In an organization, different kinds of data are accessible by different types of users. Salesforce has the mechanism to limit the data access in the platform to both individual users as well as groups of users. There is a flexible but layered sharing model that makes it easy to assign different data sets to different sets of users. Also the access can be defined at the level of organization, objects, fields, or individual records.
Levels of Data Access
In this section, we will discuss the different levels of Data Access. There are four levels of data access.
Organization Level
It is created by maintaining a list of authorized users, setting password policies, and limiting login access to certain hours and certain locations.
Objects Level
It is done by setting permission on a particular object by allowing selective viewing, editing or deleting of any object in that record.
Fields Level
It is used to restrict access of users to certain fields even when the user has access to the object containing the field.
Records Level
This access level permits the user to access only certain records of an object.
In this chapter, we are going to focus on Control Access to the Organization using the three mechanisms described below.
Create and Manage Users
The administrators can create one or many users using the Admin Interface. Navigate to setup home → Administration → Users. It shows the options for adding one user or many.
It further asks for details of each users like Name, email Address, Role, Profile, etc. On filling those details, the users get created.
Set Password Policies
Password policies refer to the way the passwords are managed in the organization. For example, setting the expiry date of a password, the complexity requirement of a password and so on. All these options are customizable and we can also control the lock of policies. These password policies are set by navigating to setup home → Security → Password Policies.
Restricting Access from IP Address
This is an added security which allows only specific range of IP addresses to access the Salesforce platform of the organization. But if a valid user accesses the restricted page outside the trusted IP range then the system asks for additional challenge questions which should have been already configured. This is set by navigating to setup home → Security → Network Access..