The Basics of a Data Security Model in Salesforce
Salesforce provides a flexible and extensive data security model. This makes it highly effective, but it can be complex and maybe even a little daunting. Developing an intentional strategy and structured approach is key to ensuring the right people in your organization have access to the correct information.
Data is organized in Salesforce by objects, fields, and records. You can think of objects as tables — like a sheet in an excel spreadsheet. Fields would correspond to columns, while records would correspond to rows. Salesforce uses these four constructs, plus your Salesforce org, as the basis of its security model:
- Organization-level security
- Object-level security
- Field-level security
- Record-level security
Here’s a basic overview of each of these to help give you the foundational knowledge needed to form your data security strategy.
Organization-level security is what determines who can access your Salesforce org, as well as when and where they can access it. You can use IP restrictions to limit the IP addresses users can use to log in, and you can use Login Access to control what times users can log in.
Object-level security controls whether a user has access to an object. There are two ways you can manage this — profiles and permission sets
Each user is assigned a profile, which you can use to configure the minimum access required. Salesforce has some standard profiles you can assign (System Administrator, Standard User, etc.), but you cannot customize the access permissions of these standard profiles. You can, however, create custom profiles that allow you to configure access according to your organization’s needs.
2. Permission Sets
Permission sets are generally a more effective way to control access to object-level and field-level security. While profiles are helpful to configure your minimum access levels, permission sets give you much more flexibility.
While only one profile can be assigned to a user, you can assign multiple permission sets to a user. So when you’re designing your security model, you can develop your permission sets in accordance with your business processes, making your data security model more flexible and tailored to your specific users’ needs.
Salesforce also allows you to group permission sets to make them easier to manage and make it easier to apply all relevant permission sets to a user. It’s also important to note that while a profile can effectively remove access to an object, field, or app, a permission set can only be used to grant additional access to these elements.
Profiles and permission set also control a user’s access to fields. This is helpful when you want a user to have access to an object but maybe want to limit whether they can see, edit, or delete the value of a particular field.
As with objects, profiles and permission sets are used to control field-level security.
Commonly known as record sharing, record-level security determines what records a user has access to. There are four primary ways to control record access:
- Organization-wide defaults
- Role hierarchy
- Sharing rules
- Manual sharing
Here’s a simple breakdown of each.
This is the minimum standard of security access provided for records. These can be set as:
- Private — only the record owner has access
- Public Read Only — all users can view the record but not edit or delete it
- Public Read/Write — all users can view and edit the record
Simply put, organization-wide defaults determine the kind of access non-record owners have to records in an object.
Role hierarchies enable users with higher roles to have access to all the records of the employees they manage. For example, for a sales manager, you would add them to a role in Salesforce that would give them access to all the records of the salespeople they manage.
This doesn’t necessarily mean it directly aligns with your org chart. The org chart may be a helpful starting point, but you’ll need feedback from all the various stakeholders to understand how the hierarchies of data access should work for their users.
Instead of access being granted based on a vertical hierarchy, sharing rules allow you to grant access horizontally with users who are assigned the same or a different role. There are two ways to do this: owner-based sharing and criteria-based sharing.
Owner-based sharing is based on characteristics of the owner of the records — such as their role or membership in a group.
Criteria-based sharing is based on the values of a field within the records of that object and whether they meet predetermined criteria.
Manual sharing is when one user manually grants access to a record to another person using the sharing button on the record details page.
Data security in Salesforce is a somewhat complex topic, but with an understanding of the basics covered in this post, you’ll have the foundation you need to build an effective security model for your organization.
If you’re struggling to build an effective data security model or you want to revisit or redesign your current one, Contact Ventas Consulting to learn how we can help.