Scribd
Upload
6 views

data security

Data security in Salesforce is essential for protecting sensitive information and is implemented through a multi-level security model including organization-level, object-level, field-level, and record-level security. Each level has specific mechanisms such as login access policies, permission sets, and sharing rules to control access to data. This comprehensive approach ensures that data integrity, confidentiality, and availability are maintained within the organization.

Uploaded by

vignesh
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
6 views

data security

Data security in Salesforce is essential for protecting sensitive information and is implemented through a multi-level security model including organization-level, object-level, field-level, and record-level security. Each level has specific mechanisms such as login access policies, permission sets, and sharing rules to control access to data. This comprehensive approach ensures that data integrity, confidentiality, and availability are maintained within the organization.

Uploaded by

vignesh
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 20

DATA SECURITY

IN
SALESFORCE
INTRODUCTION
 Data security in salesforce is a critical aspect of maintain the integrity,
confidentiality and availability of data with in an organization.
 Salesforce, a leading customer relationship management (CRM) platform,
handles a vast amount of sensitive information, including customer data,
financial records and internal documents.
 In Salesforce, data is stored in three key constructions: objects, fields and
records. Objects are similar to tables in database, fields are similar to columns
of the table, records are rows of the data inside the table.
 Salesforce uses object-level, field-level and record-level security to secure
access to object, field and individual records.
 Salesforce security model is powerful than any other CRM security model.
 Salesforce implements security at multiple levels
to ensure comprehensive protection of data and
applications. These levels are broadly
categorized into four main levels.

1. Organization-Level Security
2. Object-Level Security
3. Field-Level Security
4. Record-Level Security
1. ORGANIZATION - LEVEL SECURITY

❖ Login Access Policies : Control login access


based on IP restrictions and login hours to ensure
that users access Salesforce from trusted
locations and during specified times.
❖ Session Security Settings : Manage session
settings, timeout periods, and session-based IP
address restrictions to enhance security.
2. OBJECT – LEVEL SECURITY
➢ Defining access permissions to objects within
salesforce, specifying which users can Create,
Read, Edit and Delete.
➢ Object-Level security can be done in two ways.
• Profiles
• Permission sets
3. FIELD – LEVEL SECURITY

➢ Restrict access to individual fields within an object,


ensuring sensitive data fields are visible or editable
only to authorized users.
➢ Field-level security can done in two ways.
• In field level security while creating the fields
• Permission sets
4. RECORD – LEVEL SECURITY
➢ Restrictaccess to records, ensuring sensitive data
records are visible or editable only to authorized
users.
➢ Record-level security can done in five ways.
• Organization Wide Defaults (OWD)
• Role Hierarchies
• Sharing Rules
• Manual sharing
• Apex sharing
Organizational Wide Defaults (OWD)
 Organizational Wide Defaults set baseline access
levels for records, determining whether records
are private, public read-only or public read/write.
 These settings control how data is shared among
users, ensuring that sensitive information is
protected while allowing necessary data access
for business operations.
Role Hierarchies

 Establishing a hierarchical structure that grants


access to records based on a user’s role in the
organization.
 Data is only transferred when we enable the
option called Grant Access using Hierarchies in
sharing settings
Sharing Rules
❖ Sharing rules in salesforce are used to extend the access to
records granted by organization wide defaults and role
hierarchy.
❖ Sharing rules are used to share records among roles, roles
and internal sub-ordinates, public groups to ensure
appropriate access.
❖ This flexibility allows for fine-tuned control over who can
view or edit records beyond the standard security settings.
❖ In sharing rules, we can share records in two ways
• Based on record owner
• Based on criteria
Manual Sharing
➢ Manual sharing in salesforce is a feature that allows
users to grant specific access to individual records to
other users.
➢ This type of sharing is used when the standard
sharing settings (OWD, Role hierarchy & sharing
settings) do not provide the necessary access
controls for specific business requirements.
➢ Manual sharing is particularly useful for granting
temporary or exceptional access to records.
Apex Sharing
❖ Apex sharing in salesforce allows developers to
programmatically share records using Apex code.
❖ This is particularly useful when standard sharing
rules and manual sharing are not sufficient to meet
complex business requirements.
❖ Apex sharing provides a flexible and powerful way
to control record access at granular level.
Manual Sharing

Sharing Rules

Role Hierarchies

Organization Wide
Defaults
Scenarios
Thank you

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy