It is said that loose lips sink ships! Hence the security of your business data residing within Salesforce is of essence. This episode talks about the tools and techniques available to enforce data security on Salesforce. Let’s see how we can Managing Data Access in Salesforce using Profiles & Permission Sets.
What is Profile?
- Define user permissions to perform different functions
- A profile is collection of settings and permissions
- Each standard profile includes a default set of permissions for all standard objects available on platform
- System Administrator profile has the widest access to data and the greatest ability to configure and customize Salesforce.
- System Administrator also has special permissions
- View All Data
- Modify All Data
- These permissions override all other sharing settings
- You can not edit object permissions on standard profile
What is Permission Set?
- Permission set is collection of settings and permissions that give users access to various tools and functions
- Permission sets extend user’s functional access without changing their profiles.
- Users can have only one profile, but they can have multiple permission sets
- You’ll be using permission sets for two general purposes
- To grant access to custom objects or app
- To grant permissions—temporarily or long term—to specific fields
- A permission can only add permissions
- To take away a permission, you have to remove it from the user’s base profile and from any permission sets the user may have
Field Level Security
- Field-level security settings let you restrict user’s access to view and edit specific fields.
- Roll-up summary and formula fields are read-only on detail pages and not available on edit pages
- They can also be visible to users even though they reference fields that your users can’t see
- Field settings can be applied either by modifying profiles or permission sets or from the Field Accessibility menu in Setup
- A role hierarchy works together with sharing settings to determine the levels of access users have to your Salesforce data
- Users can access the data of all the users directly below them in the hierarchy
- Each role in the hierarchy just represents a level of data access that a user or group of users needs
- In the Organization-Wide Defaults related list, if the Grant Access Using Hierarchies option is disabled for a custom object, only the record owner and users granted access by the org-wide defaults receive access to the object’s records.
- A user is anyone who logs in to Salesforce
- Users are employees at your company, such as sales reps, managers, and IT specialists, who need access to the company’s records
- Every user in Salesforce has a user account
- The user account settings determine what features and records the user can access
- Salesforce provides a flexible, layered sharing model that makes it easy to assign different data sets to different sets of users
Managing Data Access in Salesforce Demo
Here is playlist link for all recording