Salesforce utilizes a robust security model encompassing object-level, field-level, and record-level security to protect data stored in objects, fields, and records. Access is managed through profiles and permission sets, allowing customization for users' needs, including individual fields and records. The model provides multiple ways to share records, ensuring that only authorized users can view or modify the data, making Salesforce a secure CRM solution.

1. SECURITY MODEL IN
SALESFORCE
www.qrsolutions.com.au

2. Introduction
In Salesforce, data is stored in three key constructions: objects, fields, and records.
Objects are similar to tables in databases. Fields are similar to columns of the table. Records are similar to
rows of data inside the table. Salesforce uses object-level, field-level, and record-level security to secure
access to object, field, and individual records. Salesforce security model is powerful than any other CRM
security model.
Scenario
John is an experienced leader who has recently joined ABC Corp as a sales executive. She also has a
marketing background and reports directly to the CEO. She needs access to various objects and apps in
Salesforce.

3. Layer 1: Object-level-security
Object-level access can be managed through two configurations, profiles and permission sets.

4. 1.1 Profiles
In Salesforce, profiles control access to object-level and field-level security among other things like apps,
tabs, and so on.
Since Maria is a new employee, an admin needs to add John to the appropriate profile that has access to
sales apps and related objects to begin giving her access to Salesforce data.
1.2 Permission sets
Since John has a marketing background, let’s say she wants to access the Campaigns object to help with
marketing. The admin wants to give permission to access Campaigns just to John. This is where
permission sets come in. Permission sets are used to provide additional (usually special) permissions to
users who are already in a profile.

5. Layer 2: Field-level-security
Even if John has access to objects, she still needs access to individual fields of each object. In Salesforce,
profiles also control field-level access.
An admin can provide read and write permissions for individual fields. An admin can also set a field to
hidden, completely hiding the field to that user.
Layer 3: Record-level security
This is where record-level security comes in. Salesforce provides five ways to share records with others
and access others’ records.

6. Types of record-level security (also known as record sharing rules)
Types of Record level sharing permissions

7. Record-level-security: organization-wide sharing defaults
Organization-wide defaults (OWD) control the default behavior of how every record of a given object (for
example, Accounts) is accessed by users who do not own the record. For example:
If OWD for Accounts is Private, it means Maria can only see records she is a owner of.
1.
If OWD for Accounts is Read/Write, it means anyone can read and update (but not delete) the record
2.
Record -level-security: role hierarchies
Record-level security lets you give users access to some object records, but not others. The owner has full
access to the record. In a hierarchy, users higher in the hierarchy always have the same access to users
below them in the hierarchy.

8. Record-level-security: Apex managed sharing
If sharing rules and manual sharing don’t give you the control you need, you can use Apex managed
sharing. Apex managed sharing allows developers to programmatically share custom objects. When you
use Apex managed sharing to share a custom object, only users with the “Modify All Data” permission
can add or change the sharing on the custom object’s record, and the sharing access is maintained across
record owner changes
Wrapping up
Today, Salesforce delivers three layers of exceptional security with stupendous flexibility to
accommodate any industry need. Salesforce is purely a secured CRM, so you can embrace it without any
fear.

9. THANK YOU!
GET IN
TOUCH
www.qrsolutions.com.au
+61478910084
sales@qrsolutions.com.au