Salesforce Data Security Model

Data Security Model are fundamental aspects of Salesforce that ensure the proper organization, access, and protection of data within the platform. The data model defines how data is structured and related, while the security model ensures that only authorized users can access and manipulate data. This session will provide a detailed understanding of Data Security Model features, including best practices for designing a robust data architecture and implementing effective security controls. Salesforce provides a comprehensive and flexible data security model to protect data at various levels. This model ensures that data is secured while allowing appropriate access based on business needs. The security model encompasses the following layers:

1. Org Level Security
2. Object Level Security
3. Field Level Security
4. Record Level Security

Basic Concepts:

• Object: Objects are similar to database tables that store information.
• Field: Fields are columns within these database tables.
• Record: Records are rows of data inside the table.

Layer 1: Object Level Security

Object-level security controls access to entire objects. This can be managed through two configurations: Profiles and Permission Sets.

Profiles

Profiles are mandatory for each user and define various settings, including object-level permissions. Profiles should be configured for minimum access. They can grant the following types of access: Create, Read, Edit, Delete, View All, and Modify All.

• Minimum Access Configuration: Set up profiles with the least permissions necessary.
• Additional Settings: Profiles also control page layout assignments, login IP restrictions, and more.

Permission Sets:

Permission sets provide additional, flexible access on top of what profiles grant. Multiple permission sets can be assigned to a user, allowing more granular control over object-level permissions.

• Granular Permissions: Create permission sets for specific tasks (e.g., manage leads, approve opportunities) and assign them as needed.
• Multiple Assignments: Users can have multiple permission sets, enabling tailored access for various roles and responsibilities.

Layer 2: Field-Level Security

Field-level security controls access to individual fields within an object. This can be managed through profiles and permission sets.

Access Levels

• Read: Users can view the field.
• Edit: Users can modify the field.
• Hidden: Users cannot see or access the field in any way, including via APIs.

Layer 3: Record Level Security

Record-level security, also known as the Salesforce sharing model, determines access to individual records. Salesforce provides several methods to share records:

1. Organization-Wide Sharing Defaults (OWD)
2. Role Hierarchies
3. Sharing Rules
4. Manual Sharing
5. Apex Managed Sharing

Organization-Wide Sharing Defaults (OWD)

Organization-Wide Sharing Defaults (OWD) are the baseline level of access that users have to records they do not own. OWD settings are critical in establishing the initial security posture for your Salesforce data, ensuring that access to data is as restrictive as necessary. These settings apply across the entire organization and can be configured for each object.

Key Features of OWD

• Baseline Access Control: OWD determines the default access level for records of a specific object for users who do not own those records. It establishes the minimum security level and serves as the foundation for record-level security.
• Record Ownership: In Salesforce, records have an "OwnerId" field, indicating the user who owns the record. Owners typically have full CRUD (Create, Read, Update, Delete) permissions on the records they own.
• Configurable Levels of Access: The OWD settings offer different levels of access for each object:

Private: Only the record owner and users above the owner in the role hierarchy can view and edit the record.

Public Read Only: All users can view the record, but only the owner and users above the owner in the role hierarchy can edit it.

Public Read/Write: All users can view and edit the record.

Public Read/Write/Transfer: All users can view, edit, and transfer the record.

Controlled by Parent: Access to a child record is determined by the access level of its parent record.

• Impact on Record Visibility and Collaboration: The OWD settings are crucial for controlling record visibility and collaboration within an organization. For example, setting OWD to Private ensures that sensitive records are only accessible to specific users, while Public Read/Write facilitates broader collaboration by allowing more users to access and edit records.
• Restrictive by Default: OWD should be set to the most restrictive level necessary to protect data. Additional access can then be granted through other Salesforce sharing mechanisms such as role hierarchies, sharing rules, manual sharing, and Apex managed sharing.

Best Practices for Configuring OWD

• Start with Private: Begin with the most restrictive setting (Private) and open up access as needed. This approach ensures that data is protected by default.
• Consider Business Needs: Align OWD settings with the organization's data access requirements and security policies. Evaluate how different access levels impact users' ability to perform their roles.
• Document and Review: Document the OWD settings for each object and periodically review them to ensure they continue to meet the organization's security and access needs.
• Use Other Sharing Mechanisms: Leverage role hierarchies, sharing rules, manual sharing, and Apex managed sharing to provide additional access where necessary, ensuring that only authorized users have the required access to specific records.

Example Configuration Scenarios

1. Highly Sensitive Data: For objects containing highly sensitive data, set OWD to Private to ensure that only record owners and their managers can access the records.
2. Collaborative Environments: For objects where collaboration is essential, such as project records, set OWD to Public Read/Write to allow team members to view and edit records.
3. Hierarchical Data Access: Use Controlled by Parent for child records that should inherit access settings from their parent records, simplifying access management and ensuring consistency.

By carefully configuring and managing Organization-Wide Sharing Defaults, organizations can establish a strong foundation for their Salesforce data security model, ensuring that data is protected while enabling appropriate access and collaboration.

Role Hierarchies

Role hierarchies provide access based on the user's role within the organization. Users higher in the hierarchy can access records owned by users lower in the hierarchy.

• Data Access Hierarchy: Role hierarchies reflect data access needs, not necessarily the organizational chart.

Sharing Rules

Sharing rules allow lateral sharing of records, complementing the hierarchical sharing model. They can be configured based on ownership or criteria:

• Ownership-based Sharing Rule: Share records based on role, role-and-subordinate, and public group ownership.
• Criteria-based Sharing Rule: Share records based on field values, regardless of ownership.

Manual Sharing

Manual sharing lets users share individual records with others. This option is only available if OWD is set to Private or Public Read Only.

Ad-hoc Sharing: Users can share records on a case-by-case basis using the Sharing button on the record details page.

Apex Managed Sharing

Apex managed sharing allows programmatic sharing of records when standard sharing settings and UI options are insufficient.

• Custom Logic: Use Apex code to implement complex sharing logic based on specific business requirements.

Best Practices

• Start with Restrictive Settings: Configure OWD to the most restrictive level necessary and grant additional access using other mechanisms.
• Review Regularly: Periodically review security settings to ensure they meet current business needs and comply with security policies.
• Document Configurations: Maintain documentation of all security settings for auditing and troubleshooting purposes.

Conclusion

Understanding Salesforce's data model and security features is crucial for designing secure and scalable applications. This session has provided an overview of the key components, best practices, and strategies for ensuring data integrity and security in Salesforce.