is responsible for protecting their data.** As a result, they are not taking the necessary security measures <\/strong>to protect end-user device security, cloud login credentials, or vet third-party applications – all of which leave the organization vulnerable to a ransomware attack.<\/p>\n\n\n\n

Now that you understand the risks, let’s explore the proactive and reactive security measures your organization can take to prevent and minimize the effects of a ransomware attack on Salesforce data.<\/p>\n\n\n\n

4 security measures that protect against ransomware attacks<\/h1>\n\n\n\n

Attackers seek out target companies using SaaS applications that support critical business activities, especially when the victim organization may not have realized the shared responsibility model for cloud security (and therefore the measures that need to be put in place).<\/p>\n\n\n\n

These are the security measures to put in place:<\/p>\n\n\n\n

1. Leverage Salesforce’s built-in security tools:<\/h2>\n\n\n\n

First and foremost, leverage the built-in security tools offered by Salesforce, including Transaction Security, outlined here<\/a>. When a suspicious event occurs, you should create policies to block the requested action and send alerts to your team.<\/p>\n\n\n\n

2. Detect a ransomware attack with Salesforce data monitoring tools:<\/h2>\n\n\n\n

The sooner you detect a ransomware attack, the sooner you can stop it, and the easier it will be to recover from. Tools like Odaseva Monitoring<\/a> powered by Tableau CRM (Einstein Analytics) can detect ransomware attacks in progress by:<\/p>\n\n\n\n