OREANDA-NEWS. February 12, 2016. Over the past two decades, the field of security has become very complex. Social, mobile and cloud computing have triggered an explosion of data—and this data needs to be protected. In a world where everyone and everything is connected, petabytes of data created, stored, and accessed every day make the job of security executives more challenging than ever. With increased levels of connectivity, CIOs are responsible for more data, in more places, that is subject to more threats—and they have fewer and fewer resources to work with.

To add to this, the vendor landscape is very complex too. Recent cyber security attacks have brought about a huge number of new security vendors. Hundreds of startups are funded in the security space. A plethora of tools for infrastructure, network, and application security make CISO’s and CIO’s heads spin.  

A trusted cloud can lift the weight

The challenge for CIOs is that they don't have the time to review all of these security solutions. They have neither the security expertise nor the bandwidth  to effectively integrate and manage them. As the security space gets more and more complex and fragmented, cloud services make more and more sense.

With a trusted enterprise cloud, such as Salesforce, customers benefit from infrastructure, network and application level security provided to them by the vendor. CIOs don’t need to employ armies of hardware and network security talent that is so hard to come by. Businesses must realize today that cloud vendors invest more in security than any individual company ever can. With the cloud businesses can now, for the most part, get out of the business of security; and the less they have to worry about managing security, the more they can focus on their core strengths  and their customers.

Built-in visibility and security controls

Here at Salesforce, we continue to innovate and integrate innovative security services into the cloud so customers have the tools to implement the level of security their business needs. We recently introduced Security Health Check—a dashboard that examines a customer’s org and compares its security settings to Salesforce’s best practice recommendations. Additionally, we have introduced built-in capabilities around monitoring, auditing, at-rest-encryption and policy-based prevention of data leakage. Demand for our security products such as Shield has been truly  breathtaking.  

The need for Security Admins

For cloud security, application and data access control is an area that still requires investment by businesses. For their part, Salesforce customers should consider having a Security Admin role, separate from the standard Admin role to manage Health Check, Access Control, and Shield. A distinct set of skills is required for Security Admins: they must be able to make data-driven decisions, create business-driven policies, and manage hierarchical schemas  such as sharing rules.

While Salesforce provides all these tools, the share of the customer’s responsibility to administer them using the skills of Security Admins, in ways that are unique to their business, is key.