Share

Most Salesforce orgs have no idea what changed in production last week. That’s not just a DevOps problem. It’s a security problem.

Matt Meyers, Salesforce CTA and CEO of EzProtect, sits down with Richard Clark, 14x Salesforce certified with 35 years in technology, to break down why configuration drift is one of the most underestimated threat vectors in the Salesforce ecosystem.Three principles from this session?

  • DevOps isn’t a tool. It’s a practice of moving changes safely, consistently, and repeatably from sandbox to production.
  • Configuration debt accumulates silently. Cloned profiles, over-scoped permission sets, and unchecked checkboxes open invisible access paths for attackers.
  • A change record answers three questions: what changed, who changed it, and when. Without one, the first 48 hours after an incident are spent reverse engineering instead of responding.

If you can’t see what’s changing in your org, you can’t defend it. Watch the video to get your full guide. 

 

Your Salesforce data is invaluable—is it truly secure? If you are allowing users to upload files into your Salesforce orgs, you are risk of also uploaded viruses and consequential data breaches. Get in contact with us today. 

By Published On: March 6, 2026Categories: Cybersecurity, Salesforce, Salesforce Security Office Hours, Video0 Comments

Share

Did you love this blog and wish there could be more?

It is our goal to keep you informed about everything you need to know about Salesforce security to keep your Salesforce data and company safe and secure by providing you with the highest quality of original content.

If this sounds good to you, then sign-up below to be one of the first to know when the next super awesome Salesforce security blog has been released.

Download your free guide today!

Learn if you are at risk and how to start protecting your users!

GET THE FACTS NOW