In an age where information is power, it’s really important to ensure that those who have access to data and admin tools are meant to have it, as well as ensuring that your Salesforce org is secure against malicious actors attempting to gain access.
This week’s Tether Tip will talk briefly about the initial steps you can take to keep your data safe, even when user credentials are compromised.
But wait, what are we talking about? – Profile based IP restrictions!
Profile based IP restrictions is a tool provided by Salesforce to ensure that any users attempting to log in have a specific IP address or has an IP address within a defined range, this ensures that users outside a certain network will not gain access to Salesforce, even with working credentials.
This is a great way of ensuring administrator’s and superuser’s additional privileges are not abused and are only available to those who are meant to have it.
Some key benefits are:
- You can set IP Restriction under each profile. This will restrict access, and Users will only be able to log in from the IP addresses listed.
- Users will not be able to access Salesforce from any IP that is not listed in the range. They will receive a Restricted IP error when logging in.
- This setting is recommended for organizations with Users who log in only using VPN or their public corporate network IP addresses.
- Please make sure that all the IP ranges for your apps and integration are added as well.
Once logged in > Setup Page > search ‘Profile’. This will display a list of all available profiles, select the profile you wish to lock down, you should see a screen like below:
Scroll to the bottom of the Profile page to a related list named ‘Login IP Ranges’. This is where we will define which IP addresses are able to login as any user with this profile.
Click ‘New’ under Login IP Ranges and define a custom IP range, once finished, hit save and your new security measures will take effect instantly.
Congratulations, you’ve just taken the first step to securing your Salesforce org against malicious actors and that one guy Harold in the corner!
To sum up the required steps:
- Log into Salesforce
- Head to Setup
- Search for ‘Profile’
- Find the profile which you would like to restrict
- Scroll to the ‘Login IP Ranges’ related list
- Click New and set a new IP range
- Done!
Thanks for reading, have a great day!
We hope you enjoy this helpful tip from Salesforce. I know I certainly have, don’t forget to check back in next week for another exciting Tether Tip.
Daniel Edwards
The Tether Team
#salesforce #salesforcecrm #tethertips #tether #networksecurity
