Security Model in Salesforce | QR Solutions
qrsolutionsau
72 views
9 slides
Dec 18, 2023
Slide 1 of 9
1
2
3
4
5
6
7
8
9
About This Presentation
In Salesforce, data is stored in three key constructions: objects, fields, and records. Objects are similar to tables in databases. Fields are similar to columns of the table. Records are similar to rows of data inside the table
Slide Content
SECURITY MODEL IN
SALESFORCE
www.qrsolutions.com.au
SALESFORCE
www.qrsolutions.com.au
Introduction
In Salesforce, data is stored in three key constructions: objects, fields, and records.
Objects are similar to tables in databases. Fields are similar to columns of the table. Records are similar to
rows of data inside the table. Salesforce uses object-level, field-level, and record-level security to secure
access to object, field, and individual records. Salesforce security model is powerful than any other CRM
security model.
Scenario
John is an experienced leader who has recently joined ABC Corp as a sales executive. She also has a
marketing background and reports directly to the CEO. She needs access to various objects and apps in
Salesforce.
In Salesforce, data is stored in three key constructions: objects, fields, and records.
Objects are similar to tables in databases. Fields are similar to columns of the table. Records are similar to
rows of data inside the table. Salesforce uses object-level, field-level, and record-level security to secure
access to object, field, and individual records. Salesforce security model is powerful than any other CRM
security model.
Scenario
John is an experienced leader who has recently joined ABC Corp as a sales executive. She also has a
marketing background and reports directly to the CEO. She needs access to various objects and apps in
Salesforce.
Layer 1: Object-level-security
Object-level access can be managed through two configurations, profiles and permission sets.
Object-level access can be managed through two configurations, profiles and permission sets.
1.1 Profiles
In Salesforce, profiles control access to object-level and field-level security among other things like apps,
tabs, and so on.
Since Maria is a new employee, an admin needs to add John to the appropriate profile that has access to
sales apps and related objects to begin giving her access to Salesforce data.
1.2 Permission sets
Since John has a marketing background, let’s say she wants to access the Campaigns object to help with
marketing. The admin wants to give permission to access Campaigns just to John. This is where
permission sets come in. Permission sets are used to provide additional (usually special) permissions to
users who are already in a profile.
In Salesforce, profiles control access to object-level and field-level security among other things like apps,
tabs, and so on.
Since Maria is a new employee, an admin needs to add John to the appropriate profile that has access to
sales apps and related objects to begin giving her access to Salesforce data.
1.2 Permission sets
Since John has a marketing background, let’s say she wants to access the Campaigns object to help with
marketing. The admin wants to give permission to access Campaigns just to John. This is where
permission sets come in. Permission sets are used to provide additional (usually special) permissions to
users who are already in a profile.
Layer 2: Field-level-security
Even if John has access to objects, she still needs access to individual fields of each object. In Salesforce,
profiles also control field-level access.
An admin can provide read and write permissions for individual fields. An admin can also set a field to
hidden, completely hiding the field to that user.
Layer 3: Record-level security
This is where record-level security comes in. Salesforce provides five ways to share records with others
and access others’ records.
Even if John has access to objects, she still needs access to individual fields of each object. In Salesforce,
profiles also control field-level access.
An admin can provide read and write permissions for individual fields. An admin can also set a field to
hidden, completely hiding the field to that user.
Layer 3: Record-level security
This is where record-level security comes in. Salesforce provides five ways to share records with others
and access others’ records.
Types of record-level security (also known as record sharing rules)
Types of Record level sharing permissions
Types of Record level sharing permissions
Record-level-security: organization-wide sharing defaults
Organization-wide defaults (OWD) control the default behavior of how every record of a given object (for
example, Accounts) is accessed by users who do not own the record. For example:
If OWD for Accounts is Private, it means Maria can only see records she is a owner of.1.
If OWD for Accounts is Read/Write, it means anyone can read and update (but not delete) the record2.
Record -level-security: role hierarchies
Record-level security lets you give users access to some object records, but not others. The owner has full
access to the record. In a hierarchy, users higher in the hierarchy always have the same access to users
below them in the hierarchy.
Organization-wide defaults (OWD) control the default behavior of how every record of a given object (for
example, Accounts) is accessed by users who do not own the record. For example:
If OWD for Accounts is Private, it means Maria can only see records she is a owner of.1.
If OWD for Accounts is Read/Write, it means anyone can read and update (but not delete) the record2.
Record -level-security: role hierarchies
Record-level security lets you give users access to some object records, but not others. The owner has full
access to the record. In a hierarchy, users higher in the hierarchy always have the same access to users
below them in the hierarchy.
Record-level-security: Apex managed sharing
If sharing rules and manual sharing don’t give you the control you need, you can use Apex managed
sharing. Apex managed sharing allows developers to programmatically share custom objects. When you
use Apex managed sharing to share a custom object, only users with the “Modify All Data” permission
can add or change the sharing on the custom object’s record, and the sharing access is maintained across
record owner changes
Wrapping up
Today, Salesforce delivers three layers of exceptional security with stupendous flexibility to
accommodate any industry need. Salesforce is purely a secured CRM, so you can embrace it without any
fear.
If sharing rules and manual sharing don’t give you the control you need, you can use Apex managed
sharing. Apex managed sharing allows developers to programmatically share custom objects. When you
use Apex managed sharing to share a custom object, only users with the “Modify All Data” permission
can add or change the sharing on the custom object’s record, and the sharing access is maintained across
record owner changes
Wrapping up
Today, Salesforce delivers three layers of exceptional security with stupendous flexibility to
accommodate any industry need. Salesforce is purely a secured CRM, so you can embrace it without any
fear.
Categories
TechnologyDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 72
- Slides 9
- Age 714 days
Related Slideshows
11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
44 views
10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
44 views
13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
36 views
11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
33 views
21
Know for Certain
DaveSinNM
19 views
17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
23 views