You are here:
Data Classification - Security Center Extension (Add-On) Control
Paid managed package (Security Center Extension by Own) providing a centralized dashboard to discover, classify sensitive fields at scale.
Control Name
Data Classification - Security Center Extension (Add-On)
Control Overview
Paid managed package (Security Center Extension by Own) providing a centralized dashboard to discover, classify sensitive fields at scale.
Description
Enables admins to assign sensitivity levels (for example, Public/Private/Confidential) and compliance categories (for example, PII/HIPAA/GDPR/FedRAMP) to fields via pre-built templates, advanced filters, and one-click bulk classification.
Recommended Configuration
Select Data Classification and define field Data Classification Level and Compliance Categorization.
Security Impact
Identifies and protects sensitive data, preventing unauthorized access to critical information.
Business Impact
Without data classification in Salesforce, companies cannot properly identify and protect sensitive data like PII or regulated information, leading to heightened risks of breaches, unauthorized access, and compliance violations.
Security Risk If Not Configured
Incomplete field data classification categorization in the org.
Threat Scenarios
Misconfigured or absent data classification fails to identify and protect sensitive data, allowing unauthorized access to critical information.
Estimated CVSS Score Range
High (7.0–8.9).
Risk Impact Considerations
Unauthorized access to sensitive data like PII, compliance failures (for example, FedRAMP non-conformance), insider threats from misconfigured sharing rules.
Higher Risk When
Large orgs with thousands of custom fields; heavy API/ integrations; multi-org setups; no data governance policy.
Low Risk When
Small orgs with few custom fields; all data pre-classified manually; strong field-level security/encryption already in place; low-sensitivity data only.
Security Health Review Guidance
Strongly recommended.
Who Is Impacted
Security admins, compliance officers, GRC teams in Enterprise/Unlimited orgs handling regulated data (FedRAMP/CMMC/HIPAA/GDPR); multi-org enterprises needing scaled classification.
