Abstract image of a woman sitting on books and studying on a laptop

Sharing and security in Salesforce

Download as PPTX, PDF
Saurabh Kulkarni, profile picture
Saurabh Kulkarni

This document discusses sharing and security controls in Salesforce, including profiles, permission sets, and record-level security. Profiles control object, field, and user permissions, while permission sets can grant additional access. Record-level security can be set at the organization, manual sharing, role hierarchy, and sharing rule levels to determine which users can access individual records.

Software
1 of 19
Downloaded 259 times
1
2
Most read
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
Sharing & Security Salesforce.com
Why Cloud…?? • Bringing down computing costs in organization. • Freedom to access data anywhere from any of the devices. (Mobile, Tablets, Computers, etc.) • Centralized and agile. • More Secure than a scattered network. • No headache of maintaining servers.
Sharing & Security Importance • First of all it is important that who's actually going to be using the app. • How much access they should have to the data. • Otherwise app will expose sensitive information. • So the security controls should be configured, and the access should be defined.
Controlling Access To Objects Controlling the application access can be done by two ways which are actually the collection of Settings and Permissions • Profile : A mandatory field of user which provides settings and permission which are used for data access purpose. • Permission Sets : A non-mandatory field that provide extra access to objects, fields etc.
Profiles What controls a Profile holds: • Object Permission • Field permissions (Field-level security) • User permissions • Tab settings • App settings • Apex class access • VisualForce page access • Page layouts • Record types • Login hours • Login IP ranges
Standard Profiles • Read Only • Standard User • Marketing User • Contract Manager • Solution Manager • System Administrator Creating a new profile will ask you to refer existing profile or make a clone of it.
Permission Sets What controls a Permission set holds: • Object permissions • Field permissions(Field Level Security) • User permissions • Tab settings • App settings • Apex class access • VisualForce page access
License Concept behind the User, Profiles & Permission sets • While creating a user , profile or a permission set the license must be specified. • These licenses are having some accessibilities which are provided along with them. • The license of a user should match with the permission set we are applying to it. • The licenses of a user, its profile and the permission set that is being assigned to it, are the same.
Comparing Profiles & Permission Sets • User can have only one Profile but can have many permission sets. • Profiles are having more permissions options than permission sets. Record type, Page layout, Login hours, Login IP ranges is missing from the permission set. • Permissions are mostly used for temporary purpose. • Profile are mandatory and used for minimum access. • Permission are not mandatory and always used to grant more access.
Data Access Concepts • Object-Level Security : Preventing a user from seeing, creating, editing, or deleting any instance of a particular type of object. • A profile or a permission set can provide object-level security. • Defined using Tab settings and object permissions. • Field-Level Security : Preventing a user from seeing, editing, or deleting the value for a particular field on an object. • A profile or a permission set can provide Field-level security. • Provide Read and Edit options for fields. • Record-Level Security : Preventing a user for individual object records that he is allowed to see.
Record-Level Security can be achieved by: • Organization-wide Defaults : Allow us to specify the baseline level of access that a user has in our organization. The access can be, • Private • Public Read-only • Public Read/Write Org-wide defaults do not sets the access levels for a child record of Master-detail Relationship. • Manual Sharing : Allows record owners to give read and edit permissions to users who might not have access to the record any other way.
• Role Hierarchies : Allow us to make sure that a user above in role hierarchy will always have access to the same records as his or her subordinates. • Grant access using role hierarchies can be decided from Org-wide Defaults for custom objects. • Sharing Rule : Allow us to make automatic exceptions to organization-wide defaults for particular groups of users. • Allows to be based on owner of record & Based on criteria. • Share with Public Groups.
Points to Remember about the Record-Level Securities : • A Record-Level Security is used to grant more access not to restrict access. So we can say Org-default as most restrictive among all the record level securities. • A record creator can not be changed but the owner of the record can be changed. • A record can also be shared using the Apex Managed Sharing.
Displaying Field Values and Page Layouts According to Profiles • We can use the different page layouts for different profiles. • For that, what we need is the record type. • The record type created will be assigned with a new page layout created. • Afterwards page layouts access can be assigned through the Profiles. • For field access the page layouts can further be modified.
Exploring ViewAll/ ModifyAll • The ViewAll and ModifyAll from the Profile ignores all the sharing model , role hierarchies, sharing rules. • These provides access to all the records created by any type of user. • ModifyAll gives ability to mass transfer , mass update, mass delete records. • ModifyAll gives access to approvals also to Accept or Reject.
Field Accessibility • The Sharing Controls of Salesforce provides a Field Accessibility which allows to view & modify the fields access from different aspects for a particular object. • View By Fields • View By Profiles • View By Record types
Delegating Data Administration • There are two ways to quickly delegate restricted data administration access: • Object-Level Permissions • Provides the all Object level access to other user which can then act as a delegated administrator. • Delegated Administration Group. • Creating a new non-admin i.e. delegated administration group with limited admin privileges which are rather than object settings. Like creating new user, modify user , reset passwords, access to selected objected provided by primary admin.
Accessing Records in Apex • While accessing the records or information of an custom object using SOQL queries will give you all the records access even if the user accessing it is not having the access to those records. • So at these conditions use the following type of syntax to classes to restrict the access as per the sharing rules Public with sharing class MyClassname{ }
Thank You

More Related Content

PPTX
Salesforce Development Best Practices
Vivek Chawla
 
PPTX
Salesforce sharing and visibility Part 1
Ahmed Keshk
 
PDF
Getting started with Salesforce security
Salesforce Admins
 
PPTX
Profiles and permission sets in salesforce
Sunil kumar
 
PDF
Apex Enterprise Patterns: Building Strong Foundations
Salesforce Developers
 
PDF
Introducing salesforce shield - Paris Salesforce Developer Group - Oct 15
Paris Salesforce Developer Group
 
PPTX
Introduction to Apex for Developers
Salesforce Developers
 
PDF
Introduction to Apex Triggers
Salesforce Developers
 
Salesforce Development Best Practices
Vivek Chawla
 
Salesforce sharing and visibility Part 1
Ahmed Keshk
 
Getting started with Salesforce security
Salesforce Admins
 
Profiles and permission sets in salesforce
Sunil kumar
 
Apex Enterprise Patterns: Building Strong Foundations
Salesforce Developers
 
Introducing salesforce shield - Paris Salesforce Developer Group - Oct 15
Paris Salesforce Developer Group
 
Introduction to Apex for Developers
Salesforce Developers
 
Introduction to Apex Triggers
Salesforce Developers
 

What's hot (20)

PPTX
Sharing and setting in salesforce
Vishesh Singhal
 
PPTX
Record sharing model in salesforce
Sunil kumar
 
PPTX
Salesforce admin training 1
HungPham381
 
PPTX
Profiles and permission sets
Vishesh Singhal
 
PPT
Security and Your Salesforce Org
Salesforce Admins
 
PPT
Salesforce REST API
Bohdan Dovhań
 
PDF
Setting up Security in Your Salesforce Instance
Salesforce Developers
 
PDF
Introduction to the Salesforce Security Model
Salesforce Developers
 
PDF
Salesforce Admin 201-certification Notes
Aslam Tayyab
 
PPT
Salesforce Security Model (Dmitry Goshko, Igor Haritonovich)
Yury Bondarau
 
PPTX
Salesforce Integration Patterns
usolutions
 
PPTX
Salesforce Security Best Practices for Every Admin
Cloud Analogy
 
PPTX
Salesforce Integration Pattern Overview
Dhanik Sahni
 
PPTX
REST API in Salesforce
Vivek Deepak
 
PDF
What Is Salesforce CRM, Editions, Licenses?
Thinqloud
 
PPTX
Integrating with salesforce
Mark Adcock
 
ODP
Workflow in Salesforce
MST Solutions LLC
 
PDF
Champion Productivity with Service Cloud
Salesforce Admins
 
PPTX
Episode 4 - Introduction to SOQL in Salesforce
Jitendra Zaa
 
PPTX
Introducing the Salesforce platform
John Stevenson
 
Sharing and setting in salesforce
Vishesh Singhal
 
Record sharing model in salesforce
Sunil kumar
 
Salesforce admin training 1
HungPham381
 
Profiles and permission sets
Vishesh Singhal
 
Security and Your Salesforce Org
Salesforce Admins
 
Salesforce REST API
Bohdan Dovhań
 
Setting up Security in Your Salesforce Instance
Salesforce Developers
 
Introduction to the Salesforce Security Model
Salesforce Developers
 
Salesforce Admin 201-certification Notes
Aslam Tayyab
 
Salesforce Security Model (Dmitry Goshko, Igor Haritonovich)
Yury Bondarau
 
Salesforce Integration Patterns
usolutions
 
Salesforce Security Best Practices for Every Admin
Cloud Analogy
 
Salesforce Integration Pattern Overview
Dhanik Sahni
 
REST API in Salesforce
Vivek Deepak
 
What Is Salesforce CRM, Editions, Licenses?
Thinqloud
 
Integrating with salesforce
Mark Adcock
 
Workflow in Salesforce
MST Solutions LLC
 
Champion Productivity with Service Cloud
Salesforce Admins
 
Episode 4 - Introduction to SOQL in Salesforce
Jitendra Zaa
 
Introducing the Salesforce platform
John Stevenson
 
Ad

Viewers also liked (14)

PDF
Managing the Role Hierarchy at Enterprise Scale
Salesforce Developers
 
PPTX
Salesforce Security with Visibility, Control & Data Protection
CipherCloud
 
PDF
How-to Create a 'Lock' record in Salesforce
Saaspoint
 
PPT
Custom Links Buttons In Salesforce Com
amber9904
 
PPTX
Data model in salesforce
Chamil Madusanka
 
PPTX
How to be a SalesFIERCE Salesforce Admin
Jared Miller
 
PDF
Envisioning IC ITE: The Next Generation of Information Sharing
Gov BizCouncil
 
PPTX
Who Sees What When? Using Dynamic Sharing Rules To Manage Access To Records
vraopolisetti
 
PDF
12 Things Your Salesforce Admin Needs You to Know
Cloudingo
 
PPTX
Trailhead Live Developer Workshop - Salesforce App Cloud
Sam Garforth
 
PPTX
Data Management for Salesforce Admins at Dreamforce 2016
Salesforce Admins
 
PPTX
Secure Development on the Salesforce Platform - Part I
Salesforce Developers
 
PPT
Advanced Platform Series - OAuth and Social Authentication
Salesforce Developers
 
PPT
Salesforce Data Structures
Idealist Consulting
 
Managing the Role Hierarchy at Enterprise Scale
Salesforce Developers
 
Salesforce Security with Visibility, Control & Data Protection
CipherCloud
 
How-to Create a 'Lock' record in Salesforce
Saaspoint
 
Custom Links Buttons In Salesforce Com
amber9904
 
Data model in salesforce
Chamil Madusanka
 
How to be a SalesFIERCE Salesforce Admin
Jared Miller
 
Envisioning IC ITE: The Next Generation of Information Sharing
Gov BizCouncil
 
Who Sees What When? Using Dynamic Sharing Rules To Manage Access To Records
vraopolisetti
 
12 Things Your Salesforce Admin Needs You to Know
Cloudingo
 
Trailhead Live Developer Workshop - Salesforce App Cloud
Sam Garforth
 
Data Management for Salesforce Admins at Dreamforce 2016
Salesforce Admins
 
Secure Development on the Salesforce Platform - Part I
Salesforce Developers
 
Advanced Platform Series - OAuth and Social Authentication
Salesforce Developers
 
Salesforce Data Structures
Idealist Consulting
 
Ad

Similar to Sharing and security in Salesforce (20)

PPTX
SFDC Database Security
Sujit Kumar
 
PPTX
Advanced Apex Security Expert Tips and Best Practices (1).pptx
mohayyudin7826
 
PDF
Salesforce Sharing and Security overview for new admins and devs
SayedMossad1
 
PDF
recordsharingmodelinsalesforce-170519074428.pdf
rohitgupt1
 
PPTX
Security Boundaries in Apex
Salesforce Developers
 
PDF
Security Model in Salesforce | QR Solutions
qrsolutionsau
 
PPTX
Review on Data Security.pptx
KadharBashaJ
 
PPTX
Secure Coding: Field-level Security, CRUD, and Sharing
Salesforce Developers
 
PPTX
Apex managed sharing
Kiran B
 
PDF
2020 07-22 fireside chat : Record Ownership Deep Dive
Jihun Jung
 
PDF
Secure Salesforce: CRUD / FLS / Sharing
Salesforce Developers
 
PDF
Keeping it Simple with Permission Sets
Configero
 
PPTX
Salesforce Sharing Architecture
gemziebeth
 
PPTX
Salesforce admin training 2
HungPham381
 
PPTX
Force.com security
Vijay Naik
 
PDF
ABCs of Security in the Cloud Webinar
Salesforce Developers
 
PDF
Salesforce Miami User Group Event - WrapUp
SkyPlanner
 
PDF
2020 07-08 fireside chat sharing architecture
Jihun Jung
 
PDF
Salesforce Administrator | Security Implementation Guide 2014
Piper powered by Icontrol
 
PPTX
Adm 201 study group session 1 user interface kathy c
ovalisgroup
 
SFDC Database Security
Sujit Kumar
 
Advanced Apex Security Expert Tips and Best Practices (1).pptx
mohayyudin7826
 
Salesforce Sharing and Security overview for new admins and devs
SayedMossad1
 
recordsharingmodelinsalesforce-170519074428.pdf
rohitgupt1
 
Security Boundaries in Apex
Salesforce Developers
 
Security Model in Salesforce | QR Solutions
qrsolutionsau
 
Review on Data Security.pptx
KadharBashaJ
 
Secure Coding: Field-level Security, CRUD, and Sharing
Salesforce Developers
 
Apex managed sharing
Kiran B
 
2020 07-22 fireside chat : Record Ownership Deep Dive
Jihun Jung
 
Secure Salesforce: CRUD / FLS / Sharing
Salesforce Developers
 
Keeping it Simple with Permission Sets
Configero
 
Salesforce Sharing Architecture
gemziebeth
 
Salesforce admin training 2
HungPham381
 
Force.com security
Vijay Naik
 
ABCs of Security in the Cloud Webinar
Salesforce Developers
 
Salesforce Miami User Group Event - WrapUp
SkyPlanner
 
2020 07-08 fireside chat sharing architecture
Jihun Jung
 
Salesforce Administrator | Security Implementation Guide 2014
Piper powered by Icontrol
 
Adm 201 study group session 1 user interface kathy c
ovalisgroup
 

Recently uploaded (20)

PPTX
Patient Appointment Booking in Odoo with online payment
AxisTechnolabs
 
PPTX
GSA Content Generator Crack (2025 Latest)
halimaanam8
 
PDF
EaseUS PDF Editor Pro 6.2.0.2 Crack with License Key 2025
halimaanam8
 
PDF
Microsoft Office 365 Crack Download Free
wasibhadar
 
PDF
How Tridens DevSecOps Ensures Compliance, Security, and Agility
Tridens
 
PDF
Topaz Photo AI Crack New Download (Latest 2025)
hashmi66g66
 
PDF
AI/ML Infra Meetup | LLM Agents and Implementation Challenges
Alluxio, Inc.
 
PDF
iTop VPN Crack Latest Version Full Key 2025
hashmianya37
 
PDF
MCP Security Tutorial - Beginner to Advanced
Harish Ramadoss
 
PDF
Ableton Live Suite for MacOS Crack Full Download (Latest 2025)
hashmi66g66
 
PPTX
Weekly report ppt - harsh dattuprasad patel.pptx
bikerslovers123
 
PDF
Website Design Services for Small Businesses.pdf
ecomme9
 
DOCX
How to Use SharePoint as an ISO-Compliant Document Management System
Sharepoint Designs
 
PDF
Top 10 Software Development Trends to Watch in 2025 🚀.pdf
KodekX
 
PDF
AI Guide for Business Growth - Arna Softech
Arna Softech
 
PPTX
Tech Workshop Escape Room Tech Workshop
muthuiyad
 
DOCX
Modern SharePoint Intranet Templates That Boost Employee Engagement in 2025.docx
Sharepoint Designs
 
PDF
How AI/LLM recommend to you ? GDG meetup 16 Aug by Fariman Guliev
HusseinMalikMammadli
 
PDF
Time Tracking Features That Teams and Organizations Actually Need
Orangescrum
 
PDF
AI/ML Infra Meetup | Beyond S3's Basics: Architecting for AI-Native Data Access
Alluxio, Inc.
 
Patient Appointment Booking in Odoo with online payment
AxisTechnolabs
 
GSA Content Generator Crack (2025 Latest)
halimaanam8
 
EaseUS PDF Editor Pro 6.2.0.2 Crack with License Key 2025
halimaanam8
 
Microsoft Office 365 Crack Download Free
wasibhadar
 
How Tridens DevSecOps Ensures Compliance, Security, and Agility
Tridens
 
Topaz Photo AI Crack New Download (Latest 2025)
hashmi66g66
 
AI/ML Infra Meetup | LLM Agents and Implementation Challenges
Alluxio, Inc.
 
iTop VPN Crack Latest Version Full Key 2025
hashmianya37
 
MCP Security Tutorial - Beginner to Advanced
Harish Ramadoss
 
Ableton Live Suite for MacOS Crack Full Download (Latest 2025)
hashmi66g66
 
Weekly report ppt - harsh dattuprasad patel.pptx
bikerslovers123
 
Website Design Services for Small Businesses.pdf
ecomme9
 
How to Use SharePoint as an ISO-Compliant Document Management System
Sharepoint Designs
 
Top 10 Software Development Trends to Watch in 2025 🚀.pdf
KodekX
 
AI Guide for Business Growth - Arna Softech
Arna Softech
 
Tech Workshop Escape Room Tech Workshop
muthuiyad
 
Modern SharePoint Intranet Templates That Boost Employee Engagement in 2025.docx
Sharepoint Designs
 
How AI/LLM recommend to you ? GDG meetup 16 Aug by Fariman Guliev
HusseinMalikMammadli
 
Time Tracking Features That Teams and Organizations Actually Need
Orangescrum
 
AI/ML Infra Meetup | Beyond S3's Basics: Architecting for AI-Native Data Access
Alluxio, Inc.
 

Sharing and security in Salesforce

  • 1. Sharing & Security Salesforce.com
  • 2. Why Cloud…?? • Bringing down computing costs in organization. • Freedom to access data anywhere from any of the devices. (Mobile, Tablets, Computers, etc.) • Centralized and agile. • More Secure than a scattered network. • No headache of maintaining servers.
  • 3. Sharing & Security Importance • First of all it is important that who's actually going to be using the app. • How much access they should have to the data. • Otherwise app will expose sensitive information. • So the security controls should be configured, and the access should be defined.
  • 4. Controlling Access To Objects Controlling the application access can be done by two ways which are actually the collection of Settings and Permissions • Profile : A mandatory field of user which provides settings and permission which are used for data access purpose. • Permission Sets : A non-mandatory field that provide extra access to objects, fields etc.
  • 5. Profiles What controls a Profile holds: • Object Permission • Field permissions (Field-level security) • User permissions • Tab settings • App settings • Apex class access • VisualForce page access • Page layouts • Record types • Login hours • Login IP ranges
  • 6. Standard Profiles • Read Only • Standard User • Marketing User • Contract Manager • Solution Manager • System Administrator Creating a new profile will ask you to refer existing profile or make a clone of it.
  • 7. Permission Sets What controls a Permission set holds: • Object permissions • Field permissions(Field Level Security) • User permissions • Tab settings • App settings • Apex class access • VisualForce page access
  • 8. License Concept behind the User, Profiles & Permission sets • While creating a user , profile or a permission set the license must be specified. • These licenses are having some accessibilities which are provided along with them. • The license of a user should match with the permission set we are applying to it. • The licenses of a user, its profile and the permission set that is being assigned to it, are the same.
  • 9. Comparing Profiles & Permission Sets • User can have only one Profile but can have many permission sets. • Profiles are having more permissions options than permission sets. Record type, Page layout, Login hours, Login IP ranges is missing from the permission set. • Permissions are mostly used for temporary purpose. • Profile are mandatory and used for minimum access. • Permission are not mandatory and always used to grant more access.
  • 10. Data Access Concepts • Object-Level Security : Preventing a user from seeing, creating, editing, or deleting any instance of a particular type of object. • A profile or a permission set can provide object-level security. • Defined using Tab settings and object permissions. • Field-Level Security : Preventing a user from seeing, editing, or deleting the value for a particular field on an object. • A profile or a permission set can provide Field-level security. • Provide Read and Edit options for fields. • Record-Level Security : Preventing a user for individual object records that he is allowed to see.
  • 11. Record-Level Security can be achieved by: • Organization-wide Defaults : Allow us to specify the baseline level of access that a user has in our organization. The access can be, • Private • Public Read-only • Public Read/Write Org-wide defaults do not sets the access levels for a child record of Master-detail Relationship. • Manual Sharing : Allows record owners to give read and edit permissions to users who might not have access to the record any other way.
  • 12. • Role Hierarchies : Allow us to make sure that a user above in role hierarchy will always have access to the same records as his or her subordinates. • Grant access using role hierarchies can be decided from Org-wide Defaults for custom objects. • Sharing Rule : Allow us to make automatic exceptions to organization-wide defaults for particular groups of users. • Allows to be based on owner of record & Based on criteria. • Share with Public Groups.
  • 13. Points to Remember about the Record-Level Securities : • A Record-Level Security is used to grant more access not to restrict access. So we can say Org-default as most restrictive among all the record level securities. • A record creator can not be changed but the owner of the record can be changed. • A record can also be shared using the Apex Managed Sharing.
  • 14. Displaying Field Values and Page Layouts According to Profiles • We can use the different page layouts for different profiles. • For that, what we need is the record type. • The record type created will be assigned with a new page layout created. • Afterwards page layouts access can be assigned through the Profiles. • For field access the page layouts can further be modified.
  • 15. Exploring ViewAll/ ModifyAll • The ViewAll and ModifyAll from the Profile ignores all the sharing model , role hierarchies, sharing rules. • These provides access to all the records created by any type of user. • ModifyAll gives ability to mass transfer , mass update, mass delete records. • ModifyAll gives access to approvals also to Accept or Reject.
  • 16. Field Accessibility • The Sharing Controls of Salesforce provides a Field Accessibility which allows to view & modify the fields access from different aspects for a particular object. • View By Fields • View By Profiles • View By Record types
  • 17. Delegating Data Administration • There are two ways to quickly delegate restricted data administration access: • Object-Level Permissions • Provides the all Object level access to other user which can then act as a delegated administrator. • Delegated Administration Group. • Creating a new non-admin i.e. delegated administration group with limited admin privileges which are rather than object settings. Like creating new user, modify user , reset passwords, access to selected objected provided by primary admin.
  • 18. Accessing Records in Apex • While accessing the records or information of an custom object using SOQL queries will give you all the records access even if the user accessing it is not having the access to those records. • So at these conditions use the following type of syntax to classes to restrict the access as per the sharing rules Public with sharing class MyClassname{ }