+ Start a Discussion
tcherlettcherlet 

Track Data Loader Exports

Is there a way to track when/what a user imported/exported from the Data Loader?

 

Best Answer chosen by Admin (Salesforce Developers) 
sfdcfoxsfdcfox

In regards to data security, keep these two things in mind: 1) you can disable the API for a profile; all users with that profile will be unable to export any data at all, and 2) you can set up security so that they only have access to records they should. The former is a bit overkill in most cases, but can keep users from using the API at all. The latter is useful to know, because if they can see it on the screen, then exporting via API is only a formality. They could just as easily highlight the text and copy and paste it to a spreadsheet or text file. You should allow each user access only to records, objects, and fields they need access to.

 

You can control this to a fine degree using sharing, profile permissions, and field level security. You could also restrict their login access to certain locations and times, and by securing those locations (i.e. office networks), you can virtually guarantee that no data theft has occurred. You could also set up a proxy and require access to go through this proxy; it could log each action taken through the proxy.

 

If it is suspect that users may have been exporting data, you can also acquire data logs from salesforce.com that can provide insight to the exact actions the user took, including any reports exported, records viewed, etc. This data is admissible as forensic evidence in a court of law for purposes of data theft. However, this is a pay-per-play feature, can not be used on a regular basis (i.e. email alerts), and will cost a substantial amount of money to recover these audit logs. You can review the process of recovering these audit logs in the Help & Training tab.

 

In short, while there is no way to have alerts on data exported, you can certainly lock down the data signifcantly enough that it doesn't matter, and if you need absolute proof, you can always get the audit logs.

All Answers

Ankit AroraAnkit Arora

If you want to track in salesforce then I don't think there is any native way. But yes when you upload the data from data loader it save success and failures files on your machine. By that you can track somehow.

 

Thanks

Ankit Arora

Blog | Facebook | Blog Page

tcherlettcherlet

I know about success and error csv's.

But the question is that I can monitor what is been imported/exports (not the data, but details: # records) by other users?

 

So there is no native way to do this or let Salesforce send me emails?

 

The reason why I ask is because a potential customer wants to know this because of data security.

sfdcfoxsfdcfox

In regards to data security, keep these two things in mind: 1) you can disable the API for a profile; all users with that profile will be unable to export any data at all, and 2) you can set up security so that they only have access to records they should. The former is a bit overkill in most cases, but can keep users from using the API at all. The latter is useful to know, because if they can see it on the screen, then exporting via API is only a formality. They could just as easily highlight the text and copy and paste it to a spreadsheet or text file. You should allow each user access only to records, objects, and fields they need access to.

 

You can control this to a fine degree using sharing, profile permissions, and field level security. You could also restrict their login access to certain locations and times, and by securing those locations (i.e. office networks), you can virtually guarantee that no data theft has occurred. You could also set up a proxy and require access to go through this proxy; it could log each action taken through the proxy.

 

If it is suspect that users may have been exporting data, you can also acquire data logs from salesforce.com that can provide insight to the exact actions the user took, including any reports exported, records viewed, etc. This data is admissible as forensic evidence in a court of law for purposes of data theft. However, this is a pay-per-play feature, can not be used on a regular basis (i.e. email alerts), and will cost a substantial amount of money to recover these audit logs. You can review the process of recovering these audit logs in the Help & Training tab.

 

In short, while there is no way to have alerts on data exported, you can certainly lock down the data signifcantly enough that it doesn't matter, and if you need absolute proof, you can always get the audit logs.

This was selected as the best answer