Developers

How to Secure Your Salesforce Mobile App

By Ashish Agarwal

With the Salesforce mobile app, your users can access CRM data from a phone or tablet. The app is available for both Android and iOS devices. Just like its desktop counterpart, it is already a secure app that requires a username and password to log in.

However certain industries (like Financial Services or Health Care) and organizations impose more stringent control on what a user can or cannot do on the mobile app. For example, I remember doing a project for a Financial Services company in Singapore, where their security and compliance department stated that users should not be able to copy and paste data from the mobile app.

Security and access for the Salesforce mobile app is a bit of an offbeat topic and not many people are aware of the nuances of what Salesforce has to offer in this area. So, in this post, we will take a look at all the different settings that Salesforce offers specifically for securing data in the mobile app.

Salesforce Mobile App: Security Features

Broadly, Salesforce mobile app security features can be categorized into two groups:

1. Control the access & security of the mobile app itself

2. Control what a user can or cannot do once inside the app

1. Control the access & security of the mobile app

Profiles – Grant access to Salesforce mobile app to users of specific profiles

Permission Sets – Grant access to Salesforce mobile app to specific users only

PIN (Passcode) – Require a 4 – 8 digit PIN every time when logging into the Salesforce mobile app

Login IP Ranges – Specify login IP ranges to allow access to Salesforce mobile app from specific IP ranges only

2. Control what a user can or cannot do once inside the app

DISABLE_EXTERNAL_PASTE – Controls copying of Salesforce record’s text and pasting in an app outside Salesforce

ENABLE_SHARE – Controls sharing of a Salesforce record or a page’s link

SHOW_OPEN_IN – Controls opening of files stored in Salesforce in a third party app on user’s phone outside Salesforce

DISABLE_ACTIVITY_TIMELINE (iOS Only) – Controls the visibility of Activity Timeline on standard Salesforce objects such as Lead, Contact, etc. on iOS devices only

SHOW_PRINT (iOS Only) – Controls the visibility of Print button for Salesforce files on iOS devices only

For a complete guide and step by step instructions, check out these Google slides! These steps won’t take more than 15-20 minutes to go through.

Summary

Security was and always will be the top priority of Salesforce. It is your responsibility to use these features wisely to safeguard your system and prevent your data from being vulnerable.

References

The Author

Ashish Agarwal

I am an Independent Salesforce Architect, Trainer & Blogger with 25 Salesforce certifications & 900+ Trailhead badges.

Comments:

    Mark Bruso
    April 23, 2021 4:42 pm
    Great summary!
    BIDtravel
    April 25, 2021 12:40 am
    What about fingerprint access? Is it already available?
    Sarah Osburn
    April 29, 2021 7:04 pm
    Hey Ben, I wrote both custom attributes on Android for SF and IOS for SF and either they didn't work, or it's not a live update but regardless, my iPhone users were able to share records and copy/paste as well. Have you heard about any bugs?
    Richard
    September 13, 2022 8:08 pm
    Good day. I understand that it has been a year and a half since this post so no one may be monitoring it. Never the less I have a question about the Salesforce mobile app and am posting my question on several sites. My situation and question. I am a Salesforce customer and our Customer Success manager recently used the phrase "I have several clients who have rolled out the mobile app+ for their enterprise..." The words that have my attention are "mobile app+". Are the mobile app (described above) and mobile app+ one in the same or are they different products?
    Ashish Agarwal
    September 16, 2022 1:08 pm
    Hi Richard, I haven't heard about Mobile App+. I also Googled for the term but did not find anything relevant. Do you have any URL/document that you can share so that I can find out more about it? Or otherwise, you will need to reach out the CSM from Salesforce to get more information.
    coherentlab
    July 03, 2023 1:45 pm
    Enforce strong password policies: Encourage users to create complex passwords and enforce password policies that require a combination of uppercase letters, lowercase letters, numbers, and special characters. Regularly prompt users to update their passwords to maintain security.

Leave a Reply