Watch this demo to see Varonis' least privilege automation in action.
Varonis’ least privilege automation capabilities now expand to Salesforce, enabling our customers to remediate public links in Salesforce automatically and continuously.
Public links pose a significant risk to organizations and, without the proper configuration insights and remediation controls, expose critical attachments such as sales contracts, pricing info, support tickets, and more.
What are public links?
Public links enable users to share files and attachments from your Salesforce Orgs with anyone. If they have the link, they can access your data.
Public links are easy to create but nearly impossible to find and track with Salesforce’s native capabilities alone.
Organizations often have the “create public link” permission switched on in their global sharing settings without realizing it. The permission then proliferates throughout the organization as Profiles and Permission Sets with this entitlement are cloned and assigned to new users.
With Varonis, organizations can continuously monitor their Salesforce environments to identify where sensitive data is exposed through public links, understand who can create them, and automatically remove them – all from a unified platform.
Remediating public links with Varonis
Varonis continuously monitors Salesforce to identify where users share sensitive Salesforce data using public links. Our Salesforce dashboard provides a visualization of the number of public links, stale or active, across your Salesforce Orgs.
Get an overview of the number of links across your Salesforce Orgs.
From the dashboard, you can easily drill into a report to see exactly which public links exist and get more information on each, including:
- Who created the link
- Whether the link has sensitive data
- The last time the link was used
- If it’s password-protected
- Its related records
View all of the public links created across your Salesforce Orgs.
See all the details related to each public link.
From this report, you can use Varonis to remove the public link from the internet, cutting off unwanted access to your data.
You can select specific links you would like to remove or create a policy to automatically remove links based on specified criteria, such as sensitivity and staleness.
You can also set the remediation policies to run at regular intervals to reduce public exposure continuously.
Remove public links directly from the Varonis UI.
Preventing the creation of public links
Understanding who can create public links involves identifying which Profiles and Permission Sets have that ability and then tracking down each user with the assigned Permission Set.
With Varonis, our platform quickly surfaces which users can create public links, providing you with a report of every Profile and Permission Set containing the “create public link” entitlement and the individual users who can perform the action.
You can then use the results to identify where to restrict the ability to create public links.
Quickly find who can create public links in Salesforce.
Try Varonis for Salesforce
Available on the Salesforce AppExchange, the Varonis Data Security Platform helps security teams continuously monitor and improve their Salesforce security posture in real-time with the ability to:
- Discover and classify sensitive data in records and attachments
- Greatly simplify permission analysis to understand where sensitive data is exposed and enforce least-privilege access
- Monitor sensitive data activity and alert on abnormal behavior
- Enhance Salesforce Shield
- Continuously surface and fix configuration drift
- Identify and manage third-party application risk
Ready to protect your critical Salesforce data and improve your security posture with Varonis?
What you should do now
Below are three ways we can help you begin your journey to reducing data risk at your company:
- Schedule a demo session with us, where we can show you around, answer your questions, and help you see if Varonis is right for you.
- Download our free report and learn the risks associated with SaaS data exposure.
- Share this blog post with someone you know who'd enjoy reading it. Share it with them via email, LinkedIn, Reddit, or Facebook.
Nathan has always loved learning about cutting-edge technology but didn’t have the patience for coding. So, he found his niche as a microphone for the talented individuals behind the code.