PRIDE MONTH ALERT : FLAT 20% OFF On Our Best-Selling Courses Use -  PRIDE20

- Salesforce Blogs -

A Basic Overview for Salesforce Security

In this blog, “An Overview of Salesforce Security Basics”, we will discuss how one can secure his organization data in the Salesforce. Data security means protecting organization data against unwanted access or from third-party users. With safety measures around us like CCTV cameras, concrete buildings, bulletproof walls, safety clocks, we make sure that no one can harm our data physically. The question is how to protect your data online? You can use encryption techniques or cryptography schemes to protect your data against malware attacks or other harmful viruses.

Salesforce is based on the multi-tenant architecture that separate one organization data from another. So, there is a single pool of computing resources used to serve different types of customers. Salesforce protects your Company data from other organizations with the help of a unique identifier that is related to the independent user’s session.

As soon as you log in to access your data, the subsequent requests are associated with your organization with the help of a unique identifier. In brief, Salesforce is putting best efforts to protect your data in a best possible way. But these efforts are not sufficient and there is a need for special care to protect the data at our end. Salesforce has a plenty of inbuilt features to protect the data from unauthorized access. It may be phishing, malware, intentional access, or accidental access by employees.

Basic Overview of Salesforce security

So, I was not sure either these tools are enough to protect my data or not. Finally, I find out the solution and realize that security can be enforced into the system at various levels. The agenda of this blog is to make you familiar with different security trends that need to be followed properly to protect your data against thefts. Let us dive deep and discuss on each of the security trends one by one throughout the blog.

1). Organization-Wide Defaults

If someone understands the meaning of these three words nicely then this is easy to enhance the data protection to a different level. These settings are quite liberal and can be accessed through a given approach below –

Read: Top 53 Salesforce Admin Interview Questions/Answers for 2022

Setup -> Security Controls -> Sharing settings

There are four permission sets for Organization-Wide Defaults i.e. Public, Private, Read Only, and Write. You can use these permission sets to make the data access more restrictive but still allow users to complete their jobs. When you are working on these settings then don’t think of current users only but mindful for future entries too. Don’t worry even if you commit some mistake because this is always easy going back and relax settings based on your business needs. salesforce Curriculum Here are few more guidelines proposed by the Salesforce experts to secure your organization data against phishing or malware. These instructions include –

  • You should modify the Salesforce implementation to activate the IT range restrictions. It will allow users to access the Salesforce CRM from Company network only and provides an excellent protection against unwanted access.
  • Explain clearly to your employees that they should open any suspected email because it may a phishing attack to steal your data.
  • Adopt robust security solutions from reliable vendors to deploy spam filtering and the malware protection.
  • Use two-way security techniques so that Salesforce can exchange information more effectively between users across a network.

2). User-Level Security

Salesforce assigns a unique ID and password to each of the employees in the organization. you can implement effective password policies at each user-level to maximize the data security like set a time to expire the user password, define the complexity levels, and so on. Further, you can use single the sign-on capability to simplify the user authentication process. In a few cases, there is a token used instead of passwords or you can use LDAP server too. With all these effective solutions, the security at user-level can be improved in multiple ways –

  • Always adopt the stronger type of user authentication with the help of a unique identity identifier.
  • The login page should be private so that it could be accessed behind corporate walls only.
  • You should know how to differentiate your organization data from others to reduce the phishing attacks.

3). Object-Level Security

With the object-level permission, you can check what actions can be performed by a user on records of each object. These actions include – Create, Read, Edit, or Delete etc. To create the records of a particular object type, the user needs “Create” permission first.

To perform an action on an existing record, the user needs record-level permission like Read Only, Read/Write, Full Access etc.  Read Only, Read/Write permission for a record can be assigned through multiple modes like sharing rules, org-wide defaults etc. At the same time, Full access permission is assigned to record owner only who is higher in the role hierarchy or system administrator. salesforce quiz You must be wondering who is a Record Owner and what is Role Hierarchy actually? Let us discuss in detail in our next section – Record Owner and Role Hierarchy.

Read: How to Improve Coding Skills & Become Better Salesforce Developer?

4). Record Owner

Each record must have an owner either it is a user or queue. You should spend good time in assigning the ownership and it can be checked quickly based on the org-wide defaults. If the ownership is assigned wrongly then it may impact your business badly. It is fine if the system administrator is the owner for all the records in a list but there is a need to define permission set for each of the records nicely.

If it is set private by default and your team wanted to see the details then it may create the problem. The best practice is adding a Record Owner column for each record entry so that information can be populated quickly whenever needed.

Keep in mind that record ownership is possible for active users only. It does shave any impact on our daily lives but it created are problem when you wanted to import data. Every time when you are importing data then activate the user and you can deactivate the user again when not needed.

5). Role Hierarchy

A question must be boggling you mind all the time, if one system administrator sets an object to Private then how can Managers view the records of their staff. This is where the Role Hierarchies come into picture. The option is available under –

Setup -> Manage Users -> Roles -> Role Hierarchy

Read: Your Salesforce Developer Roles & Responsibilities Checklist Is Here

The concept of Role Hierarchy is somewhat similar to the Organization Chart that will explain to you how are different roles connected together. Every user assigned at least one Role when added to the system. Based on role hierarchies at the same level, two users could never see each other’s records until they are not allowed. From security point of view, defining Role Hierarchy is important because it will decide who can see your records at the higher level.

6). Sharing Rules

How to reach if there is an exception in the case of org-wide defaults? This is where the concept of Sharing Rules comes into picture. The option can be accessed by the approach mentioned below – Setup -> Security Controls -> Sharing Settings -> Sharing Rules

One of the biggest benefits of sharing rules is that they are based on the Record Owner criteria. This is possible to share all the records for a particular group or role or you can share records that satisfy any specified criteria. However, there is need to define the rules carefully so that they should not override each other. free salesforce demo


Hopefully, this high-level discussion on Organization-wide defaults, Record Owner, Object-level Security, Record-Level Security, Rile Hierarchy, and the Sharing Rules has provided some food for though how to secure the organization data in the best possible way. It may risky for newer administrators in the beginning but a depth understanding of the concept will help you in securing the Salesforce system instantly. I would recommend instead of opting any one out of six ideas, one should utilize each of them to achieve a stronger and robust security policy.

Read: All You Need to Know About Salesforce Administrator

FaceBook Twitter Google+ LinkedIn Pinterest Email

    Janbask Training

    A dynamic, highly professional, and a global online training course provider committed to propelling the next generation of technology learners with a whole new way of training experience.


Trending Courses


  • AWS & Fundamentals of Linux
  • Amazon Simple Storage Service
  • Elastic Compute Cloud
  • Databases Overview & Amazon Route 53

Upcoming Class

0 day 02 Jul 2022


  • Intro to DevOps
  • GIT and Maven
  • Jenkins & Ansible
  • Docker and Cloud Computing

Upcoming Class

-1 day 01 Jul 2022

Data Science

  • Data Science Introduction
  • Hadoop and Spark Overview
  • Python & Intro to R Programming
  • Machine Learning

Upcoming Class

6 days 08 Jul 2022


  • Architecture, HDFS & MapReduce
  • Unix Shell & Apache Pig Installation
  • HIVE Installation & User-Defined Functions
  • SQOOP & Hbase Installation

Upcoming Class

6 days 08 Jul 2022


  • Salesforce Configuration Introduction
  • Security & Automation Process
  • Sales & Service Cloud
  • Apex Programming, SOQL & SOSL

Upcoming Class

-1 day 01 Jul 2022


  • Introduction and Software Testing
  • Software Test Life Cycle
  • Automation Testing and API Testing
  • Selenium framework development using Testing

Upcoming Class

6 days 08 Jul 2022

Business Analyst

  • BA & Stakeholders Overview
  • BPMN, Requirement Elicitation
  • BA Tools & Design Documents
  • Enterprise Analysis, Agile & Scrum

Upcoming Class

6 days 08 Jul 2022

MS SQL Server

  • Introduction & Database Query
  • Programming, Indexes & System Functions
  • SSIS Package Development Procedures
  • SSRS Report Design

Upcoming Class

-1 day 01 Jul 2022


  • Features of Python
  • Python Editors and IDEs
  • Data types and Variables
  • Python File Operation

Upcoming Class

0 day 02 Jul 2022

Artificial Intelligence

  • Components of AI
  • Categories of Machine Learning
  • Recurrent Neural Networks
  • Recurrent Neural Networks

Upcoming Class

14 days 16 Jul 2022

Machine Learning

  • Introduction to Machine Learning & Python
  • Machine Learning: Supervised Learning
  • Machine Learning: Unsupervised Learning

Upcoming Class

27 days 29 Jul 2022


  • Introduction to Tableau Desktop
  • Data Transformation Methods
  • Configuring tableau server
  • Integration with R & Hadoop

Upcoming Class

-1 day 01 Jul 2022

Search Posts


Trending Posts

Receive Latest Materials and Offers on Salesforce Course