Start preparing for your Next Exam | Use coupon – TOGETHER | Avail 30% discount

Marketing Cloud Security Best Practices for Data, Permissions, and PII

  1. Home
  3. Marketing Cloud Security Best Practices for Data, Permissions, and PII

Marketing Cloud Security Features

  • Login IP Whitelisting – The range of IP addresses which can access account or the application. For a user logging from outside either will be denied entirely or validate by a two-step verification process
  • Identity Validation – Users authenticates the browser to access the application by an authentication code to the email address associated with the user account.
  • Key Management – To manage different types of encryption and decryption options for the data.

Security best practices are discussed.

Select Account Security Settings

  • Use MFA (Multi-Factor Authentication) system, which includes:
    • The Salesforce Authenticator mobile app
    • Security keys supporting U2F or WebAuthn
    • TOTP or Time-based one-time passcode based authentication apps, like Google or Microsoft  Authenticator
  • Apply specific requirements for password like length, characters, etc

Passwords

Be aware of both passwords

  • Your account password
  • FTP password for Marketing Cloud account

Create a strong, unique password with:

  • Eight or more characters
  • Mix of letters and numbers
  • Mix of uppercase and lowercase
  • Special characters

Implement Login with SAML and SSO

Marketing Cloud supports third-party, single sign-on (SSO) authentication via SAML 2.0.

Use Salesforce federated authentication or another service as per need

Use Transparent Data Encryption

To encrypt data within account at rest, with Transparent Data Encryption using SQL Server’s built-in protection technology.

Use Audit Trail

After roles and permissions assignment, track user actions by the Audit Trail feature which gives 30 days of information for all users in your account.

  • User authentication
  • IP addresses
  • Changes to users, roles, and user permissions
  • Changes to Security Settings, such as logins, password changes, and logouts

Use SSL Certificates

Use SSL certificates to secure web-based communications which can secure

  • CloudPage URLs
  • Landing pages in your account
  • Links in the email messages from Email Studio
  • Portfolio content

Secure Form Submissions

  • Don’t pass SubscriberID, SubscriberKey, or ContactKey values in the clear in the query string.
  • Do not use Base64  encoding but use encryption
  • All field processing and validation be done on the server.
  • All created application pages be authenticated.

Other Security Practices

  • Limit Permissions – Create OAuth access tokens to be valid only for the necessary tasks. .
  • Secure Your Tokens – Keep only the refresh token on your external server.
  • Use Up-to-Date TLS on external web servers.
  • Review Error Messages
  • Create Secure Sessions
  • Store sensitive information on your own system
  • Patch All-Important Software and Hardware
  • Encrypting Personal Data – Salesforce Shield customers can use Shield to encrypt specific field.
  • Convert Leads to Existing Contacts so as to decide data privacy.

Reference: Salesforce and Marketing Cloud Security

This image has an empty alt attribute; its file name is Try-Free-Practice-Test-at-Testprep-Training-and-become-Marketing-Cloud-Administrator-Successfully-1-750x117.png
Menu