About this episode
Today on the Salesforce Admins Podcast, we talk to Laura Pelkey, Director of Customer Security Communications & Engagement, and Kylie McKlveen, Director of Product Marketing at Salesforce. Join us as we chat about how admins can level up the security of their orgs using a simple framework for understanding security in Salesforce. You should subscribe for the full episode, but here are a few takeaways from our conversation with Laura Pelkey and Kylie McKlveen. The three key areas of Salesforce security Security can feel complicated and unapproachable, especially at the pace at which the Salesforce platform is evolving and changing. How can admins keep up and make sure that their org's data is protected? Luckily, Laura and Kylie are here to help. It starts with a practical framework for understanding Salesforce security. They break it down into three key areas: Invisibles: What Salesforce is already doing to protect your org. Examples include network-level security, infrastructure, application-level security, and a global 24/7 threat response and monitoring team. Configurables: What you can do as a Salesforce Admin to improve your Salesforce security. Think security settings, controls, and layering permission sets to follow the principle of least privilege. Enhanceables: Extra steps you can take to protect sensitive data or meet industry-specific regulations. These are tools you can add to your org, like Salesforce Shield, Security Center, and Salesforce Backup and Recover. Put it all together, and you have a clear plan of action for how you can level up the security of your org. How Agentforce will bring agentic security to your org "There's a lot of amazing AI technology out there now," Laura says, "but unfortunately, the attackers, the hackers, the bad guys, whatever you want to call them, are also leveraging this technology, and they're doing so in ways that make it harder to spot when malware is happening." In the Dreamforce Security Keynote, they demonstrated this by doing a live deepfake of a Salesforce executive. It's getting easier for attackers to use AI for social engineering or even just a better-worded phishing attack. Luckily, Salesforce is fighting back with two new features coming soon. With Agentforce in Security Center, you will be able to detect, investigate, and remediate threats to your org with a simple conversation. Agentforce in Privacy Center will help automate some of the hard work around complying with constantly evolving regulations.
