Cyber Security

Security Enhancements Spring ’14

Since the advent of Cloud Computing, security has long been a hot topic and that’s unlikely to change any time soon. The Salesforce Spring ’14 includes a number of new security features to further protect customer data and systems. The complete list of features can be found here and we’ve summarised some of the key items below:

Configure File Upload & Download Security Settings

File Upload Download Security

Administrators can now set download behavior for each type of file, depending on the file extension (MIME types). The options available for handling are as follows:

  • Download (recommended)—The file, regardless of file type, is always downloaded.
  • Execute in Browser—The file is displayed and executed automatically when accessed in a browser or through an HTTP request.
  • Hybrid—Attachments and document records execute in the browser. Salesforce CRM Content files and Chatter files are downloaded.

Release Note Link

Reset Password Link Expires after 24 Hours

The reset password email link now expires after 24 hours or immediately after use, which was previously set to 72 hours. This means it’s even more important to remember to reset your password as soon as you’ve requested to do so rather than waiting for some time!

Release Note Link

Many options now enabled by default

The following security options/features are now enabled by default:

  • Require secure connections (HTTPS) Enabled By Default
  • SMS-based Identity Confirmation Enabled By Default
  • Clickjack Protection Enabled By Default
  • CSRF Protection Enabled By Default

Click here for the full Spring ’14 release notes, or if you have any questions why not get in touch?