Salesforce: Ethically Hacking a Salesforce Digital Experience – Life Sciences Dreamin’ Webinar
Watch our highly anticipated webinar on “Ethically Hacking a Salesforce Digital Experience” and gain invaluable insights on how to protect your data and customers.
Matt Meyers of EZ Protect, and author of “Securing Salesforce Digital Experiences,” will demonstrate real-world scenarios where people exploit vulnerabilities in Salesforce digital experiences, showcasing the importance of robust security measures. Watch now to learn how to safeguard your business and maintain the trust of your customers.
Check out Matt’s new book today!
…and while you’re here: if you’re having Salesforce user adoption challenges, we have a brand new guide that takes you step by step through the principles of teaching adults technology, and drives you to develop a plan for implementation. It’s got room for you to make your own plan – check it out: https://cloudadoption.solutions/teach…
Contact us with your Salesforce challenges at info@cloudadoption.solutions – we love to help!
Cloud Adoption Solutions is a 100% woman-owned registered Salesforce partner, specializing in implementation, integration, and optimization for Technology, Healthcare/ Life Sciences, and Financial Services/ Professional Services organizations in the small and mid-commercial sectors.
VIDEO TRANSCRIPT:
Speakers – Matt Meyers, Shannon Gregg, Eric Dreshfield
Matt Meyers
The sad news was in June 2023. St. Margaret’s Health closed its doors forever because of a ransomware attack.
Shannon Gregg
Hello, everybody, and welcome welcome welcome to a hotly anticipated version of the life sciences dreamin webinar which we have been having once a month to tell you different things about Salesforce. And today, I am beyond thrilled to introduce you to new author, Matt Meyers. He wrote this spectacular book that he is going to tell you a little bit about this whole story today, securing Salesforce digital experiences. I have seen Matt do a live demo where he ethically hacks Salesforce, and I learned so much from Matt every single time I see him. And that means I learned things about Salesforce about security, about being a technical architect, and just about the world in general, because Matt is the most well traveled person, I have the pleasure of knowing. I am Dr. Shannon Gregg from cloud adoption solutions. I’m not going to talk for very long because we want Matt to impart his wisdom to us. Once Matt is finished talking, our friend and yours ericdress field is going to come on the stage to tell us about a very new, exciting announcement that he has. And at the very end, if you’re still on, our friend Andrew Duncan is going to do a drawing. We’ve got this whole Salesforce swag bag that one person is going to win as long as they stay on. So Matt, without any further ado, thank you for joining us today from Prague and I am going to hand the stage your way.
Matt Meyers
Great. Thank you, Shannon. That’s a wonderful introduction. I really appreciate it. So let me get my sharing going from my screen here and go into full screen mode. All right. All righty. So again, thank you again, Shannon. So just a little bit about me. I am I’ve been in the Salesforce ecosystem for about 18 years now I’m a sole source certified technical architect. And I also run a company called EZ protected virus scanning for Salesforce, I kind of landed into that a lot a while thought five years ago, and really never focused on security until then. And then it just became more and more of a big thing for me. So now that’s pretty much all I do is focus and research on security. Specifically, what I’m going to talk about in this session today is really about my book here securing Salesforce digital experiences. I’ll have a link later for you to look at it. But really, this was a personal story for me, that where I used to work in consulting. And while I was working on a consulting engagement, one of my customers got hacked by an ethical hacker in Salesforce specifically from their digital experiences were about 5000 records or so that were were were stolen that contain some PII. And really what that that just raised some urgency for me or some alarm, because I was like, Well, this is, you know, obviously not good. But I was thinking how many other people know, you know, could this happen to. And so first what I did is I went and just research, learn how this could happen, how it happened, what was the history, learn the history, a little bit about more about digital experiences themselves, and then really understood that it really came down to a misconfiguration of Salesforce digital experiences, which was also a mis understanding of how people understand how digital experiences work and lightning in general. And so then what I did is I went into various shows, including life sciences, streaming, and doing research, asking the audience about digital experiences security in it and what they understand about security about the same problem that happened. And I found very few people actually understood it. And even more so I found there’s very little resources to are out there about how to secure digital experiences or even Salesforce in general, actually, this is the fourth book that’s dedicated to security on Salesforce in the entire ecosystem, if that shows you how unwrap underrepresented this is, so really what I’m going to go through here in this is just going to talk you talk through a little bit about some facts about security insults first and educate you a little bit about some things that you should be considering or thinking about when working with digital experiences in Salesforce. The first thing I want to do especially this is a life sciences dreaming event. So I wanted to start with an interesting story about this is not Salesforce related, but something that could happen in Salesforce for real. So imagine a ransomware attack hit this healthcare institution in 2021. And it basically halted the ability of this hospital to submit claims to insurers. And I don’t know if you know, but hospitals and most med local institutions rely on the payments from insurers to stay afloat, this ransomware attack and shut down all their systems. So they didn’t have any way to process these claims. And so actually, what ended up happening is, that was about 14 weeks or so it says that they were down. And while there, they never were able to recover, no claims got in and nothing got entered, took months and months for them to to get back to where they were, and then information or what kind of critical information do you have in your sole source that keeps your business running? If let’s say let’s turn this around, this wasn’t sole source. But what if it was, if you’re lying to a lot of health care agencies are using Salesforce for processing claims and managing patient data? Imagine if Salesforce got locked out? What what would be the impact on their organization? Well, would it and also what if that data got all the information that is in in their sales force, all the patient information, all that got out onto the dark web or in sold for to the highest bidder. So that’s some really scary stuff. So now what I’m going to do is just kind of, you know, going from that real, a real story there, let’s just go into learning about some metrics, here are some some statistics, which I found very interesting. And this is something that a lot of people don’t really can think of or realize. And there are, that’s pretty scary. So first thing is how many records were exposed globally in q3 of 2022. So we have 15 million records were exposed, meaning they were stolen records with with sensitive information, just in q3 of 2022. And that basically good grounds to 68 seconds, records per second are being exposed. So what So first question is how many records have now been exposed? Since Shannon talked? And now I’ve been talking? It’s quite probably quite a lot. And so that’s kind of been thinking of like, how many? What kind of damage? Could that be done? The next is, how many days on average does it take to detect a breach? This one surprises everyone? 206 days to detect a breach and another seven need to recover from it. So again, just think to yourself, how many? What did someone do to your organization? If they can access to your systems for 206 days? What kind of damage could they do? What could they steal? What kind of damage could they do to your, to your customers, to your employees to your your partners? That’s that’s a really scary number of us myself. And then the last one here is what is the cost, global cost of a breach. And I’m going to spend a little bit of time on this one, because this one is a little bit of a loaded number. So it’s 4.3 6 million on average per breach globally, or $9 million in the US council about $150 per record loss globally. But that doesn’t include all of those other costs that people don’t think about. So we’re actually building a calculator right now that calculate the actual cost based on real data by industry. And it comes up to a really, really big number. If you think about first, how many when one thing is like with winning customers are losing their sorry, but when when the breach happens against the company, customers lose confidence that company, I’ve read one metric and one interesting, so 60% of people said they will leave and company immediately upon a breach. So what would happen is 60% of your customers lost? How much did that cost you? Then how much does it cost to regain all those customers? What are the legal costs of that? What does it cost to repair your reputation? So you’re really talking when you add all those concepts, about 100 million or more for a single breach. So now that’s a pretty scary number. So So now. Now the next question I want to ask just part of this is how confident are you that there are new holes in your Salesforce? Well, these are some of the statistics. When I was going around, going to all shows last year asking people and most people found I was kind of scary that 25% saying they thought their sole source airtight another 40% saying they were only slightly concerned only 4% were saying they were actually concerned. And so, but in reality, this should be flipped. And actually, after I gave my speech in every session, the numbers were flipped 100% of that people were very concerned. And really, if you’re not in that number three and number four reason, then you probably should be thinking yourself, Why am I not there? Because even if you have the best controls in your Salesforce and you think you have the best controls, I guarantee you there’s always going to be a hole somewhere you need to always be thinking about how right plug those holes How do I monitor to ensure that that data is not escaping Salesforce. Now there are a number of thought provoking question. Could someone be accessing your customer data right now while I’m speaking?
Speaker 1
Alright, so, so I’m going to pass that one. So on so go on this one really quick. So just because of what I do is we You do virus scanning in Salesforce. So did you know that Salesforce doesn’t scan for viruses? That’s just one other way that people can get your data? There’s a lot of ways that people can get your data I asked in the lot of the sessions as well do people know, what kind of virus do most people can’t tell you that? Most people just think that it’s I have seen things like, well, it’s about viruses, you have to pay money because the ransomware Well, the truth is, both viruses and misconfigured, Salesforce environments can open the door to attackers to steal your data. So you need to make sure that you’re protecting against both. So now let’s talk I’m going to slow down a little bit here. And we’re going to talk about well, what are some of the things that that were the risks that you will need to be aware of insults from this is now kind of got to the here the dangers here, the things that the metrics, the statistics of things that you should be aware of? And Salesforce, now let’s talk about what what is it what how are? How can people get to your data? What are the things that you need to be thinking about in Salesforce? So the first thing to talk about itself is lightning. And lightning is in anytime in your back end of Salesforce. And lightning, of course, is also in your digital experiences. A lot of people think that it just because if I hide the user interface, I hide the record layout from the user interface, people can’t get to those records. Well, as long as you know the URL to get to a record, you can still get to it. If I have an ID, and I just plug in the right. This is not the right path. But the right path to get to a record detail page, for example, a case, if I have access to view that case, I can view I can see that case, I can edit it, I can even delete it straight from the UI without doing anything else as long as I have the right URL. So that’s one thing you need to be very cognitive as in number one rule is ensure make sure that they that that all your users. And this includes your guests, user, authenticated community users, internal users can only see the data, see, edit, delete, have the data that they should have access to. Just because they can’t see it on the user interface doesn’t mean they don’t have access to to it in another way. And specifically here, like I said, here on the Lightning Experience, again, you could just put a URL in like and get to a record if I can see it. If I can’t see it, then obviously, I cannot get to the record, I can’t do anything with it. Another thing about the Lightning Experience, that this is the kind of what happened in my book, and actually in real life was this ethical hacker new went into the digital experience, and found that there’s these a lot of these unpublished APIs that are that they can get to. And you can execute operations similar that you would do in the Salesforce user interface, or even do using cells versus API’s like the REST API, the only difference is with the guest user for in the community, you do not need to be authenticated to use it. Because all guests user is it’s get it’s an authenticated by default design. And these API’s here, they run your Lightning Experience. So everything you see all your page layouts, all your fields, buttons, your boxes, all that is rendered using these API’s, Salesforce can’t hide these API’s. And even if you turn on API, disable the API enabled flag, these API’s still work because they are not the standard API’s. They are what run lightning. So for example, here in this is just one examples, bunch of code here, but but someone could run a command on the one of this public API is the guest user. And if that guest user has access to case information, for example, I could then pull down all the cases, if there’s sensitive information in the cases, I could pull those down. So again, that goes back to what I said earlier, you need to make sure that those users including especially your guests user, but also all of your authenticated users do not have access to the data. Otherwise, they can be retrieved using these these API’s, or even by the URLs I was showing before. Even more scary here is these API’s not only let you retrieve data, but you can also update record data, you can edit reputated, and even delete record data. You can also execute Apex classes, you can and lastly, you can also execute flows. So anything in any of those, those standard types of functionalities in Salesforce that you typically would think that someone doesn’t have access to execute unless you specifically designed it. Well in here. All of that can be accessible from these API’s. If the user has access to execute those, those flows, those Apex classes for that org get to that data. So here’s another exam. and provide kind of just touched on, for example, in APEX classes. So just take this quick example of this code. Even if you don’t understand apex, I’ll kind of talk through this. So what this code is doing is a couple of methods here. One, what it does is takes a list of records, and deletes the records and notices without sharing what this means is, anybody with access to this class that has Salesforce record IDs, can actually delete any record in all of Salesforce. This was actually a real method and class of one of my customers had in their orgs. And what this basically means is in this was actually exposed to the guests user. So that basically means that anybody in the entire world that had access to record IDs in their org, could delete any record in any object in their entire Salesforce environment, which is pretty scary. And now, let’s just couple that with the what I was talking about earlier with that API, they had, they also exposed Public Read Only certain objects. So that was a perfect pairing here. So basically, they had all the IDs to certain objects, and they had a method that they could execute without anyone stopping them. To delete all those records, there’s a lot of worse things you can do to so for example, here’s another method that someone could execute. And I could, it’s a fuzzy search. And that returns a bunch of information, including local, that birthdate and social security number. And someone could be using that same API, execute this and just keep sending various information until they got things back in note, and then what would happen to the be returned contacts with all the sensitive information be just because they had access to these methods. So one of the key things about to think about with apex is Apex classes, you can Salesforce lets you lock them down by profile. So you make it so that you can’t, you can’t execute an apex class you don’t have access to. But the problem with Apex classes is most people develop them by business function and not security function. So for example, let’s say this first method here was supposed to be accessible by only a privileged user. And this one may be still an authenticated user, but but they wanted it. But then maybe there’s a third method in here that was needed to be executed by the guest user. But they didn’t split them out, they just gave the guest user, the privileged user and the authenticated user access to this class, which then automatically gave them the anybody access to all the methods in the class. So instead of building your methods and your classes by business function, what you need to do separate each of them out by security function, one for your guests user persona one for your authenticated user, or general community that persona one for your super user persona, by business functions. So really should be by security function by business persona. So that way, you’re not sharing, you’re not exposing classes that have ability to do destructive things, or return data that people shouldn’t be getting access to. Because in this case, even if you had locked down the user correctly with all their data, because this is without sharing, you now can get all the data back that you normally wouldn’t have access to because of that. So this should be used very sparingly giving people only access to so you’re not really returning data to the front end, that when you’re using without sharing, and you should be doing only operations that, that you were someone couldn’t manipulate that operation at using those API’s. So remember, again, I’m gonna say is a million times, just because you can’t see down the DUI doesn’t mean someone can’t get to it. If somebody anybody can use the lightning API’s, as long as they have access to execute Apex classes, retrieve data, delete records, update records, or insert records even. So you just want to make sure that whoever you’re giving this access to in Salesforce that they have, they should be executing those methods.
Speaker 1
All right, very scary. Sounds bad. What What should you do, though? I mean, sometimes you have to expose some of that sometimes you want to be able to submit cases on your website, and to an authenticated user, should you just not submit cases, let people submit cases? Should you not collect leads? Of course not. So we could just lock everything down. This is one of my favorite quotes here. If you want total security, go to prison there you’re fed, clothed, given medical care, and so on, the only thing lacking is freedom. And then the one the other one in the world of cloud computing there is saying that goes, you can’t secure 100% of your data 100% of the time to do so would be shut down the system making it completely unusable. And I think that’s what the case is here. You have to find that nice balance. You don’t want to expose your data, but you also want to make the system usable for your end users. And this is kind of where I’m going to go a little bit faster through some of the stuff but this is stuff that you can do to keep some of the recommendations I would say first of all, Look at Salesforce well architected go to architect@salesforce.com, Salesforce has a great framework that they’re putting, they’ve been putting together for quite some time to help you build. Good or well architected Salesforce solutions, specifically, the first one focuses on trusted saying, Here are all the trusted practices that you should be doing in Salesforce. They have a lot of patterns, things but you shouldn’t be doing in anti patterns, things you should not be doing. And this is stuff that you should be looking at seeing, are you doing those things that they say you shouldn’t be doing? And are you not doing the things that they say you shouldn’t be doing? You also could if you have an architect on class, on staff start mapping out the framework, something like this that we have done here, you can start creating guides that are prescriptive for your including a security program so that you can say, okay, here are the here are our operating standard operating procedures for creating this secure designs and Salesforce, have we evaluated our security percentages? Have we evaluated our risk? Just because you should do something doesn’t mean you can and just be is, for example, I had a customer wants that. Or a client of mine that was wanted to had a portal where people were placing orders. But the problem was, everyone that was placing those orders were in nearing retirement age and didn’t have smartphones? Of course, you should use two factor authentication, but you can’t because most people don’t have smartphones. Does that mean you don’t do two factor authentication? Of course not. It means that you should find some other ways to authenticate that person, maybe you have multiple challenge questions instead. And you change up the challenge questions. Maybe it’s something only they should know, they should know. Maybe you send an email instead to them, because they probably have email. There’s a lot of different ways that you can still do some of these things, even if it seems like it’s not possible. Also, the other end of it, just because everyone says you should have two factor authentication doesn’t mean you should, if you’re protecting data that’s publicly accessible, then you probably don’t need to factor you probably don’t even need any authentication. So that you need to think about using the right mechanisms. for the right purposes, that goes back to making the system unusable. If it’s unusable, what’s the point of even making it so you still want to find that balance. Some other recommendations are use Salesforce shield shield is a great tool for monitoring activities. You can even monitor the execution of APEX methods, even those lightning API’s. So you can see if people are trying to abuse your system, or maybe things that people are accessing things that you don’t that they’ve shouldn’t have. So you can track, maybe some misconfigurations at Salesforce. There’s also the guest user x sharing access report. This is under the setup menu will tell you what kind of objects the guests user can have access to what records one caveat here is, it does not track file. So guests users shared files, this won’t show you that. But I’ll say that this is a good thing for your guest user. There’s another app exchange package out there called guest user access report that gives you a little bit more detailed view into some of the what your rack access looks like in Salesforce. And that’s another good thing to use. Other ones run health check Health Check is good baseline that doesn’t cover everything. But it does cover a lot of the standard settings that you should have enabled, you can also create your own custom baseline as well for certain things to see. So you can see that where are you with your security based on your customer, your organization’s best practices, obviously scan files and verify Salesforce, obviously, I had to say that since I run a virus scanning company, but still it is something important if you are uploading files to Salesforce. Last but not least, get my book. If you want to download it, here’s a QR code. Go to book dot Matt Meyer cta.com. To access the book, download it. A lot of I tell the whole story in the book of kind of how what how my day unfolded and how it happened, what we did to fix the problem, I also have a bunch of best practices in cell cells for security. I just went over a few of them here but a lot more contained at the end of the book there in addition to talking a lot more about how you can use well architected to create and well architected solution in Salesforce. And then last but not least, here’s just some other resources you can use that are available out there some I’ve got a YouTube that shows physically how someone could use the API’s to get data from your Salesforce. I have a weekly security blog I put out and here’s my LinkedIn in my Instagram as well. But that that’s just about it, I think at this point can open up for questions.
Shannon Gregg
Please, if you have any questions for Matt, pop them in the q&a box and we will read them to him knowing that he has just a few minutes he is Joining us live today from Prague. And Matt is about to head off to the VIP dinner there. So you’ll see that he’s posted many ways for you to get in touch with him. So please definitely follow Matt and follow easy protect by adaptive. And this book. I will tell you last Monday we were at Mid Atlantic dreamin and Matt’s Booth was absolutely swarmed with people picking it up. And we felt pretty fortunate to pick it up. You just published this right, Matt? It’s brand new. Yep. It’s
Speaker 1
it actually launched on Amazon on the 30th. And last week, admin electrodermal was the official launch of the book.
Shannon Gregg
So exciting. Congratulations. And like I said, I recommend it to everybody. We have been working our way through this book. And Matt has taught us all so much. I know that you’ve learned a lot here. Matt, before we let you go, we do have a question. We’ve got two questions. You mentioned separating methods by business case and security. Would you ever build different Apex classes by user type? By
Speaker 1
user type? Um, I think that really is basically saying the same thing. So So think of your you each user type is really you think about the person that is the business persona. So it depends on that each type of user or you can call them the security personas, which is a similar similar to the types. And so really, I would say the answer really is yes, I would build Apex classes and separate the classes out specifically by your type. But don’t I wouldn’t specifically say user type. I would go back to that terminology, a bit business persona slash security persona, because your security persona is really who is accessing that, that those resources in Salesforce, so you really should split it up by that. So think of like maybe, I don’t know, a sales manager, sales, rap sales VP, those would be security personas, and business visits personas together.
Shannon Gregg
Awesome. Thank you so much. Thanks for the question, Mike. And thanks for the answer. Matt. Matt, we had a question that we wanted to ask you as a team, which is, what type of soft skill do you use to keep yourself calm when you see something like a giant breach or security disaster that you can predict is going to happen? Because you do always seem like you are in control of your emotions.
Matt Meyers
It is, I guess it’s a learned skill. I can tell you I was not that much in control that day. That does happen. But I think you just kind of learn to live with it. And you said there’s it’s really the you do the best you can, I don’t think there’s ever going to be a time at security that you’re gonna have a impenetrable org, nothing is impenetrable. Unless you again you put it lock it up in a room with no internet, no doors, completely button, then no one can get to it either. So it’s just really no, just having a making sure that you know that you’re doing the best that you can do. And always keeping an eye on things and always monitoring things. And then you know, you you can only sleep at night because you’ve done the best you possibly can to keep your keep your data safe outside of that. It’s really up to the powers that be, I think, at that point. So that’s kind of the best I can say. Thank
Shannon Gregg
you, Matt. Those are great words of wisdom. And of course, you know, risk mitigation is something that we never feel is ever complete. But that is inspirational. Before I bring up Eric Dreshfield who has a really exciting announcement and Andrew who is going to be raffling off a prize, I want to say from all of us and the entire community. Thank you, Matt, for all the things that you’re doing for us on the call for all of the community events that you’re speaking at for the ecosystem at large and for this amazing book, which I keep raising because it is so so good. This is like an entire masterclass like an MBA in Salesforce security. So, Matt, we can’t thank you enough for your selflessness and wish you the best of luck speaking at Czech dreamin.
Matt Meyers
Thanks, Shannon. Appreciate it.
Shannon Gregg
Thank you so much, Matt. Matt Meyers of easy protect by adaptive, a wonderful human, criminally smart, but using his criminal smarts for very, very good for all of us in Salesforce. Eric Drash field, I’d love to call you up to give everybody a very exciting announcement as well. Wow, all of these things unfolding today. Matt’s launched his book and Eric, you’ve got some interesting news for us. Oh, yes,
Eric Dreshfield
that I do. Shannon, thanks for the brief moment on the stage as well. Um, most of you are probably already familiar with the Salesforce community conference that I started all the way back in 2011 called Midwest dreamin, the largest Salesforce community conference here in the US. That one is taking place in Minneapolis again this year, July 17, through the 19th Shannon, I’m sure you’ll jump in here and talk about life science stream. And in just a minute. The other big announcements that Shannon has alluded to that I want to share has to do with another Salesforce community conference that is on its way to you very, very soon. And I’m going to share my screen for just a quick second. So you all can see what I’m talking about. So there is a new conference that I have launched called dreaming and data. It is coming to St. Louis, the website says November 4, and fifth. But probably by the end of this week, we’re going to be adding the morning of November 6. So another effectively two day conference spread out over three days of content kind of thing, like Midwest. dreamin has been doing that for several years. So St. Louis, you’re getting your own Salesforce community conference, downtown at the Hyatt Regency at the arch. So pretty cool views from that hotel. Lots of interesting things to do and see right around there when the conference is not in session, of course. So why dreamin and data well guess what? Data matters. This is the first Salesforce community conference that has been created to basically help companies understand their their full journey of their data from CRM through integrations, and to ultimately, visualizations, decision making steps, and, and all those kinds of things. So ultimately, what we’re trying to do through this event, is help people understand how they can better utilize their data to help their companies and their organizations, make better smarter, faster decisions and accomplish their goals and stay ahead of their competitors. So hopefully, we’ll see a lot of you there, registration should be opening up in the next couple of weeks. And we will be doing an open call for speakers in June as well. So if you’re interested, have some interesting topics that you’d like to talk about that are are data related, which basically everything is if you think about it a little bit, watch for that call for speakers, there is a spot right here on the website where you can give us your email. And we will certainly let you know when all that stuff is taking place. And the website if you can’t see it on the screen. Clearly, it’s just simply dreamin in data.com. I’m Shannon, thanks for giving me a little time to show this off. Appreciate it. Wowza.
Shannon Gregg
Eric, thank you for sharing this announcement with us because we all know, data driven decisions are the only decisions that we’d like to make on a daily basis. So dreaming and data can’t believe it hasn’t been here before. So happy that it’s going to be here now. I would invite everybody who’s on the call. Follow Eric Dreshfield. Follow Matt Meyers follow myself we’re constantly posting out these types of events where you can continue to learn how to apply Salesforce and other technologies in a way to make your work days better. So thank you so much, Eric, for telling us about that dream and data Midwest dream in and life sciences dream in this year, which is focused on the life sciences industry is going to be held in Philadelphia in October. So last year we kicked off in Fort Lauderdale. We are moving to the bio city of Philadelphia that has 1200 life sciences companies in it we hope to see you there call for speakers is also open for that. And Eric, I know quickly. We’ve got sponsorship capacity and all three of those if you want to say a quick word about that, well, Andrew starts to share his screen so he can pick our winner. Yep.
Eric Dreshfield
So if you work for a company that is a consulting firm or an ISV, partner of some sorts. sponsorship opportunities exist for all three of those events, you can reach out directly to me on that. I’m Eric Dreshfield on LinkedIn. Thanks
Shannon Gregg
everybody so much for joining our call today. I hope you learned a lot. I know every time I listen to Matt. I do. Thanks to Eric for sharing your special announcement with us about dreaming and data. Thanks, Andrew for making sure that the wheel of prizes list was clean and clear. All right, everybody, we will see you next month we will be joined by Jim Goldfinger who’s going to share innovative innovative use cases of Salesforce. I’ll tell you when he did a practice of this way before the life sciences dreaming conference, I thought it was awesome. Then he did a version of this at the life sciences dreaming conference. And since then, he showed me something with AI that absolutely blew my mind. So I know I can’t wait until next month and I hope to see you there. Have a great day everybody.