Salesforce orgs need backup. And yet, many people assume their Salesforce data is safe. Unfortunately, all data is vulnerable to loss or corruption, so protecting it with backups is your best option at recovering when something goes wrong.
A backup solution shouldn’t be thought of as a “nice-to-have” — it’s a necessity. In this post we’ll look at why backing up is so important, what can cause data loss and how you can back up your orgs with the right solution today.
Why Salesforce orgs need backup
Data loss can happen to anyone, at any time. From human error and data migrations to cyber attacks and Salesforce outages, the risks are real and varied. Whether it’s a simple mistake or a complex integration gone wrong, backups provide a crucial safety net. By allowing for quick recovery and ensuring your team can continue working, backups keep your data safe should anything go wrong.
There are many reasons why you need backup. We’ve separated them into three sections, data loss, disaster recovery and compliance:
Data loss
Salesforce platform updates
Salesforce is a dynamic platform with new updates and enhancements being released often, either as seasonal updates three times a year, or critical updates when there’s a bug that needs fixed. While these upgrades are helpful, they can also bring unintended consequences — like a sudden data loss situation. Changes in system behavior, unexpected bugs, or compatibility issues with existing customizations can lead to data integrity problems. New features might interact unpredictably with your existing setup, causing unexpected data deletions or overwrites. Even seemingly minor updates can disrupt workflows and data structures, making it crucial to have a backup in place to quickly restore any lost or corrupted data.
Data migrations
Data migrations, whether merging orgs or integrating new apps, are risky. They can fail halfway through, introduce a bug that corrupts data, or even just fail and timeout if a migration is taking too long. The complexity of moving large volumes of data between systems can lead to incomplete transfers or duplicated records, both of which can be challenging to resolve. Additionally, the mapping of data fields between different orgs or applications is prone to errors, potentially leading to misaligned data. Without a reliable backup, recovering these issues can be time-consuming and costly.
Human error
Everyone makes mistakes — Salesforce developers and admins included. Most often, it’s an honest mistake, but the extent of the damage can range from a minor inconvenience to a major disaster. Occasionally, data is deliberately deleted. You need to be prepared for either case, because these things do happen.
As for malicious deletions, there have been a few cases where someone has been fired but still had access to their Salesforce accounts. This has led to them randomly deleting data on their way out the door. These can go unnoticed and cause issues in the long run if they’re not picked up quickly.
Integrations going wrong
There are various Salesforce integrations, like Mulesoft, that are designed to alter or move data. These are powerful tools that can have devastating consequences when mistakes are made. One well reported case relates to the Git-hosting provider, GitLab. Early in 2017, a GitLab admin ran rm -rf on a directory in the wrong server. Almost 300GB of data was lost — some of it irretrievably as a result of multiple backup failures.
Disaster recovery
Cyber attacks
In today’s digital landscape, cybersecurity threats are ever-present and constantly evolving. Customer data is a target for cybercriminals, compromising your data integrity and availability. Even with Salesforce’s security measures, it’s still not enough — having an independent backup solution is crucial. If a data breach occurs, backups allow you to secure your orgs and restore data to its original state, minimizing downtime and business disruption. With 87% of teams backing up their Salesforce orgs or planning to this year, having a Salesforce data backup is more important than ever. This added layer of security is essential for protecting your organization against cyber attacks that are out of your control and maintaining business continuity if you are targeted.
Salesforce outages
The idea that Salesforce data is stored ‘in the cloud’ can lead some to a false sense of security. Outages are a risk to any system — even a world-class CRM like Salesforce.
In May 2019, Salesforce users suffered an incident known as ‘Permageddon’. Any teams that had ever integrated Pardot, a marketing automation tool, into their orgs found that their permissions model was corrupted, with all user profiles granted permission to view and modify all data. Salesforce rightly decided to protect their users’ data, deleting all affected permissions. Unfortunately, this meant that admins had to rebuild their org’s profiles and permissions manually.
Glaziers Hall, London
DevOps Dreamin’ London 2024
In 2021, Salesforce faced a five hour outage with their status page also down, making it difficult for organizations to know what was going on. A Salesforce engineer implemented a configuration change too quickly rather than using a staggered deployment, leaving clients unable to log into their system.
Just two years later, in September 2023, Salesforce suffered another internal permission change causing a large-scale outage. Salesforce blocked customers from accessing their services for several hours in peak business hours. This raised concerns about why Salesforce decided to implement an update when companies would need their services most, rather than overnight, when an outage would have been far less disruptive. This was a disruption across multiple clouds, and with over 150,000 customers worldwide.
Compliance
Staying compliant
Many industries are governed by strict data compliance rules that ensure the secure storage and accessibility of data. Regulations like GDPR, CCPA and HIPAA require businesses to maintain accurate records and have processes in place for data recovery in case of loss or corruption, ensuring proper governance. Failing to comply with these regulations can result in hefty fines and legal repercussions. A robust backup and recovery solution means that your Salesforce data is always accessible and can be quickly restored.
DevSecOps
Building a robust DevSecOps strategy into your DevOps process will enhance security across the entire workflow. Early detection of issues, faster security reviews, and continuously monitoring your infrastructure for vulnerabilities will help try and minimize the possibility of data loss. With 65% of teams experiencing data or metadata losses in the last year, reliable DevSecOps gives you peace of mind, allowing quick rollbacks if things go wrong. This lets your team continue building in Salesforce without the fear of data loss.
Protecting your critical org data can be stressful. Whether you’re a CRM manager or an admin, understanding why your Salesforce data needs safeguarding and how to protect it is vital. Learn more with our free ebook, Backups for Salesforce.
The business case for a Salesforce backup solution
Budget restrictions often put backup solutions under scrutiny but can you really put a price on your entire company’s Salesforce data? The benefits of Salesforce data backup go beyond just mitigating risks, arguing a business case for backup.
In 2016, a single data center outage cost businesses up to $2.4 million dollars, showing the critical role Salesforce data backup plays in your business. It’s not just about worst-case scenarios; minor data losses can disrupt operations and waste valuable time. Losing metadata also means losing significant development effort and potentially causing even more data loss.
Proper data management helps avoid the financial impacts of data loss, including compliance breaches with fines up to 10 million euros for GDPR violations. Resources spent on disaster recovery and the reputational damage from lost customer trust can be costly.
With 93% of companies who suffer a major data loss without a disaster recovery plan being out of business within 1 year, safeguarding your Salesforce data is truly essential.
Can I backup with a Salesforce native solution?
The question of ‘does Salesforce backup your data?’ is difficult to answer, as the answer is ‘yes’, but not well enough. The native backup solutions are very limited whether you’re backing up or trying to restore.
Salesforce Backup and Restore
The closest Salesforce has to a full backup solution is their Backup and Restore service, launched in 2021. Although this provides a basic level of protection, the larger issue is that having a native backup solution contradicts basic backup principles. Despite Salesforce separating the storage of backup data from production data, the point of access is the same: the Salesforce platform. If Salesforce faces an outage, like in the examples above, you won’t be able to access your backups during that time. This creates major issues with both your data and backups being compromised at the same time, defeating the very purpose of investing in a backup solution.
Data Export and Loader
Salesforce also offers a Data Export feature to export data, allowing you to schedule automated exports. But, this can only be done weekly at most, meaning any changes made within that week could be lost if you needed to restore it from a backup. This gap can be critical, especially for organizations that handle large volumes of data daily.
As the name states, Data Export only extracts the data, delivering it in CSV files. By ignoring the metadata from your org, it doesn’t allow you to restore it to its exact state before any data loss or corruption occurred. Similarly, restoring your data using CSV files is very time-consuming and error-prone, often even leading to data integrity issues like mismatched relationships and missing references. This lacks crucial aspects of a suitable backup solution, failing on many needed factors.
Data Loader is a similar tool Salesforce offers, helping you insert, update, and export Salesforce records in bulk. Although in theory it can be used as a backup solution, it’s not designed for this which is obvious when using it. It also faces the same issues as Data Exporter, returning your data as CSV files.
Choosing a third-party backup solution
Salesforce themselves recommend adopting a third-party backup solution. The Salesforce ecosystem thrives because of the third-party tools developed for the platform.
So what should you be looking out for in a Salesforce backup recovery solution?
1. Regular, reliable backups
To minimize data loss, you need regular automated backups, and the ability to back up on demand before you make any risky changes. Look for a tool that’s easy to use, with incremental backups. It should also help you to analyze the way your data is changing between each backup — it isn’t always immediately obvious when your org’s data is missing or changed. The first step in data recovery is noticing that data needs recovering!
2. Metadata backups are included
Salesforce data can’t be restored without first restoring the metadata. This is because metadata describes the shape of your org — records can’t be restored to fields that no longer exist or to objects that have changed. Not every backup solution backs up metadata, and some only back up a subset of metadata types. Including full metadata is crucial, ensuring every aspect of your org’s configuration can be accurately restored to maintain the integrity and functionality of your Salesforce environment.
3. Enterprise-grade security and compliance
You need to trust that your backup data is in safe hands. Where is it being stored? How is it encrypted? Does the company in question have security accreditation? It’s likely you’ll also need to think about data retention and compliance with GDPR and CCPA regulations. Does your chosen provider also provide archiving? Does your backup strategy need to demonstrate SOX compliance? These are just some of the questions you’ll need to ask — there will be more specific queries depending on your sector and location.
Watch our webinar, The Ultimate Guide to Salesforce Backups to find out what considerations you should be taking into account when picking a backup solution.
Why choose Gearset?
When you’re choosing a backup solution to look after your data and metadata, you need to choose one you can trust. Gearset is trusted by over 2,500 companies worldwide and we incorporate backups into our full DevOps solution. It’s a great option because Gearset is a third-party solution and is hosted completely off the Salesforce platform. There are so many great benefits for any team looking to secure their orgs:
1. Schedule your backups
Automate your backups with Gearset’s scheduling feature. Set it and forget it, knowing your data and metadata are safely backed up at regular intervals without any manual intervention.
2. Receive smart alerts
Gearset’s smart alerts keep you informed about your backup status. You’ll receive notifications if anything goes wrong, like an unexpected data deletion or addition, so you can take immediate action and ensure your data is always protected.
3. Understand your data at a glance
Gearset provides a clear overview of your data, showing what’s been deleted, added, or changed in your orgs. This visibility helps you stay on top of your data integrity and quickly spot any issues.
4. Restore your orgs
With Gearset, restoring your orgs to their exact previous state is easy. You can restore all records for a single object, including all their dependancies or choose to restore across multiple objects — including all their associated records.
5. Archive your redundant data
Gearset archives outdated or redundant data, which keeps you compliant and frees up space in your org to stop you hitting storage limits. Archiving the data you’re not using ensures you’re meeting regulatory requirements while also maintaining optimal performance. You can retrieve the data back at any time, as easily as you archived it.
Choosing Gearset means you can rest easy knowing your Salesforce data is safe, secure, and easily recoverable.
Get peace of mind with Gearset
Are you sure you could recover your Salesforce orgs quickly in a data loss situation?Our Salesforce instances are critical to keep our business operations going so it makes perfect sense to be protecting them at all costs.
No business is safe from accidental deletions or a failed migration — don’t wait until it’s too late. Start securing your orgs today with Gearset’s backup solution. Sign up for your free 30-day trial today or if you want to know more, book a tailored demo with one of our DevOps experts.
