Protecting Salesforce: Remediating Misconfigured Sites

Varonis enables organizations to identify and remediate misconfigured Salesforce Site guest permissions that expose sensitive data publicly. 
Nathan Coppinger
2 min read
Last updated September 5, 2024
Remediating misconfigured Salesforce sites with Varonis

Organizations worldwide use Salesforce Sites to provide information and services to partners and customers. However, when configuring these sites, something as simple as a missed checkbox can expose sensitive and regulated data to unauthenticated, anonymous guest users — effectively exposing the information publicly. 

This blog will cover how organizations can use Varonis to automatically identify and remediate Salesforce Sites’ guest permissions to view site records, eliminating the risk of unauthenticated users accessing sensitive data.

The unforeseen risks of Salesforce Sites

Misconfigured Salesforce Sites can happen anywhere. KrebsOnSecurity researchers found misconfigured Salesforce Sites at both state agencies and other organizations that exposed sensitive information like SSNs, federal IDs, and addresses for months.

Regular guest users require a link to access Salesforce Sites. However, threat actors can easily bypass this requirement. They can take advantage of misconfigured guest permissions by modifying host headers or using open-source scanners that send HTTP requests to Salesforce Sites to find and exploit data.

So even if a site is disabled and the link is removed, threat actors can still access sensitive data if guest permissions are misconfigured. 

Identify and remediate sensitive data exposed to guest users. 

With Varonis, admins can quickly identify Salesforce Sites that expose sensitive data publicly and pinpoint the exact records at risk. 

Varonis automatically surfaces Salesforce Sites that expose sensitive data publicly.

Exposed records

Varonis automatically surfaces Salesforce Sites that expose sensitive data publicly.

Varonis can then automatically remediate guest permissions on Salesforce Sites at scale, eliminating the need to manually search for and modify each site’s permissions from the Salesforce management console.

This corrective action does not require taking down the site, so organizations can fix exposures without interrupting the user experience.

This greatly reduces the risk of unauthenticated users or threat actors manipulating URLs or using open-source scanners to access sensitive data linked to Salesforce Sites. 

Automatically remediate guest access to data on Salesforce Sites.

Remove anonymous access

Automatically remediate guest access to data on Salesforce Sites.

Reduce Salesforce data risks at scale. 

Unlike other tools that only surface problems, Varonis shows you where sensitive data is at risk and solves issues at scale with automation.

Varonis for Salesforce is the only solution that offers a suite of automated remediation capabilities designed to reduce exposure risk in Salesforce proactively, including: 

With Varonis, organizations can effortlessly reduce sensitive data risk and ensure their Salesforce environment remains secure. 

Revoke users’ ability to create public links and get to least privilege.

Revoke create public link permission-1

Revoke users’ ability to create public links and get to least privilege.

Try Varonis for free.

Varonis for Salesforce helps security teams continuously monitor and improve their Salesforce security posture in real time, and is available on the Salesforce AppExchange.

Interested in finding where your Salesforce data is unknowingly exposed to the world and effortlessly improving your SaaS security posture with Varonis’ industry-leading automation?

Request a demo today.

What should I do now?

Below are three ways you can continue your journey to reduce data risk at your company:

1

Schedule a demo with us to see Varonis in action. We'll personalize the session to your org's data security needs and answer any questions.

2

See a sample of our Data Risk Assessment and learn the risks that could be lingering in your environment. Varonis' DRA is completely free and offers a clear path to automated remediation.

3

Follow us on LinkedIn, YouTube, and X (Twitter) for bite-sized insights on all things data security, including DSPM, threat detection, AI security, and more.

Try Varonis free.

Get a detailed data risk report based on your company’s data.
Deploys in minutes.

Keep reading

Varonis tackles hundreds of use cases, making it the ultimate platform to stop data breaches and ensure compliance.

varonis-enhances-salesforce-security-with-high-risk-permissions-remediation
Varonis Enhances Salesforce Security With High-Risk Permissions Remediation
Identify and automatically remediate high-risk Salesforce permissions to reduce risk and improve your SaaS security posture.
protecting-salesforce:-preventing-public-link-creation
Protecting Salesforce: Preventing Public Link Creation
Identify and prevent the creation of Salesforce public links and reduce your blast radius with Varonis.
varonis-launches-third-party-app-risk-management
Varonis Launches Third-Party App Risk Management
Varonis reduces your SaaS attack surface by discovering and remediating risky third-party app connections.
dspm-report-highlights-risks-that-lead-to-significant-data-breaches  
DSPM Report Highlights Risks That Lead to Significant Data Breaches  
Varonis' new DSPM report reveals that typical companies are widening their blast radius by oversharing permissions, excess ghost users, lack of MFA, and more.