Fraud Blocker
Salesforce Org
BACK TO BLOG

How to complete a Salesforce Security Health Check

Wait, what is a Salesforce Security Health Check?

If ‘Salesforce Security Health Check’ sounds completely unfamiliar to you, I’m here to break it all down. It’s an essential tool that a business like yours can use to keep track of its overall security. It provides a comparison between your Salesforce org’s actual security settings and those recommended by Salesforce.

When your Security Health Check is complete, your org will be scored from 0-100 with 100 being the perfect score. There are four important categories to consider. Settings in the High-Risk category impact the score most, while those in the Low-Risk category have the least impact. You have your Medium-Risk settings with a mid-level impact, and Informational settings which don’t impact your score at all.

Once your score is generated, with all security settings accessible from the same screen, your Salesforce Administrators can make any adjustments necessary to help improve that score.

Sounds simple right? Let’s go even deeper.

How to perform your Security Health Check

To get started with your Security Health Check, just follow these four simple steps:

  1. Log into your Salesforce org.
  2. Click Setup.
  3. Search “Health Check” in the Quick Find box, or scroll down and click Security Settings.
  4. Now, click Health Check.

Understanding your score

Your Security Health Check score will fall into one of the following ranges:

  • 90-100% – Great
  • 80-89% – Very good
  • 70-79% – Good
  • 55-69% – Poor
  • Below 54% – Very poor

Of course, if your score falls into the “Very Poor” range, it’s important that you address any High-Risk security concerns right away. If you’re in the “Poor” range, address those concerns in the near future, moving onto Medium-Risk concerns later on down the line. Then, if you land in the top three ranges, it’s recommended that you evaluate your security risks on a regular basis.

To get a better score, pay close attention to the settings listed as “Critical.” Make changes to your values as needed and wherever possible, according to the standard values listed. Do your best to address as many of the “Critical” settings as possible to improve the overall health score for your Salesforce org.

Why should you do it?

  • Performing a Salesforce Security Health Check can help you find out which of your security settings are actually inactive. From there, you can reevaluate those settings and make changes to them, potentially improving your org’s overall security health. This is good news for everyone working within your org, guaranteeing that all data and processes are protected.
  • The Security Health Check report screen is easy to follow, giving you with a clear outline of the areas that need your attention. You can see which security measures are lacking and creating problems for your overall org.
  • The code generated to run your custom applications is ultimately affected by the security settings of your org. Since these applications will eventually find themselves running within your org, it is important to keep your security settings in check. This way, you can keep your custom applications running safely.

What happens if you don’t?

  • If your system configurations are weak and your security settings outdated, your Salesforce environment is more vulnerable to breaches and inefficiencies. This is sure to slow down workflows and increase operational risks.
  • Your duplicate records, incomplete data, and inconsistencies can lead to inaccurate reporting and poor decision-making. This will likely affect customer relationships and business growth.
  • Unoptimized custom code, inefficient automations, and sluggish integrations can degrade your system’s performance. This will lead you to slower response times and decreased user productivity.
  • If you have weak access controls, insufficient encryption, and misaligned security protocols, you’re putting sensitive data at risk. This can leave you more exposed to cyber threats and non-compliance penalties.
Modelit_Security Health Check

Summary

It’s important to remember that Salesforce Security Health Checks cannot be left in the dust. Your org’s security isn’t a one-and-done task, and it shouldn’t be treated as one. It requires ongoing monitoring, adjustments, and proactive management.

It’s best to complete regular Security Health Checks to assess the general security settings of your org. We recommend aiming to maintain a score of 85%, so that you can keep a secure org, to protect your data, workflows, and custom applications.

Taking steps toward a more secure org now will leave you with fewer security headaches down the line and a smoother overall user experience.

Mariela Sica

Mariela Sica is Salesforce Administrator at Modelit. She is experienced in support, maintenance, release management, process automation and user training.

Related Content

No items found.
arrow up
Services
Salesforce Implementation & ConsultingSalesforce AppExchange DevelopmentSalesforce Data & IntegrationSalesforce Staff Augmentation
Our Work
About
About UsNewsroomCareerCompliance
Insights
BlogsMore Resources
Copyright © 2025 Modelit | All Rights Reserved |
Terms and conditions