How to run security health checks on Salesforce

intermediate 8 min read Updated 2026-03-18

Quick Answer

Navigate to Setup > Security > Health Check to access Salesforce's built-in security assessment tool. The Health Check analyzes your org's security settings against baseline standards and provides a score with recommendations for improvement.

Try Salesforce Full Salesforce Review

Prerequisites

System Administrator permissions in Salesforce
Basic understanding of Salesforce security settings
Access to Setup menu in your Salesforce org

Step-by-Step Instructions

Access the Health Check Tool

Log into your Salesforce org and click the Setup gear icon in the top right corner. In the Quick Find box, type Health Check and select Health Check from the results under the Security section.

You can also navigate directly via Setup > Security > Health Check if you prefer browsing the menu structure.

Review Your Current Security Score

On the Health Check page, you'll see your organization's current security score displayed prominently at the top. This score is calculated based on Salesforce's security baseline and shows the percentage of recommended security settings that are properly configured in your org.

A score of 80% or higher is generally considered good security posture for most organizations.

Examine Security Risks by Category

Scroll down to view the detailed breakdown of security settings organized by categories such as Session Settings, Password Policies, Network Access, and File Upload and Download Security. Each category shows items marked as High Risk, Medium Risk, or compliant.

Focus on addressing High Risk items first as they pose the greatest security threats to your organization.

Set Your Security Baseline

Click the Baseline dropdown at the top of the page to choose your security standard. Select from options like Standard Baseline, High Assurance, or create a Custom Baseline. The Health Check will recalculate your score based on the selected baseline requirements.

High Assurance baseline is recommended for organizations handling sensitive data or operating in regulated industries.

Generate and Download Reports

Click the Export button to download a detailed PDF or CSV report of your security assessment. This report includes all findings, risk levels, and recommended actions. You can also use the Email Report option to send results to stakeholders.

Schedule regular exports to track your security improvements over time and maintain compliance documentation.

Address Individual Security Items

Click on any security item marked as a risk to view detailed information and remediation steps. Many items include Fix buttons that allow you to correct the setting directly from the Health Check interface, or Learn More links to Salesforce documentation.

Test security changes in a sandbox environment first, especially for settings that affect user access or system functionality.

Monitor Security Trends

Use the Health Check History section to view your security score trends over time. This shows how your security posture has changed and helps identify patterns or recurring issues that need attention.

Run Health Checks monthly or after major system changes to maintain optimal security.

Set Up Automated Monitoring

Enable Health Check Monitoring to receive automatic email notifications when your security score changes significantly. Configure the notification frequency and recipients in the monitoring settings to ensure your security team stays informed of any degradation in security posture.

Set up monitoring for multiple recipients including backup administrators to ensure security alerts aren't missed.

Common Issues & Troubleshooting

Health Check page shows 'Insufficient Privileges' error

Ensure you have System Administrator profile or the View Setup and Configuration and View Health Check permissions. Contact your Salesforce admin to grant these permissions if needed.

Security score appears lower than expected after making fixes

Health Check results may take up to 15 minutes to refresh after making changes. Click the Refresh button or wait for the automatic update. Some changes may require users to log out and back in to take effect.

Unable to export Health Check report

Check your browser's pop-up blocker settings and ensure downloads are enabled. Try using an incognito/private browser window or clear your browser cache. The export feature requires JavaScript to be enabled.

Custom baseline settings not saving properly

Verify you have Customize Application permissions and that your browser session hasn't timed out. Custom baselines require specific permission sets - contact your System Administrator if the issue persists.

Prices mentioned in this guide are pulled from current plan data and may change. Always verify on the official Salesforce website before purchasing.

Visit Salesforce View Salesforce Pricing