Salesforce leverages Role-Based Access Control (RBAC) to enforce access control based on PIV authentication. Users are assigned roles and permissions based on their PIV credentials, controlling their access to Salesforce GovCloud resources.