We’ve all been there – that sinking feeling when you realize a ‘quick fix’ might have opened up more problems than it solved. In my years working with Salesforce security across dozens of implementations, I’ve seen the same costly mistakes repeated over and over again. With the average cost of a data breach costing a company more than $9M, it’s not a topic you want to take lightly.
The good news is that the most common mistakes I’ve seen are very preventable, especially once you know what to look out for.
Here are the five security mistakes that can create the biggest headaches for organizations, and more importantly, how you can avoid them in your own Salesforce org.
1. “Just Give Them Admin”
The Mistake
Picture this scenario: your sales team keeps submitting tickets because they can’t update certain fields. The quickest solution seems to be granting broader permissions, maybe even “Modify All Data”, to eliminate the complaints. Problem solved, right?
Not exactly. When users have more access than they need for their daily tasks, you’re essentially removing guardrails around your data. There’s a reason those guardrails exist. That sales rep who just needed to update opportunity stages now has the ability to delete entire accounts, modify financial records, or access sensitive HR information. Not saying they will, but accidents happen.
The Fix
Start with the minimum permissions required for each role and build up from there. Document what each user type actually needs to accomplish their work, then create permission sets for specific functions rather than blanket administrative access.
You’ll want to then build a process for those who want to request additional access or permissions, and have someone with security knowledge in charge of the approvals. It takes more initial setup, but it’s far better than explaining to leadership why sensitive data was accidentally changed or deleted.
2. The Oversharing Trap
The Mistake
Let’s say you need to share opportunity data with your partner channel. You create a sharing rule for “All External Users”, thinking it will only affect your partners. What you don’t realize is that this also includes contractors, temporary staff, and anyone else with external access to your org.
Sharing rules are permanent broadcast systems. Once that data starts flowing, it goes to everyone who matches your criteria, including people you never intended to include.
The Fix
Before creating any sharing rule, map out exactly who should have access and why. Use role hierarchies and public groups to create precise sharing boundaries. Don’t forget to test every sharing rule in a sandbox with different user profiles to understand what access is being granted before taking anything live.
Create clear naming conventions for your sharing rules that include the business justification. If you can’t explain why a rule exists, it probably shouldn’t.
3. The Password Problem
The Mistake
Nobody likes having to update or change the complicated password they just finally learned (unless you’re a security nerd like me). But having a solid password infrastructure is key to protecting your org’s data.
Having minimal password requirements, like skipping out on MFA because it’s a ‘hassle’, treats security like a suggestion rather than a requirement. Weak authentication is an open invitation for unauthorized access, and compromised credentials can lead to data breaches that cost far more than the inconvenience of strong passwords.
The Fix
This is going to sound simple, but just do the thing you may not want to do. Implement authentication policies that balance security with usability. Make MFA mandatory for all users.
Consider implementing Single Sign-On (SSO) solutions that allow a user to use one set of credentials to log in to multiple websites and applications. When security is easier to use, users are more likely to embrace it rather than work around it.
If users are writing passwords on sticky notes or sharing login credentials, your security policies aren’t working. Make strong authentication convenient, or users will find ways around it.
4. Connected Apps Without Boundaries
The Mistake
In a typical integration scenario, you may need to connect Salesforce to your marketing automation platform. The easiest approach is to create a connected app with “Full Access” permissions to ensure everything works. The integration gets built quickly, works perfectly, and everyone moves on to the next project.
But that “temporary” full-access integration often becomes permanent, with no one monitoring what data it’s accessing or where that data is going.
The Fix
Treat every integration like a new employee. It should only get the minimum necessary to do its specific job. You should also identify dedicated integration users with targeted permission sets rather than full administrative access.
Then, document every integration: what data it accesses, where that data goes, who’s responsible for maintaining it, and when it should be reviewed. Set up regular audits to make sure integrations are still needed and properly secured.
5. When External Access Goes Too Far
The Mistake
Giving external users access to your Salesforce org can be complicated. Suppose you’re setting up a customer community where clients can view their orders and submit support cases. You configure sharing rules similar to your internal users, thinking customers should have a similar experience.
What you might not realize is that this approach could accidentally expose one customer’s data to another, or provide access to internal information that should never leave your organization.
The Fix
Design community access with a “deny by default” approach. Start with no access and explicitly grant only what’s needed for each type of external user. Create separate sharing models specifically for community users that don’t mirror your internal sharing patterns.
Test thoroughly with different customer scenarios and user types. What works perfectly for internal users often provides far too much access for external users.
Summary: Making Security Everyone’s Responsibility
The biggest security mistake isn’t technical; it’s assuming security is someone else’s job. The reality is that security touches every role in the Salesforce ecosystem.
You don’t need to fix everything at once. Start with your organization’s biggest risk area and address it. Security improvements don’t have to be perfect from day one, but they do need to be consistent and ongoing.
If security is part of your onboarding and offboarding process, rather than treating it as an afterthought, you’ll be in even better shape.
And remember, the most costly security mistakes are often the most preventable:
- Over-permissioning: Grant users only the access they need, not everything they want.
- Sharing rule oversights: Design precise sharing boundaries and test them thoroughly.
- Weak authentication: Implement strong, mandatory authentication policies for all users.
- Integration security gaps: Secure and monitor all connected apps with appropriate permissions.
- Community access confusion: Use restrictive defaults for external users with explicit exceptions.
Start small, be consistent, and remember that every security enhancement you implement today prevents potential crises tomorrow. Your future self (and your organization’s leadership) will thank you.
