Salesforce

Preparation

  • Use Chrome or Firefox browser
    • Turn off pop-up blockers/adblockers (only for the duration of the installation)
    • Person doing the installation must be a Salesforce Administrator for the org to be monitored by Cloudlock who has the following privileges:

Installation

  1. In Salesforce, select Setup, then use Quick Find to search for ‘network access’
  2. Add the following Cloudlock IP addresses to your allow list:
    • 52.73.52.135
    • 52.71.142.118
    • 52.7.58.223
    • 54.174.102.153
    • 52.27.150.153
    • 44.232.51.63
    • 44.231.175.94
  3. Launch Cloudlock in a new browser tab or window (contact [email protected] for the link to use)
  4. In the Platforms tab of the Settings page, select Authorize in the Actions column for the Salesforce platform (production or sandbox; as appropriate).
  5. Select Authorize.
  6. Return to Salesforce and grant the API access requested by Cloudlock.

Support for Salesforce Free Managed Apps

As of October 30, 2020, Salesforce Free Managed apps (Event Monitoring Viewer, Selective Encryption, and In-App Security) will no longer be supported by the Cloudlock for Salesforce application.

Mandatory settings

  • Instance is a mandatory setting that refers to the Cisco Cloudlock instance to which you need to connect. For example, if you login to Cisco Cloudlock via platform.cloudlock.com then the appropriate entry is Platform.
  • API Token is a mandatory setting that refers to the access token provided to you in the Cisco Cloudlock platform. To retrieve a token in Cisco Cloudlock, open the Integrations tab in the Settings page (you must have the appropriate administrative role in Cisco Cloudlock). Select Recycle, then copy the access token that appears. Paste the API token into the Cloudlock Integration Settings page in Salesforce.

Optional Settings

Page Title is for customizing the title on the main home page of the application.

Synchronization Type is for tuning the frequency at which the application fetches updates from your Cisco Cloudlock platform.

Manuel: Syncs only when Sync is selected in the UI.

On Demand: Polls and syncs rapidly, only when the application is currently in use.

Syncs automatically every 2 minutes, but only when the application UI is open.

Scheduled: Polls and syncs once per hour or day, even when the application is in the background.

Scheduled Sync:

  • Hourly
  • Daily

Hybrid: Scheduled and On-Demand can be combined. Thus when the application is in use, syncing is repeated rapidly (to facilitate incident triage, for example), then when the application is in the background it reverts to the hourly or daily schedule.

Hybrid Sync:

  • Hourly & On Demand
  • Daily & On Demand

Note: The most recent synchronization is listed on the application home screen.

Synchronization Batch Size: adjusting batch size can sometimes improve performance in cases where very large objects or files generate large numbers of security incidents. The Batch Size automatically adjusts downward if memory overflows.

Coverage determines whether the app will fetch incidents from all platforms or only from Salesforce.

Exposure Recording enables capture of each instance of a record in Salesforce being viewed. Recorded information, including viewer ID, object type, record name, record owner, etc., is saved in a custom “Record View” object.
The following Exposure Recording Sensitivity suboptions are available when Exposure Recording is enabled:

  • Exposure Recording Sensitivity determines when recording occurs. Choose Records With Incidents when you are concerned only with viewing of sensitive information. This option also reduces the data impact of Exposure Recording.

Purge Exposure Records automatically deletes exposure (“Record View”) records after a specified period. These objects can also be deleted manually at any time.

Purge Incidents automatically deletes incident records after a specified period. Records are deleted only from your Salesforce environment, not from Cloudlock. This setting also establishes a date for the sync process, such that only incidents created after the time specified in this setting are synced.

When you have configured the app settings, you are ready to take the In-App Security application into use.

Updated 7 months ago

Salesforce


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.