SAN FRANCISCO, Sept. 17 /PRNewswire-FirstCall/ -- Salesforce.com Dreamforce Conference -- Salesforce.com , the market and technology leader in on-demand business services, today announced the expansion of trust.salesforce.com to include security best practices. As more companies adopt on-demand technology, the goal of trust.salesforce.com/security is to educate companies on security best practices for multi-tenant Software-as-a- Service applications.

(Logo: http://www.newscom.com/cgi-bin/prnh/20050216/SFW105LOGO)

"As the leader in on demand, we must also take a leadership role in security education, which is why we are offering this resource to help customers to raise their security awareness," said Parker Harris, executive vice president, technology, salesforce.com. "Our 'trust' site has been a hit with customers, so adding security was a natural extension for us as part our ongoing effort to educate and respond to our customers' needs."

Trust.salesforce.com is salesforce.com's dedicated site for live performance data and service history. It provides system status per server, number of transactions and speed per transaction. Designed to keep customers informed of up to the minute service availability and help users increase productivity, the site alerts users to any performance issues on any of its servers, as well as any scheduled maintenance. The new security section of the site is dedicated to providing customers with educational content on security best practices, including information on email fraud, what to look for on the salesforce.com log in page, and password protection. The site will be regularly updated with the latest security best practices.

An example of a topic featured on trust.salesforce.com/security is email fraud. Email fraud is an increasingly common danger for unsuspecting online consumers and business users today. One of the most popular scams are "phishing" attacks, which use social engineering to steal consumers' personal identity data and financial account credentials using 'spoofed' emails, and leading them to counterfeit websites designed to trick recipients into divulging financial data such as credit card numbers, account user names, passwords and social security numbers. According to the latest report by the Anti-Phishing Work Group (AFWG), the number of phishing sites rose to 14,191 in July, an 18 percent increase over May, the previous all-time high. Most major ecommerce companies, financial institutions, and service providers have seen their users targeted by phishing attempts.

End-user awareness and education is the key to avoiding security issues caused by phishing and other security threats. Salesforce.com recommends that customers take the following steps to enhance the security of their organizations:

-- "White list" IP addresses in email filters -- Include IP restrictions as part of profiles in the Salesforce application -- Require two-factor identification for users -- Regularly update and reinforce security and education with end-users

At Dreamforce 2007 taking place this week, salesforce.com will offer a session on security best practices covering the latest Internet risks, what security measures salesforce.com has taken, and advice on how to educate end users on security.

Trust.salesforce/security is live now. Salesforce.com encourages customers to email security@salesforce.com if they receive any suspicious emails. For more information about phishing and how to prevent it, see http://www.antiphishing.org/.

About salesforce.com

Salesforce.com is the market and technology leader in on-demand business services. The company's Salesforce suite of on-demand CRM applications allows customers to manage and share all of their sales, support, marketing and partner information on-demand. Force.com, the world's first on-demand platform, enables customers, developers and partners to build powerful new on- demand applications that extend beyond CRM to deliver the benefits of multi- tenancy and The Business Web across the enterprise. Force.com allows applications to be easily shared, exchanged and installed with a few simple clicks via salesforce.com's AppExchange marketplace, available at http:///http://www.salesforce.com/appexchange. Customers can also take advantage of Successforce, salesforce.com's world-class training, support, consulting and best practices offerings.

As of July 31, 2007, salesforce.com manages customer information for approximately 35,300 customers including ABN AMRO, Dow Jones Newswires, Japan Post, Kaiser Permanente, KONE, Sprint Nextel, and SunTrust Banks. Any unreleased services or features referenced in this or other press releases or public statements are not currently available and may not be delivered on time or at all. Customers who purchase salesforce.com applications should make their purchase decisions based upon features that are currently available. Salesforce.com has headquarters in San Francisco, with offices in Europe and Asia, and trades on the New York Stock Exchange under the ticker symbol "CRM". For more information please visit http: //http://www.salesforce.com/, or call 1-800- NO-SOFTWARE.

Copyright (c) 2007 salesforce.com, inc. All rights reserved. Salesforce.com and the "no software" logo are registered trademarks of salesforce.com, inc., and salesforce.com owns other registered and unregistered trademarks. Other names used herein may be trademarks of their respective owners.

CONTACT: Erin O'Keeffe of salesforce.com, +1-415-901-8595,
eokeeffe@salesforce.com

Web site: http://www.salesforce.com/