There are various aspects in Salesforce considering the security of data in Salesforce because there is a huge amount of data in Salesforce which needs to be shared with many people in an organization but there must be a check and control to it. This control of sharing data is performed by a set of rules namely Sharing rules in Salesforce.
Confused about Salesforce? Check out this video to learn Salesforce from scratch-
Security in Salesforce
Before jumping to Sharing Rules in Salesforce let’s understand how data security works in Salesforce. There are four ways to provide security in Salesforce-
|OWD (Org Wide Default)||Read / Write||Default for all|
|Role Hierarchy||Read / Write||For manager and sub roles|
|Sharing Rules||Read / Write||For groups/roles/roles and subs on a condition basis|
|Manual Sharing||Read / Write||For any user/queue manually|
These are the above list of ways and functions which can be performed. Profiles are basically people based on different profiles who can access the data in Salesforce.
Lets understand more about Sharing Rules in details
Why Sharing Rules is required in Salesforce?
Let’s suppose in a big organization where a number of people require the same data but the integrity of data should definitely be maintained always which means there must be no editing in the data. Here Sharing Rules are used which provide wider access to data and the access specifier can be provided as either read-only or write. Thus sharing rules come into use here. To provide wider access to data sharing rules is required.
Sharing rules in Salesforce
Let’s consider a scenario wherein an MNC, there is a manager who is managing two teams, for example, the marketing team in India and the marketing team in the USA. Now the manager can access both the team’s records as it can be done through the role hierarchy method, but what if the marketing team of the USA wants to access the records of the marketing team of India as they are at a peer level, so this cannot be done by the role hierarchy method. Here comes the role of sharing rules in Salesforce.
Sharing rules help users to share the records based on conditions. It is basically created for objects whose OWD is set public read-only or private because sharing rules can only extend the access they cannot restrict the access
Now there might be a question, what if OWD is itself public read/write, everyone is getting access, so basically you should create a sharing rule whose OWD is public read-only or private. Then this will allow some users to give access to read as well as edit or some users which are in private to just read the records.
Want to know how to study for Salesforce Admin Certification Exam? Click on the link to get all your doubts cleared.
Types of Sharing Rules in Salesforce
There are basically two types of sharing rules based on which records should be shared-
- Owner Based Sharing Rules
- Criteria Based Sharing Rules
Owner Based Sharing Rules- When you want to share records that are owned by a particular group or a single user to another set of users, Owner based Sharing Rules in Salesforce are used in this situation. For example, if an MNC wants to access the sales record of their US-based office from India. Owner based sharing rule is used to access the records shared by the USA branch.
Criteria Based Sharing Rules- When you want to share records that meet particular criteria or satisfy a particular condition Criteria Based Sharing Rule in Salesforce is applied. For example, in a bank, the manager wants to see the records of all accounts whose type is savings. So a filter will be added to the sharing rules where if the particular account belongs to the savings category account then only it will be shared with the manager.
Creating sharing rules in Salesforce
To create sharing rules in Salesforce the Salesforce admin need to answer some particular questions which are-
- Which records are to be shared? – The Salesforce administrators need to identify which records are required to be shared with the particular set of users. They need to check whether the records need to be shared by a particular owner or if they want to share the record which meets particular criteria.
- To whom the records will be shared? – So since now, we know what records are to be shared we need to identify which records are to be shared with whom.
- What access is provided to which record? – We need to provide access to the users based on what work needs to be performed on the records. If they need access to public read-only or edit access it is set as required by the administrator.
Let’s deploy sharing rule in our Salesforce dashboard-
Step 1– To create a sharing rule you have to go to Sharing Settings which can be found under the Quick Find section
Step 2– Scroll down and find the particular object where you need to add a sharing rule and then click on New to create a new sharing rule
Step 3– Add the label of the sharing rule you want to make
Step 4- Choose which type of Sharing Rule you want to create either an Owner Based or Criteria Based
Step 5– If you have chosen to select records based on criteria then add the particular criteria to meet the demands of sharing rules.
Step 6– Select which records is to be shared from the table-
Step 7– Select the users with whom the records are to be shared
Step 8– Finally select the level of access to be provided and click on Save
Step 9– Your sharing rule is now created
Limitations of Sharing Rules in Salesforce
- Sharing Rules only provide wider access to others.
- Sharing Rules provide access irrespective of whether the user is active or inactive.
- Sharing Rules are always re-evaluated whenever there is a change in roles or users.
- The users can access any records related to the particular record too thus somehow losing data integrity.
The above sharing rule example in Salesforce helps to understand how sharing rule occurs in Salesforce. Sharing rules are a very efficient way to maintain data integrity in Salesforce but remember it can only extend the access to other users, it cannot provide restricted access to users, this is the reason why it provides Read-only or Read/Write access. It works efficiently in those organizations that do not allow frequent changes in their users.
Want to know more about Salesforce Developer. Click on the link to know more about Salesforce Developer Certification Course