Ransomware & Salesforce: Proactive Approaches to Reduce SaaS Vulnerability & Cyberattacks

According to Forbes, cybercriminals can breach an organization's network 93% of the time, with simple passwords or credentials being the most common breach point. As a result, increasing dependence on cloud solutions, including SaaS partners and cloud storage providers, accelerates the risk. Additionally, an on-premises server can result in rapid disconnection from the external world. Therefore, the ideal best-case scenario in a cyber-attack is a backup server that protects the primary servers, ensuring recovery.
Blue sky with white cloud

On the other hand, SaaS dependency continues to increase for good reasons, including implementation, simplicity, and cost savings. However, each business should also consider risk mitigation when critical data is stored and accessed outside the company’s physical servers. Moreover, a SaaS model is more challenging to control because it requires more dependencies. For example, as your business data is hosted and backed up by a third party, this requires physical means of taking the system offline. Let’s take a closer look at the ransomware risks your business may face today and what proactive measures you can take to decrease business vulnerabilities.

Where is My Data Stored?

Let’s start with the basics. Data is stored in one of two places, either internally on company-owned and hosted computers or externally in a vendor’s cloud. The top cloud providers, AWS, Azure, and Google Cloud Platform (GCP), have taken extensive measures to protect their data centers against various cyberattacks, including ransomware. 

SaaS vendors leverage these top cloud providers as a foundational technology, many relying solely on cloud implementations. Some have a hybrid model, like Salesforce, one of the largest global SaaS providers, acting as a data visualization and interaction platform and a data storage solution. Salesforce stores physical data centers worldwide with an increasing amount of AWS storage. 

Why Does Data Storage Matter?

Where and how data is stored has a massive implication for your business continuity planning, and it is critical to understand the underlying risks inherent to different types of architecture. Even more importantly, it is necessary to know how the data is protected, including who owns the encryption keys and what the process is to recover in the event of a cyberattack or even accidental corruption. 

What are My SaaS Vulnerabilities & How Do I Protect Myself?

Let’s look at three architecture examples, each with a different level of risk, and how this risk can be mitigated.

1. Low Risk: Self-Hosted Data

The company’s data center stores its data, and then secondary on-site data copies mitigate risk by creating an offsite replica of the data. The company maintains sole control of encryption keys and data access. In case of a data breach, the data centers can entirely disconnect from the outside world.  

CapStorm is an example of this model with the replication of data from Salesforce (the outside world) into a customer-owned data center. In addition, CapStorm’s solutions sit behind the company’s firewall, which avoids data flow outside the company’s protection. 

2. Medium Risk: Decentralized Data

In this example, the company’s cloud database stores the data, maintaining encryption keys to control data access. A vendor may be able to keep the database and the applications that facilitate the data movement. However, the vendor can’t access the underlying data without the encryption key. 

Risk is mitigated by performing regular key rotation and ensuring backup of the cloud database. CapStorm also supports this model by supporting application and database management without having access to the underlying data. 

3. High Risk: Centralized Data

The high-risk, centralized data model is the traditional SaaS model, where a centralized repository stores data. As a result, it lowers overall costs upfront as data storage does not require an individual storage location. The most significant risk of this model is that a breach in one company can result in data loss for many other organizations. A data breach can happen even in the most prominent companies, like Salesforce’s disruption in May 2019, where a massive data exposure incident resulted in service disruption for hundreds of customers.

Organizations that leverage many SaaS technologies compound this risk, as the centralization of data results in a much more comprehensive array of potential breach points. Implementing a separate copy of a company’s data in a database that stays entirely under the organization’s control can mitigate risk. CapStorm mitigates risk for Salesforce customers by enabling a self-hosted or cloud-hosted near-real-time replica of this SaaS data, creating a physical barrier to protect a company from the unavoidable risk of centralized data storage. 

Reduce the Risk of Cyberattacks by Establishing a Business Continuity Plan 

In a cloud-first world, it is impossible to eliminate the possibility of a cyberattack. To do this, you would close the doors of your business to the outside world! However, risk reduction also does not mean avoiding SaaS solutions like Salesforce, ServiceNow, Veeva, and others that can help grow your business. What can be done is to reduce the risk to ensure that the company has a robust continuity plan that is validated and tested. 

Rebecca Gray

Rebecca Gray

Rebecca is 5 year Salesforce fanatic and certified Salesforce Admin, Service Cloud Consultant, Sales Cloud Consultant, and App Builder. She volunteers in the Salesforce community, leading the Saint Louis, MO Salesforce Admin Group and is a former Lightning Champion. In her day job, Rebecca supports Customer Success, helping CapStorm customers achieve their goals for Salesforce data management.

About CapStorm

CapStorm is the most technologically advanced Salesforce data management platform on the market. Billions of records per day flow through CapStorm software, and our solutions are used in every industry from credit cards, telecom providers, insurance agencies, global banks and energy providers.

Recent Posts

Follow Us

Become a CapStorm Insider

Become a CapStorm Insider

Subscribe to the CapStorm Forecast

This field is for validation purposes and should be left unchanged.