PREVENT PHISHING BY AWARENESS
Based on a survey conducted in 2021, Salesforce dominated the CRM market with a whopping market share of 24%, which is greater than the market share of its next 4 competitors combined. In the following 2 years the revenue of Salesforce has on an average grown by 25% Y-O-Y; safe to say that they have retained market dominance. The platform boasts of nearly 150,000 customers and even with an average of 20 users per customer, conservatively speaking, the total number of active users on the platform will be around 3 million.
Though Salesforce is predominantly a Customer Relationship Management platform, its significance does extend to various divisions such as marketing, accounting, sales and operations. The combination of it being the most popular CRM platform and it storing the most critical information about your Organization makes it the prime target for hackers. The convenience of a SaaS platform is also its bane as the platform itself is publicly accessible and the only thing standing between the bad actors and your Company’s information is just a Password.
Now, a SaaS platform can be compromised at different levels and Salesforce does a pretty good job of protecting its users and their information at all times by employing the right technologies such as access control, MFA, encryption, backups, etc. However, there are a plenty of ways these bad actors try to get their hands on the login credentials of your employees, but, as per surveys, 80% of all hacks start with a phishing email and then escalates into more complicated scenarios leading to various levels of compromise.
The biggest issue with phishing is that it is not a technical problem that anybody can solve by installing a piece of software or hardware, but a social exploitation technique. Hence, this issue can only be addressed by creating social awareness that’s ongoing to match the evolution of the exploitation techniques.
The only drawback of creating awareness without validating the progress of it is it results in either redundant, incorrect or misguided learnings that can prove to be only as good as no learnings or sometimes even worse. The best way to validate a user’s learnings in this area is by conducting controlled Phishing Campaigns.
Particle42 can help your organization to quickly setup phishing campaigns specifically for Salesforce scenarios to both gauge the awareness levels of your users and also educate them on cues that they need to look out for when receiving suspicious emails. And for sustained awareness we also help you run evolving campaigns that keep your users on their feet.
We take care of the entire campaign end to end,
- Identify the critical assets within the company that require phishing training
- Prepare, schedule and run phishing campaigns - both black or white box phishing campaigns
- Run variations over a period of time for sustained awareness
- Report on the users and their performance
- Targeted phishing awareness materials based on their performance