Overview of Identity Verification & History in Salesforce
Salesforce is a leading Customer Relationship Management (CRM) platform used by businesses of all sizes to manage customer data, marketing, sales, and services. As companies handle more sensitive data, ensuring the security of their Salesforce accounts becomes paramount. Identity verification plays a key role in maintaining the integrity and confidentiality of this data.
In Salesforce, identity verification goes beyond simple username and password authentication. It incorporates multiple layers of security, including multi-factor authentication (MFA), IP range restrictions, and user session monitoring. Additionally, Salesforce offers detailed login histories, audit trails, and security policies that help businesses track and manage security in real-time.
In this blog, we’ll explore the important aspects of identity verification in Salesforce and how you can use these features to enhance security.
1) Identity Verification:
- Ensures secure access to Salesforce by requiring users to verify their identity through methods like email, SMS codes, or authenticator apps during login from untrusted devices or locations.
- Enable or disable by adjusting the settings to ensure that users have a secure login process while balancing usability.
2) Verification History:
Tracks all user identity verification attempts, showing details like date, time, method, and status, for security auditing purposes.
3) Session Security Level Policies:
Control access to sensitive features or sessions based on the authentication level of a user.Assign High Assurance or Standard Assurance levels to sessions depending on login methods.
- have an option to specify the logout url,store the redirect url into local browser.
- Can Specify how long the account verification link in welcome emails is valid.
3) Session Management
By clicking on the Session Management, admin can see the active user session information. This helps admin to Monitor user activity and Track suspicious login patterns.
4) Enhanced Profile View
To make the current profile of the user/Admin into an enhanced version, enable the feature.
5) Login IP Ranges
Specifies the allowed IP address ranges from which a user can log in, based on their profile. If a user tries to log in from an IP outside of the defined range, they will be blocked, even if they are using the correct username and password. provide tighter security.
NOTE: This is only applicable in Enhanced Profile View
To set up IP Ranges, Profiles -> Select Any Profile
By clicking on that, you have the option to add different IP ranges,
6) Login Hours
set to define the hours during which users are allowed to log into the system, based on their profile settings.
To set up Login Hours, Profiles -> Select Any Profile
By clicking on that, you have specified different login hours for each day of the week,
7) Setup Audit Trail
Allows administrators to track changes made to the configuration of the Salesforce org. It records details about actions performed in Setup, such as who made the change, what was changed, and when it occurred.
Conclusion
Identity verification is an essential part of securing your Salesforce environment. With the various tools available in Salesforce, such as multi-factor authentication (MFA), login history tracking, session security policies, and IP range restrictions, you can protect sensitive data and ensure that only authorized users have access.
By leveraging Salesforce’s identity verification features, administrators can enforce strong security measures that provide both flexibility and control. In a world where cyber threats are increasingly common, using these tools will help safeguard your organization and its critical data from unauthorized access.
As businesses continue to adopt digital solutions, ensuring proper identity verification will remain a crucial part of every security strategy. Salesforce’s identity verification features empower organizations to manage access securely and confidently.
