Salesforce Data Security Model — Deciphering Its Data Security Model

CloudCodes Software
4 min readSep 29, 2021


To give a security model that fulfills various, individual business cases, Salesforce provides a far-reaching and adaptable information security model to protect information at multiple levels. Salesforce additionally gives sharing instruments to open up and permit secure access to information dependent on business needs. This post fills in as an introduction to the Salesforce Data Security Model. For more top to bottom data about it, see the Safeguard Your Salesforce Data Trailhead trail, and the perusing material at the end of this article.

A Look into Salesforce Data Security Model

Salesforce restricts data introduction to keep up the security on various measurements. Salesforce makes a check of clients to keep data inaccessible by unapproved clients. For client approval, Salesforce amasses a blend of confirmation methods that works on various levels in addition to the clients’ requirements. It may include complex passwords, Two-Factor Authentication, Network-based security, Session security, etc.

The Various Levels of Data Access in Salesforce Organizations

You must have a list of authorized users, password policies, and login limits on an hourly, and region-wise basis.
Organizations- You must have a list of authorized users, password policies, and login limits on an hourly, and region-wise basis.


Access to object-level data is one of the most important things to have in control. By setting assents on a particular kind of object, you can shield clients from making, reviewing, modifying, or eradicating any records of that object. For example, you can use object approvals to ensure that questioners can see positions and work applications anyway, not adjust or eradicate them.


You can restrict access to specific fields, whether or not a customer moves toward the object. For example, you can make the paid field in a position object impalpable to questioners anyway unmistakable to getting bosses and enrolment masters.


You can empower explicit clients to see a thing, yet then breaking point the individual article records that they’re allowed to see. For example, a questioner can see and adjust her reviews, yet not the reviews of various questioners. You can regulate record-level access in these four distinct manners.

Manual sharing

Manual sharing empowers owners of explicit records to bestow them to various clients. Though manual sharing is not like full sharing settings, work requests, or sharing precepts, it will be useful when an authority who is taking a break needs to dole out his records to some other individual with the goal that the work process isn’t upset.

Organization Level Security

IP restriction

Utilizing Trusted IP Ranges, you can restrict your client’s capacity to sign in just when they are in the workplace. At the point when your clients sign in from an IP address inside the predetermined range, they access your organization without requiring initiation. On the off chance that they endeavor to sign in from outside the confided in the run, they will be requested two-factor validation. They are authorized to enter a code sent to their mobile device.

Login access

You can likewise determine and constrain the hours when clients can sign in relying upon their profile. For instance, you don’t need your representatives with help profile to sign in during the end of the week. It is conceivable by setting logging hours for the profile. IP-based access control in cloud computing, lets you enforce of IP restriction policy that enables IT admin, to restrict user access to business data only through one or more specified IP addresses (es) only.

Password policies

You can determine a measure of time before the entirety of clients’ passwords terminate and the degree of unpredictability required for passwords. You can make settings to such an extent that the passwords lapse for all the clients in your organization, aside from clients with “Secret word Never Expires” authorization after determined days.

Role Hierarchies in Salesforce Data Security Model

All corporations have an affiliation structure. Any place gatherings of people report back to their directors and their boss, therefore, answer to their chiefs, molding a tree-like association diagram. To rework sharing, Salesforce gives an unmistakable technique to bestow records to executives. To use this sharing rule, an executive ought to, at first, add the client to a vocation and then permit.

Making sure about information is of foremost significance. Salesforce gets one or the other is the reason as effectively exhibited above. It gives different manners by which you can keep your information protected. Here, we have talked about in detail the security model in Salesforce, Salesforce security model outline, and Salesforce security model prescribed procedures. By understanding the Salesforce Data Security model, you can guarantee the more prominent wellbeing of your information.

Originally published at on September 29, 2021.



CloudCodes Software

CloudCodes is a cloud security solution provider founded in 2011. We focus on providing cloud security solutions to enterprise customers through its SSO.