Organizations worldwide use Salesforce Sites to provide information and services to partners and customers. However, when configuring these sites, something as simple as a missed checkbox can expose sensitive and regulated data to unauthenticated, anonymous guest users — effectively exposing the information publicly.
This blog will cover how organizations can use Varonis to automatically identify and remediate Salesforce Sites’ guest permissions to view site records, eliminating the risk of unauthenticated users accessing sensitive data.
The unforeseen risks of Salesforce Sites
Misconfigured Salesforce Sites can happen anywhere. KrebsOnSecurity researchers found misconfigured Salesforce Sites at both state agencies and other organizations that exposed sensitive information like SSNs, federal IDs, and addresses for months.
Regular guest users require a link to access Salesforce Sites. However, threat actors can easily bypass this requirement. They can take advantage of misconfigured guest permissions by modifying host headers or using open-source scanners that send HTTP requests to Salesforce Sites to find and exploit data.
So even if a site is disabled and the link is removed, threat actors can still access sensitive data if guest permissions are misconfigured.
Identify and remediate sensitive data exposed to guest users.
With Varonis, admins can quickly identify Salesforce Sites that expose sensitive data publicly and pinpoint the exact records at risk.
Varonis automatically surfaces Salesforce Sites that expose sensitive data publicly.
Varonis automatically surfaces Salesforce Sites that expose sensitive data publicly.
Varonis can then automatically remediate guest permissions on Salesforce Sites at scale, eliminating the need to manually search for and modify each site’s permissions from the Salesforce management console.
This corrective action does not require taking down the site, so organizations can fix exposures without interrupting the user experience.
This greatly reduces the risk of unauthenticated users or threat actors manipulating URLs or using open-source scanners to access sensitive data linked to Salesforce Sites.
Automatically remediate guest access to data on Salesforce Sites.
Automatically remediate guest access to data on Salesforce Sites.
Reduce Salesforce data risks at scale.
Unlike other tools that only surface problems, Varonis shows you where sensitive data is at risk and solves issues at scale with automation.
Varonis for Salesforce is the only solution that offers a suite of automated remediation capabilities designed to reduce exposure risk in Salesforce proactively, including:
- Remediating public link exposure
- Revoking the ability to create public links
- Disabling stale or risky users
- Fixing security misconfiguration
- Removing third-party apps
With Varonis, organizations can effortlessly reduce sensitive data risk and ensure their Salesforce environment remains secure.
Revoke users’ ability to create public links and get to least privilege.
Revoke users’ ability to create public links and get to least privilege.
Try Varonis for free.
Varonis for Salesforce helps security teams continuously monitor and improve their Salesforce security posture in real time, and is available on the Salesforce AppExchange.
Interested in finding where your Salesforce data is unknowingly exposed to the world and effortlessly improving your SaaS security posture with Varonis’ industry-leading automation?
