Secure organization data using OWD_Mastering Salesforce CRM Administration-QQ阅读男生历史网

书名：Mastering Salesforce CRM Administration
作者名：Rakesh Gupta
本章字数：511字
更新时间：2021-07-09 18:53:15

Secure organization data using OWD

Organization-wide default is also known as OWD. This is the base-level sharing and setting of objects in any organization. By using this, you can secure your data so that other users can't access data to which they haven't been allowed access. The following diagram shows the basic record security in Salesforce. In this, OWD plays a key role:

It's a base-level object setting in the organization, and you can't restrict the access below this. We will now discuss OWD in Salesforce.

A business scenario: Alok Sinfal is the system administrator at Universal Containers. As per the business requirement, he wants to set the security setting for the lead object so that the user who has created or owns the lead records, as well as users that are higher in the role hierarchy, can access the records.

Before thinking about any solution, you have to think about the OWD because it is the base-level setting to restrict object-level access in Salesforce. To achieve this, the system administrator has to set the OWD for Lead object to Private.

Setting up OWD

Use the following steps to change or update the organization-wide default setting for your organization:

Click Setup (gear icon) | Setup | SETTINGS | Security | Sharing Settings and then click Edit in the Organization-Wide Sharing Defaults Edit area.
From the Default Internal Access dropdown, select the default access for each object you want to use:
For the Default Internal Access option, select Private access for the Lead object. By default, it grants access to users who are at a higher position in the role hierarchy by selecting Grant Access Using Hierarchy. For standard objects, it is automatically selected and for custom objects you have the option to select it.
Click Save.

The following table depicts the various types of organization-wide access and their description:

Note

If you are changing the default access, such as from Public Read Only to Public Read/Write, your changes will take effect after the recalculation is run.

OWD access for objects

A new Salesforce organization comes with predefined organization-wide default access settings for standard objects. Later on, you can change it by following the path Setup (gear icon) | Setup | SETTINGS | Security | Sharing Settings. The following table describes the default access to standard objects:

Now it's your turn. Alok Sinfal is working as system administrator at Universal Containers. Apart from their sales management, they are also using Salesforce to process employee salaries, using the custom object Bank Detail, to save their employees' preferred bank account details. Alok Sinfal has received a request from his manager Brigette Hyacinth to change the security and settings for Bank Detail object so that only users who created the record for the Bank Detail object can access it, no one else can have the power to view, edit, or delete it.

Note

When you select the Grant Access Using Hierarchy field, it provides access to people who are above in the role hierarchy.