Aetrum Insights
Ideas worth reading.
Practical perspectives on Salesforce, enterprise architecture, AI strategy, and the decisions that shape technology programs.
The inbound mTLS certificate nobody owned
Part 2 of the series. A single inbound API certificate, an expiry nobody tracked, and why the move to short-lived certificates makes mutual TLS the first place the dependency graph bites.
The hidden dependency graph in every Salesforce org
Part 1 of a series. The invisible edges between certificates, Connected Apps, and Named Credentials, and why the short-lived certificate era makes mapping them matter more than ever.
The Three Salesforce Data Model Tests Most Migrations Defer to Year Two
Part 3 of 3. The forcing functions most teams discover too late: reporting, integration, and scale as design inputs in month one, not discoveries in month eighteen.
Salesforce 2026 Security Enforcement: An Architect's Guide to Every Date, Every Control, Every Gotcha
A consolidated timeline of the five mandatory step-up authentication gates rolling out June through August, with an architect's view of each control and a prioritized prep checklist.
The May 11 Salesforce Connected App Deadline: A 30-Minute Self-Audit Checklist
A 30-minute audit checklist for Connected Apps and OAuth access — anchored to the May 11 ISV partner deadline.
The Salesforce Security Decision Your Data Architect Should Be Making
Part 2 of 3 — Why master-detail vs. lookup is the most consequential choice nobody escalates.
The Oracle-to-Salesforce Migration Question Nobody Asks Until It's Too Late
Part 1 of 3 — The data model decision that determines whether year two is a victory lap or a re-platforming project.
AI as a Thinking Partner, Not a Substitute
A practical guide for developers, architects, and consultants who want better decisions—faster.