cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted
Newcomer II

Salesforce DLP question

Hello ISC2 community!

 

I'm running into an issue in development of Salesforce.  The issue is that data can be moved/ copied from a production org into a scratch org or Trailhead org.  Has anyone run into a similar issue and come up with a solution?

 

In case, you're going to ask, Salesforce Shield doesn't prevent or detect this data transfer.

 

Thank you in advance!

Sai Honig

Tags (1)
1 Reply
Highlighted
Community Champion

Re: Salesforce DLP question

@Skhonig  On the basis it is a cloud based service via Salesforce, it sounds very much that you need a CASB or a SASE type solution, which can provide you full visibility on both privileged and user activities, and enforce policies preventing undesired transportation of information or communications.  

 

There is a number of solutions out there in the market, all pushing their wares - first step would be to review Gartner and Forrester reports and review their findings.

 

If you are working within a Government environment, this is a major issue and headache for many - which contributes to many ShadowIT issues, Data Leakage issues due to the lack of visibility.  The only answer really is a CASB or SASE, to provide you with a full knowledge and enforcement of your organisations required policies.

 

 

CASB's and SASE's services provide you with the capability to put in DLP capabilities and to prevent unwanted communications paths i.e. users attempting to pass information to an AWS bucket for in stance or a Microsoft Blob etc.

 

If you want further details, please send me a private message - happy to pass on details.

 

Regards

 

Caute_cautim

Tags (2)