Salesforce Admin · Salesforce Basic · Security Model

Apex Sharing in Salesforce

There will be some scenarios in organization where you want to share a record based on some complex scenario, but you cannot define the complex scenario as a criterion in sharing rule. Then the question is how you can share a record, of course you can share them manually. But how many times you can share records manually, trust me its annoying to share records manually again and again.

Salesforce provides another way to share a record and that is through apex code via share object. So what is Share object? Every standard and custom object will have a share object in salesforce with predefined fields as shown below.

  • Standard Object’s Share object will be “sObject+Share”. For example, Account objects Share Object is AccountShare. Similarly, Opportunity objects Share object will be OpportunityShare.
  • Custom Object’s Share object will be “CustomObjectName + __Share”. For example, if your custom object name is MyCustomObject, then its API name will be MyCustomObject__c and share object will be MyCustomObject__Share.
Continue reading “Apex Sharing in Salesforce”
Salesforce Admin · Salesforce Basic · Security Model

Sharing Rules in Salesforce

There will be some scenarios where all records are privately owned, you want to share records based on some criteria with a specific user or group of users or to specific role. In such cases sharing automation should work on all records of that object. You can build a sharing rule which will handle such situation.

Consider a scenario where records should be shared based on continent field and those records should be shared with people of specific group or role. You can simple create sharing rules for each continent and share according to business requirement.

Continue reading “Sharing Rules in Salesforce”
Salesforce Admin · Salesforce Basic · Security Model

Role Hierarchy in Salesforce

An organization where there are many employees, each employee is designated with a specific designation or role. Many employees report to a person who is above their designation. Like in a IT industry where we have designations like, Software Engineer, Senior Software Engineer, Module Lead, Tech Lead, Manager, Director etc. Where Software Engineer and Senior Software Engineer will report to a Module Lead or Tech Lead. Similarly Module Lead and Tech Lead will report to Manager and so on.

A screenshot of a cell phone

Description automatically generated
Roles Section in Salesforce. Top of the tree is the Name of the Company.
Continue reading “Role Hierarchy in Salesforce”
Salesforce Admin · Salesforce Basic · Security Model

Permission Sets in Salesforce.

Let us assume that in your organization you have multiple users, let us say few are assigned to Marketing Agent Profile, some assigned to Marketing officers Profile. Marketing Agent Profile is more restricted compared to Marketing officers Profile. You know that there is a user who is in Marketing Agent’s profile who is performing better, and you want to assign him some additional permissions.

Permission sets have similar options that are in profiles, then question is why permission set when we have profiles. permission set is a collection of settings and permissions that give users access to various tools and functions. The settings and permissions in permission sets are also found in profiles, but permission sets extend users’ functional access without changing their profiles. You can create a permission set, give those additional access in that permission set and assign it to users who needs those additional options.

Continue reading “Permission Sets in Salesforce.”
Salesforce Admin · Salesforce Basic · Security Model

Data security through Profiles in Salesforce

There are ample options in profiles in salesforce. In this post I will discuss about different options with which you can secure data (only, not all options) from different users.

With OWD, you can decide who can view, edit the record and who cannot. I will try to explain you how profiles can be helpful in sharing records and its permission.

But first let’s see how you can reach profiles.

Step 1: Login into your Salesforce Org.

Step 2: In Quick Search type “Profiles”, Select Profiles option.

You will see list of all profiles that are available in System. Both Standard profiles and Custom profiles.

A screenshot of a social media post

Description automatically generated

Here you can see a column named Custom, you can differentiate between Standard and Custom by the checkbox field. If check box is unchecked, its standard profile and if check box is checked, its custom profile.

There are limited standard profiles, predefined by salesforce. You can create custom profiles and assign permission as per business requirement. In this post we will only discuss about different options to secure data.

To secure data through profiles there are multiple options.

  1. Object Permission
  2. Field-Level Security
Continue reading “Data security through Profiles in Salesforce”
Salesforce Admin · Salesforce Basic · Security Model

Organization wide default (OWD) in Salesforce

Org-Wide default defines baseline level of access that the most restricted users should have. This is to safeguard your data and use other record level security and sharing tools to share data with other users.

How to access Org-Wide default.

Step 1. Login into your salesforce org.

Step 2. Go to Setup.

Step 3. In Quick Search, Type “Sharing Setting”. Select Sharing Setting.

Sharing Setting

There are basically 5 different sharing levels that you can choose for each object.

  1. Private
  2. Public Read Only
  3. Public Read/Write
  4. Controlled by Parent
  5. Public Read/Write/Transfer
Continue reading “Organization wide default (OWD) in Salesforce”
Salesforce Admin · Salesforce Basic · Security Model

Salesforce Security Model

A company or organization has ample employees (Users) and all employees have different designation and role to play. Data or records play an important role in any organization. If each user in the firm has access to all the data, then important data can be misused. It is necessary to hide some data from different users. Salesforce provides multiple options with which one can secure data in different ways. In this blog post I will share possible scenarios in which one can secure data in an organization perspective.

Below are different ways in which we can secure data

  1. Organization wide default (OWD).
  2. Profiles
  3. Permission Set.
  4. Role Hierarchy
  5. Manual Sharing
  6. Sharing Rules
  7. Apex Sharing
Continue reading “Salesforce Security Model”