Varonis debuts trailblazing features for securing Salesforce. Learn More

Varonis announces strategic partnership with Microsoft to acclerate the secure adoption of Copilot.

Learn more

Automatically Remove Salesforce Public Links with Varonis

Varonis’ least privilege automation capabilities now remove public Salesforce links automatically.
2 min read
Published February 6, 2024

Watch this demo to see Varonis' least privilege automation in action.

Varonis’ least privilege automation capabilities now expand to Salesforce, enabling our customers to remediate public links in Salesforce automatically and continuously.

Public links pose a significant risk to organizations and, without the proper configuration insights and remediation controls, expose critical attachments such as sales contracts, pricing info, support tickets, and more. 

What are public links?

Public links enable users to share files and attachments from your Salesforce Orgs with anyone. If they have the link, they can access your data.

Public links are easy to create but nearly impossible to find and track with Salesforce’s native capabilities alone.

Organizations often have the “create public link” permission switched on in their global sharing settings without realizing it. The permission then proliferates throughout the organization as Profiles and Permission Sets with this entitlement are cloned and assigned to new users.  

With Varonis, organizations can continuously monitor their Salesforce environments to identify where sensitive data is exposed through public links, understand who can create them, and automatically remove them – all from a unified platform.

Remediating public links with Varonis

Varonis continuously monitors Salesforce to identify where users share sensitive Salesforce data using public links. Our Salesforce dashboard provides a visualization of the number of public links, stale or active, across your Salesforce Orgs. 

Salesforce public link widget

Get an overview of the number of links across your Salesforce Orgs.

From the dashboard, you can easily drill into a report to see exactly which public links exist and get more information on each, including:

  • Who created the link
  • Whether the link has sensitive data
  • The last time the link was used
  • If it’s password-protected
  • Its related records

Salesforce public link report 1

View all of the public links created across your Salesforce Orgs.


Public link detailsSee all the details related to each public link.

From this report, you can use Varonis to remove the public link from the internet, cutting off unwanted access to your data.

You can select specific links you would like to remove or create a policy to automatically remove links based on specified criteria, such as sensitivity and staleness.

You can also set the remediation policies to run at regular intervals to reduce public exposure continuously. 


Remove public links directly from the Varonis UI.

Preventing the creation of public links

Understanding who can create public links involves identifying which Profiles and Permission Sets have that ability and then tracking down each user with the assigned Permission Set.

With Varonis, our platform quickly surfaces which users can create public links, providing you with a report of every Profile and Permission Set containing the “create public link” entitlement and the individual users who can perform the action.

You can then use the results to identify where to restrict the ability to create public links.


Quickly find who can create public links in Salesforce.

Try Varonis for Salesforce

Available on the Salesforce AppExchange, the Varonis Data Security Platform helps security teams continuously monitor and improve their Salesforce security posture in real-time with the ability to:

  • Discover and classify sensitive data in records and attachments
  • Greatly simplify permission analysis to understand where sensitive data is exposed and enforce least-privilege access
  • Monitor sensitive data activity and alert on abnormal behavior
  • Enhance Salesforce Shield
  • Continuously surface and fix configuration drift
  • Identify and manage third-party application risk

Ready to protect your critical Salesforce data and improve your security posture with Varonis?

Contact us today to get started with a free Salesforce data risk assessment.


What you should do now

Below are three ways we can help you begin your journey to reducing data risk at your company:

  1. Schedule a demo session with us, where we can show you around, answer your questions, and help you see if Varonis is right for you.
  2. Download our free report and learn the risks associated with SaaS data exposure.
  3. Share this blog post with someone you know who'd enjoy reading it. Share it with them via email, LinkedIn, Reddit, or Facebook.
Try Varonis free.
Get a detailed data risk report based on your company’s data.
Deploys in minutes.
Keep reading
Automatically Remove Salesforce Public Links with Varonis
Varonis’ least privilege automation capabilities now remove public Salesforce links automatically.
Varonis Delivers Market-leading Salesforce Security
Varonis delivers market-leading Salesforce security
Varonis MDDR: Industry's First Managed Data Detection and Response Offering
New 24x7x365 threat detection and response service is built to stop data breaches.
What’s new in Varonis: Jan 2024
This month brings you a fresh set of updates designed to improve your cybersecurity journey.