Over the past year, cyber security incidents have risen across the globe with the move to remote work. You may have noticed continued notifications from Salesforce about the new security requirement to use Multi-Factor Authentication by the 1st of February 2022. With the year already flying by, it will be here sooner than you think!
Days Until Salesforce MFA Update
Security updates can be a little daunting if you are unsure about how they will impact your end users, as well as trying to figure out exactly what you need to do to enable MFA to secure your Salesforce environment. This post will outline what Multi-Factor Authentication (MFA) is, the things to consider for your organisation and what your options are to meet Salesforce’s new security requirements.
What is MFA?
MFA also known as Multi-Factor Authorization/Authentication helps to protect user accounts from cyber security threats by adding an additional layer of security to the login process. You may have come across two-factor authentication (2FA) on many other platforms, requiring an additional sign-in step with an authenticator app or by entering an SMS code. The difference between the two methods is the number of factors that are required for login. MFA requires two or more authentication mechanisms, while 2FA requires just two factors.
MFA makes it significantly harder for common cyber-attack threats such as phishing attempts and account takeovers to be successful. Data exploitation and cyberattacks can cripple a business. With many businesses operating in remote work environments, strong security measures are now more important than ever to protect your business and your customer’s data. By using MFA it is one of the easiest tools to safeguard your business and data against security threats.
Are you using SSO? (Single Sign-On)
SSO or Single Sign-On is an authentication method that allows users to log into multiple applications and systems with a single ID and password. An example of SSO you may be familiar with is web platforms that utilize email or social media accounts to grant access to sign in. It’s that “Sign in with Google/Facebook” button.
If you are using SSO for your Salesforce organisation, you’ll need to consider the impact of enabling MFA. You’ll need to determine whether your SSO can authenticate via an external identity provider (IdP) or if Salesforce is being used as the IdP. If you are using a third-party identity provider, the IdP must use MFA validation that is in compliance with Salesforce.
Traditional Login Access
Traditional login access is using Salesforce’s login page with a conventional username and password instead of using SSO. When making the switch to MFA, there are many options including physical keys and third-party applications such as Salesforce Authenticator, Google Authenticator, Microsoft Authenticator, Okta Verify, etc.
What action do I need to take?
All internal users who log into Salesforce products through the user interface (web browser) must use MFA by February 1st, 2022. To ensure that MFA is enabled you can turn it on directly in your Salesforce products or use your SSO provider’s MFA service.
MFA can be enabled at any time for the following Salesforce products:
- Sales Cloud
- Service Cloud
- B2B Commerce Cloud
- Experience Cloud
- Analytics Cloud
- Consumer Goods Cloud
- Education Cloud
- Financial Services Cloud
- Government Cloud
- Health Cloud
- Manufacturing Cloud
- Nonprofit Cloud
- Philanthropy Cloud
- Marketing Cloud
- Pardot
- Platform
- Salesforce Essentials
- Salesforce Field Service
- Quip
More information around implementation and frequently asked questions can be found via this Salesforce help article.
Not Sure Where To Start?
Contact us today if you need some help getting ready for MFA or if you’d like to discuss a specific use case, reach out via the form below!
