Control Access to the Organization

Access to organization (Salesforce User Management) can be restricted by four means:

1. Allowing only authorized users to access Salesforce
2. Setting Password Policies
3. Restricting IP ranges for Users.
4. Restricting Login Hours for Users.

User Management in Salesforce

A user is anyone who logs in to Salesforce. Users are employees in your organization. Every user in Salesforce has a user account. The user account identifies the user, and the account settings determine what features and records the user can access.

Each user account contains at least the following:

Usernames:

It must be unique across all Salesforce organizations.

User Licenses:

It determines which features the user can access in Salesforce. For example, you can allow users access to standard Salesforce features and Chatter with the standard Salesforce license. But, if you want to grant a user access to only some features in Salesforce, you have a host of licenses to choose from. For example, if you have to grant a user access to Chatter without allowing them to see any data in Salesforce, you can give them a Chatter Free license.

Profiles:

It determines what users can do in Salesforce. Profiles should be selected based on a user’s job function.

Roles:

It determines what users can see in Salesforce based on where they are located in the role hierarchy. These are optional but each user can have only one.

Alias:

An alias is a short name to identify the user on list pages, reports, or other places where their entire name doesn’t fit. By default, the alias is the first letter of the user’s first name and the first four letters of their last name.

User records in Salesforce can’t be deleted, it can only be deactivated or frozen.

Moving forward, let us now look at Profile Level (Object Level Security).