When you lose Salesforce data you want to recover as much as possible, as quickly as possible. Though teams have begun to implement so-called ‘incident response plans’ to chart out how they can do this, many are missing a key component: how to spot the data loss in the first place.
Most companies don’t actively monitor for data loss and will only notice once it starts causing problems for their end users, which could take months. Regardless of how well-planned and rehearsed your data loss incident response plan is, your team will only be able to respond quickly if they can spot the loss ASAP.
What is an incident response plan?
When you lose data there are two key disaster recovery metrics used to estimate just how much damage has been done: RPO and RTO.
RPO, standing for Recovery Point Objective, considers the point of your most recent data backup. The longer your data has gone without backup the more could be lost, which has prompted many Salesforce teams to introduce regular backups—this should be done at least once a day.
Where RPO looks over your shoulder to the last backup, RTO looks forward from the moment data is lost to the point you resolve it. This RTO (Recovery Time Objective) is a holistic measure of the time taken to spot data loss, recover data, and get your system up and running normally.
An incident response plan should work to shorten your RTO, improve your disaster recovery and minimize the impact of data loss on your wider business.
What’s the impact of Salesforce data loss on your wider business?
RPO and RTO quantify damage in data loss and time spent, but what does this actually mean for your wider business?
A recent report from IBM highlighted that the cost of data loss has increased 13% since 2020 across all platforms, which is largely due to unproductive labor hours. It can be especially disruptive for teams using Salesforce, as the platform is integral to their operations. Your sales and customer teams may find that their operations completely stall if key data is lost, wasting not only their time but blocking the opportunities they were creating with Salesforce. Similarly, developers may have to abandon other projects to restore lost data and get your Salesforce org functional again. This wasted time is frustrating and can be very expensive.
In a best-case scenario, data loss may put a dent in operations, but worst-case it can cause irreparable damage. Given the sensitive nature of Salesforce data, a loss could ruin customer trust or violate your data compliance policy. This tangible cost to your business has prompted Salesforce teams to think carefully about improving their incident response plans.
Could your incident response plan be quicker?
Reducing RTO is critical to an effective incident response plan, but teams tend to focus on the actions taken once data loss has been spotted. This means most teams are slower than they think as they don’t work to decrease the time taken to spot the data loss in the first place. The same IBM report considered the average RTO for data breaches, an unauthorized type of data loss or change. It found that companies take 197 days to identify a data breach and 69 days to contain it, revealing that Salesforce teams spend most of the time after data loss in the dark. This is the largest component of RTO, so the best way to speed up your incident response plan is simply to spot data loss sooner.
Don’t make it a problem for Salesforce end users
Many companies rely on their Salesforce end users to catch any data loss. This means it’s often those in customer-facing or management roles who first realize that data is missing when they’re unable to do their job.
This strategy is ineffective for three key reasons:
- Data loss can easily go unnoticed for a long period of time. Not all Salesforce data is opened regularly, meaning it’s difficult to realize when the data first went missing and you may have to return to an out-dated backup to recover lost data.
- You’re reliant on end users notifying developers of a data loss. End users won’t necessarily understand the nature or severity of what they’re seeing, and may not know whether or how to communicate the problem.
- Data loss is only dealt with once it has begun to cause problems. This leads to a stall in operations, which is avoidable if data loss is spotted before it impacts your end users.
Give your developers control of Salesforce data
Developers should know better than anyone if there are any changes in data and metadata between backups. Relying on your Salesforce end users to spot data loss will only slow down your incident response time and remove developers from the first step of data recovery.
Understanding your data is the first step to spotting data loss. It will allow you to recognise what’s normal for your backups, and what isn’t. Gearset visualizes your backups to show you the comparison between each backup run and the changing shape of your data over time.
Spot your Salesforce data loss straight away
Being in control of your data means you shouldn’t have to constantly monitor it, which is why Gearset keeps you informed outside of the app. You’ll receive email updates with a summary of each backup job, telling you what has changed with your data so you’ll know straight away if there have been any losses.
Take control with smart alerts
Embedded within these handy email updates are our smart alerts, which will notify you if an unexpected data change has occurred. These are completely customizable, as every Salesforce team’s data is different. A number of records changing between backups which may be shocking to a small organization could be the norm for a large global enterprise, so you’ll only be alerted if there’s data loss which is unexpected for you.
You can easily customize your smart alerts, specifying the amount of data change or fields you want to monitor.
With smart alerts, you don’t have to worry that a data deployment on Friday has caused irreparable data loss that stalls work the following Monday, or longer. You’ll get an alert from Gearset the second a problem with your data is detected, so you can be confident that you can begin your recovery process at the earliest opportunity.
If you’re a security conscious team who wants to understand and protect your data, you might like reading: