CRM security for your organization

Secure Salesforce and its ecosystem services

Netskope for Salesforce

Enterprises of all sizes use Salesforce and its ecosystem to give their teams an edge. But all your customer data and sensitive files concerning your deals and opportunities are stored in Salesforce. And when you share that data across Salesforce and its ecosystem of services, risks can arise, from inadvertent sharing to privileged user access abuse.

Netskope uses an API connector to Salesforce to protect your business data without affecting the user experience. And with inline controls, protect Salesforce activities in real time. With Netskope for Salesforce, you get a CRM security solution to help your business be more efficient and flexible while you maintain the visibility and security controls you need to protect sensitive data, prevent its loss, and ensure compliance with global regulations.

Key Features

All-mode architecture

The unique Netskope all-mode architecture offers you a full array of deployment options to gain visibility and control of Salesforce as well as its ecosystem of connected services, whether your users are on premises or remote, using a web browser, mobile app, or sync client. Options include out-of-band API introspection into Salesforce as well as forward and reverse proxy modes for real-time policy controls for Salesforce and its ecosystem.

  • API introspection provides direct, out-of-band connection into Salesforce
  • Reverse proxy covers Salesforce access from outside your network
  • Forward proxy covers any cloud service, including Salesforce and its ecosystem
  • Different modes can be combined to expand your coverage
Context and control

Netskope gives you granular visibility and control of Salesforce and its ecosystem of connected services. Rather than take a coarse-grained approach by blocking services entirely, Netskope gives you a deep understanding of your Salesforce usage and allows you to define targeted security policies based on identity, service, activity, and data.

  • Policy actions include block, alert, encrypt, quarantine, and coach
  • Distinguish between different Salesforce instances
  • Mitigate risk of inappropriate sharing and public links
  • Mix and match policy elements to carve out risk without blocking services
Comprehensive DLP

Netskope DLP protects sensitive data in the cloud with accuracy and precision, with the ability to inspect all sanctioned and unsanctioned cloud services as well as traffic to websites. Sensitive content is detected across 1000+ file types and across structured and unstructured data, using 3,000+ data identifiers, metadata extraction, proximity analysis, fingerprinting, exact match, and more.

  • Control sensitive data in Salesforce and en route to and from all cloud services
  • Get the highest degree of accuracy with fingerprinting and exact match
  • Further increase accuracy with keyword dictionaries, global data identifiers, and more
  • Target DLP policies using context like user, group, device, service, and activity
Threat protection

Netskope is the only CASB with complete threat defense for Salesforce and its service ecosystem, combining unparalleled cloud visibility with multi-layered threat detection and integrated remediation workflows. Netskope can quickly detect, prevent, and remediate the effects of cloud threats, which too often evade existing security solutions.

  • Threat protection with unique cloud vantage point
  • Detect anomalies that could indicate an active threat
  • Proprietary threat intelligence from Netskope Threat Research Labs complemented by 40+ external sources
Salesforce encryption

Netskope protects your sensitive data with advanced encryption and key management technology. It is based on AES-256 strong encryption and uses a KMS with a FIPS 140-2 Level 3 certified hardware security module (HSM) to ensure the confidentiality and privacy of your data in the cloud. Netskope supports BYOK (Bring Your Own Key) so you can encrypt structured data and either store the key in your own on-premises HSM or use the Netskope-managed HSMs distributed throughout our cloud.

  • Highly secure, fault tolerant KMS with FIPS 140-2 Level 3 certified HMS
  • AES-256 encryption with one key per file
  • Integrates with your KMIP-compliant KMS

Learn more about Netskope for Salesforce

Learn how Netskope can help secure Salesforce

This demo will go over Netskope for Salesforce and its capabilities.

Top Use Cases

Secure data

Detect sensitive content at rest in Salesforce or en route to or from any cloud service or website with DLP. Define granular policies – based on identity, service, activity and data – to automatically protect your data by blocking activities, restricting access, encrypting data, and more.

Control access

Detect all access to Salesforce, regardless of where your users are located or what device they are using. Apply the appropriate access control policy based on the situation. For example, allow users on unmanaged devices to view content in Salesforce but restrict other activities such as downloads to protect sensitive data.

Stop threats

Salesforce makes it easy to share, but this same capability makes cloud services like Salesforce an attractive target for malicious actors. Protect your organization from cloud threats such as malware and ransomware and also detect unusual data movement or user activity that could indicate the presence of an active threat in your environment.

Prevent data loss

Netskope provides a unique vantage point across all of your cloud services to help you detect data movement that could signal a data exfiltration attempt by an insider. Netskope anomaly detection combined with our DLP capabilities can correlate the download of sensitive data from Salesforce with the upload of the same data to a personal cloud service.

Coach users

Make your users part of your Salesforce security solution. Netskope can provide your users with automated, customized coaching messages to address undesirable cloud activities. For example, you can coach them to use Salesforce when they try to use an unauthorized cloud service, or warn them about sensitive data handling policies when they try to upload sensitive data to a risky cloud service.

Trusted by leading companies

Netskope for Salesforce — solution brief

Learn how Netskope for Salesforce secures your CRM data while allowing full productivity for your users.

Learn more

Want to see Netskope for Salesforce in action?

Request a Demo