13 Mar 2016

Sharing Rules in Salesforce

Salesforce Sharing Rules Overview

Salesforce sharing rules are put into force when records and other data requires to be shared among the employees or multiple users in an organization. Sharing the records using Salesforce therefore becomes the option to be used by the organization. However, sharing of this data can be risky especially when it involves sharing of sensitive data. This creates necessity for regulations to monitor the sharing process as well as monitor the recipients of the data.
Navigation====>>
Setup--->SecurityControls---->SharingSettings---->SharingRules---->Types
Types of  Salesforce Sharing Rules:
1 Manual Sharing
Manual sharing is where the sharing process in triggered by an individual. This happens when a user who has full and unrestricted access to the records wants to share the files and records with another user or even a group of users. Manual sharing is applicable when you want to share a few records. It also dictates that the record should be shared between users who are not housed in same Role Hierarchy. The record owner, after satisfying the two conditions can allow the users or the group to have access to the records.
Manual sharing has been used to share records in many organizations. Some of the situations that can lead to records being shared manually include:

  •  A private account record can be shared by a user if the account requires to be worked on by a group of users who are working on pulling a large deal. This is common when a client uses manual sharing to allow multiple users from different geographical areas to have access to a national account that they need to work on.
  • Some organizations allow for manual sharing to allow experts from different areas to have access to a record. For instance, an organization can opt to incorporate a Sales Rep who has expertise in the sales industry and allow access to an Account in the Sales industry, though the account is not within the Rep’s assigned territory.
  • Other cases involve situations when managers allow access to accounts so as to allow visibility of the progress in other territories.
2. Automatic Sharing


When one is using a workflow, you can set when to give access and when not to give access to either individuals or groups of users. With automatic sharing, the record owner has limited work on the record during sharing and the users too have limited chances of getting access to unwanted or unauthorized records.
Automatic sharing is used when one wants to handle the security requirements in a one-off basis. For instance:
  • When practicing Team Selling and you have multiple users, it becomes necessary to use automatic sharing. This is because all the multiple users in the team will require access to the account. However, because then you still will need the account to be a Private Account, you will need to use salesforce sharing rules to safeguard the account.
  • In automatic sharing, indicators, that is checkboxes, are used on different accounts. These indicators are used to differentiate between Strategic Accounts and Corporate Accounts. These indicators are essential in automatic sharing so as to ensure only the authorized persons have access to the accounts.
  • Salesforce sharing rules have for a long time been used to extend read and write access that supports personnel in an organization.
  • Automatic salesforce sharing rules are used to extend read and write privileges to the teams not within the hierarchy while still avoiding to subject the record owner to a waiting queue.
Salesforce sharing rules enable you to handle security requirements on a one-off basis. Such security requirements would otherwise require you to create several profiles to get access to the records, a process that will cost you your much needed time. However, since cooperation between different users in an organization is paramount while still safeguarding the security of the records, salesforce sharing rules become a necessity.

There are, however, rules and regulations that govern the Salesforce sharing rules. These guidelines makes it possible for you to share records while still maintaining the safety of the records. Here are some of the limits and considerations that govern the sharing rules in Salesforce.
  • Salesforce sharing rules should not be stricter as compared to Organization Wide Defaults. If you need to maintain a restricted access, then you will need to use another security type instead. Sharing rules are only used to make records accessible by many
  • Manual sharing is usually available on specific records and not on all records
  • Sharing rules are usually applicable on selected records which have Public or Private Read Only access
  • Sharing rules give you the green light to give read and write as well as read only access to records. However, of note is that the user should be careful on the security level they really want, either access to info only security or full collaboration security.
  • When admins are deciding on the type of sharing to use, automatic or manual, they can decide whether the security should be applied on the records or not. Ensure that if you opt to apply the security on the records, the decision makes sense and will not stall the sharing process.
  • When you create an owner-based salesforce sharing rule using the same source as that of the existing rule, and target the groups targeted by the existing rules, the existing rules gets overwritten and the new rule takes over.
  • Once a salesforce sharing rule is saved, you won’t be able to change the Share-with-field settings after you change the sharing rule.
  • All existing and new users are subject to sharing rules that originate from the same source as the source data.
  • All active and inactive users are subject to sharing rules
  • When access levels of a rule are changed, the existing records are updated to match the new access levels.
  • In case a sharing rule is deleted, sharing access created by the deleted rule gets automatically deleted.
  •  By modify the users in a role, group or territory, you automatically trigger re-evaluation of sharing rules where access is removed or added where necessary
  •  By transferring records to a different user, re-evaluation of sharing rules takes place to decide where to remove or add access to the transferred records.
The sharing of records is very vital for the performance of an organization, so it is imperative that you understand the  Salesforce sharing rules.
Different Types of sharing rules :
Type                                   Based on                Set Default Sharing  access for
Account owner or other criteria, including account record types or field values
Accounts and their associated contracts, opportunities, cases, and optionally, contacts and orders
Territory assignment
Accounts and their associated cases, contacts, contracts, and opportunities
Asset owner or other criteria, including asset record types or field values
Individual asset records
Campaign owner or other criteria, including campaign record types or field values
Individual campaign records
Case owner or other criteria, including case record types or field values
Individual cases and associated accounts
Contact owner or other criteria, including contact record types or field values
Individual contacts and associated accounts
Custom object owner or other criteria, including custom object record types or field values
Individual custom object records
Lead owner or other criteria, including lead record types or field values
Individual leads
Opportunity owner or other criteria, including opportunity record types or field values
Individual opportunities and their associated accounts
Order owner or other criteria, including order record types or field values
Individual orders
Group membership or other criteria, including username and whether the user is active
Individual user records
User provisioning request owner, only; criteria-based sharing rules aren’t available
Individual user provisioning request records