In an organization, different kinds of data are accessible by different types of users. Salesforce has the mechanism to limit the data access in the platform to both individual users as well as groups of users. There is a flexible but layered sharing model that makes it easy to assign different data sets to different sets of users. Also the access can be defined at the level of organization, objects, fields, or individual records.
In this section, we will discuss the different levels of Data Access. There are four levels of data access.
It is created by maintaining a list of authorized users, setting password policies, and limiting login access to certain hours and certain locations.
It is done by setting permission on a particular object by allowing selective viewing, editing or deleting of any object in that record.
It is used to restrict access of users to certain fields even when the user has access to the object containing the field.
This access level permits the user to access only certain records of an object.
In this chapter, we are going to focus on Control Access to the Organization using the three mechanisms described below.
The administrators can create one or many users using the Admin Interface. Navigate to setup home → Administration → Users. It shows the options for adding one user or many.
It further asks for details of each users like Name, email Address, Role, Profile, etc. On filling those details, the users get created.
Password policies refer to the way the passwords are managed in the organization. For example, setting the expiry date of a password, the complexity requirement of a password and so on. All these options are customizable and we can also control the lock of policies. These password policies are set by navigating to setup home → Security → Password Policies.
This is an added security which allows only specific range of IP addresses to access the Salesforce platform of the organization. But if a valid user accesses the restricted page outside the trusted IP range then the system asks for additional challenge questions which should have been already configured. This is set by navigating to setup home → Security → Network Access..