SFDC architecture/challenges
Why is Salesforce important to a business?
Salesforce is the digital hub for critical business operations
Salesforce is generally a Tier 1/0 application meaning downtime must be kept to a minimum - generally included as part of an organizations Minimum Viable Company (MVC) that outlines applications critical to business survival
Salesforce also integrates with other critical applications. There are upstream applications that feed data into Salesforce, and downstream applications that use Salesforce data
Why is M365 important to a business?
Microsoft 365 is a comprehensive suite of productivity applications (Exchange, OneDrive, Teams, Sharepoint)
M365 also includes identity management through Active Directory and Entra ID in Azure Cloud (identity as a service)
M365 is highly integrated into business processes and applications
Example: Airlines that was relying on Microsoft Exchange to power their accounts payable department
Example: Medical Facility relying on Sharepoint for their medical charting
These are critical business services and applications which means it is important to protect M365 environment to keep them operational
What are the typical ways to backup and recover Salesforce data?
Three options for backup and recovery
(1) Salesforce export: free in Salesforce, export to CSV files
(2) Salesforce native Backup and Recovery service: paid add-on service that creates a backup within Salesforce tenant
(3) 3rd party backup software: separate software to take a backup outside of Salesforce environment
What 3 values do we bring when backing up Salesforce data?
Value Area: Speed of Recovery: Fastest recovery, especially when responding to a cyber attack and reducing cyber RTO.
Value Area: Cyber resilience: Secure copy of Salesforce data, that is resilient against cyber attacks, and fast recovery to ensure the best cyber RTO
Value Area: Value Area: Unified Data Protection Platform: Rubrik is a data protection platform that uses Rubrik Security Cloud (RSC) to coordinate backup and recovery across cloud, data center (VMs, Databases), unstructured data, and SaaS applications, removing complexity and cost.
What does the typical architecture look like for protecting M365?
The architecture for protecting M365:
Recycle Bin: 93 days before data is deleted, but can only recover 70 users per day. Not built for mass recovery, and not a dedicated recovery solution to meet compliance needs
Regional Replication: Microsoft will replicate to regions for uptime not not necessarily for backup of data
Microsoft native solution: Microsoft Backup Recovery and Storage - designed for disaster recovery.
3rd Party Backup solution: 3rd party software that connects into the M365 environment and writes a backup copy of data into their environment.
What are some of the challenges associated with exporting as a way to backup salesforce?
Manual scheduling of backups and manual inclusion of new objects means risk of missed backups. Relationships, history and metadata not included. Recovery time = weeks.
Cyber risk: up to customer to ensure files are secured - very high risk
What four values to we bring to backing up M365 data?
Value Area: Speed of Recovery: Fastest recovery, especially when responding to a cyber attack and reducing cyber RTO.
Value Area: Visibility: Understanding all of the data across M365 so data can be protected, or to understand impact after an attack.
Value Area: Tool Consolidation: Rubrik Security Cloud (RSC) can manage M365 protection, and can use Microsoft Backup Storage also to ensure both DR and Cyber Recovery are covered
PROOF POINT: Volvo uses Rubrik to manage both Microsoft Backup Storage for DR, and have an air gapped copy for cyber resilience
Value Area: Unified Data Protection Platform: Rubrik is a data protection platform that uses Rubrik Security Cloud (RSC) to coordinate backup and recovery across cloud, data center (VMs, Databases), unstructured data, and SaaS applications, removing complexity and cost.
What does the share responsibility model for M365 say?
Shared Responsibility Model: Microsoft owns the platform and commits to uptime for the platform, but the customer owns their data in the platform and is responsible for backup and recovery of that data. Microsoft recommends a separate backup from the production environment.
What are the challenges associated with using Salesforce to backup salesforce data?
Challenge: Salesforce backup and recovery is basic and not cyber resilient: Relies on protection policy that must be manually updated to include new objects means risk of data loss / missed backups. Metadata not included, no retention policies, recovery impact analysis is limited. Recovery time = days to weeks.
Cyber risk: backup resides on the same tenant, if Salesforce credentials compromised backup is also compromised. Salesforce recommends that customers have an off tenant copy.
STATISTIC: 109% increase in phishing attacks against salesforce
How do we do it better when we back up M365?
HWDIB/D: Air gapped copy of data: Created an air-gapped copy of the data which is Microsoft’s recommended approach to ensuring a recovery path
HWDIB/D: Zero trust to secure backup: Rubrik uses Zero Trust principles such as immutable copy of data, MFA/TOTP by default, multi-person rule to ensure that backup can never be compromised by an attacker or an authorized user
HWDIB/D: Co-engineered with Microsoft to ensure fast recovery: Rubrik is the only solution co-engineered with Microsoft (an investor in Rubrik) that is built from ground up using Azure native services (which means it can scale and is highly performance), and Rubrik understands how to load balance Microsoft API to ensure recovery is fast and never throttled (slowed down) - makes us 2-3x faster that other 3rd party solutions.
HWDIB/D: Cyber Services: Ransomware investigation to look at backups and see if encryption events or signs of an attacker and sensitive data discovery to help understand sensitive data across M365. Integrates with Purview Information Protection Policies (MIPs).
HWDIB/D: Prioritized Recovery: During a recovery, prioritize the most recent data to ensure M365 is operational quickly.
What are the challenges associated with M365 backup/recovery?
Challenge: Recycle bin is not a recovery solution: Recycle bin is limited (93 days of retention) and was not designed for mass recovery (70 users per day).
Challenge: Platform redundancy is not a backup: Replicating platform to region is for uptime only; if production environment is compromised, redundant region will not provide a recovery.
Challenge: Microsoft Backup Storage Service is for Disaster Recovery: Microsoft’s Backup Storage Service is intended for fast DR only. Resides on the same tenant and does not protect against cyber attacks where the same tenant is compromised. Also does not backup Entra ID.
Challenge: 3rd Party Services are limited when it comes to security and recovery: 3rd party services do provide an air gapped copy of the data, but most services are not built for cyber security and cyber recovery. They may have slow recovery through inefficient use of the M365 API, and/or inefficient architecture as they were not built to run natively on cloud environments. This impacts cyber RTO.
Challenge: Cyber Recovery:
M365 is being targeted by cyber attackers, including attacks on Entra ID
What are some of the challenges associated with using a 3rd party service to backup salesforce?
Challenge: 3rd party services are limited in recovery speed and impact analysis: Most services can only understand history by comparing against their own backups and cannot compare against the live environment. This can lead to data loss during recovery. Also use of bulk API to recover can be inefficient leading to long recovery times. Recovery time = hours to days.
Cyber risk: requires 3rd party environment to be cyber secure and may have long cyber RTO due to API limitations and lack of impact analysis of recovery
How do we do backups better/differently for Salesforce?
HWDIB/D: Policy engine that automates protection of data: automated policy engine that can autodiscover new objects and ensures an air gapped copy of salesforce data is created
HWDIB/D: Comprehensive backup of salesforce data: Comprehensive backup that preserves relationships, history, metadata, and any new added to salesforce
HWDIB/D: Full history understanding including against live system: Understands field history by comparing against backups AND the live environment in addition to performing a visual impact analysis during recovery to make sure no valuable data is accidentally overwritten during a restore.
HWDIB/D: Cyber resilient copy designed with Zero Trust principles: Air gapped copy residing on Rubrik’s environment that is secured using Zero Trust principles such as immutable copy of data, MFA/TOTP by default, and fully encrypted data.
HWDIB/D: Fastest recovery: Efficient use of the Bulk API for mass recovery combined with impact analysis to avoid lengthy manual validations reduced RTO to hours.
Give an M365 proofpoint
Manchester City Council
• Significant city in UK, manages critical services for approx 1 million residents in greater Manchester area
• Critical services include: sanitation, social welfare, police, education, hospitals, voting, criminal record etc.
• Technology dept. that supports city identified M365 (they moved to M365 during COVID) as critical application that requires data protection (they had no backup solution for M365)
• During evaluation of data protection solutions, Rubrik’s ability to create immutable, air-gapped backup of M365 data was compelling to them
• What won Rubrik the business though, was the fact we could backup AND scan and classify their sensitive data → they felt they would be negligent if they didn’t understand what sensitive data was located across their environment (remember all their critical services and population data they have)