Security in the Clouds

As the volume, velocity, and variety of data in Salesforce continues to increase, so have the demands on Data and System Architects to accelerate the pace of innovation. Together, these trends have led to a growing call for data security to be embedded earlier in the DevOps cycle. While this idea of “shifting left,” isn't […]

  Business leaders and Information Security pros alike will continue to be challenged with both managing data and securing it. Data classification can be foundational by providing a data governance framework that makes securing data easier, but also unlocks insights into its value and best uses. In this episode, Andy Ognenoff, Managing Director, Certified Technical […]

  Extreme agility. Always have a strategy. Focus on the basics instead of “shiny objects.“  Earlier this year, our panelists summed up what they learned in 2020 with these nuggets of wisdom – along with some unexpected positives – and what drove their security mindsets for 2021. Now, we've invited them back to share more […]

The Salesforce Security Playbook – Learn how to bridge the gap between InfoSec and Salesforce DevOps: Salesforce has evolved far beyond a traditional CRM into an enterprise PaaS solution that stores high risk, mission critical information – yet companies don't have clear visibility into the risk exposure of their Salesforce environment because they don't have […]

NIST and Salesforce—how does it all work? In this episode, we are joined by cybersecurity experts from Salesforce, FairWarning, and OwnBackup to discuss how organizations using Salesforce can leverage the NIST Cybersecurity Framework to mitigate security risks. You'll walk away with tangible next steps for governing Salesforce, like data classification, access management, encryption at rest, […]

Most users are unaware of the large amount of sensitive data that resides in their Salesforce orgs and are living some major data security gaps. We know this because RevCult regularly conducts Security Risk Assessments (SRAs) for our clients and recently published a State of Salesforce Data Security report based on an aggregation our findings. […]

Pete Thurston, Chief Product and Solutions Officer at RevCult, explains how to know when it’s time to get your Salesforce org assessed for risk from a security and compliance perspective. Pete shares common trends and key issues that have emerged from the hundreds of security risk assessments RevCult has performed over the years for clients. […]

Most companies aren’t using Salesforce as it was originally deployed and have applied a tremendous amount of innovation to the platform. But this incredible innovation largely happens outside the oversight of InfoSec. In this episode, RevCult’s Brian Olearczyk outlines the challenges many organizations now face with how to confirm their security controls have been implemented, […]

For many companies, data security and governance in Salesforce is an afterthought. But not Cadence Bank. The bank’s development and innovation efforts in Salesforce have kept security front and center. In this episode, Cadence Bank’s CISO and VP, Jonathan Hay, and Applications System Specialist, Carl Lange, join Pete and Laura Nesbitt, RevCult’s Partner Success Leader, […]

Last year, most security leaders were forced to adapt on the fly and completely rethink their strategies for 2021. This episode takes a conversational approach to discussing those strategies and how others are handling urgent data security challenges in these unusual times. Moderated by Brian, our panel of speakers includes Pete, and our guests are […]

Federal regulations around securing personal and financial data are incredibly strict (as, likely, are your internal data security policies). RevCult and FairWarning co-host this episode to explain how to meet these strict guidelines by addressing the two sides of the data security coin: proactive management of user access to data and reactive measures if the […]

Best-selling author, and Data & Analytics Strategy Innovation Fellow at West Monroe, Doug Laney, makes his case for how CIOs are the caretakers of a company’s most valuable asset: Its data. And yet many CIOs and CFOs use antiquated accounting regulations to value company data, instead of taking a more proactive and modern approach. Doug […]

How does a remote workforce impact the security of your Salesforce data? In this episode, security leaders from RevCult, FairWarning, and OwnBackup discuss how COVID-19 upended the operations of virtually every company, leaving InfoSec and Compliance executives scrambling to adapt their Salesforce policies. The hosts explain the Shared Responsibility for Security model, why it’s so […]

Get up to speed on the latest cybersecurity trends and threats in this episode. Experts from NIST, Salesforce, RevCult, FairWarning, and OwnBackup discuss how organizations can leverage cybersecurity frameworks, Salesforce Shield, and additional security controls (including those needed for remote workforces), to create a robust and innovative cybersecurity program. – Watch the original webinar presentation […]

In 2013, NIST identified the five primary pillars every organization should adopt for their cybersecurity framework (CSF): Identify, Protect, Detect, Respond and Recover. In this episode, speakers from RevCult, FairWarning, OwnBackup, and Salesforce explain how their combined solutions support all five pillars, helping to guide key decisions that will ensure your organization implements a holistic […]

  Jeff DiMuro, Chief Security and Compliance Architect for Salesforce, is back with us again – this time, our topic is data privacy and how our privacy practices have to evolve in the “Age of Contact Tracing.” Listen and learn how to take back the controls to assure data is managed securely and policies comply […]

What’s a CASB? Why Salesforce Shield? In this episode we welcomed our friend, Tuhin Kumar, Senior Product Manager at Salesforce, to help us understand why migrating from a CASB to Salesforce Shield (a Salesforce-native encryption solution) can improve platform performance along with encryption. Tuhin shares best practices, common pitfalls, and considerations for an ideal encryption […]

  Rachel Beard, Principal Security Architect for Salesforce, joins RevCult data security experts Pete Thurston and Brian Olearczyk to explore developments in the Health & Life Sciences space. Learn how organizations are currently thinking about securing sensitive data, whether it’s patient data or intellectual property and competitive insights. Companies are also navigating the transition of […]

  If you’re like most of our customers, you’re gaining tremendously more value out of Salesforce than the original “CRM” you implemented. Have your auditors kept pace with their understanding of Salesforce? What are the common controls that auditors are focusing on in your Salesforce instance? Special guest Cory Cowgill, CTO of Fusion Risk Management, […]

Security in the Clouds’ veteran guest Jeff DiMuro from Salesforce joins us to discuss how to establish the proper data protection and data confidentiality techniques for your Salesforce instance. Learn how to ensure authentication credentials for applications and databases are sufficiently strong. Discover how to use event tools to trigger alerts for anomalous behavior.

Tune in to listen as Mike Mason of FairWarning, along with Brian Olearczyk and Pete Thurston of RevCult, discuss how to monitor for anomalous events, and documenting both current states and modified states of any changes to facilitate an error-free recovery. Discover the compensating controls that need to be in place to help ensure the […]

Join us for a virtual fireside chat, it’s time for some Salesforce security & governance community-building! We explore how RevCult bridges the gap between data security and humanity. Tune in to hear how you can learn from our security experts how to align your Salesforce to your security posture. Hang out with us to get […]

  Salesforce only has Sales and Marketing information, right? WRONG! Over the years, Salesforce has grown and evolved exponentially. Companies are leveraging Salesforce in many ways, adding even more sensitive customer data to the platform. While Salesforce is very secure, it’s still a platform that can be implemented in a way that puts your data […]

  Does your company too quickly close the door on Salesforce governance questions and pretend it’s not relevant? If so, you won’t want to miss this cross-functional team of experts review how the world’s best in class organizations approach Salesforce governance. Tune in now to discover what you need to know about the Salesforce Shared […]

    As Banks and Credit Unions look to realize greater return on investment from their digital transformation initiatives, the presence of a strong governance strategy is a leading indicator of success. Centers of Excellence are no longer an option; they are a critical component of goal-setting and execution within this highly-regulated market. During our […]

  Is Salesforce security and compliance a key resolution?  If so and like all resolutions, it starts with an honest assessment of your current state to inform and prioritize the daily, weekly, and monthly steps to execute upon your resolution.  Listen now to discover the key elements you should include in your Salesforce assessment.  We’ll […]

Data Inventory is the first step to implement proper Data Governance for Salesforce.  In part two of our podcast series with guest experts Jeff DiMuro, Chief Security & Compliance Architect at Salesforce and Marla Hay, Director of Product, Privacy & Data Governance we will explain step-by-step, how to conduct data inventory using best practices, standards […]

Do you know what data you’re storing in Salesforce? Data Classification is the first step to ensuring Salesforce is aligned to your company’s Security Posture. Learn how to categorize and classify your Salesforce Data. Discover how to implement “principle of least privileged” best practices. RevCult and Jeff DiMuro Chief Security & Compliance Architect at Salesforce […]

Roman Seleznev aka Track2 is known as one of the most prolific cyber-criminals for his role in a $50 million cyberfraud ring involving online identity and credit card theft. Guest expert Mike Smith, Security Architect at Salesforce, tells this shocking story of Seleznev to illustrate key considerations businesses must take to protect their customer data […]