Although we’re optimistic that your Salesforce organization may defy the odds, recent research suggests it could potentially harbor more than 2000 security vulnerabilities in custom code, approximately 14 outdated installed packages, and several automation missteps. But, of course, there’s always the chance that your organization stands apart from these trends, isn’t there?
After conducting an in-depth analysis of aggregated metadata from numerous actual Salesforce orgs, we’ve unearthed several crucial—and somewhat unsettling—discoveries. Here are the seven most noteworthy findings…
1. Salesforce Teams are Managing an Immense Amount of Metadata
Managing Salesforce effectively demands meticulous attention, particularly concerning the extensive metadata it entails. Surprisingly, the typical Salesforce organization involves overseeing approximately 24,000 metadata items, adding to the complexity. This abundance can lead to overwhelmed administrators, time constraints, and operational inefficiencies, fostering communication lapses, user dissatisfaction, and adoption hurdles.
To surmount these obstacles, Salesforce teams require automated solutions for swiftly evaluating org configurations, pinpointing actionable insights, and facilitating seamless communication with stakeholders.
2. Out-of-Date Installed Packages are Impacting Performance and Security
Installed packages play a vital role in enhancing the functionality and user experience of Salesforce orgs. However, in the ever-evolving Salesforce ecosystem, maintaining the currency of these packages is becoming more critical. Outdated packages not only affect org performance but also pose significant security threats.
According to the 2023 Hubbl Diagnostics Benchmark Report, nearly all Salesforce orgs (99%) are running outdated installed packages, contributing to 15% of all security vulnerabilities originating from custom code within these packages. Therefore, it’s essential to ask: When was the last time you conducted a review of your installed packages?
3. Custom Code is Housing Security Risks
Custom code grants enhanced capabilities to users, leveraging platforms like Aura, Lightning Web Components (LWC), Visualforce, Apex, or triggers. Nevertheless, alongside this empowerment, there arise critical concerns regarding data integrity and security that necessitate careful management. Statistics indicate that the typical Salesforce organization contends with around 2000 security vulnerabilities stemming from custom code.
These vulnerabilities pose a spectrum of risks, from unauthorized access to sensitive data by internal users to potential breaches that could lead to the inadvertent disclosure of regulated information, posing significant existential threats to the organization.
4. Migration to Flow is Not Being Prioritized
Salesforce Flow emerges as the cutting-edge automation solution poised to supplant Workflow Rules and Process Builder. Despite its potential, only a fraction, merely 14%, of declarative automation within the ecosystem currently leverages Flow. Yet, embracing Flows alongside triggers holds the promise of significantly enhancing the operational efficiency of your Salesforce organization. Such a transition not only accelerates processes but also bolsters employee engagement, refines customer interactions, and ultimately augments your financial performance. Remarkably, statistics indicate that half of all Salesforce organizations stand to gain over 100 hours annually by transitioning away from workflow and Process Builder.
For those yet to embark on the migration journey toward Flow adoption, it’s prudent to construct a compelling rationale, underpinned by ROI metrics, showcasing the tangible benefits awaiting early adopters.
5. Object Automation is Costing You More than You Think
The Well-Architected framework by Salesforce advises consolidating all automation pertaining to a specific object into one automation type whenever feasible. Despite this recommendation, numerous Salesforce organizations deviate from these guidelines due to the proliferation of declarative and custom automation types. Research indicates that 47% of utilized standard objects incorporate multiple automation types.
Although employing multiple automation types on a single Salesforce object may offer immediate solutions, the long-term maintenance of such configurations can pose significant challenges and expenses.
6. Empty Custom Fields are Slowing You Down
Transactional information within your organization is primarily stored in fields. While Salesforce offers numerous standard fields based on your licenses, businesses often augment these with custom fields for enhanced functionality. However, it’s common to find that approximately 10% of custom fields on key objects like Accounts, Opportunities, and Cases remain unused.
Following Salesforce’s Well-Architected framework, unused fields represent technical debt, complicating org maintenance. Administrators should actively identify and eliminate unnecessary custom fields to enhance user experience, streamline processes, and boost overall efficiency.
7. Too Many Users Have Access to Your Data
Is it truly necessary for numerous users to possess the capability to “Modify All Data” and “Data Export” within the average Salesforce organization, where typically there are 24 assignments for the former and 20 for the latter?
To safeguard your data, it’s advisable to undertake the following measures:
1. Evaluate profile and permission set allocations to pinpoint users with data modification and export privileges.
2. Establish a concise policy outlining which personnel within your organization require such access and for what reasons.
3. Initiate the transition of permissions from profiles to permission sets to enhance the management of data access.
Summary
We believe this article has unveiled vital insights warranting attention. Evaluate how your Salesforce organization compares to ecosystem benchmarks and juxtapose it with each of these metadata insights using Hubbl Diagnostics’ complimentary organizational analysis tool.
For more details about Salesforce, visit us on www.thesalesforcemaster.com