Salesforce
Sharing Rules Overview
Salesforce sharing
rules are put into force when records and other data requires to be shared
among the employees or multiple users in an organization. Sharing the
records using Salesforce therefore becomes the option to be used by the
organization. However, sharing of this data can be risky especially when it
involves sharing of sensitive data. This creates necessity for regulations to
monitor the sharing process as well as monitor the recipients of the data.
Navigation====>>
Setup--->SecurityControls---->SharingSettings---->SharingRules---->Types
Types of
Salesforce Sharing Rules:
1 Manual Sharing
Manual sharing is
where the sharing process in triggered by an individual. This happens when a
user who has full and unrestricted access to the records wants to share the
files and records with another user or even a group of users. Manual sharing is
applicable when you want to share a few records. It also dictates that the
record should be shared between users who are not housed in same Role
Hierarchy. The record owner, after satisfying the two conditions can allow the
users or the group to have access to the records.
Manual sharing has
been used to share records in many organizations. Some of the situations that
can lead to records being shared manually include:
- A private account record can be shared by a user if the account requires to be worked on by a group of users who are working on pulling a large deal. This is common when a client uses manual sharing to allow multiple users from different geographical areas to have access to a national account that they need to work on.
- Some organizations allow for manual sharing to allow experts from different areas to have access to a record. For instance, an organization can opt to incorporate a Sales Rep who has expertise in the sales industry and allow access to an Account in the Sales industry, though the account is not within the Rep’s assigned territory.
- Other cases involve situations when managers allow access to accounts so as to allow visibility of the progress in other territories.
2.
Automatic Sharing
When one is using a
workflow, you can set when to give access and when not to give access to either
individuals or groups of users. With automatic sharing, the record owner has
limited work on the record during sharing and the users too have limited chances
of getting access to unwanted or unauthorized records.
Automatic sharing is
used when one wants to handle the security requirements in a one-off basis. For
instance:
- When practicing Team Selling and you have multiple users, it becomes necessary to use automatic sharing. This is because all the multiple users in the team will require access to the account. However, because then you still will need the account to be a Private Account, you will need to use salesforce sharing rules to safeguard the account.
- In automatic sharing, indicators, that is checkboxes, are used on different accounts. These indicators are used to differentiate between Strategic Accounts and Corporate Accounts. These indicators are essential in automatic sharing so as to ensure only the authorized persons have access to the accounts.
- Salesforce sharing rules have for a long time been used to extend read and write access that supports personnel in an organization.
- Automatic salesforce sharing rules are used to extend read and write privileges to the teams not within the hierarchy while still avoiding to subject the record owner to a waiting queue.
Salesforce sharing
rules enable you to handle security requirements on a one-off basis. Such
security requirements would otherwise require you to create several profiles to
get access to the records, a process that will cost you your much needed time.
However, since cooperation between different users in an organization is
paramount while still safeguarding the security of the records, salesforce
sharing rules become a necessity.
There are, however,
rules and regulations that govern the Salesforce sharing rules. These
guidelines makes it possible for you to share records while still maintaining
the safety of the records. Here are some of the limits and considerations that
govern the sharing rules in Salesforce.
- Salesforce sharing rules should not be stricter as compared to Organization Wide Defaults. If you need to maintain a restricted access, then you will need to use another security type instead. Sharing rules are only used to make records accessible by many
- Manual sharing is usually available on specific records and not on all records
- Sharing rules are usually applicable on selected records which have Public or Private Read Only access
- Sharing rules give you the green light to give read and write as well as read only access to records. However, of note is that the user should be careful on the security level they really want, either access to info only security or full collaboration security.
- When admins are deciding on the type of sharing to use, automatic or manual, they can decide whether the security should be applied on the records or not. Ensure that if you opt to apply the security on the records, the decision makes sense and will not stall the sharing process.
- When you create an owner-based salesforce sharing rule using the same source as that of the existing rule, and target the groups targeted by the existing rules, the existing rules gets overwritten and the new rule takes over.
- Once a salesforce sharing rule is saved, you won’t be able to change the Share-with-field settings after you change the sharing rule.
- All existing and new users are subject to sharing rules that originate from the same source as the source data.
- All active and inactive users are subject to sharing rules
- When access levels of a rule are changed, the existing records are updated to match the new access levels.
- In case a sharing rule is deleted, sharing access created by the deleted rule gets automatically deleted.
- By modify the users in a role, group or territory, you automatically trigger re-evaluation of sharing rules where access is removed or added where necessary
- By transferring records to a different user, re-evaluation of sharing rules takes place to decide where to remove or add access to the transferred records.
The sharing of records
is very vital for the performance of an organization, so it is imperative that
you understand the Salesforce sharing rules.
Different Types of sharing rules :
Type Based on Set Default Sharing access for
Account owner or other criteria, including account record
types or field values
|
Accounts and their associated contracts, opportunities, cases,
and optionally, contacts and orders
|
|
Territory assignment
|
Accounts and their associated cases, contacts, contracts, and
opportunities
|
|
Asset owner or other criteria, including asset record types or
field values
|
Individual asset records
|
|
Campaign owner or other criteria, including campaign record
types or field values
|
Individual campaign records
|
|
Case owner or other criteria, including case record types or
field values
|
Individual cases and associated accounts
|
|
Contact owner or other criteria, including contact record
types or field values
|
Individual contacts and associated accounts
|
|
Custom object owner or other criteria, including custom object
record types or field values
|
Individual custom object records
|
|
Lead owner or other criteria, including lead record types or
field values
|
Individual leads
|
|
Opportunity owner or other criteria, including opportunity
record types or field values
|
Individual opportunities and their associated accounts
|
|
Order owner or other criteria, including order record types or
field values
|
Individual orders
|
|
Group membership or other criteria, including username and
whether the user is active
|
Individual user records
|
|
User provisioning request owner, only; criteria-based sharing
rules aren’t available
|
Individual user provisioning request records
|