In an enterprise landscape that relies heavily on the cloud, regardless of industry, Salesforce is critical for business operations. But while Salesforce ensures infrastructure security, what most people don’t know is that your organization is responsible for protecting data, managing access, and configuring integrations. In fact, an astounding 73.5% of Salesforce admins reported being unaware of the Shared Responsibility Model in a recent Salesforce Ben survey. Misunderstanding this shared responsibility can expose your org to costly downtime, phishing attacks, and data loss.

This guide explains the Salesforce Shared Responsibility Model, recent threats via connected apps, and how Flosum Backup & Archive helps you stay secure and resilient.

What Is the Salesforce Shared Responsibility Model?

The Salesforce Shared Responsibility Model defines the division of security and operational duties between Salesforce and its customers.

Salesforce secures the cloud infrastructure, including data centers, networking, and platform-level services. Customers secure their data in the cloud — this includes user access, connected apps, configurations, and data backups.

Key takeaway: Understanding this model is critical because security is a shared effort. Neglecting your responsibilities can lead to breaches, compliance violations, and operational disruption.

Where Salesforce Ends and Your Responsibilities Begin

Salesforce’s Responsibility:

Physical Infrastructure - ✅

Platform Security & Patching - ✅

Service Availability & Disaster Recovery - ✅

Compliance Certifications - ✅

Salesforce Data - ❌

Identity & Access Management - ❌

Org Configuration & Security Settings - ❌

‍

Your Organization’s Responsibility:

Physical Infrastructure - ❌

Platform Security & Patching - ❌

Service Availability & Disaster Recovery - ❌

Compliance Certifications - ✅ Ensure your usage aligns with regulations

Salesforce Data - ✅ Protect, back up, and govern your data

Identity & Access Management - ✅ Configure users, permissions, and connected apps

Org Configuration & Security Settings - ✅ Harden settings, enforce MFA, audit OAuth tokens

The Real Threat: Phishing via Connected Apps

Connected apps allow third-party tools to integrate with Salesforce using OAuth. But attackers exploit them through phishing campaigns, tricking employees into installing malicious apps that can silently extract sensitive data.

Typical attack flow:

1. Attackers impersonate IT support via phone or email.
   
   
2. Victims install a spoofed connected app.
   
   
3. OAuth tokens are granted, giving attackers access.
   
   
4. Data is exfiltrated or compromised.
   
   

These attacks emphasize the importance of active governance, user training, and monitoring.

Protecting Your Salesforce Environment

Best Practices for Your Side of the Shared Responsibility Model:

1. Restrict Connected App Access

• Require admin approval for new apps
  
  
• Limit OAuth scopes and API access
  
  

2. Enforce Least Privilege

• Regularly audit permissions
  
  
• Only grant necessary access for each role
  
  

3. Strengthen Identity & Access Management

• Enable MFA
  
  
• Set login IP restrictions and session security policies
  
  

4. Educate Employees

• Run phishing simulations including OAuth-based attacks
  
  
• Conduct regular awareness training
  
  

5. Monitor, Audit, and Act

• Review all connected apps and revoke unused tokens
  
  
• Audit logs for suspicious activity
  
  

Why Backup & Recovery Is Critical

Even with strong security, human error or malicious attacks can compromise Salesforce data. Native Salesforce resilience is not a substitute for functional backups.

Flosum Backup & Archive offers:

• Automated, continuous backups of data and metadata
  
  
• Secure, isolated storage to protect backups from compromise
  
  
• Fast, flexible, granular recovery for records, objects, or the entire org
  
  
• Compliance support with data retention and audit capabilities
  
  
• Data governance & visibility across your Salesforce org
  
  

Outcome-focused benefit: Flosum ensures your org can recover quickly, maintain operational continuity, and reduce business risk.

Take Control of Your Salesforce Environment

Understanding the Salesforce Shared Responsibility Model is critical to protecting your organization. With Flosum Backup & Archive, you gain visibility, control, and recovery power — empowering you to secure your data, prevent phishing damage, and maintain resilience in a rapidly evolving threat landscape.

Flosum helps you own your side of the responsibility — because protecting your Salesforce data isn’t optional. It’s essential.

Want to learn more about how Flosum can help you protect your Salesforce investment? Connect with an expert today!