062 — Alice Jessop: Mastering Salesforce Security Artwork

DevOps Diaries

DevOps Diaries, brought to you by Gearset, is the podcast for Salesforce professionals to hear stories from folks in the Trailblazer ecosystem responsible for delivering awesome Salesforce implementations — the trials, tribulations, and successes. Hosted by Jack McCurdy.

All Episodes

DevOps Diaries

062 — Alice Jessop: Mastering Salesforce Security

September 04, 2025 • Jack McCurdy • Episode 62

Is your Salesforce org as secure as you think? Many common configurations leave companies vulnerable, but mastering a few core principles can transform your security posture.

In this episode of DevOps Diaries, Jack McCurdy is joined by Technical Program Manager and Salesforce security author Alice Jessop to demystify the art of protecting your CRM. They cut through the noise to deliver actionable insights for admins, developers, and managers.

Alice unpacks the modern challenges of Salesforce security, from debunking dangerous misconceptions to navigating the complexities of user management. You'll learn the critical difference between Profiles and Permission Sets, why the principle of least privilege is non-negotiable, and how to cultivate a security-first mindset within your team.

Tune in to explore:

- The Evolution of Salesforce Security: How to stay ahead in the ever-changing Salesforce landscape.
- Profiles vs. Permission Sets: Finally understand when and how to use each for optimal security.
- The role of humans in security: Why your biggest vulnerability might not be technical.
- The future of AI in security: How artificial intelligence is poised to change Salesforce security forever.
- Actionable advice: Concrete tips on data classification and career growth for Salesforce professionals.

Whether you're new to the ecosystem or a seasoned architect, this conversation provides a crucial framework for building a more resilient and secure Salesforce environment.

Podcast produced and sponsored by Gearset. Learn more about Gearset: https://grst.co/4iCnas2

Subscribe to Gearset's YouTube channel: https://grst.co/4cTAAxm
LinkedIn: https://www.linkedin.com/company/gearset
X/Twitter: https://x.com/GearsetHQ
Facebook: https://www.facebook.com/gearsethq

About Gearset:
Gearset is the leading Salesforce DevOps platform, with powerful solutions for metadata and CPQ deployments, CI/CD, automated testing, sandbox seeding and backups. It helps Salesforce teams apply DevOps best practices to their development and release process, so they can rapidly and securely deliver higher-quality projects. Get full access to all of Gearset's features for free with a 30-day trial: https://grst.co/4iKysKW

Chapters:
00:00 Introduction to Salesforce Security
02:41 Evolution of Salesforce Security
05:23 Common Misconceptions About Salesforce Security
07:56 The Role of Admins in Security
10:45 Profiles vs. Permission Sets
13:30 Balancing Business and User Needs
16:01 Building a Security Mindset
18:25 Human Factors in Security
21:00 The Exciting Intersection of AI and Security
24:07 Data Management: The Foundation for AI Agents
27:14 Experimenting with AI: Low-Risk Environments
31:15 Conducting Effective Security Reviews
35:24 The Future of Salesforce: Admins and AI
37:55 Career Advice: Adapting in a Changing Landscape
38:48 Humor and Learning: Insights from a Unique Journey