Salesforce orgs need backup. And yet, for various reasons, many people assume their Salesforce data is safe. Unfortunately, none of those reasons bear any scrutiny. Here's why you need to think about backup.
Salesforce outages cause data loss
The idea that Salesforce data is stored 'in the cloud' can lead some to a false sense of security. But outages are a risk to any system - even a world-class CRM like Salesforce.
In May 2019, Salesforce users suffered an incident that came to be known as 'Permageddon'. Any teams that had ever integrated Pardot (a marketing automation tool) into their orgs found that their permissions model was corrupted, with all user profiles granted permission to view and modify all data. Salesforce rightly decided that the first priority should be to protect their users' data, so it deleted all affected permissions. Unfortunately, this meant that admins had to rebuild their org's profiles and permissions manually.
Salesforce later developed a script to restore permissions from backups - but the results were mixed. Ultimately, while the steps Salesforce took were understandable, the result was a large number of users struggling to recreate their permissions models. In contrast, Salesforce teams with a robust backup solution in place were able to restore their permissions painlessly.
A smaller outage in 2016 caused hours of data loss for companies with orgs on one Salesforce instance, NA14 (North America instance 14). With no access to their CRM, companies were unable to operate for the duration of the outage. And data added to their orgs in the hours leading up to the outage were also lost.
Human error causes data loss
Everyone makes mistakes - Salesforce developers and admins included. Most often, it's an honest mistake, with the extent of the damage ranging from a minor inconvenience to a major disaster. Occasionally, data is deliberately deleted. You need to be prepared for either case, because these things do happen. One contributor to a forum discussion tells the story of a mistake causing significant data loss.
As for deletions with malicious intent, another contributor to the discussion leaves this caution: 'Always remember, disable a user before you fire them. I've seen a few cases of random destruction by admins on the way out. No sandboxes and no recent data export.'
Salesforce integrations can corrupt data
There are various Salesforce integrations designed to alter or move data. These are powerful tools that can have devastating consequences when mistakes are made. One Salesforce developer admits to having a bad
rm -r command in the ETL program they wrote. Remove commands are an obvious danger to data, and can cause considerable unintended damage. One well reported case relates to the Git-hosting provider, GitLab. Early in 2017, a GitLab admin ran
rm -rf on a directory in the wrong server. Almost 300GB of data was lost - some of it irretrievably as a result of multiple backup failures.
Salesforce data recovery is being retired
Okay - so data loss and data corruption can happen. But we often hear questions like 'Won't Salesforce restore my data for me?'' The current answer to that question ('erm… sort of') is about to get simpler. That's because Salesforce is retiring its data recovery service at the end of July 2020.
Salesforce doesn't want its customers to rely on the data recovery service, which is meant to be a last resort. The recovery process sounds simple: you pay a flat rate of $10,000 (Salesforce says it costs them more than that) and Salesforce gives you a CSV file of your data. But it can be several weeks before you receive the CSV file from Salesforce - and that's before you've even begun to restore the data to your org. What's more, Salesforce doesn't guarantee that your data can be restored, and it can only provide your data as it was at a point in time within the last 3 months.
Salesforce wasn't happy to be offering such a poor service, so it decided data recovery would be retired without replacement.
What about manual backup?
It's possible to export backup data from Salesforce yourself. You can schedule backups that run at regular intervals - every week in the best case. If disaster strikes, the good news is that you won't need to wait or pay for backup data to come from Salesforce. But at least a week's data could be lost if you needed to restore from these backups. And as with the data recovery service, these manual backups generate CSV files of data only. So actually restoring the data will be a long and arduous process.
Salesforce recommends a partner backup solution
Salesforce themselves recommend a partner backup solution. The Salesforce ecosystem thrives because of the third-party tools developed for the platform. Indeed, the platform has very deliberately been built to facilitate integration with other tools. Data backup is no exception.
So what should you be looking out for in a Salesforce backup solution?
1. Regular, reliable backups
To minimize data loss, you need regular automated backups, and the ability to back up on demand before you make any risky changes. Look for a tool that's easy to use. And it should help you to analyze the way your data is changing between each backup. It isn't always immediately obvious when your org's data is missing or changed. The first step in data recovery is noticing that data needs recovering!
2. Smart restore functionality
Backing up your data is difficult; reliably restoring it to Salesforce is even more difficult. That's because Salesforce data often can't be restored without first restoring the metadata that describes the shape of your org. Records can't be restored to fields that no longer exist or to objects that have changed. So you need to back up and restore your org's metadata along with your data. Choose the tool that is best at restoring your whole org - metadata and data - just as it was.
3. Enterprise-grade security and compliance
You need to trust that your backup data is in safe hands. Where is it being stored? How is it encrypted? Does the company in question have security accreditation? It's likely you will also need to think about compliance with GDPR and CCPA regulations. Is the backup solution equipped to process requests that customers might make under data protection regulations? These are just some of the questions you'll need to ask - there will be more specific queries depending on your sector and location.
Get peace of mind with Gearset
Here at Gearset, we think it helps if your backup solution is combined with your deployment tool, because restoring your data is just a deployment of metadata and data from a backup to a Salesforce org. Our backup and restore solution was built specifically and exclusively for Salesforce, based on our deep understanding of Salesforce's metadata, and with the utmost respect for data security and compliance. And Gearset is more robust than backup solutions hosted on Salesforce, because Gearset is a hosted web app outside of Salesforce; if Salesforce goes down, you'll still be able to get your data with Gearset.
Get in touch with [email protected] for a demo of Gearset's backup and restore solution, or use the live-chat on this page to ask us any questions.