We have introduced a new solution architecture and a new application type called Connected App to WithSecure Cloud Protection for Salesforce to bolster current scanning capabilities.
New architecture brings more effective protection for your business-critical Salesforce platform today and empowers us to deliver more advanced protection capabilities in the future.
In this article we provide you clear guidance how to connect WithSecure Cloud Protection for Salesforce with your Salesforce org.
Watch the tutorial video or read on.
Preparation
Before enabling WithSecure Cloud Protection connected app, you need to set up the user account and assign the required permissions.
You can accomplish this through following simple steps:
- Create a dedicated integration user.
- Create WithSecure Cloud Protection Connected App permission set with the required permissions.
- Assign WithSecure Cloud Protection Admin and WithSecure Cloud Protection Connected App permission sets to the integration user.
Why you should create a dedicated integration user account
WithSecure Cloud Protection connected accesses your Salesforce org under the user who enables it. We highly recommend you create a dedicated user account for the connected app and assign only required permissions.
It’s important to note that an integration account needs different access levels to Salesforce data and functionalities than what regular users do. Creating a separate account for integration purposes enables better tracking and access control to Salesforce data. For example, if an issue arises with the integration, it is easier to trace the problem to the specific integration account, rather than trying to identify which regular user account may be causing the issue.
If you use a regular user account for integration, and that user leaves the organization, the integration will no longer work. Having a separate account, that is not tied to a specific user, ensures continuity even if your users change.
The integration account should be properly secured, with a strong and unique password, and it should be regularly monitored for any suspicious activity.
Create a dedicated integration user
Follow the steps below to create a new integration user for WithSecure Cloud Protection connected app.
- Open Salesforce Setup.
- Navigate to Administration > Users > Users.
- Click New User to create a new user.
- Enter the Last Name, Alias, Email, Username, and other details for a new user account as appropriate. For User License select Salesforce, and for Profile select Standard User.
- Click Save.
- The new user is created and an email message is sent to the email address specified in Email.
- Complete user account creation by setting up the login password and logging under the newly created user.
Create WithSecure Cloud Protection Connected App permission set
Follow the steps below to create a new permission set with the required permissions.
- Open Salesforce Setup.
- Navigate to Administration > Users> Permission Sets.
- Click New to create a new permission set.
- Enter the Label and API name for the new permission set. For example, the label can be "WithSecure Cloud Protection Connected App" with auto-generated API name: WithSecure_Cloud_Protection_Connected_App
- Click Save.
- On the page with the newly created permission set, find and click System Permissions.
- On the page with System Permissions, click Edit.
- In System section, find and enable API Enabled and View All Data checkboxes.
- Click Save.
- Click Save in Permission Changes Confirmation dialog to enable additional system and object permissions.
- The new permission set is now created.
Assign WithSecure Cloud Protection permission sets
Follow the steps below to assign the permissions sets to the user under which WithSecure Cloud Protection app will access your Salesforce org.
- Open Salesforce Setup.
- Navigate to Administration > Users > Users.
- Find and open the user created or intended to be used for WithSecure Cloud Protection connected app.
- Click Permission Set Assignments and then Edit Assignments.
- On the list of Available Permission Sets, select WithSecure Cloud Protection Admin and the permission set created earlier (WithSecure Cloud Protection Connected App).
Enabling Cloud Protection connected app
- Login to Salesforce under the user that is created or intended to be used for WithSecureÔ Cloud Protection for Salesforce connected app.
- Open WithSecure's Cloud Protection app.
- Navigate to Administration > Tools.
- Click Connect under Manage connected app.
- Click Connect when Connect WithSecure™ Cloud Protection is shown.
- When Allow Access dialog is shown, please verify the requested permissions and click Allow.
- WithSecure Cloud Protection for Salesforce will shortly connect to your Salesforce org. You can click Close window.
- Once the connection is successfully established, the status will be reflected on the Tools page. Your admin user can always see the status of the connection on the Tools page.
- The informational alert will be created, and you can find it under Analytics > Alerts. The app keeps a track of who connects or disconnects the backend and when.
All set!
