Security In Salesforce

  1. Org Level Security
  2. Object Level Security
  3. Field Level Security
  4. Record Level Security

Security Meaning In Salesforce:

  • Salesforce is a cloud technology and multiple users use it simultaneously so security is needed to protect data from different level of users and outside users.
  • Salesforce is built to protect data & apps.
  • It provides an infrastructure to implement data security.
  • Preventing unauthorized and unauthenticated access.

ORG LEVEL SECURITY

  • Who can login?
  • When can user login?
  • Where can user login?
    • Org wide trusted IP ranges.
    • Profile based IP restrictions
  • Authentication & Password Policies
  • Setting up business hours

OBJECT LEVEL SECURITY

  • Using profiles/permission sets we can set up who all access to a particular object.
  • We can define CRUD permissions for object.
  • Special Permissions
    • View All Data
    • Modify All Data
  • No permission set or sharing rule will work if one of these permission is set of profile.

FIELD LEVEL SECURITY

  • Using profiles/permission sets we can set what access the user has on fields[read/write]
  • Permission sets can only add access to profiles, can’t restrict it.
  • If a field is not having read/write access on profile, we can’t access that field in apex also.

RECORD LEVEL SECURITY

  • Defines access for records to the users
  • We can achieve this by:
    • Org Wide Defaults
    • Role Hierarchy
    • Sharing Rules
    • Manual Sharing
  • Common values are:
    • Public Read Only
    • Private
    • Public Read/Write
    • Controlled By Parent(In Master Detail)
    • Public Read/Write or Transfer(For Lead & Case)

ROLE HIERARCHIES

  • First we set up roles
  • If grant access hierarchy is enabled, it provides access to user with the roles above the current user.
  • opens up access vertically.

SHARING RULES

  • Two type are there:
    • Bases On Owner
    • Based On Criteria
  • Records can be shared with roles, roles & subordinates, public groups or individual users.
  • Depending upon the OWD, the only options are
    • Read Only
    • Read/Write in sharing rules

MANUAL SHARING OF RECORD

  • Owner can manually share the record to other users.
  • Manual sharing option need to be enabled.
  • It is required only if the OWD setting for the object is Private or Public Read Only.

NOTES

Users can add Notes & Attachments only if they have read/write access to the object.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: