Article Details

Generative AI Security: Getting ready for Salesforce Einstein Copilot. This article was written in collaboration with Varonis' Nathan Coppinger and Mike Smith, Distinguished Security Architect at Salesforce. It covers how Salesforce Einstein Copilot’s security model works and the risks you must mitigate to ensure a safe and secure rollout. Salesforce is officially rolling out Einstein Copilot to eagerly-awaiting customers. This new conversational AI assistant will revolutionize how sales, marketing, and customer service agents interact with customers and access internal documentation within the CRM tool. Einstein Copilot can understand natural language queries to answer questions, provide insights, and perform tasks across Salesforce to help streamline daily processes and increase productivity. The new AI will bring great leaps in productivity and streamline processes, but it will also come with risks that you must take the necessary steps to mitigate. In this blog, we will discuss: Salesforce Einstein Copilot use cases Some of the key use cases for Einstein Copilot are: And all of this can be done with a simple prompt from the user in plain language.  How Salesforce Einstein Copilot works Below is a simple overview of how Einstein Copilot processes prompts: The Einstein Trust Layer Salesforce is committed to securing the data that customers process through Einstein Copilot. To do this, they have developed the Einstein Trust Layer. Customer data flowing through Einstein Copilot is encrypted within the Trust Layer, and none of that data is retained on the backend. Any sensitive data like PII, PCI, and PHI is also masked. The Einstein Trust Layer will also attempt to reduce the amount of biased, toxic, and unethical responses through its toxic language detection capabilities, reducing the burden on the end user. Salesforce has stated it will not use customer data to train the LLMs behind Einstein Copilot, and it will not be sold to third parties. Protecting your Salesforce data — a shared responsibility One of the key components of Salesforce security is its shared responsibility model. The shared responsibility model defines the roles and responsibilities of Salesforce and its customers regarding the secure use of data, AI, and the overall platform. In this model, Salesforce is responsible for securing the infrastructure, platform, and services that enable AI (as shown by the Einstein Trust Layer) and the secure processing of customer data through Einstein Copilot. At the same time, customers are responsible for securing the applications and configurations that connect to the AI, including: This ensures both parties work together to form the highest level of security and trust. Best practices to prepare your Salesforce Orgs for Einstein Copilot Lock down permissions to sensitive data.  Einstein Copilot inherits the access and permissions of the Salesforce user, so it’s imperative to mitigate risk by locking down critical data, ensuring that each user (and thereby Einstein Copilot) can only access what they need to do their job. To understand each user’s permissions, you’ll need to parse their: However, Salesforce permissions are highly complex and require significant effort to analyze and understand — especially considering a large enterprise can have up to 1,000 Permission Sets with dozens of permissions in each one. On top of that, security teams must rely on Salesforce teams to help them complete this process, and because Salesforce admins have their plates full with keeping the business running, completing this process can be overwhelming. Update and purge old internal data and documentation. Einstein Copilot relies on your internal documentation and data to ground generative AI prompts with helpful context and provide accurate and relevant information. As Salesforce says, “Good AI starts with great data.” Einstein Copilot pulls data from the Salesforce Data Cloud, which unifies multiple data sources, including your Salesforce environment and cloud storage (like AWS and Snowflake). Data is the source of truth for generative AI, and to ensure the best Einstein Copilot experience and reduce the risk of hallucination, your data needs to be: Along with ensuring your permissions are locked down and correct, you should also perform an initial record and documentation review across the data stores Einstein Copilot pulls from and update or purge out-of-date, stale, and inaccurate information. Then, you can set up a regular review process to keep your internal documentation clean and up to date.  Identify sensitive data that AI shouldn't access. There is bound to be data in your environment that you don’t want Einstein Copilot to be trained on or surface answers from; with Salesforce, you can create zones that section off data you don’t want Einstein Copilot to access. However, it is up to the customer to determine what that data is and where it lives.  Ensure proper use. Many departments — from support to marketing — will use Einstein Copilot to generate customer and public-facing content. However, as we mentioned previously, the quality and accuracy of AI output often rely on the quality of the input.  Salesforce's Prompt Builder ensures your users are generating proper responses from the AI. This feature enables admins to set up guard rails for specific processes within the workflow (for example, customer support responses) to ensure appropriate, on-topic, and quality AI output. The Prompt Builder will provide the user with a template to feed into Einstein Copilot, dynamically grounding the prompt with information like customer names, accounts, context, and relevant articles that may further help the AI’s response. This will also help you safeguard against prompt injection attacks, in which a malicious actor tries to provide instructions that trick the model into giving a response it shouldn’t.  Prepare your Salesforce Orgs for Einstein Copilot with Varonis Before you start your AI journey with Einstein Copilot, it is essential you understand your Salesforce security posture and ensure that your data is prepared for a safe and smooth rollout. The Varonis Data Security Platform helps organizations gain an overview of their Salesforce security posture by: Try Varonis for free. Varonis can help your organization prepare for a safe and smooth Einstein Copilot rollout.  Request a demo today and get started with a complementary Salesforce risk assessment. Getting started is free and easy, and the results are yours to keep. Sponsored and written by Varonis.