A chain is only as strong as its weakest link. While password-access acts as wall to protect your data and platforms, it’s not enough. Lax security practices like employees using the same passwords across services or being phished by email spammers can make your Salesforce instance vulnerable.
To reinforce this wall and keep your data secure, Salesforce is requiring multi-factor authentication (MFA) for all customers by February 1, 2022. Salesforce Admins will need to turn on this functionality and roll out the process to users before this date.
What is MFA for Salesforce?
Multi-factor authentication (MFA) is a security control that requires users to verify their identities before gaining access to a device or application. Also called “two-factor authentication,” (2FA), this protocol requires more than one security factor—a password and something else—to log in. That something else could be a one-time code or a biometric input such as fingerprint.
MFA combines something you know (your user ID and password) with something you have (e.g. mobile device) for higher security. Passwords can be compromised, but it’s harder for unauthorized people to gain access to both a user’s password and their mobile device.
With Salesforce, MFA will look like this:
Enter username and password + enter code from MFA app = logged in.
All Salesforce users will need to download an MFA application to their phones. Salesforce Authenticator is free and available for Android and Apple devices. Other MFA tools that are widely used are Google Authenticator, Duo, and Microsoft Authenticator.
How to implement and deploy Salesforce MFA
To enable MFA functionality, admins can leverage Salesforce’s MFA Assistant, which offers step-by-step guidance. With the Assistant, you can go through your entire org, learn more about MFA, evaluate options and tools, and then plan your rollout.
Key steps for your roll out:
- Evaluate your Salesforce org
- Determine who is required to have MFA
- Communicate that change to users
- Enable MFA
- Make sure everyone downloads the app!
- Create permission sets
- Train your support teams to help with user questions
- Assign permissions to users
- Go Live!
Ciberspring can help
Whether you need strategic counsel for how to roll out MFA to users or want to outsource the entire admin process, Ciberspring has you covered.
- Org evaluations
- Develop rollout plan
- Administration and provisioning
- Training and support
From idea to done, we can implement MFA and any other Salesforce projects you need as well as augment your team with our seasoned experts to keep your technology operating worry-free. Fill out the form below and we’ll get started.