Varonis Systems has announced new features to help companies close critical security and compliance gaps in Salesforce.

These enhancements are part of DatAdvantage Cloud, which gives customers a single pane of glass to protect critical data across Salesforce, Google Drive, Box, AWS, Okta, Jira, Slack, GitHub and Zoom, the company states.

Commenting on a common customer pain point, Varonis states that Salesforce can be a blind spot for security and compliance teams.

This is because over time, permissions sprawl, misconfigurations arise, and an increasingly number of apps connect to Salesforce via APIs to read and write data.

As a result, most organisations can't see where sensitive data lives within Salesforce, who has access to it, or who uses it, making it difficult to maintain a strong security posture and comply with regulations such as GDPR, HIPAA, SOX and PCI-DSS.

This new release of Varonis for Salesforce represents a step forward in SaaS data protection, with capabilities to address a broad range of security and compliance use cases, including the following:

Quickly understand exposure: Varonis simplifies permissions analysis by revealing a user's net effective permissions and how they got them so users can answer the question, "Who can access sensitive data?"

Classify sensitive files and attachments: Varonis scans files attached to objects in Salesforce and auto-tags sensitive items using patented data classification technology.

Right-size sprawling permissions: Users can fix compliance gaps and reduce exposure from former employees and ex-contractors with active logins to regular users allowed to export every record.

Detect anomalous activity: Out-of-the-box alerts can detect internal and external threats, such as users accessing an unusual number of Salesforce objects or an admin deactivating a critical update.

Pinpoint misconfigurations: The SSPM dashboard helps detect problems with organisation-wide settings, discover shadow instances and spot vulnerabilities such as misconfigurations that can expose data publicly.

Tony Hamil, senior cybersecurity engineer at a top real estate organisation, comments, "I'd heard horror stories about Salesforce permissions and how literally hundreds can be applied in a manner of different ways, but I didn't realise how complicated our permission sets had grown.

"DatAdvantage Cloud is a single pane of glass that not only helps us secure data in Salesforce, but also gives us cross-cloud visibility that we couldn't get otherwise."

Varonis executive VP of engineering and chief technology officer David Bass says, "Salesforce is one of the biggest and most complex repositories of confidential and regulated data."

Bass continues, "This new release gives customers critical visibility and protection they simply can't get natively. Varonis' platform approach helps companies unify their cloud security controls and detect threats across their SaaS environment within a single, easy-to-deploy product."

Varonis for Salesforce is available now to customers and trial users, with a complimentary SaaS data risk assessment available.