Free Download

Salesforce Access Controls: Best Practices for Managing Risk

SF access ebook cover

The first step in managing security risks in Salesforce is to control who has access to what.

Unfortunately, access in Salesforce is complex — who can see and do what is governed by a mix of profiles, permission sets, roles and sharing settings. Organizations that experience rapid growth or change are likely to have security weaknesses they're not aware of.

Fortunately, there are several free and low-cost tools for auditing access in Salesforce. Start with our ebook on the best practices for managing risk around Salesforce access controls. Then, start exploring some of the free, easy ways to perform a self-serve access audit, or reach out to our team to explore our enterprise-grade solutions. 

sf access image 2

Free, Easy Ways to Audit Access in Salesforce

What do you want to do?

In a mature Org, there can be thousands of potential combinations of roles, permission sets, profiles and related settings governing access to critical data. Flashlight, a free download, gives you out-of-the-box reporting that shows how your access controls are configured today — and alerting you to things that can be deprecated, or that could pose a security risk. 

Watch a demo, then download Flashlight here:

Access in Salesforce is so customizable that in order to get a full assessment of where data security risks lie, you may need to drill down to the field level. A permission set that looks harmless may inadvertently permit a user to view sensitive financial data, for example. Flashlight includes a handy export tool for getting granular and checking existing profiles, permission sets and users for any red flags. 

Salesforce's recommended best practice is to use permission sets and permission set groups to grant access to various tasks, Objects, managed packages, etc. Compared to using profiles — the old way of doing this — this approach makes managing data security around user access much simpler. Getting there, however, requires some work. We've put together a short guide to doing this efficiently, with links to some free resources that can help.

Check it out here. 

Salesforce Access Controls

What Should You Be Concerned About?


Admin Access

How many users in your Org have Admin privileges? What controls are in place for tracking Admin assignments? Are there other profiles that grant similar access?

The Admin profile comes with broad powers to create and update users, profiles and permissions; to ‘Modify All’ Objects; and to export all Salesforce data. It should be used only a select group of users who are known and trusted to set up your Org.  Be on the lookout, also, for 'Phantom Admins' — users who've been granted ModifyAll privileges via a permission set or permission set group. 

access icon 1@2x

Permission Set Groups

How do you organize and manage permissions for different users/roles? How do you make sure users have access to the data they need  — and nothing they don't or shouldn't see.

Salesforce recommends maintaining a small, manageable number of profiles, giving users broad, but limited, access, and using permission sets to expand and customize what different employees can do and see. From there, organizing permission sets into groups will simplify user onboarding, reduce technical debt and ensure new hires have the appropriate privileges necessary to do their jobs.  

access icon 3@2x

Role Hierarchies

What are your default internal sharing settings for sensitive records? Do you have Are role hierarchies and sharing settings inadvertently giving users access to data they shouldn't be able to see? 

access icon 6@2x

CPQ and Revenue Cloud

Who has access to quoting and billing functions? How are you tracking this access? Who has the authority to make changes that could affect financial forecasting?

Salesforces uses profiles and permissions sets to manage what users can do, and roles and sharing settings to manage what users can see. Out of the box data record sharing settings are restrictive, but role hierarchies and sharing rules can circumvent these defaults — while this feature is incredibly useful, it can introduce vulnerability if it isn't set up properly.

CPQ and Revenue Cloud are unique among Salesforce apps in that changes to them can affect revenue recognition and financial reporting. For this reason, access should be more tightly restricted — particularly the ability to edit pricing, discount and similar fields, which play a critical role in the order to cash process. 

access icon 4@2x

Tracking and Approvals

Who signs off on high-risk permission changes? Can you look back and see how access has changed in your Org over time? What are your first steps for investigating problems when they arise?

Having an in-the-moment snapshot of your access controls is important — but it's even more important to see how things change over time. Building out a system for reviewing and approving changes — especially for high-risk permissions like Admin access — will make your Org more secure, and give you a system for troubleshooting access issues more effectively. 

access icon 5@2x


What processes do you have in place to offboard former users/staff? How do you ensure that employees who are no longer with the organization can't access their old account? 

It's very easy to forget to de-provision access when responsibilities change. This isn't limited to people leaving the company — an employee may need temporary access to fill in for a sick co-worker, for example. Having a process in place for offboarding is critical to making sure everyone has the access they need, and not more. 

Get to Know Strongpoint

Find Out Why Organizations Like Yours Trust Our Solutions

Let's Make Access Easy 

We'd be happy to provide a quick consultation and give you a sense of the overall security and effectiveness of your access controls. Get in touch to book time with a member of our team at your convenience.