The purpose of this guide is to supply best practices to validate a CapStorm backup of Salesforce. This process involves of four steps to be performed in the order listed below:

1. Permissions verification – Verify that the Salesforce user credentials that are used for backups have access to read all desired Salesforce objects and fields. Objects include Salesforce standard and custom objects, including managed packages. If the analysis uncovers that permissions updates are needed, these permissions gaps are rectified, then backup updates are made to copy all data that was previously inaccessible.
2. CopyStorm review – Verify that the application is set up to meet the business’ backup goals. The recommended settings are highlighted in this section, however, each organization may choose to customize the configuration(s). If the analysis uncovers that configuration updates are needed, these changes may need to be tested in a Sandbox environment prior to making Production updates.
3. Backup validation – Verify that all desired records are in the backup. If the analysis uncovers that there are records not present in the backup, these gaps are addressed prior to performing the final backup validation.
4. Restore testing {optional} – Verify the process to recover data from the backup. This optional step follows the steps outlined in a sample runbook, and this often serves as a template for a customized recovery plan.

The Salesforce user credentials provided to CopyStorm determine what objects and fields are available for backup. The goal of this step is determine if there are any gaps in the current backup caused by inadequate Salesforce permissions, and, if there are gaps, to update (1) the Salesforce permissions and (2) the backup data set to ensure that all records are copied.

There are two primary categories of Salesforce permissions: System Level Permissions and Object/Field Permissions.

System Level Permissions impact one or more objects, and these are granted to the Salesforce user directly on the profile or via permissions set. Object / Field permissions impact individual objects and these are granted via permissions set for most standard or custom objects. If the objects are a part of a managed package or are a part of  Salesforce licensed features, Salesforce feature of managed package licenses may also need to be assigned to the user in addition to granting object level access.

If Salesforce field level permissions are updated, a backup update is necessary in order to update older records that were backed up before the field was able to be read by the Salesforce user. This is necessary because the backup process captures records incrementally, meaning that the backup will not automatically re-read records that already exist in the backup database when Salesforce permissions are updated. 

For example, the Salesforce user in the objects and fields permissions example above was not able to read the data in 2 custom fields. All of the records are already in the backup database, however, the data in these 2 fields is missing. The next step is to update the backup in order to capture the data in these two fields.

There are two approaches to choose from in order to update the backup. 

1. A full rescan – This option is used if there are many fields that the backup user was unable to see prior to updating permissions or when working with a smaller number of records.
2. A targeted rescan – This option is used if there are few fields that the backup user was unable to see prior to updating permissions or when working with a very large number of records that would make a full rescan time prohibitive. 

This step ensure that CopyStorm is configured for a complete backup including all objects, retention of deleted records, an established rollback period for data changes, and notifications in case a backup encounters an error. Key parameters are outlined below along with CapStorm’s recommended settings.

This step validate that the backup contains all desired records by using two CS:Medic tools: CountRecords and Scan Timestamps.

• CountRecords performs a simple Count query to Salesforce and to the Database and outlines any differences.
• Scan Timestamps performs a deeper analysis, and is typically used to determine the reason for differences identified using the CountRecords tool.

Pay close to attention to any discrepancies with a difference greater than 1%. This can be indicative of a Salesforce permissions issue, for example, the User not having access to an Opportunity record type.

If the CountRecords tab is not open click “Other Tools” in the top menu bar to open the tool. Click “Invert” to include all objects then “Start Scan.” For assistance with this analysis contact customersuccess@capstorm.com.

Annual recovery tests are recommended for Salesforce disaster recovery preparation. An alternative is to leverage the Restore application frequent sandbox seeding, as the process for non-production environments closely mirrors a production recovery. As a starting point for recovery tests, the Restore Validation guide is available as a sample runbook. CapStorm’s Customer Success team also supports customer working sessions to help test and validate the restore process.

In the event of an emergency production recovery need, please contact CapStorm by phone and by emailing support@capstorm.com.