Privileged Users in Salesforce: What Can They Access?


Privileged users can pose a tremendous risk to a company's org -- and understanding what they have access to is half the battle.

Privileged user abuse may be malicious, or it may be unintentional. Either way, it represents a huge liability to your company. The two main areas of concern with privileged user abuse in Salesforce and other cloud applications are data security and compliance. Yet while the average insider cyberattack costs a company $173,516 per year, 56 percent of businesses say they don’t have enterprise-wide visibility into privileged user access. Privileged users in Salesforce are often necessary. But you may not need so many of them, and monitoring can help you keep tabs on how they’re interacting with your org and handling sensitive data.

The first piece of solving the privileged user problem is understanding who (or what) a privileged user is. Next, however, is knowing what these users have access to. Because a privileged user is one with a higher level of permissions than the standard user, they often have full visibility and control over your Salesforce org. So what might that visibility include? With more than 150 user permissions in Salesforce, here are 7 areas where a privileged user could pose the biggest risk to your organization.

#1. View All Data

For many businesses, Salesforce has evolved from a sales and marketing tool to a mission-critical application that stores everything related to the operation and activities of that business — and its customers’ businesses. This may include:

  • Competitive positioning
  • Customer opportunities and cases
  • Prospect lists
  • Personnel files
  • Pricing and contracts
  • Product blueprints, patent applications, or other trade secrets

Whether users are willfully accessing this information for personal gain or unintentionally deleting or modifying it, even the ability to view business information could create problems down the line.

#2. Modify All Data

With the ability to edit, delete, and create all data, privileged users could cause great harm by mass deleting accounts or essential information like price books. They may also damage data integrity by, for example, mass updating fields with incorrect information.

#3. Login-As

Under “modify all data” and an additional system permission is the ability to log in as a different user. This is particularly useful for admins who want to quickly resolve user issues without opening a Salesforce customer service case, and the permission can increase productivity and protect against revenue loss. However, it also means that users can perform activities under another user’s credentials, covering their tracks and hiding any nefarious behavior.

#4: Manage Addresses

This restricts — or allows — the IP ranges from which users can log into the Salesforce instance. One security best practice for keeping data safe includes restricting IP ranges, but a user with this permission could open the organization to risk by editing allowable IPs. This also means they could log in remotely, which is an issue if the business doesn’t allow such activity — unsecured networks could allow threats into the system, compromising essential and proprietary data.

#5: Export Reports

Users with the ability to export reports could easily download large amounts of proprietary and sensitive data in one action. This might be used to steal sensitive customer, prospect, and company data for a variety of reasons, such as fraud, sabotage, or competitive reasons.

#6: API-Enabled

This setting allows the user to log into third-party applications that interact with your Salesforce instance. One example is a non-native data loader that can mass upload, update, or delete information in the Salesforce instance. If a privileged user can allow another program to access Salesforce at your company, they may be opening you up to other threats.

#7: Manage Password Policies

Users could use this to reduce password security by, for example, allowing any type of password to be used or disabling time-bound password reset requirements (e.g., update passwords every 90 days). This can leave an org open to vulnerabilities when the same password or a low-security password is used for too long, allowing hackers and external threats to more easily access an instance.

Privileged users are the ultimate insider threat — employees who have been given technical permissions that allow them to harm your organization. Or, they may be applications accessing your instance through an API that has been granted access broader than what it needs. But with a comprehensive understanding of your users and their associated profiles and permissions — as well as the data to which they have access in Salesforce and other cloud applications — you can take the first step toward managing privileged users and their access.

 Learn how you can monitor privileged users in Salesforce with a Imprivata FairWarning for Salseforce demo.