With more than 150,000 customers worldwide, Salesforce stores and transacts a substantial amount of the world’s data daily. This customer base includes small to medium and large scale enterprises. Salesforce takes data security extremely seriously and builds security into every product that it builds, integrates, or offers to enterprises. Salesforce also provides a ton of resources around data security for admins and developers that will enable them to use Salesforce regularly without data security concerns.
However, just like personal data security, the best of Salesforce data security can be harnessed only if certain settings are enabled within the Salesforce ecosystem.
Salesforce data security is structured in such a way that admins can decide who can access what kind of data. Data access is segregated into four levels:
- Organization – An org-wide security policy that lists user-wise privileges in terms of access or editing of objects, fields, and records.
- Objects – Objects contain data like opportunities, leads, tasks, accounts, etc. They are usually shown as tabs atop the interface which can be clicked to view detailed information.
- Fields – Fields contain detailed information about objects. For example, for a lead or a customer, the field-level data would be account name, state/province, contact, type of lead, etc.
- Records – Records pertain to individual data of each field. For example, the name of the state within the state/province field, the first and last name of the customer, etc.
The admin can determine and allocate specific access controls to each of these data levels in Salesforce.
From a top-level, Salesforce data security progresses from organization-wide defaults to role hierarchies, sharing rules, and finally to manual sharing.
Source: https://help.salesforce.com/s/articleView?id=sf.managing_the_sharing_model.htm&type=5
Here is a quick overview of the data security controls by Salesforce –
Organization-Wide Defaults
Organization-wide defaults help you create an overarching access control for each object in Salesforce. Using role hierarchies and sharing settings (discussed below), you can extend the organization-wide default across the organization. For example, a private access setting will ensure that users can only access and view such objects that they own or are assigned to them. Similarly, you can extend the lead sharing rules to more users or groups forming part of the organization.
Other security settings like role hierarchy, sharing rules, and manual sharing help open up more data access for users.
Establish Role Hierarchy
Role hierarchy defines the level of access a user has based on their role hierarchy. Role hierarchy can mimic the organizational chart, but can also be an entirely different chart in huge organizations. Depending on the user’s role, they will have access to more data and objects.
In a role hierarchy, maximum data visibility is offered to users who are placed at the top of the hierarchy. For example, managers and leaders will be able to see more data than individual contributors who will have access only to data that is relevant and necessary to carry out their tasks.
Here is a role hierarchy tree view that shows how user access controls can be configured. Each user can view and update the data of users who are under their hierarchy.
Source: https://trailhead.salesforce.com/content/learn/modules/data_security/data_security_roles
Role hierarchy ensures that data access is opened up for those who need it and only for specific purposes that are relevant to their roles in the organization.
From the image above we can understand that the CRO has access to view and update every other user’s information in the organization. However, the VP of Developer or Human Resources can view and update the data of users who are under their hierarchy.
Tighten Sharing Settings
Salesforce makes it easy to work with small and large teams easily by allowing them to share records with internal and external users. There are default security settings in place that allow what data internal and external users can see. Using sharing rules, you can create exceptions for default settings created under organization-wide settings. These sharing settings can be created based on the data access needs of individual users or groups of users.
However, these default settings are set to a minimum security level and can still be improved. As a best practice, you should enable sharing controls for three key data constructs in Salesforce – Objects, Fields, and Records. There are security settings available at each object, field, and record level.
- Objects contain opportunities, leads, tasks, accounts, etc.
- Fields contain account name, state/province, contact, type of lead, etc.
- Records pertain to individual data of each field
Depending on your business need or team requirements, the security settings can be opened up or secured. You can tweak the security settings by heading to Security -> Sharing settings.
The sharing settings interface allows setting rules for sharing, rule type, records to be shared, level of access by users, and so on.
Use Manual Sharing for Temporary Grant of Access
In a constantly changing organization, it is not always possible to have a fixed list of users who can access a specific set of data. From time to time, it becomes necessary to give temporary access to stakeholders who want to access data. Temporary access to data is recommended since granting permanent access to data could lead to compromising data security.
Manual sharing in Salesforce ensures that records owners can give read and edit permissions to users who are not granted access by default based on org-level sharing settings. This feature ensures that record owners have the flexibility to own their data security while also helping stakeholders meet their data requirements.
Encrypt Sensitive Data with Shield Platform Encryption
Encryption has remained one of the fixtures in every data security program. Shield Platform Encryption is Salesforce’s way of encrypting data without compromising the underlying data functionality. It also ensures that the organization abides by all data security and compliance requirements.
Shield Platform Encryption lets you encrypt most of the data on Salesforce including standard fields and custom fields. Files, attachments, and even search indexes can also be encrypted for maximum data security.
Salesforce gives admins the ability to generate encryption keys from Salesforce or upload their keys. The encrypted data can be decrypted by authorized users whenever they want to access it.
Create Profile-level Security Controls
A profile is a definition of how a user can access data and how they can use it within the application. In Salesforce, each user will be assigned a profile with predefined security settings. It makes it easy to apply org-wide security controls and also ensures uniformity of security settings.
Profile-level security controls are different from sharing settings because they determine what kind of data the specific user can access and control with the profile, while sharing settings determine the kind of objects, fields, and records that a user can read, create, edit, or even delete.
Control Page Layouts
Page layouts are used to control how a page would look like, where the CTAs would be placed and how they would respond, placement of links, and other objects on the page. Not all users need complete page layout access. A best practice would be to restrict the access to sensitive pages to specific users who can own and maintain the pages. The page layout option helps customize the visibility and editing of page layouts.
Set Up Admin Management for Queues
Queues in Salesforce represent a set of records that do not have an assigned owner. All users who have access to the queue of say, a collection of leads or customer support tickets, can view the records, claim them, and complete the task. Queues are useful in sales and support environments where a round-robin process is used for assigning tasks or tickets.
However, if all the users in a queue have access to view and edit records, it would lead to confusion and redundancies. The best practice would be to have a user with a higher role hierarchy act as the admin who can view and take ownership of the records from the queue. The admin can assign the individual records which users can view but cannot edit. This would help ensure uniformity of data and prevent unapproved editing.
Increasing Security for Your Salesforce Fortress
Salesforce on its own is a secure business engagement software. However, despite the built-in measures, the way an organization works and how individual owners use Salesforce could raise some data security concerns.
To avoid a security mishap it is necessary to tweak the default Salesforce security measures. These security settings will ensure that users can view and access only such information that is essential to their role and responsibilities. Both internal and external owners would be able to view only such data that they are authorized and required to view. Ultimately, this would make Salesforce the digital fortress for your organizational data.
Furthermore, in February 2022, the company is also planning to roll out a mandate for all its customers to enable multi-factor authentication (MFA) to access Salesforce products (Salesforce MFA requirement). Multi-factor authentication heightens security for Salesforce users by adding an extra layer of access control for Salesforce products.
