Security In Salesforce

• 

1. Org Level Security
2. Object Level Security
3. Field Level Security
4. Record Level Security

Security Meaning In Salesforce:

• Salesforce is a cloud technology and multiple users use it simultaneously so security is needed to protect data from different level of users and outside users.
• Salesforce is built to protect data & apps.
• It provides an infrastructure to implement data security.
• Preventing unauthorized and unauthenticated access.

ORG LEVEL SECURITY

• Who can login?
• When can user login?
• Where can user login?
  • Org wide trusted IP ranges.
  • Profile based IP restrictions
• Authentication & Password Policies
• Setting up business hours

OBJECT LEVEL SECURITY

• Using profiles/permission sets we can set up who all access to a particular object.
• We can define CRUD permissions for object.
• Special Permissions
  • View All Data
  • Modify All Data
• No permission set or sharing rule will work if one of these permission is set of profile.

FIELD LEVEL SECURITY

• Using profiles/permission sets we can set what access the user has on fields[read/write]
• Permission sets can only add access to profiles, can’t restrict it.
• If a field is not having read/write access on profile, we can’t access that field in apex also.

RECORD LEVEL SECURITY

• Defines access for records to the users
• We can achieve this by:
  • Org Wide Defaults
  • Role Hierarchy
  • Sharing Rules
  • Manual Sharing
• Common values are:
  • Public Read Only
  • Private
  • Public Read/Write
  • Controlled By Parent(In Master Detail)
  • Public Read/Write or Transfer(For Lead & Case)

ROLE HIERARCHIES

• First we set up roles
• If grant access hierarchy is enabled, it provides access to user with the roles above the current user.
• opens up access vertically.

SHARING RULES

• Two type are there:
  • Bases On Owner
  • Based On Criteria
• Records can be shared with roles, roles & subordinates, public groups or individual users.
• Depending upon the OWD, the only options are
  • Read Only
  • Read/Write in sharing rules

MANUAL SHARING OF RECORD

• Owner can manually share the record to other users.
• Manual sharing option need to be enabled.
• It is required only if the OWD setting for the object is Private or Public Read Only.

NOTES

Users can add Notes & Attachments only if they have read/write access to the object.

• Asynchronous Triggers
• Order of Execution In Fun Way
• Security In Salesforce
• FLS Is Not Editable But Why?
• Salesforce Communities, Portals, and Sites

Name(required)

Email(required)

Please rate our website(required) 1 – Very Bad

2 – Poor

3 – Average

4 – Good

5 – Excellent

How could we improve?

Send Feedback

1. 
   Kamaal Ahmad Usmani(11x SFDC|2x Copado|6x Conga|1x Flosum) on Asynchronous TriggersOctober 1, 2020

   Thnx Rahul for the motivation

2. 
   rahul sharma on Asynchronous TriggersOctober 1, 2020

   nice blog! keep it up!

3. 
   Sudhir on With Sharing, Without Sharing and Inherited SharingJune 1, 2020

   Explained it very well

4. 
   Kamaal Ahmad Usmani on With Sharing, Without Sharing and Inherited SharingMarch 29, 2020

   Thnx Sanjay

5. 
   sanjay on With Sharing, Without Sharing and Inherited SharingMarch 29, 2020

   best one and original words, not copied from any other blog