Arrange a tailored demo with our DevOps experts. Kick off the process with a 15-minute call to discuss your requirements.
Why back up Salesforce?
For thousands of businesses, Salesforce is a mission-critical system, yet it’s often overlooked when it comes to backup. Many companies assume that backup isn’t needed because Salesforce is “in the cloud” — or that backup isn’t their responsibility. In reality, Salesforce operates under a shared responsibility model: while Salesforce keeps the platform running, it’s up to each customer to protect and restore their own data and metadata.
Salesforce orgs aren’t immune to data loss. In Gearset’s 2024 State of Salesforce DevOps report, 65% of teams reported experiencing at least one incident of metadata or data loss over the previous year. Without a robust approach to backup and restoring of data, businesses are vulnerable to losses that disrupt operational continuity and erode customer trust.
A few years ago, only half of Salesforce teams had adopted a backup process. Today, it’s the most widely adopted part of the DevOps lifecycle, with 70% of teams relying on automated backups to safeguard their orgs.
That still leaves a substantial minority of underprotected businesses. If you’re part of the 30% without a robust backup solution, you’re leaving your org’s data exposed.
—> Listen to DevOps Diaries podcast: Episode 31, Jolene Mair, “Protect your Salesforce data, and your sanity!”
Causes of data loss
Data loss can happen in any org — and often not for the reasons you’d expect. The majority of incidents don’t come from dramatic system failures, but from everyday business activities. Here are some of the most common causes:
Human error
Everyone makes mistakes. A user might delete the wrong set of records. A developer could run a data load that overwrites the wrong fields. Even a seemingly minor deployment can introduce changes that break relationships or wipe data unexpectedly. Small missteps can have serious consequences.
Deliberate attack
Data doesn’t just disappear by accident. A disgruntled employee or contractor with access to your org can delete, corrupt, or export sensitive data. In 2025, large enterprises fell victim to social engineering attacks. Hackers persuaded admins to install an app in Salesforce, then stole data.
Third-party integrations
Integrations make it easy to sync or update large volumes of data. But when a sync goes wrong or a script behaves unexpectedly, you can quickly end up with widespread data corruption.
Salesforce outages
Salesforce is very reliable, but no system is immune to downtime. Major Salesforce outages can and do happen, including as recently as last year. If you lose access to your data when you need it most, or if records are deleted or corrupted during a system event, the impact can be severe. Outages are another risk your backup strategy should account for.
Consequences of data loss
Deleted or corrupted data in Salesforce affects the whole business. It’s not just an IT problem. Sales, service, compliance, and leadership all feel the effects. Here are some of the most common consequences:
Actual costs to the business
Teams can spend days or even weeks trying to manually recreate records, rebuild relationships, or rerun processes after a data loss incident. That wasted time translates directly into lost productivity and higher costs. In our business case for Salesforce backup whitepaper, we break down how those costs quickly outstrip the price of a dedicated backup and recovery solution.
—> Read more: The business case for Salesforce backup
—> Watch webinar: Learn how to measure the ROI of Salesforce backup
Reputational harm
Trust is hard-won and easily lost. If customers can’t access their information, or if you mishandle sensitive data, confidence in your brand suffers. Lost leads, missed conversions, and weakened customer loyalty all add up to opportunity costs that can have a lasting impact long after the incident itself.
Compliance
Data loss can put your business in direct violation of regulations like GDPR or HIPAA. With fines reaching up to 10 million euros under GDPR, even a single incident can lead to significant financial penalties and legal exposure.
Data lifecycle best practices
Backups are essential for protecting your Salesforce org from the impact of data loss. But they’re just one part of a bigger picture. Every record in Salesforce moves through a lifecycle — from creation and use, to storage, archiving, and eventual deletion.
Managing that lifecycle well is how you keep data accurate, compliant, and secure. A strong Data Lifecycle Management (DLM) strategy embeds backup into a broader approach that also covers compliance, quality, retention, and security.
Here are some best practices for a Salesforce specific DLM strategy:
- Compliance and governance: embed regulatory requirements and internal standards into your processes, with clear audit trails and controlled access.
- Data quality and accuracy: enforce validation, monitor changes, and remove duplicates to keep your data trustworthy.
- Security by design: safeguard sensitive data and ensure access is limited to only those who need it.
- Retention and relevance: archive or purge unnecessary records and attachments to keep your org lean, performant, and compliant with regulations like GDPR.
- Performance optimization: manage file storage effectively to improve org performance and reduce costs.
It’s worth having a Salesforce-specific Data Lifecycle Management (DLM) strategy for compliance, governance, data quality and accuracy. Build security into your processes, safeguard sensitive data, and make sure access is only for people who need it.
The goal is to guarantee access at every stage, so your teams can rely on their data when they need it most. This means putting controls in place to prevent errors where you can, backing up data so you can restore it quickly if something does go wrong, and planning for long-term retention and access to meet compliance needs.
With a resilient data strategy, your Salesforce org stays protected against the costs of loss and remains reliable throughout the entire data lifecycle, giving you the foundation to support growth with confidence.
—> Watch webinar: A lifecycle approach to Salesforce data management
What to back up from Salesforce
Data and metadata
When people think about backups in Salesforce, they often focus only on data. But metadata is just as critical. Metadata defines the structure and behavior of your org: objects, fields, workflows, layouts, and even permissions. Lose it, and you lose the very framework that makes your Salesforce environment function. Without metadata, data restoration often becomes impossible, security models break down, and rebuilding your org manually can take weeks or months, costing the business time, money, and trust.
—> Read more: Backing up your Salesforce data? You need metadata backups too!
Which types of metadata should I back up?
Some Salesforce backup solutions allow you to back up a dozen or so metadata types — about 0.02% of the metadata types supported by the Metadata API. With Gearset, you can back up every metadata type supported by Salesforce’s Metadata API — over 700 in total. That means everything from objects, fields, page layouts, and record types to flows, Apex classes, lightning components, dashboards, reports, profiles and permission sets permission models. You can also back up configuration data like Revenue Cloud Advanced, Salesforce Industries (Vlocity) or Marketing Cloud.
Which types of data should I back up?
Some teams only back up core objects like Accounts and Contacts, but that leaves big gaps — critical data often lives in related objects, such as ContactPointTypeConsent or ContactPointEmail. If those aren’t backed up, a restore may leave end users with missing information they rely on.
On the other hand, backing up every single object creates its own problems. Many objects, like AuthSession or LoginGeo, change constantly but hold little business value, only creating noise in your backup dashboard. A smarter approach is to identify which objects hold business-critical data and focus backups there. By excluding high-churn, low-value objects, your backups run faster, restores are cleaner, and monitoring is easier — helping you spot real risks without drowning in noise.
—> Read more: What Salesforce data to back up
How to back up Salesforce data and metadata
Salesforce backup tools and their limitations
Salesforce offers a few native options for backup, though each comes with limits you’ll want to be aware of:
Data Export Service: Available in all editions, this lets you export your Salesforce data on a schedule (weekly or monthly, depending on your edition). It generates CSV files of your objects, which you then have to download, store, and protect yourself. There’s no restore workflow — if you lose data, you’d need to re-import manually.
Data Loader: Primarily a data management tool, but you can use it to export data manually on demand. It doesn’t include metadata. Like Data Export, it gives you CSV files, and you can import data using Data Loader. It’s not designed for restoration from backups. Indeed, misconfigured data loads are a common cause of data corruption!
Salesforce Backup: Formerly Salesforce Backup and Restore, Salesforce Backup is a paid managed package solution. It automatically captures daily snapshots of your org’s data, files, and attachments, and provides some in-app restore workflows. But it only covers data (not metadata) and pricing is based on storage consumption.
Salesforce Backup and Recover: Own Recover is now Salesforce Backup & Recover. It covers data, but a limited subset of metadata types. Backup and Recover is designed for data management processes and data restoration, but its recovery workflows can be unfamiliar if not tested regularly, in contrast with Gearset where restoring data and metadata is similar to regular deployments and sandbox seeding.
Why most teams choose third-party a backup solution
The majority of Salesforce teams use a third-party backup solution. Mainly, this is to get backups securely off-platform, so they’re safe even if Salesforce itself goes down. But there’s a range of other reasons to choose a third-party solution like Gearset:
- Data and metadata backed up in sync, so restores always align with your current org configuration.
- Flexible restore workflows, from full object recovery to field-level and dependent record restores, making both small fixes and large-scale incidents faster to resolve.
- Quick setup with no managed packages to install mean no disruption for the team.
- Monitoring and alerts that flag unusual deletions, permission changes, or metadata drift before they escalate.
Seamless integration into your DevOps process, so backup and restore run alongside CI/CD, deployments, and sandbox seeding instead of sitting in a silo.
—> Get real-world advice on evaluating backup tools: How to choose a backup solution for Salesforce
Backup cadence
Manually backing up your Salesforce orgs is time-consuming, and even the most diligent teams risk slipping in cadence and quality. Monthly backups are better than nothing. But losing a month’s worth of data is unacceptable for most business.
Automated daily backups close that gap. By keeping your recovery point objective (RPO) to 24 hours, you ensure that the most you’ll ever lose in an incident is a single day’s worth of work — a level of protection that’s acceptable for most businesses. But some objects are more critical than others, which is why it’s smart to add high-frequency backup jobs for the most valuable datasets.
You should also have the flexibility to back up on demand — for example, before a major release or platform upgrade. This gives you the safety net of knowing you can always roll back to a clean state if something goes wrong.
—> Read more: Salesforce backup and restore best practices for a reliable recovery process
“It’s important to have that security in case anything happens. And it’s great to have high-frequency backups for critical objects.”
Grant Roessler, Salesforce Architect, Norstella
How to store backup data
Storing Salesforce backups securely requires clear controls for encryption, access, residency, and retention. Here are seven key factors to think about as you plan your backup storage:
Encryption
Backups should be encrypted both in transit and at rest. Choose a backup that uses Transport Layer Security (TLS) to protect data moving between systems and AES-256 encryption to keep stored backups secure. For organizations with stricter security requirements, a Bring Your Own Key (BYOK) option offers more control over the encryption lifecycle.
—> Read more: Protect Salesforce and your backups with equally secure encryption
Security permissions
Backup data should only be accessible to the right people. Enforce least-privilege access with role-based permissions to ensure that a single individual can’t become a point of failure. Multi-factor authentication (MFA) and audit logging add extra safeguards, so you can see exactly who accessed backup data and when.
—> Read more: Guarantee access to your Salesforce data
Compliance
You need to handle backup data in line with the same compliance obligations that apply to the live data in your Salesforce orgs. This may include regulatory requirements like SOX retention, HIPAA safeguards, and GDPR’s “right to be forgotten” or “right to access.” Make sure your backup platform allows selective restores, targeted deletions, and clear reporting.
Data residency
If you have data residency requirements, those apply to your backup data as well. Your own business’s policy, or regulations like GDPR, CCPA/CPRA, and local data residency laws, often dictate where data can be stored. Choose a backup provider that lets you select from multiple regions — such as the US, EU, CA, or AUS — so your backups remain compliant without limiting access when you need them.
Security testing
A good backup provider will undergo regular independent penetration testing, maintain industry certifications like ISO 27001, and provide intrusion detection monitoring. Check your vendor has evidence of their testing schedule and certifications before you commit.
Data retention
Not all data needs to be kept forever, so it’s important to define retention policies that balance compliance, cost, and practicality. A combination of different data protection regulations often introduce a minimum and maximum length of time you should keep data. Customizable retention schedules help you get the right balance. If you’re paying by storage volume (which isn’t how Gearset is priced) retention policies also help you avoid unnecessary storage costs.
—> Read more: Salesforce data retention: What you need to know
Governance
Backup strategies succeed when they have executive buy-in and clear ownership. Embedding them in a Salesforce Center of Excellence (CoE) puts data protection at the core of governance, supported by leadership and reinforced with shared standards. When teams treat backups as part of their everyday work, it’s easier to store data in ways that stay consistent, secure, and trusted across the business.
—> Listen to DevOps Diaries podcast: Episode 54, Chris Starleaf, “Get to grips with data governance!”
How to restore Salesforce data
Backups only protect you from the damage of data loss if you also have a robust and reliable restore process. When a data loss occurs, it’s not just a case of being able to put the data back into your org. You need that data back quickly. And you need it back just as it was, with the right object relationships and security settings.
Rollback vs. restore
It’s worth distinguishing between a rollback and a restore. A rollback usually means reverting a recent change — for example, undoing some or all of a deployment. Rollbacks are vital for development teams, but they only recover the metadata to it’s previous state. If data has been lost or corrupted as well, you need a restore process that covers both data and metadata.
Restore metadata then data
In Salesforce, metadata defines the structure your data sits in — things like objects, fields, layouts, and permission sets. If that structure has been deleted or corrupted, you’ll need to restore the metadata first so the right containers are in place. Once that’s done, you can bring the data back into those containers. But if the metadata is still intact and it’s only the records that are missing or incorrect, you can restore just the data without touching the metadata.
Sometimes it’s the metadata alone that’s critical to restore. Permissions metadata determines which users can view or edit different data sets, so any disruption to Profiles and Permission Sets can put data at risk. In 2019, a Salesforce outage ultimately led to many customers’ permissions models being corrupted. Teams without metadata backups had to rebuild their permissions models from scratch.
—> Read more: How to restore your Profiles and PermissionSets after Salesforce outage
Keep object relationships intact
Salesforce objects don’t live in isolation. Accounts link to Contacts, which link to Opportunities, which link to Cases, and so on. A field-level restore might be enough for a small fix, but larger incidents often require restoring whole groups of related objects together. Doing so keeps record IDs and relationships intact, so your org doesn’t end up with orphaned or inconsistent data.
—> Read more: Tackle different scales of data loss with field-level restore for Salesforce
“A lot of tools can back up your data, but what’s it going to look like when you restore it? That was when the lightbulb went on.”
Heath Parks, Salesforce Manager, Cincinnati Works
Give yourself restore workflow options
Restores aren’t one-size-fits-all. Sometimes you’ll want a field-level restore to undo a handful of updates. Other times you’ll need to recover an entire object or restore a set of permission changes. Having multiple restore workflows helps you respond quickly and confidently, whether it’s a small data error or a major outage. It’s also worth testing those workflows regularly in a sandbox. Trial restores give your team hands-on practice and confirm that backups will actually work when you need them most.
—> Read more: Salesforce data recovery: how to restore Salesforce data and metadata
Disaster recovery planning for Salesforce
In the event of a data loss disaster, your team will need a documented process that everyone understands: a plan that outlines how to detect data or metadata loss, who will respond, and how you will restore operations. Testing this process regularly (like a fire drill) — ideally annually or whenever there are significant team changes — ensures it works when you need it most.
You’ll need two plans to prepare for this. An incident response plan to guide you through an incident while it’s ongoing and a disaster recovery plan to help restore normal operations in the aftermath.
—> Read more: Essential Salesforce disaster recovery planning considerations
RPO and RTO: your disaster recovery metrics
The two key metrics for disaster recovery are Recovery Point Objective (RPO) and Recovery Time Objective (RTO). Together they define your recovery readiness. Measuring them is how you know whether your disaster recovery plan will actually hold up under pressure.
RPO (Recovery Point Objective) — the maximum acceptable period of data loss. If your backups run daily, you would lose up to a day’s worth of data in a worst-case scenario. For more critical data, consider high-frequency backups to reduce this gap. 
| Daily |
|---|
| 44% |
Recovery point objective (RPO)
How frequently does your production org get backed up?
Multiple times a day
Daily
Weekly
Monthly
Ad hoc
We don’t back up our Salesforce data
RTO (Recovery Time Objective) — the maximum acceptable time it should take to detect a failure, restore data and metadata, and return to normal operations. Without monitoring, this can be lengthy. Implement smart alerts to detect data loss as soon as it happens to accelerate recovery. 
—> Read more: Speed up your response to Salesforce data loss
—> Take the DevOps Launchpad course: Salesforce Backup
What’s the difference between backup and archiving?
While backing up means storing copies of your live data and metadata for restoration in case of data loss, archiving involves removing obsolete data from your org while keeping it accessible in an archive for reporting, audits, and compliance.
How to archive Salesforce data
On-platform options like Big Objects or Salesforce Archive store that data inside your org, which removes the data from day-to-day use (e.g. search results in your org). But these options don’t do much to reduce data storage costs, as the data is still on Salesforce. Your Salesforce archiving solution should give you:
- Off-platform storage to reduce Salesforce storage costs while keeping records secure.
- Queryable archives so you can still search and filter historical records when needed.
- Easy restoration of archived records back into Salesforce, keeping data accessible for business use.
- Integration with backup so archiving and recovery work together as part of one data management lifecycle.
- Secure storage controls with encryption and role-based access to protect sensitive data.
Gearset’s archiving solution combines everything you need to manage Salesforce data growth. Data is stored securely off-platform, cutting storage costs while protecting performance. Even once archived, records remain fully searchable and auditable through the queryable archive viewer.
Enterprise-grade security underpins the whole process with AES-256 encryption, TLS in transit, ISO 27001 certification, and role-based access controls. And customizable retention policies let you strike the right balance between compliance requirements and storage efficiency.
And because archiving is integrated with Gearset’s backup platform, it fits naturally into your wider data lifecycle.
—> Read more: How to create a Salesforce data archiving strategy
Embedding backup in the DevOps lifecycle
Backups are often viewed in isolation or as part of the data management lifecycle. But in fact backup and archiving processes are part of the DevOps lifecycle too. Mature operations (the “Ops” of DevOps) on Salesforce involves securing your org’s data and metadata. And when backups are embedded into how your release process, teams can more easily make sure there’s a recent backup before they release, and restore quickly using similar workflows to their release process.
Don’t leave your backups behind
Using a standalone backup solution can lead to problems when disaster strikes. Because single-purpose backup tools sit outside day-to-day workflows, teams rarely use them, meaning processes aren’t tested or familiar. Access is often limited to just one or two people, creating bottlenecks and single points of failure. On-demand backups are overlooked, leaving gaps in protection around risky releases or integrations. And when a major incident occurs, recovery slows down because teams must relearn rarely used tools under pressure.
—> Read more: Why Salesforce backup and restore tools belong with DevOps
What changes with DevOps integration
Bringing backups onto your DevOps platform makes them part of the work your team does every day.
- Backups can be triggered on demand before high-risk changes, and restores follow the same familiar deployment workflows used for releases.
- Recovery is faster because teams already know the tools, and safer because you can test restores in sandboxes before promoting to production.
- Permissions can be delegated easily, turning recovery into a team effort instead of relying on a single point of failure.
—> Read more: Backing up your Salesforce org in a DevOps world
How to build a backup strategy
Before choosing backup tools or setting backup schedules, take time to map out what you need to protect, how fast you need to recover, and what external requirements you have to meet. Thinking through these factors up front gives you a clear framework for building a strategy that balances compliance, cost, and resilience.
Map out your Salesforce backup requirements
☑ Identify the value of your Salesforce data and configuration
How much is your customer data worth to your business? How much have you invested in configuring Salesforce? How costly would it be to lose your Salesforce metadata such as flows, agents, profiles, permission sets and many more? What about your configuration data for Revenue Cloud Advanced (RCA), Salesforce Industries (Vlocity) and Marketing Cloud? How could data or metadata loss jeopardize Salesforce ROI?
Answer these questions and it will be clear that Salesforce backup is non-negotiable. You’ll also get a sense of how much it’s worthwhile to budget for backup solutions.
☑ Define your disaster recovery targets
How much data can your business accept losing in a loss incident? How long can it tolerate downtime and disruption while data is recovered? How much does every hour of downtime cost the business while Sales and other teams don’t have access to the right data?
These questions help you identify the minimum performance requirements for your backup strategy. In turn, this will help you identify the right tools and process. Recovery times are a critical metric here. Backing up data somewhere should never be a checkbox exercise.
☑ Check security and compliance requirements
Which regulations and compliance frameworks will your backup process need to follow? What’s the cost and risk of failing to comply? Is your backup process — using Data Export, for example — inadvertently making data less secure than it is in Salesforce? Your backup strategy must align with your security and compliance obligations.
Choose a Salesforce backup solution
☑ Check coverage
Make sure the tool backs up both data and metadata in sync, so your restores always align with your org’s configuration.
☑ Review restore workflows
Look for flexibility — from field-level restores for small fixes to object-level and dependency restores for larger incidents.
☑ Test integration with DevOps
The best tools sit inside your release process, so you can trigger on-demand backups before risky deployments and restore using familiar workflows.
☑ Assess security features
Confirm encryption at rest and in transit, regional storage options for compliance, and role-based access to keep backups protected.
☑ Evaluate usability
Recovery shouldn’t depend on one or two admins. Choose a tool your whole team can use confidently, so recovery doesn’t stall when you need it most.
☑ Look at support and testing
A strong solution makes it easy to test restores regularly and provides responsive support when incidents happen.
Gearset’s backup solution
We built Gearset as a complete DevOps solution with comprehensive backup and restore tooling for Salesforce. Bringing everything together under one roof gives Salesforce teams clear advantages:
- Data and metadata in sync. Gearset backs up both together, so restores always match your org’s live configuration.
- Flexible restore workflows. Restore at field, record, or object level, or recover entire groups of related records with dependencies intact.
- Seamless DevOps integration. You can buy Gearset backup as a standalone solution, or alongside the rest of the DevOps platform. The highest-performing teams bring their Salesforce tools onto one platform.
- Enterprise-grade security. AES-256 encryption, TLS in transit, ISO 27001 certification, data residency options, and BYOK with AWS KMS.
- Fast, reliable recovery. Intuitive recovery workflows make restores faster and safer.
- World-class support. Live chat with Salesforce DevOps experts in under five minutes, included as standard.
With Gearset, backups stop being a siloed process and become a reliable part of how your team delivers, protects, and scales Salesforce.
—> Explore Gearset’s backup solution: Gearset Backup & Restore
“If we had a complete failure, I’m confident our data is safe in our Gearset backups and we’d be able to restore. We’ve got that peace of mind.”
Chris Deutschmann,Sage People Configuration Consultant, Sage
Ready to upgrade your Salesforce backup?
Download our free Salesforce Backup ebook to dive deeper into best practices, or book a demo with our Salesforce DevOps experts and get tailored advice on what your org really needs — from backup cadence and restore workflows to compliance and governance.
Don’t leave your org exposed. Make sure your team has the right tools and process to recover from any incident affecting your Salesforce environments. Ready to speak with us? Get in touch to arrange a tailored demo for your team.
