Security Aspects of Salesforce IQ CRM

Verified

Added on 2019/10/18

AI Summary

This report examines the security aspects of Salesforce IQ CRM, focusing on data privacy and protection. It identifies key security issues related to data, networks, systems, and application software, including risks like data breaches, unauthorized access, and system failures. The report then proposes various mechanisms to mitigate these risks, emphasizing the importance of choosing a reliable vendor, establishing clear contracts, ensuring robust data recovery facilities, and implementing strong security infrastructure. The principles of information security (confidentiality, integrity, and availability) are highlighted, along with the identification of key assets needing protection. Finally, the report addresses crucial concerns such as user access control, regulatory compliance, data location, and data segregation, providing a comprehensive overview of security considerations for organizations adopting Salesforce IQ CRM.

Running head: SECURITY ASPECTS
Security Aspects
Trusty Carpets

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

1
SECURITY ASPECTS
Security Issues and Protection Mechanisms
Data
Issue related to privacy of data: Many times, the confidential data can come into the hands of an
unauthenticated user which may cause loss to the organization. It is not any technological or
business issue a social issue, that is an issue related to the individual privacy (Almorsy, et al.,
2016). Salesforce IQ Customer Relationship Management enables the possibility for analyzing
the information regarding preferences and buying habits of individuals. Salesforce IQ CRM, the
extracting of any hidden and predictive data from huge databases is considered as a significant
new technology having huge potential for companies to concentrate on very important and
significant information prevalent in the data warehouses. Also the tool of Salesforce IQ CRM
help in predicting the future behaviors and trends that allows the business for making all
knowledge driven and proactive decisions (Bouayad, et al., 2012). The analysis that are
automated and prospective given by the data mining go beyond analyzing past events that are
given by the retrospective tools specifically for systems of decision support. The tools of
Salesforce IQ CRM may help in answering the business related questions which were highly
time consuming traditionally, identifying the predictive information which the experts may miss
due to its highly advanced and non-affordable expectations. The alliance for cloud security did a
thorough research over all the threats that salesforce CRM faced (Cusumano, et al., 2010). It
discovered the following significant issues:
Physical facilities related to IT
Failure to provide the Security, attacks by another consumer, reliability and availability issue,
regulatory and legal issues, Perimeter Security model Broken, Integration of system of customer

2
SECURITY ASPECTS
security and provider, nefarious and abusive use of Salesforce IQ CRM, Insecure interface of
Application programming, Malicious Insiders, Unknown profile of risk, traffic, services and
account hijacking, data leakage/loss, shared vulnerabilities of technology (Luo, et al., 2011).
Edwards Clearly stated that due to vulnerabilities, threat and risk in the salesforce IQ CRM of
enterprise like Trusty carpets that are identified, the Trusty Carpets must use following
mentioned steps for understanding and verifying the Salesforce IQ If it wants to proceed with
this proposed solution (Qaisar, et al., 2012).
Networks
Take good knowledge of Salesforce IQ CRM by considering that how the uniquely flexible
structure of Salesforce IQ CRM affects and impacts the data security. This may be easily done
by taking the in-depth knowledge of data which is handled and transmitted by cloud computing.
Ask for the transparency by ensuring that Salesforce IQ may supply the good knowledge over its
architecture of security and also is willing for accepting the regular audit of security. This audit
done regularly must be through any federal agency or independent corporation (Almorsy, et al.,
2016). Assert the internal security by ensuring strong practices of cloud providers that includes
user controls access and firewalls and technologies for internal controls. Also it must be checked
that they can be well meshed with measures of cloud security.
Systems
The legal implications must be considered by getting to know that regulations and laws that may
affect the content that is sent to the cloud. Attention must be paid by monitoring and keeping

3
SECURITY ASPECTS
check constantly any change or development or progress in practices or cloud technology which
may impact significantly the security of the data.
Application Software
Verification of disaster recovery: it needs to be known about the consequences if the disaster or
damage strikes by putting across the questions like whether provider of Sales Force IQ CRM will
ensure complete restoration of services and data and the time it will take (Bouyard, et al., 2012).
Recovery of disaster: It needs to be asked about the contract based commitment for supporting
particular kind of investigation like research that is involved in identifying phase of any lawsuit
as well as verifying that provider successfully has given support to such activities defined in the
past.
Long Term Feasibility and Viability: It needs to be asked to the provider of Salesforce IQ CRM
that how we may get the data back easily if it needs to be acquired or to fail as well as identify
whether the data will be in the similar format which can be imported easily in the application of
replacement (Almorsy, et al., 2016).
Mechanisms (Policy, Procedure, Technology solutions, etc.) to protect against each of the
issues
The first key is to identify the right provider of Salesforce IQ CRM. Various vendors have
various Cloud IT data management and IT Security. The cloud vendor must be well formulated,
have regulation, standards and experience.
There must be a clear contract with the vendor of Salesforce IQ CRM. Therefore if the vendor of
Salesforce IQ CRM closes prior to contract, the Trusty carpets can easily claim.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

4
SECURITY ASPECTS
The vendor of salesforce IQ CRM must give highly efficient facilities for recovery. Therefore, if
the data gets lost or gets fragmented because of various issues, the data may get easily recovered
and the consistency of data may be easily managed (Qaisar, et al., 2013).
Trusty carpets should have an infrastructure that facilities the configuration and installation of
components of hardware like thin clients, operating systems, proxy servers, servers and routers
and firewalls. Also, the Trusty Carpets must have that infrastructure that avoids any kind of
cyber-attacks.
Trusty Carpets must formulate a chart for the data flow (Luo, et al., 2012). Therefore, the
information technology managers may have the notion regarding where his data is flowing at all
the times, the place where it is being store and the people with whom it is being shared. An
aggregate analysis of data must be done.
Principles of Information Security (Availability, Integrity and Confidentiality)
 Confidentiality involves prevention of disclosing the data to any unauthorized use.
 Integrity involves preserving the integrity of information
 Availability involves ensuring whether the information is present at the time of need
(Cusumano, et al., 2011).
Identify Principles and Assets
 Customer Data Availability, Integrity and Confidentiality
 Customer Applications availability, integrity and confidentiality
 Client Computing Devices Availability, integrity and confidentiality

5
SECURITY ASPECTS
The Leading Advisory and research company for Information technology in the world has
recognized seven concerns related to security which Trusty Carpets users must address with
providers of Salesforce IQ CRM before its adoption (Qaisar, et al., 2012).
User Access: All major corporations like Trusty Carpets must enforce and demand their
personnel criteria for hiring of personnel that may execute in their environment of Sales Force IQ
CRM.
Compliance to Regulations: The provider of Salesforce IQ CFRM must be wiling for submitting
its security certificates and external audits (Rong, et al., 2013).
Location of data: The Trusty Carpets must ask for process data and store of Salesforce IQ CRM
in a particular jurisdiction and must obey the confidential and privacy regulations of these
jurisdictions.
Segregation of data: It needs to be identified that what all has been done for segregation of data
as well as the proofs must be asked regarding deployment of schemes and also whether they are
effective.

6
SECURITY ASPECTS
REFERENCES
Almorsy, M., Grundy, J., & Müller, I. (2016). An analysis of the cloud computing security
problem. arXiv preprint arXiv:1609.01107.
Bouayad, A., Blilat, A., Mejhed, N. E. H., & El Ghazi, M. (2012, October). Cloud computing:
security challenges. In Information Science and Technology (CIST), 2012 Colloquium in (pp. 26-
31). IEEE.
Cusumano, M. (2010). Cloud computing and SaaS as new computing
platforms. Communications of the ACM, 53(4), 27-29.
Luo, J. Z., Jin, J. H., Song, A. B., & Dong, F. (2011). Cloud computing: architecture and key
technologies. Journal of China Institute of Communications, 32(7), 3-21.
Qaisar, E. J. (2012, March). Introduction to cloud computing for developers: Key concepts, the
players and their offerings. In Information Technology Professional Conference (TCF Pro IT),
2012 IEEE TCF (pp. 1-6). IEEE.
Rong, C., Nguyen, S. T., & Jaatun, M. G. (2013). Beyond lightning: A survey on security
challenges in cloud computing. Computers & Electrical Engineering, 39(1), 47-54.