Skills used: Salesforce security profiles, permission sets, object settings, role hierarchy & multi-factor authentication(MFA)
By most accounts, Salesforce holds the market on CRM(Customer Relationship Management) software in the U.S and the world today. Any company who holds data needs somewhere to store it, and Salesforce is often that place of preference. These days, many company's chief asset is their data, so their data professionals should be well equipped with the Salesforce infrastructure.
To help professionals learn and develop skills in the Salesforce system, they created Trailhead: an online learning platform that teaches all aspects of the platform and associated extensions. Learning modules are presented and then tested by quizzes, projects and superbadges. These superbadges contain real world business cases that a Salesforce professional would encounter and tests how they configure their requests in a setup org.
One of these superbadge is the Security Specialist superbadge.
The superbadge explained the business use case of what their requirements to maintain a company security. GenZ Capital was recently acquired by OldGuard Finance and they had in place a role hierarchy that they wanted applied to their recent acquisition. In order to so I created profiles in Salesforce Setup for three of their established teams: Field Sales, Inside Sales and Sales Executive configured thusly:
In each of these profiles I configured permission for each of these profiles according to OldGuard Finance's standards. Among those were ownership over list views reports and dashboards, whether mobile use was authorized, and object permissions on accounts and opportunities. These settings were in place as to allow the different roles access to what they needed to be successful in their roles while also maintaining security and compliance.
Following this I created roles for each of these profiles as well as that of Project Manager to allow users to be assigned to the role and profile. With these being in place, I could then create a user assigned with a role and profile.
With this in place, I could create opportunities with this user just created as the owner. These would test if the permissions I had put in place for the profiles held up to the requirements. I did run into some challenges here as not all of my object settings and sharing rules were in place. One of OldGuards requirements was to allow Inside Sales to be able to view Field Sales Opportunities. These opportunities are set to private so I had to create a sharing rule in order to bypass this organization setting for Field Sales to have read/write permissions.
Another thing I needed to put in place was setting history tracking for whenever Amount was changed in Opportunities. This was done swiftly enough through navigating to the object in Object Manager and then Fields & Relationships.
Finally, I needed to enable Multi-Factor Authentication(MFA) for all users. This is whenever you attempt to login, you are sent an email or text that you need to enter in order to gain access. I did this by creating a permission set and then assigning it to the user just created. This step I found to be timely as at the time of this writing, Salesforce will soon require all customers to use MFA to access Salesforce products.
Overall, I was concerned security settings and permissions to be a difficult challenge to configure, but the Salesforce platform made it intuitive and accessible. I look forward to completing future superbadges and the Salesforce Administrator certificate to further develop these skills.
View my Trailhead profile here!
Comments