Our mission at Own is to ensure that no company operating in the cloud ever loses data. As the industry-leader in SaaS data protection, we’re always looking at new ways to meet customers’ needs. In 2022, we innovated across all of our products and delivered new enhancements that help our customers get more value from the products that they use every day.
Here’s a recap of our most notable product releases from the past year, categorized by solution.
Extending Backup Coverage to ServiceNow
While it could be considered more of a product launch than an enhancement, making Own Recover available to ServiceNow customers was our most significant innovation in the past year. ServiceNow holds hugely critical data that companies rely on for mission-critical operations. With this launch, we now provide our backup and recovery solution across three leading SaaS platforms - Salesforce, Microsoft Dynamics 365, and ServiceNow. Read more about Recover for ServiceNow in our release announcement from earlier this year.
By their very nature, SaaS applications are built to help companies capture and organize data changes in real-time. So if anything should happen to your data to corrupt it, like your backup solution forces you to do a full database restore even if you only need to correct specific records, you could potentially undo some desired changes. Our Precision Repair tool makes it easier than ever to identify and correct only the unwanted changes to your SaaS data. With Precision Repair, you can accelerate data restoration by choosing specific objects and fields, visually inspecting them and then initiating restore in a self-service fashion, so you can correct your data surgically and quickly, without losing valid changes.
Export to Azure and Snowflake
While the main benefit of having backups is to help you restore data, they have value that goes beyond restoration. Recover customers can export their backup data to different endpoint types such as file storage, databases and data warehouses, in order to use the data to power analytic insights or meet compliance requirements. This means that Own Recover customers that use exports can populate their data warehouses with backup data without having to use up any additional Salesforce APIs. In the past year, we added Snowflake and Azure as available endpoint types that our Recover customers can export to.
We also added a third method by which customers can initiate the export process - scheduled exports. With scheduled exports, you get the benefit of automated, background refreshes of data in your copies and data warehouses, without the need to write any code or manual work, further automating daily insights from your data.
As your reliance on Salesforce grows, so does the amount of data you need to back up. Consequently, large Salesforce environments take longer to back up because of the massive amount of data that is generated daily.
Backup optimizations (like decreasing backup run times) and performance is a core product goal at Own. We’re always reviewing code and working closely with Salesforce’s updates and latest releases to provide our customers with the best backup and recovery product in the space.
One of the ways we help customers make their backups run faster is to let them freely adjust their consumption for Bulk API and Bulk 2.0 APIs per backup service. This way, backups won’t ever overuse Bulk calls since they will have Bulk 2.0 to rely on. Also, they won't have to limit the use of their other Salesforce integrations running on Bulk or increase the limit on their calls buying more.
With our most recent enhancement, customers can use BOTH Bulk API and Bulk 2.0 APIs at the same time and decide limits themselves. This Bulk enhancement helps customers with their API consumption management by giving them the flexibility to decide what options to use to improve their backup performance and adapt to their company’s needs.
Services Screen - New Table View
Many large organizations with multiple orgs and backup services rely on Own to protect their SaaS data. To make it easier for them to manage, we now provide centralized access to all of their backups via our services screen, which essentially is our product home page for Recover. Users can access all their backups with a single login and see and manage them in a single pane. With our recently released new services table, they can look at their services in the same place, sort through them, and address issues in one single pane, making it faster and easier for them to locate and address a specific service.
New Security Insights: Profiles & Permission Sets w/Access to High Risk Fields
Security Insights is akin to a risk dashboard for your Salesforce org. These two insights provide a high-level view of the user access granted to objects containing sensitive information. On the front side of each card, you can see a listing of Profile or Permission Set names, the number of high risk fields for which access has been granted, the number of objects, and the number of users with access.
By selecting a Profile or Permission Set name, the card will flip and show a list of objects that access has been granted to, the number of high risk fields in each object, CRUD permissions, and a list of the high-risk field names.
Who Sees What (WsW): View by Profiles, Permission Sets, and Permission Set Groups
Larger environments are more likely to be managed at the Profile / Permission Set / Permission Set Group level. As part of our ongoing effort to provide value for customers regardless of size, our WsW modules were updated to enable viewing by Profiles, Permission Sets, and Permission Set Groups. Customers with smaller environments may still choose to view by User, while those with larger environments are likely to find the updated views align more closely to how those environments are managed.
Whether you're performing a more detailed investigation of the access or permissions that have been granted, or are looking to provide reports that prove compliance, the WsW module continues to provide increasing utility for our customers.
New Security Insight: Objects That Should Be Monitored
This new Security Insight is designed specifically for Salesforce Shield Event Monitoring customers and prospects to get up and running. One of the most difficult tasks with Event Monitoring is determining where to start. The new insight “Objects That Should Be Monitored” packages objects and fields that are in use and widely accessible to the user community into a single downloadable insight.
The information contained in this new insight is extremely useful in building smarter Transaction Security Policies, filtering your way through forensic investigations, and/or de-cluttering the noise from Security Operation Center interfaces.
Configurable Risk Rating
Properly securing a Salesforce org requires Infosec personnel and Salesforce administrators to collaborate effectively. Part of this means bridging the Salesforce jargon to risk language gap between these two key IT disciplines. Own has integrated our domain expertise delivering Salesforce security risk assessments into our Security Insights module. Each Security Insight now includes language explaining what each insight is revealing, the risk of the information presented by the insight, what we commonly see in our customers’ environments, and the recommended (default) risk rating.
The information presented by each insight is designed to facilitate a conversation between Infosec and Salesforce administrators, enabling these two key personas to agree upon the proper risk rating for each insight. This feature is essential to tailoring the Security Insights module to the risk operating context of the org.
Risk Weighted Scoring
Security Insights Scoring is tied to the Configurable Risk Rating feature described above. Changes to insight risk ratings now have a direct impact on the scores produced in Security Insights analysis jobs. Scores are now more tightly tied to the risk operating context of the org as agreed upon by InfoSec and the Salesforce administration team.
The scoring also delivers the primary value to our customers. A risk-prioritized approach to mitigating the risk in an org is the best way to ensure that critical items are handled expeditiously, others are picked off as time becomes available, and still others are ignored as they are low risk. Risk weighted scoring takes a giant step forward in helping our customers properly classify and prioritize their Salesforce risk mitigation backlog.
The Archive Console is a new way for customers to view and manage their Archive services across multiple orgs. From this centralized location, you can see all of your orgs and can quickly and easily identify which ones may need some improvements or attention. By toggling to the Health Screen, you can gain high-level insights into the health and performance of your orgs.
With the Archive Console, you can also import policies from one org to others. Improve your workflow and deployment of new policies by creating and testing in your sandbox environment first to ensure they are working as expected before importing those policies into as many production orgs as you like. Now, with a few clicks, you can quickly and easily import policies from your sandbox to production org ensuring confidence and consistency across multiple orgs.
With Archive, you can define, automate and manage custom archiving policies that include specific data to be archived, how frequently data archiving activities occur, and how long archived data is retained. Once policies are configured, Archive removes specified records and attachments from production and securely stores immutable replicas to the cloud without changing the integrity of data relationships. After the defined data retention period has expired, the data will automatically be purged from Own Archive.
This year, we released Purge Policies, which allows you to permanently remove archived data from your Own Archive environment with ease, ensuring compliance with your unique industry regulations. Use this feature whenever you need to immediately purge a group of records.
Bring Your Own Key (BYOK) for Archive
Developed due to customer request, this new optional offering provides customers with the ability to use their own keys or key management system to encrypt and decrypt their archived data. Bring Your Own Key is perfect for companies who manage sensitive data and whose internal policies require that they manage their own encryption keys. For more information, check out this data sheet.
Levels Template allows customers to create seed data for testing environments by simply choosing the desired object level depth underneath a specific object. Customers can fine-tune their template by including/excluding objects within the hierarchy, making it simple to tweak their seed template rather than adding each individual object on their own. We've built this option of building a seed template for customers who may not be as familiar with their schema or may have inherited a Salesforce org and need up-to-date, viable seed data to test on quickly.
Seed to Full Sandbox
Sandbox Seeding customers can now incrementally seed a Full Sandbox, just as they would seed a Developer or Developer Pro sandbox. The only difference when seeding a Full Sandbox is that an additional indexing step is needed during the first seed.
If customers use Salesforce refreshes to insert data into partial/full sandboxes, or manually delete records from sandboxes, customers can use re-indexing to ensure records are not duplicated in the sandbox. Without re-indexing, customers would not be able to appropriately test due to duplicated records. Re-indexing leads to more successful seeding jobs for customers with fewer errors.
Customers can safely seed sandboxes even faster than before with our bulk anonymization feature. Instead of choosing each individual field and deciding whether to randomize it, customers can organize and quickly anonymize all fields by field type. This helps to save time so customers can get to testing quickly.