Access is a privilege, not a right
Earlier this year, Salesforce made an announcement that would impact all Salesforce users. This was not your traditional announcement; no new products were unveiled, no acquisitions were revealed. Rather, Salesforce disclosed that starting February 2022, multi-factor authentication (MFA) will become mandatory for Salesforce users.
For those unfamiliar, MFA is a process by which multiple methods of verification are required to authenticate your credentials, and thus access your Salesforce. While you may be familiar with the process of entering a verification code received as a text or email message, upcoming MFA is different. Now, users will be required to enter verification codes from an authentication mobile app.
As you begin to groan at the fact that you will have to begin taking out your phone to press a button every time you wish to access your Salesforce, remember that access to information is a privilege, not a right. As Salesforce users and administrators, you have access to people’s confidential information. From contact details, to banking info, to donation history, and countless other examples, you are trusted with constituents’ data and are responsible for safeguarding it.
So why is Salesforce making this mandatory? As noted in the official release, cases of cyber-attacks have been increasing around the world. Phishing websites rose by 80% in 2020 and improvements in technology are making it easier for computer savvy individuals to gain unauthorized access to private personal accounts online. It is important to stay ahead of these growing threats and as a global technology leader Salesforce is proving that trust is its #1 value.
It is important to embrace MFA announcement and start preparing for the inevitable release. Rather than wait for February when MFA is forced upon you, why not implement it earlier? Develop a rollout plan to educate and train users on MFA so that users feel involved in the process and have the time to ask questions and learn what to do. If your org has many users, begin rolling out MFA in phases with those most involved being onboarded first. Have a support plan in place so users have a designated resource if they encounter issues. Most importantly, embrace MFA because this will show that you care about the information trusted to you and you are dedicated to protecting it.
By Ryan Ram
Deployment Lead, Una Buro
Published: October 14, 2021
- Automatic MFA rollout in February 2022
- Why? To stay ahead of security threats
Get ready prior to February