This blog was written in collaboration with Sean Lague. Sean is the Director, CRM Center of Excellence at Covetrus and one of Gearset’s DevOps Leaders.
Realising that your business-critical Salesforce data has been lost or corrupted is a devastating feeling. If you’ve not defined who’s responsible for Salesforce maintenance and backup in advance, everyone can end up pointing the finger at someone else to recover the data… or worse, the fingers may all point to you.
In this article, we’ll look at who’s responsible for backing up your valuable data, so you can make sure you’re following best practices with your Salesforce backup strategy.
Who’s responsible for your Salesforce data?
When talking about Salesforce data and backup, we come across two common misconceptions:
- Salesforce is too big to fail, so there’s no chance of catastrophic data loss
- If data loss occurs, Salesforce will have a native way to recover it
Let’s break these statements down.
How likely is Salesforce data loss or corruption?
Cloud solutions — like Salesforce and other software as a service (SaaS) providers — do have a responsibility to maintain the uptime and availability of their software, so that your data is accessible to you around the clock. And Salesforce does a great job of that! But no system is completely infallible, as the Permageddon of 2019 demonstrated.
While the potential for a temporary outage is real, the chance of a catastrophic Salesforce failure is small — so the risk of a Salesforce failure is often not seen as a compelling enough reason to invest in a third-party backup solution. But a Salesforce outage is just one of many ways that your data can be lost, corrupted, or rendered unusable. In fact, it’s usually day-to-day business activities that cause the majority of data incidents. For example:
- Integration issues. Integrations can be used to add or update org data in bulk. This saves huge amounts of time as compared to manual processes but can lead to large-scale data corruption when things go wrong.
- Faulty metadata changes. Introducing breaking changes during a deployment can have disastrous consequences for your org’s data.
- Human error. No one does everything correctly all of the time. Whether it’s an end user who accidentally deletes a record or a developer importing data as new rather than an upsert, there are many ways that small errors can have a big impact on your data.
- Malicious deletions. It only takes one disgruntled employee with access to your Salesforce org to render your data unusable or even lost all together.
So a Salesforce data centre crashing and losing all your data is possible but it’s unlikely — the bigger threat to the security of your data actually comes from inside your business. In fact, 62% of Salesforce teams reported that they’d experienced data loss in 2022.
Can Salesforce recover your data?
When presented with the risk of data loss, teams often assume that Salesforce would be able to help. But Salesforce isn’t actually responsible for the data in your orgs. The Salesforce shared responsibility model outlines the split in responsibility between a SaaS provider and you as the customer. This model states that Salesforce has the responsibility to make sure their cloud service is secure and that the infrastructure is sound and well maintained. The responsibility for data that lives in your Salesforce org (and the metadata that houses it) falls to you.
Although the following functionality wasn’t designed as a backup solution, there are a few ways that Salesforce can help if you have an issue with your data.
Within Salesforce, the Recycle Bin keeps deleted records for 15 days. Enabling
Extended Recycling Bin retention will increase that period to 30 days. This can be useful if an end user accidentally deletes a record and notices the deletion within the retention window. After that time though, the data will be lost. There is a capacity limit to the Recycle Bin too, so it won’t necessarily hold all deleted items if records have been deleted in bulk. If you’re looking to revert an incorrectly changed record, the Recycle Bin can’t help.
Salesforce Data Export Service allows you to export the data in your orgs as a CSV file every 7 days. You can then use Data Loader with that file to restore your orgs. While this is a free way to maintain files of your Salesforce data, orgs change rapidly and end users are constantly updating records — for many teams, a weekly backup often isn’t an accurate reflection of the data you want to restore.
Finally, Data Recovery is available for disaster scenarios. It isn’t a backup service — instead, you should consider Data Recovery to be a last resort. If you experience a data disaster in your org, you can pay retrospectively for Data Recovery and Salesforce will send you a CSV file of the data they’re able to extract from your org’s history at a specific point in time (changes since that time will not be recovered). This service comes with a substantial fee and a 6-8 week turnaround time. Once you’ve received the CSV file, it’s then your responsibility to upload that data to your org.
So assuming that Salesforce has backed up your data and that it can be recovered leaves you vulnerable and likely without functioning orgs for months — not only will those cost thousands of pounds in fees, the loss of revenue could be catastrophic.
Salesforce Backup and Restore functionality is available, but this is a paid add-on that isn’t included in your subscription by default — it won’t be accessible to you unless you’ve opted in. Plus, it’s safer to have a third-party backup solution that’s separate from the platform you’re backing up in case of a Salesforce failure.
The key players in your Salesforce backup
So we know that the responsibility for your data falls to your business, but who within the company is responsible for getting your org backed up successfully?
Every person across the business should have a vested interest in the successful implementation of a Salesforce backup solution, and everyone should work to ensure that Salesforce records are accurate and secure. But there are some usual phases that happen during a backup purchase — let’s look at what those stages are and who is typically involved.
Three key stages when investing in a backup solution include:
- Discovery. Understanding what’s available in the market, assessing which tools fit your needs and carrying out a thorough trial of their functionality.
- Decision making. Checking the shortlisted solutions to ensure they satisfy any compliance requirements and making a final choice. Signing off on the selected tool and ensuring the budget is available for the purchase.
- Setup and ongoing maintenance. Once set up, the backup job/s should be checked on an ongoing basis and a recovery strategy will need to be developed and tested regularly, to ensure the team knows how to successfully restore data when needed.
Across this purchasing process (and beyond), the key players are usually:
- Business leaders. Business leaders are usually heavily involved in the decision making process and review the business case that’s been put together for the chosen solution. They typically have the final say on which backup option the business puts in place. But this isn’t where their role ends; they will likely be involved in sign-off again at the point of renewal, and may need to make other stakeholders aware of the ROI of backup to ensure budget is allocated.
- Information security. An infosec or security team will likely be heavily involved in decision making, to ensure the tool meets any compliance specifications. They should also be involved in ongoing maintenance, to ensure the backup is configured in a secure and compliant way.
- Salesforce team. The Salesforce team will likely be heavily involved in all stages of a backup purchase. They’re usually the team that checks out the market, tests the available solutions and then compiles the business case for the decision making stage. The State of Salesforce DevOps 2023 report found that once backup was purchased, 86% of Salesforce teams were then directly responsible for maintaining the day-to-day running of their metadata and / or data backup job.
But every business is different, and the responsibility for maintaining your backup might fall to a different team than those outlined here. It doesn’t necessarily matter who takes ownership for your backup, the key to success is simply defining who that responsibility sits with. Thankfully, only 9% of Salesforce teams said that they didn’t know who was responsible for their Salesforce backup — without clearly assigning that responsibility, you’ll be left scrambling in a metadata or data loss scenario.
Considerations when choosing a backup solution
Having a Salesforce backup and recovery solution in place is essential for any team looking to safeguard their org and protect their data. But when it comes to finding the right solution, the amount of vendors on the market can feel overwhelming. If you’re in the process of searching for a backup tool, here are three key considerations to keep in mind.
Avoid a single point of failure
The maintenance of backup and recovery should never fall to one person — if that person is on leave or out sick when a data disaster strikes, your time to recovery can be seriously delayed. It’s important to work with a tool that allows for multiple people or teams to take active responsibility for backup.
Gearset backup allows you to build highly customised permissions for each backup job. Whether you want to give another user view permissions alone, all the way to full restore and edit permissions, you can avoid having a single point of failure by assigning permissions to relevant stakeholders across the business. You can even transfer job ownership completely, so no history is lost if the job owner leaves the business.
Detection is as important as recovery
It’s vital to have a disaster recovery plan in place, in the event that a metadata and / or data disaster strikes. But would you know if an incident had happened in the first place? End users often play a huge role in identifying and reporting when an issue has occurred but that can mean issues go undetected for long periods of time. The more time that passes between the incident happening and when it is detected, the harder it will be to unpick. Finding a solution that can flag issues as soon as they happen is just as important as the ability to restore data.
With Gearset, you don’t have to rely on user reporting to identify when an issue has occurred. With visual overviews of data changes to your orgs, as well as customisable smart alerts, you can see changes to your org at a glance and get immediate notifications for changes that seem out of the ordinary, such as a large number of deleted or changed records on your most important objects.
Metadata backup and data backup go hand-in-hand
Data can often be the focus of backup conversations, but backing up your metadata is just as important. Before restoring any data from a backup, it’s important to restore the metadata first — if the metadata for a field is corrupted, you won’t be able to successfully restore data to that field. Having to rebuild your unique metadata configuration from scratch before beginning a data restoration is a huge time sink and hampers business continuity. A solution that automatically backs up metadata alongside data is the best way to ensure you can reliably and quickly restore data in any scenario.
Gearset automatically captures your data and metadata with each job run, so you can restore metadata and data from any point in your job history. Simply find the job run that you want to restore your metadata from and follow the same declarative, UI comparison to build your metadata restoration package.
Salesforce backup you can be confident in
Take the worry out of being responsible for Salesforce backup — start a free 30-day trial to get your orgs backed up in minutes.
If you need a hand getting started, speak to one of our DevOps experts who’ll be able to give tailored advice on setting up a robust and secure backup solution for your business.