Monday, 20 February 2017

Salesforce Health Check

Health Check lets you understand and proactively remediate your org’s security risks and vulnerabilities from a single page. A summary score shows how your org measures against the Salesforce recommended baseline. This feature is available in both Lightning Experience and Salesforce Classic.

We can see and fix security risks for Session Settings, Password Policies, and Network Access settings.


From Setup, enter Health Check in the Quick Find box, then select Health Check.



For my developer sandbox, security health check is 73%(refer above screenshot). 

The Salesforce Baseline standard contains recommended values for the Session Settings, Password Policies, and Network Access setting groups. 

From this page we can see which settings have High Risk and Medium risk. Which settings meets standard. All of your settings that meet the standard are listed at the bottom in Meets Standard Security Settings section.

In my sandbox, Maximum invalid login attempts have high risk. Standard value for this setting is 3 however, my value is 10. I need to update this value so that this setting should meet criteria.

To fix risk, click on FIX Risk button available on top. Select the checkbox for all the settings which you want to update then click on change settings. The values for these settings will be updated with standard salesforce values.






You can only use Fix Risks to change the Login Access Policies, Password Policies, and Session Settings groups. Because all other settings in Health Check (like Network Access) are configured to match org-specific business requirements, you must change them manually using the Edit link on the Health Check page.

How Is the Health Check Score Calculated?
The Health Check score is calculated by a proprietary formula that measures how well your security settings meet the Salesforce Baseline standard. Settings that meet or exceed the standard raise your score, and settings at risk lower your score.

4 comments:

  1. This was very insightful....good to know my current org vulnerability.

    ReplyDelete
  2. Very Good. Thanks for sharing. Keep it up.

    ReplyDelete
  3. Thanks everyone for appreciation

    ReplyDelete

Please add your comments here