Salesforce Cybersecurity Solutions 2021
Salesforce Devops 2021 Retrospective Series
- Salesforce Devops Raises $275.5 million in 2021
- Salesforce Cybersecurity Solutions 2021
- Salesforce Devops Product Reviews – 2021 Retrospective
- Salesforce Devops 2021 News Roundup
- Salesforce Devops Product Profiles 2021
- 2021 How-To Tips for Salesforce Devops
- Salesforce Devops Industry Analysis 2021
In 2021 we saw how vulnerable the United States and its allies are to cyberattacks. For the first time, a cyberattack was felt by the public when Colonial Pipeline shut down a national gasoline distribution network. And, software distribution was hijacked in the CodeCov hack. Also, the Kaseya supply chain attacks invaded managed service provider networks to deliver ransomware. In response, the Biden administration issued a new executive order to bolster initiatives like software bill of materials and zero-trust architectures. The cyberwar is real, and every Salesforce platform owner, developer, architect, and admin needs a proactive defensive posture. Here is my 2021 retrospective on the threat and how to use cybersecurity to protect your Salesforce operations.
What is Cybersecurity?
The 21st Century is loaded with threats, and some of the worst threats now come from a technologically conjured place called cyberspace. So, what is cyberspace? I remember first reading about cyberspace in the 1984 science fiction novel Neuromancer by William Gibson. That novel portrayed a connected world gone to the extreme. Imagine Mark Zuckerberg’s metaverse literally jacked directly into your brain.
A nonfiction definition of cyberspace is the entire universe of connected hardware and software systems, on and off the Internet. In a word, cyberspace is HUGE. Here is a definition of cyberspace I found in a policy paper linked to the U.S. Army War College. It discusses what cyberspace means to military policy analysts.
Cyberspace is the newest domain of warfare. In cyberspace, the attacker has the advantage over the defender. Cyberspace is unique because it offers state and non-state actors the ability to wage campaigns against American political, economic, and security interests without requiring a physical presence.Lessons for Policymakers, 2019
Using that definition of cyberspace, my definition of cybersecurity is a practice that defends your hardware and software against threat actors from cyberspace. More and more, cybersecurity is critical to an organization’s continuity and well-being.
USA Acts Against Criminal Hackers in 2021
As the number and severity of cyberattacks increased in mid-2021, the United States security forces appear to have acted. The result has been several positive news reports and a diminution of reported cyberattacks. The Biden Administration also appears to be working directly with the Russian Federation and Ukraine governments to curtail these crimes.
Reports confirm the United States Department of Justice (DOJ) and US Cyber Command have taken steps to protect America and its allies. For example, the DOJ helped to recover some of the bitcoin ransom paid in Colonial Pipeline by chasing down bitcoin transactions. Encryption keys for the Kaseya attack were also recovered and distributed to victims, but not until after the FBI held the keys back in a vain attempt to entrap the criminals.
Also, the commander of U.S. Cyber Command recently admitted to the New York Times that his agency and the National Security Agency (NSA) have changed their posture concerning ransomware attacks. Prior to this change, the U.S. national security apparatus saw ransomware as a purely economic concern left up to the DOJ. Now, ransomware criminals are seen as a threat to national security, and according to the commander, the U.S. has taken action to prevent attacks.
While the United States government has acted and there appears to be a lull in activity, this is no time for any organization to relax their cybersecurity posture. The threat is not over because cybersecurity is a game of measures and countermeasures where the attacker has the advantage. So, it may only be a matter of weeks or months before more bad actors in cyberspace find a new attack vector.
Salesforce and Cybersecurity
A Salesforce cybersecurity practice addresses the attack surface of customized applications, deals with open-source security concerns, corrects configuration errors, and protects against data access threats. Most of these practices are accomplished using code scans, metadata intelligence, IDE integrations, dashboards, and reporting functions.
When talking about Salesforce and cybersecurity, I break down the subject into two broad categories: Developer and Platform Cybersecurity. Developer cybersecurity addresses concerns that arise during custom app development. Platform cybersecurity, on the other hand, deals with configuration, setup, and data security requirements.
Cybersecurity issues arise while an application is being built, so it is advantageous to look for security vulnerabilities ahead of time. This strategy of being proactive and looking for flaws during application development is called the “shift left” movement. For Salesforce devops practitioners, this means that developer cybersecurity tools work best when integrated directly into your devops pipelines.
Developer cybersecurity tools need to be well integrated. This is to prevent cognitively overloaded developers and low-code app builders. DigitSec S4, for example, recently added VS Code integration, which lets developers automatically access security scan results in the correct context. This lets coders remain working in their primary tool and eliminates the cognitive load of switching to a report view.
Open-Source Software and Supply Chain Threats
The recent Log4j zero-day exploit reminds us it is impossible to know when a lurking Internet vulnerability will appear. The reason for this is that most parts of the Internet are built using free open-source software like Log4j. And with Log4j maintained by volunteers, its vulnerability epitomizes the ungoverned nature of open-source software. One way to deal with this is with packages like DigitSec S4, which perform software composition analysis (SCA) to look for known vulnerabilities in open-source software.
Developer Cybersecurity Solutions
Here is the list of products I covered in 2021 that let you “shift left” and use developer cybersecurity to secure your Salesforce customized applications. For a complete list of static application security tools, check here.
Some Salesforce developer cybersecurity solutions are more tailored for a Salesforce audience. Plus, several have additional capabilities that go beyond static scanning.
The entire Salesforce platform cannot be fully comprehended by most platform owners and admins. Due to this complexity, a comprehensive tool is needed to manage the configuration of a production Salesforce org. Configuration management is a key function of platform cybersecurity.
Data access concerns, usually referred to as data security, comes next in Salesforce platform cybersecurity. This is usually about keeping information within an organization private according to a user’s role. For example, data security can be about keeping the sales reps from finding out how much their boss is making off an opportunity. But lax data security can lead to worse things than bad interoffice politics. Errors in data security setups can allow for external exploits, as well as disclosure of confidential data using login theft.
Additional features of platform cybersecurity solutions are observability solutions, incident management and response. Here is a list of the platform cybersecurity products I covered in 2021.
- Revcult by OwnBackup
- Salesforce Mobile App Security and Compliance
- Salesforce Privacy Center
- Salesforce Security Center
- Salesforce Shield
Cybersecurity Posts 2021
It’s been a busy year in cybersecurity. To wrap up the topic, here are all the cybersecurity posts on the site:
- The SolarWinds Hack and Salesforce Devops
April 2, 2021
“Deal with the consequences of the SolarWinds hack by making overall developer security a major concern of any devops program. Look closely at the tools and services currently available. And make sure the people working on your coding efforts have well-maintained endpoints with a security perimeter protecting them from the bad actors. By offering these services as a core part of your devops program, your developers will have the power to have fun coding, safely.”
- Okta Goes For Developer Security with Starter Developer Edition
April 9, 2021
“Developer security needs constant reassessment. Salesforce devops toolchains and scripts need checking. Products offered by cloud-based security vendors like Okta can sometimes help with improving the efficiency and security of day-to-day operations.”
- Developers Targeted Again in Codecov Hack
April 19, 2021
“Software supply chain risk has moved into the center stage of concerns for IT leaders, and there does not seem to be any easy answers on the horizon. For now, the devops software and services industry needs to step up and start proving they are using security techniques to protect against software supply chain risk.”
- Ransomware from Darkside Amplifies Threat Actors
May 11, 2021
“Cybercriminals no longer need to invent new ways to penetrate and compromise a target organization. Darkside, a criminal organization based in Russia, is apparently in the business of offering ransomware as a service to other criminal actors on the Internet. This time, Colonial Pipeline, one of the largest energy transportation operators in the Eastern United States, revealed last weekend their IT systems have been compromised using software distributed by Darkside.”
- Biden Cybersecurity Order Tells Contractors To Shape Up
May 13, 2021
“By using the purchasing power of the federal government, the Biden Administration hopes to pull American cybersecurity into the 21st century. These new regulations will certainly have an impact on many Salesforce ISVs, consultants, and system integrators. The Colonial pipeline incident now seems like a seminal moment in the history of cybersecurity.”
- We are All Cyberwarriors Now
May 17, 2021
“The recent Colonial Pipeline incident and the Biden Administration’s executive order bring the deadly nature of the cyberwar into focus. The executive order is the first step in what must amount to a mobilization of the American workforce. For the United States to lead the cyberwar effectively, the government must partner with businesses to enlist every American worker as a cyberwarrior.”
- Scale Cybersecurity Report Heralds Industry Growth in 2021
May 24, 2021
“For Salesforce devops vendors, architects, practitioners, and industry watchers this report heralds further new market entrants, cybersecurity enhancements from existing vendors, more investor moves, and further mergers and acquisitions of devops and cybersecurity companies.”
- Adapt or Die: The Cyberwar Imperative for Developers
June 3, 2021
“I hope developers will take the initiative and demand more from tool vendors. Who does not want to produce bulletproof code from the beginning? But corporate silos have isolated cybersecurity knowledge and resources away from a developer’s daily life. And when the new security doctrine comes down, we do not get the weapons made for the war we are now fighting. For now, until the medics arrive, only individual developer heroes will help their own squad fight effectively in this new war.”
- How To Report A Cybersecurity Incident in 2021
June 25, 2021
“Finally, architects need to incorporate security concerns earlier in the development process. And devops tools vendors need to support those efforts by incorporating application security directly into the developer workflow process without creating a new cognitive load on coders.”
- REvil Ransomware Exploits IT Service Providers on 4th of July Weekend
July 3, 2021
“The United States and its allies must act against the source of these attacks. Those of us in the IT industry will be overwhelmed if threat actors get infinite do-overs. It is time to address the problem at its source.”