Salesforce Health Check is a dashboard that lets you see how closely the security settings in your org align to the settings recommended by Salesforce. A score of 0–100 is displayed, 100 being the most secure setting configuration
As an admin, you can use Health Check to identify and fix potential vulnerabilities in your security settings, all from a single page. A summary score shows how your org measures against a security baseline, like the Salesforce Baseline Standard. You can upload up to five custom baselines to use instead of the Salesforce Baseline Standard.
From Setup, enter Health Check in the Quick Find box, then select Health Check.
In the baseline dropdown (1), choose the Salesforce Baseline Standard or a custom baseline. The baseline consists of recommended values for High-Risk, Medium-Risk, Low-Risk, and Informational Security Settings (2). If you change settings to be less restrictive than what’s in the baseline, your health check score (3) and grade (4) decreases.(5). To remediate a risk, edit the setting (6) or use Fix Risks (7) to quickly change settings to your selected baseline’s recommended values without leaving the Health Check page. You can import, export, edit, or delete a custom baseline with the baseline control menu (8).
I would recommend updating any policy to be in line with what Salesforce recommends as the “Standard Value”, The only caveats I’ll add to “accept the recommended values” are as follows
? If your org has many components like (VF pages or custom interfaces), just check with your development team how the pages are behaving while loading and please recommend every developer “the page need to be more secure while developing”
? Invalid login attempts before locking the user out. Salesforce recommending 3 invalid attempts, however I feel 5 should be minimum required for any company standardes
? Administrators can log in as any user, from my experience, every admin needs this feature to troubleshoot effectively
? Expired Certificates, As many of the admins receives an email from Salesforce Saying “Your security certificates expires Soon”, so please take an action and renewal