City National Bank: Health check and Best Practice recommendations for Salesforce org


City National Bank (CNB) is a South Florida-based community bank that is a subsidiary of the Chilean bank – BCI. CNBFL offers a diversified portfolio of financial products and services from Miami-Dade County to Central Florida.

Business Objectives

CNB already had adopted Salesforce for a few years, and wanted to stay up to date with the best practices for security on Salesforce. They needed an experienced Salesforce implementation partner – that is indeed why they engaged Softsquare. 


Softsquare used standard Salesforce tools and also did manual analysis of CNB’s security practices. Softsquare’s team manually analyzed Salesforce configuration items and source code to check for any security vulnerabilities, and to see if CNB was missing out on any of the latest recommended best practices. Softsquare also made appropriate recommendations. 

We checked how many of the existing profiles and licenses on Salesforce were in use, and how much access was granted to users. If they found that they were granted excessive access, they reported that as well and modified it. This was especially relevant when integrating external apps with Salesforce, to see if they were getting only the required level of access and nothing more. 

To carry out the automated checks, the Softsquare team made use of several tools provided by Salesforce.

Salesforce Optimizer

This tool automatically analyzes the Salesforce implementation to find any potential issues in it. It checked the CNB implementation against current Salesforce best practices to review and analyze any issues that could crop up.

Programming Mistake Detector or PMD is an external source code analyzing tool used to spot any common programming flaws like unused variables, empty catch blocks, unnecessary object creation, and so forth. It supports Java, JavaScript, Apex and Visualforce, PLSQL, Apache Velocity, XML, XSL. Softsquare used this open source tool to review the Salesforce code, specifically all Apex trigger, Apex classes, and Visualforce controllers.

Health Check

This is a complimentary service that Softsquare offers to Salesforce customers. For the first 20 hours they conduct a health check for free, so that clients get a taste of Softsquare’s Salesforce capabilities. Softsquare offers a report and a list of action items. During a complimentary presentation, Softsquare would present alternate solutions to the identified issues and the customer would choose to award them as a project.


Using a combination of manual and automated checks, Softsquare successfully reviewed, analyzed, and reported on CNB’s existing Salesforce implementation. They were able to identify any security risks or stumbling blocks in the implementation thanks to experience with several tools and their expert knowledge of Salesforce.

Our Other Remarkable Successes