📈 Read the 2025 Salesforce Threat Landscape Report
Back to blog

Inside Salesforce security assessments: The hidden misconfigurations putting businesses at risk

Many Salesforce teams assume their org is secure because nothing “looks” wrong — until an assessment uncovers years of unnoticed configuration drift. From over-privileged integrations to Digital Experience missteps, the biggest risks aren’t caused by Salesforce itself, but by decisions that quietly pile up over time. This article breaks down the most common findings from real-world security assessments, why accountability often gets blurred between business and IT, and how a handful of targeted fixes can dramatically reduce exposure before AI and Agentforce amplify the problem.

Graham Smith November 26th, 2025

Salesforce is widely regarded as one of the most secure cloud platforms in the world — and that reputation is deserved. Yet many organizations unknowingly carry significant risk inside their Salesforce orgs, not because the platform itself has weaknesses, but because configuration decisions made over time have created blind spots.

This disconnect between the platform’s inherent security and how it is implemented is exactly what Salesforce security assessments are designed to surface. They show how the org is actually behaving, not how stakeholders believe it is behaving.

Where risk really comes from

Many organizations rely on Salesforce’s built-in tools like Health Check and assume it covers every angle. In practice, those controls don’t replace structured assessments that examine metadata, permissions, Digital Experiences, user behavior, and integrations. As Doug Merrett, Founder of Platinum 7, explained during a recent conversation, organizations are often looking in the wrong direction:

“Salesforce is a very secure platform — until a customer misconfigures it.”

The issue isn’t that Salesforce is unsafe — it’s that complexity increases over time, and one overlooked decision from years ago can create exposure today.

The most frequent misconfigurations found

Security assessments across enterprises and fast-growing Salesforce deployments consistently reveal the same high-impact patterns:

  • Digital Experiences / Communities misconfigured, allowing users to view data that should be restricted
  • External integrations connecting with System Administrator privileges, giving full control of the org to third-party systems
  • An excessive number of System Administrators, often accumulated organically over the years without governance
  • A breach is not required for these issues to cause damage. A single misconfigured integration or an over-privileged user performing the wrong action can trigger a major incident.

Merrett puts this dynamic into clear terms:

“Most of the risks found in assessments aren’t Salesforce issues — they’re configuration issues.”

And that’s exactly why assessments matter: they reveal the difference between perceived security and actual security.

Where accountability breaks down

The root cause isn’t purely technical — it’s organizational. Salesforce is often introduced by the business to solve operational challenges long before IT or security teams become involved. Once momentum builds and department workflows depend on Salesforce, ownership of security becomes complicated.

High-performing Salesforce organizations treat security as shared responsibility. Platform teams understand configuration and business logic; security leaders understand risk and data protection requirements. When those two groups operate in isolation, risk tends to accumulate quietly.

AI and Agentforce change the stakes — in both directions

AI is beginning to reshape Salesforce security in meaningful ways. New AI-driven capabilities can detect abnormal behavior, highlight misconfiguration, and suggest remediation actions — a major advantage for Salesforce administrators who aren’t security specialists.

But AI isn’t a safety net. If visibility rules, access controls, and sharing models are already weak, AI will not correct the issue. It will scale and accelerate whatever foundation it is built on — good or bad. The shift toward Agentforce increases the importance of good configuration rather than reducing it.

Improving security doesn’t need to be difficult

Not every security enhancement requires a large project or the purchase of additional tooling. Some of the fastest and most impactful improvements include:

  • Reviewing and managing all connected apps
  • Removing System Administrator access from integrations
  • Using the Salesforce Integration User license for connectors
  • Running Health Check and prioritizing the highest-risk findings
  • These steps alone dramatically reduce exposure.

The shared responsibility model still applies

Recent Salesforce-related security incidents that made the headlines were not caused by platform vulnerabilities — they were caused by customer configuration gaps. The shared responsibility model remains unchanged: Salesforce protects the cloud; customers must protect their configuration.

Security assessments aren’t about fault — they’re about clarity. And clarity is what enables resilient, scalable, and accountable use of Salesforce.

🎧 Listen to the Full Podcast Episode

To explore this topic in more detail — including real-world examples, configuration pitfalls, and how to prepare for the AI-accelerated future of Salesforce — listen to the full conversation with Doug Merrett on Guardians of Salesforce: Salesforce Security Assessments — What They Reveal and How Organizations Should Respond

Graham Smith
Graham Smith is an experienced sales and marketing professional with expertise in leading sales and marketing teams. He has worked at WithSecure since 2019 and leads global alliances with Salesforce and ecosystem partners. Graham lives in Buckinghamshire and enjoys spending time with his wife and two children and following the fortunes of Arsenal Football Club.