DATA SECURITY Flashcards
Where is the ““TRUSTED IP range set up at?
Under the company “org” settings
Where are log in hours and IP RANGE set up at?
Under profiles
What determines what home page(APP) you will land on once signing in?
Individual role
What is object access based on?
Profile and permission
Can RECORDS under an OBJECT be access if the profile dont have access to the OBJECT?
No, in order to access the records of an object, the profile would need access to the actual object
What is the MINIMUM access of an OBJECT is needed to view the RECORD of that OBJECT?
Read access
What key decisions that affects the security of your ORG?
Choosing the data set each user or group of users can see
What does assigning different data sets to different sets of users do?
balance security
convenience
reduce the risk of stolen or misused data
How many levels can you control data access ?
4 levels
What are the four levels you can control data access?
whole org,
a specific object,
a specific field,
or an individual record.
How can you control data access within your ORG?
Create and maintain a list of authorized users
set password policies
limit logins to certain hours and locations (iP address)
How can you control data access with OBJECTS?
object-level data is the simplest to control.
Three ways to control object-level access:
1)Set permissions on an object to prevent a group of users from creating, viewing, editing, or deleting any records of that object
2) use profiles to manage the objects that users can access and the permissions they have for each object.
3) use permission sets and permission set groups to extend access and permissions without modifying users’ profiles.
How can you control data access with FIELDS?
By restricting access to certain fields, even if a user has access to the object.
How can you control data access with a RECORD?
Manage record-level access in these four ways:
1) Organization-wide
2) Role hierarchies
3) Sharing rules
4) Manual sharing
How can you control data access with a RECORD ORG WIDE?
Use org-wide sharing settings to lock down your data to the most restrictive level
Then use the other record-level security and sharing tools to selectively give access to other users.
How can you control data access with a RECORD WITH ROLE HIERARCHIES?
Users higher in the hierarchy have access to all records owned by users below them in the hierarchy.
role hierarchies don’t have to match your org chart yet should represent a level of data access that a user or group of users needs.
How can you control data access with a RECORD WITH SHARING RULES?
are automatic exceptions to organization-wide defaults for particular groups of users, so they can get to records they don’t own or can’t normally see. Sharing rules, like role hierarchies, are only used to give additional users access to records. They can’t be stricter than your organization-wide default settings.