How to Successfully Navigate Salesforce Security with Trailhead
Learning security in Salesforce is a lot like flying an airplane. I’m going to share some tips on how you can more easily pilot the Salesforce Security plane, the critical “gauges” you need to learn, and ultimately how to navigate and land it successfully.
T o keep things fresh, we’ve updated this, one of our most popular posts. See the latest version here.
I’m on the Trailhead team, am a Salesforce Certified Administrator, and I also teach Administrative Essentials for New Admins in Lightning Experience. As a senior application instructor, I spend my days trying to break down big information into smaller pieces that are easy to understand (and making my classes fun!).
Applying knowledge that most of my students already have, or using a point of reference everyone is already familiar and comfortable with, is the best way to help get a new concept to stick.
Piloting Security
The flexibility of the Salesforce Security model is one of the most attractive parts of the platform… And it is also one of the reasons it can take a little time to get comfortable with it. When it came to the world of Security, even I found some of the approaches to be… somewhat tricky.
As Security is a key part of the Salesforce Administrator exam (14 percent, to be exact), let me break down how to read the Security “gauges,” how they affect each other, and how you can use this information to successfully fly the Security plane.
Safety First
When you store client data in Salesforce, clients trust you to keep their information safe. And one of the ways you can do that is by making sure you only share information with those who truly need it. Evoke the principle of least privilege in which people only have access to the information they need to complete their job.
Here are the five areas you need to get under your wing:
- Organization-Wide Defaults
This sounds really complicated, but it isn’t. Organization-Wide Defaults, or OWDs, help to show your data model. Are you private, public, or hybrid? Public means that all data is shared with everyone, and private means we lock all information down initially and then strategically open it up to people who need it.
A hybrid is somewhere in the middle of these two models. How you configure your OWDs has an effect on the rest of your Security settings. - Profiles
Once you start learning about Security, you’ll hear a great deal about profiles. The profile that is assigned to you determines many things, including Object access. Do you have groups of people in a similar job function who have common data access needs? Maybe salespeople need access to opportunities, or service representatives need access to cases. Profiles can help you classify access requirements to different types of users. - Permission Sets
These are additive permissions on top of your profile. You may have zero permission sets or you may have 10 or more. You may have a salesperson with a sales profile who, unlike other sales representatives, needs to have access to a specific object. Permission sets are like the word “and.” Here, you’d give the salesperson permissions for the Sales profile and something else. - Role Hierarchy
The role hierarchy gets into the realm of record access. If you are a sales manager, do you want to see the opportunities your salespeople are working on? Of course! Just because a profile gives you access to an object, like Contacts, doesn’t mean that you can access them all. Your company may have 1,000 contacts, but by default, you may only be able to access your own 200.
The role hierarchy also offers an opportunity to roll up access to records on objects. For example, a sales manager, placed above the hierarchy of her sales representatives, will be able to see all their records as well as her own. - Sharing Rules
Sharing rules allow you to share information horizontally. The role hierarchy is all about rolling access up, but what if you want a different configuration? Maybe you have two sales representatives who focus on two different markets — one focuses on New York businesses and the other on San Francisco. Is it possible that a business can have an office in both cities? You bet!
And if so, wouldn’t it be great for each salesperson to know what other deals are coming down the pipeline that will ultimately impact theirs? Yes! So in this case, you may want to share records of all sales representatives with each other. Since they are on the same level of the role hierarchy, sharing rules can help you in this situation.
First Class Security Advice
These are just the initial “gauges” of Security. To fly higher, I’ve listed some of the ways you can put this theory into practice below. I like to rap in class, so please allow me to… break it down!
Take the Trail
The Protect Your Salesforce Data trail gives you the big picture of how data security functions and then allows you to drill into each of the topics listed above. It also covers modules on identity basics, user authentication, and Salesforce mobile app security and compliance.
Watch the Series
I can’t tell you how many times I went back to watch the Who Sees What videos! I would get one concept (or “gauge”) down, learn another, and, little by little, put it all together. Part of learning is time and repetition, making this series a great resource.
Superbadge Up
Time to apply all that knowledge. Remember when you studied math in school and all of your homework was addition, subtraction, multiplication, and division? But one day, you’d get a story problem where you had to discern which math tool to use.
The Security Specialist superbadge gives you the opportunity to test your ability to apply what you have learned to a real-world scenario. And once you do, you will have SUPER bragging rights.
Take a Class
I may be biased, but the Administrative Essentials for New Admins in Lightning Experience class is simply perfect for aspiring Admins. This 5-day class covers lots of core topics, but a big piece is about helping you lock down Security.
You can take your core knowledge learned on the trails, then your instructor can be like your flight simulator trainer, helping you connect the dots that you may not have been able to do on your own.
Get Certified
Earning your Administrator credential shows you have the core competencies needed to be a Certified Admin, including Security. This isn’t to say that once you’re certified, you’re done learning, but you will be jetting toward new career opportunities.
Have Patience
When I struggled to make sense of some information, a colleague gave me some of the greatest advice I have ever received. And I will pay it forward now. Be patient with yourself. Some things simply cannot be learned right away — you need time.
Don’t give up if you struggle with a concept. Just step away, review, and with time, it will click for you.
Salesforce Security is one of my favorite things to teach. Having said that, it can be easy to get grounded while going through the process of learning it. But like all goals we have achieved in life, the ones that take our greatest effort are often the sources of our greatest sense of accomplishment.
Follow these steps and you’re sure to successfully touch down with Security in no time.
Safe travels!
Whether you’re looking to get started with Trailhead (there’s a trailmix for that!), be inspired by our Trailblazers, or you’re a Trailhead-fan chasing all the badges, we want you to share your story with us.
