When mobile reps became an unexpected attack vector, a leading manufacturing firm needed help to close the gap.
When most people think about Salesforce security, they focus on access controls, user permissions, or app integrations. But in industries like manufacturing, the real risks often hide inside the workflows themselves.
One of our largest customers operates across multiple industrial and construction sites. Their Salesforce environment is a critical system, used daily by hundreds of mobile field reps visiting construction zones, factories, and customer facilities. These reps use Salesforce on tablets or phones (often personal or temporary work-issued devices) to:
- Upload site photos and equipment images
- Send and receive customer agreements
- Share inspection documents
- Communicate with internal teams
This is exactly what Salesforce Field Service is built for: fast, flexible, on-the-ground engagement. And with Salesforce Agentforce introducing generative AI features, productivity is only accelerating. But so is the attack surface.
The hidden threat: Files from the field
This customer’s security team didn’t come to us looking for a Salesforce plugin. Their concern began with one simple, urgent question:
“How do we make sure files coming in from the field aren’t putting us at risk?”
Under the Shared Responsibility Model, Salesforce secures its infrastructure, but ensuring uploaded files are safe is up to the customer. And that’s where things got risky. The reps were uploading more than just notes. We’re talking about:
- PDFs and Excel files
- CAD drawings
- Scanned contracts
- High-resolution images and videos
Many of these uploads came from unmanaged, personally owned, or third-party devices with unknown security standards. Once in Salesforce, those files were shared across legal, procurement, and other departments—making it easy for malware to propagate silently through the organization.
From pain point to protection
Rather than jumping to a product pitch, we started by mapping the real-world risks:
- Mobile reps using unmanaged or temporary devices
- A daily flow of rich, unverified content into Salesforce
- No visibility into file safety at the point of entry
- Agentforce likely increasing this content stream
- Internal risk from lateral movement of threats
The solution? A native security layer inside Salesforce itself.
By scanning every file upload and download in real time—within the Salesforce environment—they were able to:
- Close the file security gap without slowing reps down
- Extend protection to devices outside IT’s control
- Support audit and compliance even with third-party contributors
Best of all, the fix didn’t disrupt the workflow. Reps kept using Salesforce as usual. No new apps. No retraining. Just fast, invisible protection—average scan time under a second.
Why this matters for manufacturing
This isn’t just one company’s story. We’re seeing the same challenge across manufacturing, logistics, and construction—anywhere mobile or contract-based workforces rely on Salesforce. These environments often involve:
- Temporary labor and outsourced contractors
- Mobile uploads from remote job sites
- Complex document workflows spanning departments
Unchecked, these uploads can bypass traditional perimeter defenses. That’s why embedding security inside Salesforce—where the files actually land—is essential.
Bigger than one customer
Sometimes, the vulnerability isn’t in the code. It’s in how legitimate users interact with powerful tools. A mobile workforce, doing their job, can unintentionally open doors to attack. That’s why security has to follow the workflow—not the other way around.
In this case, that mindset led to one of our most impactful deployments—and a safer, smarter way to support sales teams in the field.
Curious if something similar is happening in your Salesforce environment?