Introduction
Salesforce is known to be the number 1 CRM (Customer Relationship Management) platform on a global level. It helps in different departments, such as marketing, sales, ecommerce, service, and IT teams while ensuring that they work as one entity from anywhere. This is to ensure that the customers are happy everywhere.
Salesforce’s main aim is to unite one’s marketing, sales, commerce, service, and IT teams and that too from anywhere with its feature of ‘Customer 360’. Customer 360 is an integrated CRM platform that has the power of Salesforce’s entire suite of all its connected applications. With the help of Customer 360, one can easily focus on their employees over what is more important at the current moment, which includes stabilizing one’s own business, reopening the same, as well as getting back to delivering exceptional customer experiences.
One useful feature that Salesforce possesses is its capability to provide various information that has been accumulated by an individual and that further may be used by the other people or teams existing within the organization. The administrators could well set up the software to ensure the access has been shared to those in the public groups and also to those within several roles or who would be assigned to operate the same in different territories.
These rules are further designed to open sharing customer information to segments of one’s organization that might not have already had access.
In this blog, we’ll discuss more of these Sharing Rules in Salesforce in more detail.
What are Sharing Rules?
The ‘Sharing Rules’ in Salesforce can be well defined as the guidelines that are required to be followed to provide access to the information and data to several customers in a particular company or group of areas. They aim at helping over expanding the sharing access for various users which is dependent on their roles and regions. Certain users are also provided with special permissions so that they would be able to automatically set their organization’s expectations.
The process of creating these sharing rules for the open access to sharing of data as well as the records could be easily carried out by who owns the data and information. Moreover, there is the creation of these sharing rules along with variables from a specific record.
An important note here is that to be able to manage this sharing, one should be assigned firstly to have an administrative level of access. These administrators are granted full access to all the objects present within the system and would be able to configure them easily to be accessible to multiple users.
Now, let’s learn about its types in detail, before discussing the important considerations while using the same.
Types of Sharing Rules in Salesforce:
The Sharing Rules in Salesforce are of the following types:
1. Managed Sharing:
Managed sharing is termed a description of the access that will be further provided to others based on who owns a specific record, the hierarchy of roles, and several sharing rules that could be applied. There are four levels of access that could be easily granted to the users. These include- Private, Public Read-only, Public Read/Write, and Public Read/Write/Transfer.
2. Record Ownership:
The person who creates a record is typically known as the owner of the same. The owner of an object record is given full access to all the aspects of a record, which further involves read, right, and updating functionality. Owners could easily share records, transfer, or delete them.
Read our blog on Benefits and Drawbacks of MVC Architecture
3. Role Hierarchy:
People or users that are at the top of the hierarchy are granted access to similar levels of records while using the role hierarchy. These records could further be owned or shared by the other users that are placed below the hierarchy. Thus, the data could be released implicitly by granting unrestricted access to anyone placed above or below the specified level.
4. Manual Sharing:
A helpful feature in these sharing rules is that it would grant the users to share the records manually as well with any other user, or with a group of users and is termed as manual sharing. The end-users are also allowed to give individualized access to specified individual records. One important thing to understand here is that the only people who will be permitted to share the records manually are the record owners or anyone who has a superior level of access in the role hierarchy.
5. Apex Managed Sharing:
For the developers that are working with the Salesforce platform, Apex-managed sharing enables the option of sharing items programmatically while using the Apex code. To further manage a record using Apex, the specific user must be granted the “modify all data” permission. If a specific record’s sharing permissions have already been set, these permissions would be maintained if any record changes its ownership.
How to Create Sharing Rules in Salesforce?
Before the creation of Sharing Rules, the System Administrator must give few basic answers for the following 3 steps:
1. Selecting which Records to be Shared:
Recognizing the Records that are required to be shared. These Records are further differentiated as per the Record Owner or may be based on specific criteria.
Read our blog on What is Queue in Salesforce?
2. Selecting the Users to Share with:
The level of access is further put up for decision with the help of only this step.
3. Selecting the Level of Access for the Users:
The level of access is further put up for decision with the help of only this step.
After the above steps are fulfilled, the administrators can start with the following steps:
Step 1: Go towards the Setup and access the ‘Quick Find box’ to search the public groups available.
Step 2: Click on the ‘NEW’ option, which would be able to further open the membership page for reviewers that are added to the group.
Step 3: One has the option to choose other groups, users, roles, subordinates, etc., from this New public group.
Step 4: After this, the label reviewers to the rule can be easily assigned.
Step 5: The name of the group will be filled in automatically as one click on it. The specified name will be further assigned by API packages.
Step 6: After this, choose ‘Rules’ from the given drop-down menu.
Step 7: From the provided member list, one would be able to select the different roles, after performing the above steps and then click on ‘Add’.
Step 8: Now move towards the drop-down list and further choose roles and subordinates altogether.
Step 9: From the given available member list, one needs to click on the ‘recruiting manager’, then click on the ‘Add’ option.
Step 10: Once a public group has been created, it can be further put to use to define the ‘Sharing rules’.
Best Practices for Using Sharing Rules
1. Maintaining some control over the number of rules:
One can include more and more of the Sharing Rules. It is quite possible to include up to over 300 sharing rules that would be defined per object. But it is not necessary to use each one of them. This is why it is generally better to ensure that the ownership-based sharing rules are kept limited to 100 per object, and criteria rules limited to 50 in number, else the performance could suffer, and this might make it more difficult to manage.
Don’t forget to learn about Salesforce Record Level Security Model
2. Keeping track of the sharing rules:
If there are too many sharing rules specified, it could become difficult to manage even if one is making sure to maintain these accesses correctly. In case, more than one rule has been applied to a specific object for any user or a role, Salesforce would further provide permission for more access, so these should be kept pretty simple. It is quite important to note that once a sharing rule has been saved, one cannot change the user or role with whom the “share with” rule has been set up without recreation of the entire rule.
3. Being careful with “View All” or “Modify All”:
One should always be made aware of the dangerous permissions within the Sharing Rules in Salesforce, which are of ‘View All’ or ‘Modify All’ within the profiles. These permissions are set up in a specific profile or rightly set permissions where one should be giving object access but are giving access to records, should restrict themselves from using them. Also, one should always remember that these permissions can be applied not only to object-level but to ‘All Data’ as well.
Conclusion
Almost every organization is dependent on providing access to data to a specified user or a particular group of users. That is the main reason due to which it has become quite essential to start using a powerful security model like Sharing Rules in Salesforce. With Sharing Rules in Salesforce in place, the organizations can also extend this access to marketing specialists and further allow horizontal access to data as per the requirement as made by any specified user. This would further secure the data that comes from unauthorized access and ensure that limited access to the information has been offered to the maximum of the users.
If you are keen to know more about such concepts in Salesforce and learn more amazing things about the Salesforce platform through its certification courses, you can contact us at S2 Labs as we provide the Salesforce Certification Training with online and instructor-led training options. Reach us out to know more!