SlideShare a Scribd company logo

The minimum-profile approach – the modern way to design an efficient security model, Milen Kisov

CzechDreamin
CzechDreamin

Salesforce functionality has evolved immensely over the last years, yet not enough attention has been paid to the way we manage Salesforce’s security and the core principles that everyone should follow. Join me in this session where we’ll take a step back and look at the evolution of the Salesforce security features. We’ll discuss the issues with having multiple profiles, how complex security requirements can be met using the minimum-profile approach, and what its benefits and limitations are.

Technology
1 of 18
Download to read offline
The Minimum-Profile Approach – the Modern Way to Design an Efficient Security Model
Milen Kisov Salesforce Solution Architect https://trailblazer.me/id/milenkisov https://uk.linkedin.com/in/milenkisov
I T ’ S F I N A L LY H E R E ! We’re announcing the end of life (EOL) of permissions on profiles that will be the Spring ’26 release. Salesforce, Jan 2023
P R O F I L E S When was Salesforce launched? User Profile Bob Sales Team Sales Team Profile 1999 Fiona Sales Manager Sales Manager Profile
P E R M I S S I O N S E T S When was Salesforce launched? When did Salesforce launch permission sets? 2012 Sales Profile User Profile Permission Set Sales Manager Permission Set Bob, Sales Team Fiona, Sales Manager
P E R M I S S I O N S E T S C H A L L E N G E 1000 users + 1000 permission sets = 1,000,000 permission set assignments
P E R M I S S I O N S E T G R O U P S When did Salesforce launch permission set groups? 2020
MINIMUM-PROFILE APPROACH Keeping the number of user profiles to the absolute minimum based only on functionality that can’t be achieved otherwise.
I S S U E S W I T H P R O F I L E S 01 HARD TO DEPLOY 02 03 04 INFLEXIBLE NOT REUSABLE NO NEW FEATURES
P E R M I S S I O N S A F T E R S P R I N G ‘ 2 6 User Permissions (System & App) Object & Field Permissions Record Types (not defaults) Apps (not defaults) Connected Apps Access Apex Classes & VF Pages Tab Settings Custom Permissions PERMISSION SETS PROFILES Login Hours Login IP Ranges Default Record Types/Apps Page Layout Assignments
P E R M I S S I O N S E T S A N D P E R M I S S I O N S E T G R O U P S D E S I G N P R I N C I P L E S Secure Following the Principle of Least Privilege Reliable Scalable Simple Easy to maintain
W A Y S T O M O D E L P E R M I S S I O N S E T S Use Case Example Naming Convention Option To provide all users a base level of access • [Company Name] - Base Access; Company-wide permission set To provide CRED access to a certain object when it's not part of the Base Access • Manage Contacts; Object-specific permission set To provide granular access to a certain object when it's not part of the Base Access • Create Contacts; • Read Contacts; • Edit Contacts; • Delete Contacts; Granular object-specific permission set Additional access for a persona/ department/ team/ user • Marketing Department; • Marketing - Edit Contacts; • CEO - Delete Opportunities; Persona/ department/ team/ user - specific permission set
S A M P L E U S E C A S E Sales Marketing Face-to-Face Sales Team Telesales Team Email Marketing Team Social Marketing Team Executives Compliance Need to create Opportunities of 'Telesales' record type Need to create Opportunities of 'F2F' record type Need to be able to delete Campaigns
P E R M I S S I O N S M O D E L L I N G – O P T I O N 1 Face-to-Face Sales Team Telesales Team Executives Email Marketing Team Social Marketing Team Compliance Team Minimum Access Profile Sales Permission Set Group Marketing Permission Set Group Compliance Permission Set Group F2F Sales - Create Opportunities Permission Set Telesales - Create Opportunities Permission Set Email Marketing - Delete Campaigns Permission Set Executives Permission Set Group
P E R M I S S I O N S M O D E L L I N G – O P T I O N 2 Minimum Access Profile Face-to-Face Sales Permission Set Group Telesales Permission Set Group Executives Permission Set Group Email Marketing Permission Set Group Social Marketing Permission Set Group Compliance Permission Set Group Company-Wide Permission Set Sales Teams Permission Set Marketing Permission Set Compliance Permission Set F2F Sales Permission Set Telesales Permission Set Executives Permission Set
C O N S I D E R A T I O N S A N D L E S S O N S L E A R N T 1000 Permission Sets 100 Permission Sets per Permission Set Group Less granular = easier to maintain Home Pages Document your model and ensure everyone follows it Lookup Filters, Duplicate Rules
A N A L Y S E & M I G R A T E U S E R P E R M I S S I O N S F R O M P R O F I L E S T O P E R M I S S I O N S E T S A N D P E R M I S S I O N S E T G R O U P S Analyse Migrate User Access Policies (Open Beta as of Summer '23)
Thank you

Recommended

Understanding the Salesforce Architecture: How We Do the Magic We Do
Understanding the Salesforce Architecture: How We Do the Magic We DoUnderstanding the Salesforce Architecture: How We Do the Magic We Do
Understanding the Salesforce Architecture: How We Do the Magic We Do
Salesforce Developers
 
Product Management and Metrics by Amazon Sr PM
Product Management and Metrics by Amazon Sr PMProduct Management and Metrics by Amazon Sr PM
Product Management and Metrics by Amazon Sr PM
Product School
 
Essential Habits for Salesforce Admins: Actionable Analytics
Essential Habits for Salesforce Admins: Actionable AnalyticsEssential Habits for Salesforce Admins: Actionable Analytics
Essential Habits for Salesforce Admins: Actionable Analytics
Salesforce Admins
 
Building a Customer Success Team (July 14, 2016)
Building a Customer Success Team (July 14, 2016)Building a Customer Success Team (July 14, 2016)
Building a Customer Success Team (July 14, 2016)
Salesforce Partners
 
A guide to product metrics by Mixpanel
A guide to product metrics by MixpanelA guide to product metrics by Mixpanel
A guide to product metrics by Mixpanel
Harsha MV
 
Salesforce Deck Template
Salesforce Deck TemplateSalesforce Deck Template
Salesforce Deck Template
Phil Weinmeister
 
Monthly Marketing Report Complete Powerpoint Deck With Slides
Monthly Marketing Report Complete Powerpoint Deck With SlidesMonthly Marketing Report Complete Powerpoint Deck With Slides
Monthly Marketing Report Complete Powerpoint Deck With Slides
SlideTeam
 
Build AI-Powered Predictions with Einstein Prediction Builder
Build AI-Powered Predictions with Einstein Prediction BuilderBuild AI-Powered Predictions with Einstein Prediction Builder
Build AI-Powered Predictions with Einstein Prediction Builder
Salesforce Admins
 

Recommended

Understanding the Salesforce Architecture: How We Do the Magic We Do
Understanding the Salesforce Architecture: How We Do the Magic We DoUnderstanding the Salesforce Architecture: How We Do the Magic We Do
Understanding the Salesforce Architecture: How We Do the Magic We Do
Salesforce Developers
 
Product Management and Metrics by Amazon Sr PM
Product Management and Metrics by Amazon Sr PMProduct Management and Metrics by Amazon Sr PM
Product Management and Metrics by Amazon Sr PM
Product School
 
Essential Habits for Salesforce Admins: Actionable Analytics
Essential Habits for Salesforce Admins: Actionable AnalyticsEssential Habits for Salesforce Admins: Actionable Analytics
Essential Habits for Salesforce Admins: Actionable Analytics
Salesforce Admins
 
Building a Customer Success Team (July 14, 2016)
Building a Customer Success Team (July 14, 2016)Building a Customer Success Team (July 14, 2016)
Building a Customer Success Team (July 14, 2016)
Salesforce Partners
 
A guide to product metrics by Mixpanel
A guide to product metrics by MixpanelA guide to product metrics by Mixpanel
A guide to product metrics by Mixpanel
Harsha MV
 
Salesforce Deck Template
Salesforce Deck TemplateSalesforce Deck Template
Salesforce Deck Template
Phil Weinmeister
 
Monthly Marketing Report Complete Powerpoint Deck With Slides
Monthly Marketing Report Complete Powerpoint Deck With SlidesMonthly Marketing Report Complete Powerpoint Deck With Slides
Monthly Marketing Report Complete Powerpoint Deck With Slides
SlideTeam
 
Build AI-Powered Predictions with Einstein Prediction Builder
Build AI-Powered Predictions with Einstein Prediction BuilderBuild AI-Powered Predictions with Einstein Prediction Builder
Build AI-Powered Predictions with Einstein Prediction Builder
Salesforce Admins
 
Operating Model Powerpoint Presentation Slides
Operating Model Powerpoint Presentation SlidesOperating Model Powerpoint Presentation Slides
Operating Model Powerpoint Presentation Slides
SlideTeam
 
Pardot basics
Pardot basicsPardot basics
Pardot basics
Amit Chaudhary
 
Introduction to External Objects and the OData Connector
Introduction to External Objects and the OData ConnectorIntroduction to External Objects and the OData Connector
Introduction to External Objects and the OData Connector
Salesforce Developers
 
Getting started with Marketing Cloud
Getting started with Marketing CloudGetting started with Marketing Cloud
Getting started with Marketing Cloud
sonumanoj
 
Taking control of your queries with GraphQL, Alba Rivas
Taking control of your queries with GraphQL, Alba RivasTaking control of your queries with GraphQL, Alba Rivas
Taking control of your queries with GraphQL, Alba Rivas
CzechDreamin
 
What is energy monitoring?
What is energy monitoring?What is energy monitoring?
What is energy monitoring?
Crestron Electronics
 
First 90 days as a Product Manager
First 90 days as a Product ManagerFirst 90 days as a Product Manager
First 90 days as a Product Manager
Product School
 
Salesforce intro session_for_students_v2
Salesforce intro session_for_students_v2Salesforce intro session_for_students_v2
Salesforce intro session_for_students_v2
Stephen Edache Paul
 
Endless Use Cases with Salesforce Experience Cloud by Dar Veverka
Endless Use Cases with Salesforce Experience Cloud by Dar VeverkaEndless Use Cases with Salesforce Experience Cloud by Dar Veverka
Endless Use Cases with Salesforce Experience Cloud by Dar Veverka
Alesia Dvorkina
 
Lightning Connect Custom Adapters: Connecting Anything with Salesforce
Lightning Connect Custom Adapters: Connecting Anything with SalesforceLightning Connect Custom Adapters: Connecting Anything with Salesforce
Lightning Connect Custom Adapters: Connecting Anything with Salesforce
Salesforce Developers
 
The Incredible Ways Shell Uses Artificial Intelligence To Help Transform The ...
The Incredible Ways Shell Uses Artificial Intelligence To Help Transform The ...The Incredible Ways Shell Uses Artificial Intelligence To Help Transform The ...
The Incredible Ways Shell Uses Artificial Intelligence To Help Transform The ...
Bernard Marr
 
Stakeholder Management for Product Managers - ProductTank Paris
Stakeholder Management for Product Managers - ProductTank ParisStakeholder Management for Product Managers - ProductTank Paris
Stakeholder Management for Product Managers - ProductTank Paris
Jean-Yves SIMON
 
Salesforce Cross-Cloud Architecture
Salesforce Cross-Cloud ArchitectureSalesforce Cross-Cloud Architecture
Salesforce Cross-Cloud Architecture
Thierry TROUIN ☁
 
Setting up Security in Your Salesforce Instance
Setting up Security in Your Salesforce InstanceSetting up Security in Your Salesforce Instance
Setting up Security in Your Salesforce Instance
Salesforce Developers
 
How To Optimize Your Product Using Analytics by Dan Olsen
How To Optimize Your Product Using Analytics by Dan OlsenHow To Optimize Your Product Using Analytics by Dan Olsen
How To Optimize Your Product Using Analytics by Dan Olsen
Product School
 
A primer on Salesforce Knowledge - what why how!
A primer on Salesforce Knowledge - what why how!A primer on Salesforce Knowledge - what why how!
A primer on Salesforce Knowledge - what why how!
Avi Verma
 
Salesforce Flows Architecture Best Practices
Salesforce Flows Architecture Best PracticesSalesforce Flows Architecture Best Practices
Salesforce Flows Architecture Best Practices
panayaofficial
 
The Fundamentals of User Adoption
The Fundamentals of User AdoptionThe Fundamentals of User Adoption
The Fundamentals of User Adoption
UserIQ
 
Introduction to Salesforce.com
Introduction to Salesforce.comIntroduction to Salesforce.com
Introduction to Salesforce.com
Edureka!
 
Mobile Data Sponsorship
Mobile Data Sponsorship Mobile Data Sponsorship
Mobile Data Sponsorship
Mustafa Oyumi
 
Keeping it Simple with Permission Sets
Keeping it Simple with Permission SetsKeeping it Simple with Permission Sets
Keeping it Simple with Permission Sets
Configero
 
Salesforce is for Everyone.pptx
Salesforce is for Everyone.pptxSalesforce is for Everyone.pptx
Salesforce is for Everyone.pptx
jenniferndlovu
 

More Related Content

What's hot

Operating Model Powerpoint Presentation Slides
Operating Model Powerpoint Presentation SlidesOperating Model Powerpoint Presentation Slides
Operating Model Powerpoint Presentation Slides
SlideTeam
 
Introduction to External Objects and the OData Connector
Introduction to External Objects and the OData ConnectorIntroduction to External Objects and the OData Connector
Introduction to External Objects and the OData Connector
Salesforce Developers
 
Salesforce Cross-Cloud Architecture
Salesforce Cross-Cloud ArchitectureSalesforce Cross-Cloud Architecture
Salesforce Cross-Cloud Architecture
Thierry TROUIN ☁
 
Salesforce Flows Architecture Best Practices
Salesforce Flows Architecture Best PracticesSalesforce Flows Architecture Best Practices
Salesforce Flows Architecture Best Practices
panayaofficial
 

What's hot (20)

Operating Model Powerpoint Presentation Slides
Operating Model Powerpoint Presentation SlidesOperating Model Powerpoint Presentation Slides
Operating Model Powerpoint Presentation Slides
 
Pardot basics
Pardot basicsPardot basics
Pardot basics
 
Introduction to External Objects and the OData Connector
Introduction to External Objects and the OData ConnectorIntroduction to External Objects and the OData Connector
Introduction to External Objects and the OData Connector
 
Getting started with Marketing Cloud
Getting started with Marketing CloudGetting started with Marketing Cloud
Getting started with Marketing Cloud
 
Taking control of your queries with GraphQL, Alba Rivas
Taking control of your queries with GraphQL, Alba RivasTaking control of your queries with GraphQL, Alba Rivas
Taking control of your queries with GraphQL, Alba Rivas
 
What is energy monitoring?
What is energy monitoring?What is energy monitoring?
What is energy monitoring?
 
First 90 days as a Product Manager
First 90 days as a Product ManagerFirst 90 days as a Product Manager
First 90 days as a Product Manager
 
Salesforce intro session_for_students_v2
Salesforce intro session_for_students_v2Salesforce intro session_for_students_v2
Salesforce intro session_for_students_v2
 
Endless Use Cases with Salesforce Experience Cloud by Dar Veverka
Endless Use Cases with Salesforce Experience Cloud by Dar VeverkaEndless Use Cases with Salesforce Experience Cloud by Dar Veverka
Endless Use Cases with Salesforce Experience Cloud by Dar Veverka
 
Lightning Connect Custom Adapters: Connecting Anything with Salesforce
Lightning Connect Custom Adapters: Connecting Anything with SalesforceLightning Connect Custom Adapters: Connecting Anything with Salesforce
Lightning Connect Custom Adapters: Connecting Anything with Salesforce
 
The Incredible Ways Shell Uses Artificial Intelligence To Help Transform The ...
The Incredible Ways Shell Uses Artificial Intelligence To Help Transform The ...The Incredible Ways Shell Uses Artificial Intelligence To Help Transform The ...
The Incredible Ways Shell Uses Artificial Intelligence To Help Transform The ...
 
Stakeholder Management for Product Managers - ProductTank Paris
Stakeholder Management for Product Managers - ProductTank ParisStakeholder Management for Product Managers - ProductTank Paris
Stakeholder Management for Product Managers - ProductTank Paris
 
Salesforce Cross-Cloud Architecture
Salesforce Cross-Cloud ArchitectureSalesforce Cross-Cloud Architecture
Salesforce Cross-Cloud Architecture
 
Setting up Security in Your Salesforce Instance
Setting up Security in Your Salesforce InstanceSetting up Security in Your Salesforce Instance
Setting up Security in Your Salesforce Instance
 
How To Optimize Your Product Using Analytics by Dan Olsen
How To Optimize Your Product Using Analytics by Dan OlsenHow To Optimize Your Product Using Analytics by Dan Olsen
How To Optimize Your Product Using Analytics by Dan Olsen
 
A primer on Salesforce Knowledge - what why how!
A primer on Salesforce Knowledge - what why how!A primer on Salesforce Knowledge - what why how!
A primer on Salesforce Knowledge - what why how!
 
Salesforce Flows Architecture Best Practices
Salesforce Flows Architecture Best PracticesSalesforce Flows Architecture Best Practices
Salesforce Flows Architecture Best Practices
 
The Fundamentals of User Adoption
The Fundamentals of User AdoptionThe Fundamentals of User Adoption
The Fundamentals of User Adoption
 
Introduction to Salesforce.com
Introduction to Salesforce.comIntroduction to Salesforce.com
Introduction to Salesforce.com
 
Mobile Data Sponsorship
Mobile Data Sponsorship Mobile Data Sponsorship
Mobile Data Sponsorship
 

Similar to The minimum-profile approach – the modern way to design an efficient security model, Milen Kisov

Jacksonville, FL Salesforce Administrator Community Group June 2020 Deck
Jacksonville, FL Salesforce Administrator Community Group June 2020 DeckJacksonville, FL Salesforce Administrator Community Group June 2020 Deck
Jacksonville, FL Salesforce Administrator Community Group June 2020 Deck
Marc Lester
 
Top Salesforce Influencers You Need to Follow
Top Salesforce Influencers You Need to FollowTop Salesforce Influencers You Need to Follow
Top Salesforce Influencers You Need to Follow
RingLead
 
Top Salesforce Influencers You Need to Follow
Top Salesforce Influencers You Need to FollowTop Salesforce Influencers You Need to Follow
Top Salesforce Influencers You Need to Follow
RingLead
 
ADM-201 Dumps | ADM-201 Online Tutorials 2023 - 2024
ADM-201 Dumps | ADM-201 Online Tutorials 2023 - 2024ADM-201 Dumps | ADM-201 Online Tutorials 2023 - 2024
ADM-201 Dumps | ADM-201 Online Tutorials 2023 - 2024
ADM-201 Online Tutorials
 
Orlando SFDC User Group 10/2011
Orlando SFDC User Group 10/2011Orlando SFDC User Group 10/2011
Orlando SFDC User Group 10/2011
Joshua Hoskins
 
To Share or Not to Share
To Share or Not to ShareTo Share or Not to Share
To Share or Not to Share
dreamforce2006
 
Salesforce Adoption and Best Practices
Salesforce Adoption and Best PracticesSalesforce Adoption and Best Practices
Salesforce Adoption and Best Practices
vraopolisetti
 
Retreever Consulting_Resume 9.23.16
Retreever Consulting_Resume 9.23.16Retreever Consulting_Resume 9.23.16
Retreever Consulting_Resume 9.23.16
Roger E. Bannister
 

Similar to The minimum-profile approach – the modern way to design an efficient security model, Milen Kisov (20)

Keeping it Simple with Permission Sets
Keeping it Simple with Permission SetsKeeping it Simple with Permission Sets
Keeping it Simple with Permission Sets
 
Salesforce is for Everyone.pptx
Salesforce is for Everyone.pptxSalesforce is for Everyone.pptx
Salesforce is for Everyone.pptx
 
Dreamforce 2019 GG & Spring 20 release features - Halifax, Canada Community
Dreamforce 2019 GG & Spring 20 release features - Halifax, Canada CommunityDreamforce 2019 GG & Spring 20 release features - Halifax, Canada Community
Dreamforce 2019 GG & Spring 20 release features - Halifax, Canada Community
 
Jacksonville, FL Salesforce Administrator Community Group June 2020 Deck
Jacksonville, FL Salesforce Administrator Community Group June 2020 DeckJacksonville, FL Salesforce Administrator Community Group June 2020 Deck
Jacksonville, FL Salesforce Administrator Community Group June 2020 Deck
 
Top Salesforce Influencers You Need to Follow
Top Salesforce Influencers You Need to FollowTop Salesforce Influencers You Need to Follow
Top Salesforce Influencers You Need to Follow
 
Sell Faster with Marketo Sales Insight
Sell Faster with Marketo Sales InsightSell Faster with Marketo Sales Insight
Sell Faster with Marketo Sales Insight
 
Salesforce Marketing 101 for Non-Profits
Salesforce Marketing 101 for Non-Profits Salesforce Marketing 101 for Non-Profits
Salesforce Marketing 101 for Non-Profits
 
Top Salesforce Influencers You Need to Follow
Top Salesforce Influencers You Need to FollowTop Salesforce Influencers You Need to Follow
Top Salesforce Influencers You Need to Follow
 
ADM-201 Dumps | ADM-201 Online Tutorials 2023 - 2024
ADM-201 Dumps | ADM-201 Online Tutorials 2023 - 2024ADM-201 Dumps | ADM-201 Online Tutorials 2023 - 2024
ADM-201 Dumps | ADM-201 Online Tutorials 2023 - 2024
 
Odaseva : un outil de gestion pour les règles RGPD
Odaseva : un outil de gestion pour les règles RGPDOdaseva : un outil de gestion pour les règles RGPD
Odaseva : un outil de gestion pour les règles RGPD
 
Orlando SFDC User Group 10/2011
Orlando SFDC User Group 10/2011Orlando SFDC User Group 10/2011
Orlando SFDC User Group 10/2011
 
Increasing Salesforce User Adoption
Increasing Salesforce User AdoptionIncreasing Salesforce User Adoption
Increasing Salesforce User Adoption
 
To Share or Not to Share
To Share or Not to ShareTo Share or Not to Share
To Share or Not to Share
 
Salesforce Adoption and Best Practices
Salesforce Adoption and Best PracticesSalesforce Adoption and Best Practices
Salesforce Adoption and Best Practices
 
How to use webcast linked in blog twitter facebook youtube to grow your business
How to use webcast linked in blog twitter facebook youtube to grow your businessHow to use webcast linked in blog twitter facebook youtube to grow your business
How to use webcast linked in blog twitter facebook youtube to grow your business
 
Cómo gestionar mi estrategia social para atención a clientes
Cómo gestionar mi estrategia social para atención a clientesCómo gestionar mi estrategia social para atención a clientes
Cómo gestionar mi estrategia social para atención a clientes
 
5 Steps For A Successful Salesforce Support Implementation
5 Steps For A Successful Salesforce Support Implementation5 Steps For A Successful Salesforce Support Implementation
5 Steps For A Successful Salesforce Support Implementation
 
How to Kick Start Your Career in Salesforce?
How to Kick Start Your Career in Salesforce?How to Kick Start Your Career in Salesforce?
How to Kick Start Your Career in Salesforce?
 
How to Become a Security-Minded Admin
How to Become a Security-Minded AdminHow to Become a Security-Minded Admin
How to Become a Security-Minded Admin
 
Retreever Consulting_Resume 9.23.16
Retreever Consulting_Resume 9.23.16Retreever Consulting_Resume 9.23.16
Retreever Consulting_Resume 9.23.16
 

More from CzechDreamin

How we should include Devops Center to get happy developers?, David Fernandez...
How we should include Devops Center to get happy developers?, David Fernandez...How we should include Devops Center to get happy developers?, David Fernandez...
How we should include Devops Center to get happy developers?, David Fernandez...
CzechDreamin
 
Streamline Your Integration with Salesforce’s Composite API: A Consultant’s G...
Streamline Your Integration with Salesforce’s Composite API: A Consultant’s G...Streamline Your Integration with Salesforce’s Composite API: A Consultant’s G...
Streamline Your Integration with Salesforce’s Composite API: A Consultant’s G...
CzechDreamin
 
How do you know you’re solving the right problem? Design Thinking for Salesfo...
How do you know you’re solving the right problem? Design Thinking for Salesfo...How do you know you’re solving the right problem? Design Thinking for Salesfo...
How do you know you’re solving the right problem? Design Thinking for Salesfo...
CzechDreamin
 
Real-time communication with Account Engagement (Pardot). Marketers meet deve...
Real-time communication with Account Engagement (Pardot). Marketers meet deve...Real-time communication with Account Engagement (Pardot). Marketers meet deve...
Real-time communication with Account Engagement (Pardot). Marketers meet deve...
CzechDreamin
 
Sales methodology for Salesforce Opportunity, Georgy Avilov
Sales methodology for Salesforce Opportunity, Georgy AvilovSales methodology for Salesforce Opportunity, Georgy Avilov
Sales methodology for Salesforce Opportunity, Georgy Avilov
CzechDreamin
 

More from CzechDreamin (20)

Salesforce Forecasting: Evolution, Implementation and Best Practices, Christi...
Salesforce Forecasting: Evolution, Implementation and Best Practices, Christi...Salesforce Forecasting: Evolution, Implementation and Best Practices, Christi...
Salesforce Forecasting: Evolution, Implementation and Best Practices, Christi...
 
Supercharge Salesforce Marketing Cloud: The Ultimate Apps Guide, Cyril Louis ...
Supercharge Salesforce Marketing Cloud: The Ultimate Apps Guide, Cyril Louis ...Supercharge Salesforce Marketing Cloud: The Ultimate Apps Guide, Cyril Louis ...
Supercharge Salesforce Marketing Cloud: The Ultimate Apps Guide, Cyril Louis ...
 
How we should include Devops Center to get happy developers?, David Fernandez...
How we should include Devops Center to get happy developers?, David Fernandez...How we should include Devops Center to get happy developers?, David Fernandez...
How we should include Devops Center to get happy developers?, David Fernandez...
 
Streamline Your Integration with Salesforce’s Composite API: A Consultant’s G...
Streamline Your Integration with Salesforce’s Composite API: A Consultant’s G...Streamline Your Integration with Salesforce’s Composite API: A Consultant’s G...
Streamline Your Integration with Salesforce’s Composite API: A Consultant’s G...
 
Architecting for Analytics, Aaron Crear
Architecting for Analytics, Aaron CrearArchitecting for Analytics, Aaron Crear
Architecting for Analytics, Aaron Crear
 
Ape to API, Filip Dousek
Ape to API, Filip DousekApe to API, Filip Dousek
Ape to API, Filip Dousek
 
Push Upgrades, The last mile of Salesforce DevOps, Manuel Moya
Push Upgrades, The last mile of Salesforce DevOps, Manuel MoyaPush Upgrades, The last mile of Salesforce DevOps, Manuel Moya
Push Upgrades, The last mile of Salesforce DevOps, Manuel Moya
 
How do you know you’re solving the right problem? Design Thinking for Salesfo...
How do you know you’re solving the right problem? Design Thinking for Salesfo...How do you know you’re solving the right problem? Design Thinking for Salesfo...
How do you know you’re solving the right problem? Design Thinking for Salesfo...
 
ChatGPT … How Does it Flow?, Mark Jones
ChatGPT … How Does it Flow?, Mark JonesChatGPT … How Does it Flow?, Mark Jones
ChatGPT … How Does it Flow?, Mark Jones
 
Real-time communication with Account Engagement (Pardot). Marketers meet deve...
Real-time communication with Account Engagement (Pardot). Marketers meet deve...Real-time communication with Account Engagement (Pardot). Marketers meet deve...
Real-time communication with Account Engagement (Pardot). Marketers meet deve...
 
Black Hat Session: Exploring and Exploiting Aura based Experiences, Christian...
Black Hat Session: Exploring and Exploiting Aura based Experiences, Christian...Black Hat Session: Exploring and Exploiting Aura based Experiences, Christian...
Black Hat Session: Exploring and Exploiting Aura based Experiences, Christian...
 
Sales methodology for Salesforce Opportunity, Georgy Avilov
Sales methodology for Salesforce Opportunity, Georgy AvilovSales methodology for Salesforce Opportunity, Georgy Avilov
Sales methodology for Salesforce Opportunity, Georgy Avilov
 
5 key ideas for robust and flexible REST API integrations with Apex, Lucian M...
5 key ideas for robust and flexible REST API integrations with Apex, Lucian M...5 key ideas for robust and flexible REST API integrations with Apex, Lucian M...
5 key ideas for robust and flexible REST API integrations with Apex, Lucian M...
 
Report & Dashboard REST API : Get your report accessible anywhere !, Romain Q...
Report & Dashboard REST API : Get your report accessible anywhere !, Romain Q...Report & Dashboard REST API : Get your report accessible anywhere !, Romain Q...
Report & Dashboard REST API : Get your report accessible anywhere !, Romain Q...
 
No Such Thing as Best Practice in Design, Nati Asher and Pat Fragoso
No Such Thing as Best Practice in Design, Nati Asher and Pat FragosoNo Such Thing as Best Practice in Design, Nati Asher and Pat Fragoso
No Such Thing as Best Practice in Design, Nati Asher and Pat Fragoso
 
Why do you Need to Migrate to Salesforce Flow?, Andrew Cook
Why do you Need to Migrate to Salesforce Flow?, Andrew CookWhy do you Need to Migrate to Salesforce Flow?, Andrew Cook
Why do you Need to Migrate to Salesforce Flow?, Andrew Cook
 
Be kind to your future admin self, Silvia Denaro & Nathaniel Sombu
Be kind to your future admin self, Silvia Denaro & Nathaniel SombuBe kind to your future admin self, Silvia Denaro & Nathaniel Sombu
Be kind to your future admin self, Silvia Denaro & Nathaniel Sombu
 
Monitoring Automation Performance in Marketing Cloud Engagement, Daniela Vrbk...
Monitoring Automation Performance in Marketing Cloud Engagement, Daniela Vrbk...Monitoring Automation Performance in Marketing Cloud Engagement, Daniela Vrbk...
Monitoring Automation Performance in Marketing Cloud Engagement, Daniela Vrbk...
 
Restriction Rules – The Whole Picture, Louise Lockie
Restriction Rules – The Whole Picture, Louise LockieRestriction Rules – The Whole Picture, Louise Lockie
Restriction Rules – The Whole Picture, Louise Lockie
 
Introduction to Custom Journey Builder Activities, Orkhan Alakbarli
Introduction to Custom Journey Builder Activities, Orkhan AlakbarliIntroduction to Custom Journey Builder Activities, Orkhan Alakbarli
Introduction to Custom Journey Builder Activities, Orkhan Alakbarli
 

Recently uploaded

Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 

Recently uploaded (20)

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 

The minimum-profile approach – the modern way to design an efficient security model, Milen Kisov

  • 1. The Minimum-Profile Approach – the Modern Way to Design an Efficient Security Model
  • 2. Milen Kisov Salesforce Solution Architect https://trailblazer.me/id/milenkisov https://uk.linkedin.com/in/milenkisov
  • 3. I T ’ S F I N A L LY H E R E ! We’re announcing the end of life (EOL) of permissions on profiles that will be the Spring ’26 release. Salesforce, Jan 2023
  • 4. P R O F I L E S When was Salesforce launched? User Profile Bob Sales Team Sales Team Profile 1999 Fiona Sales Manager Sales Manager Profile
  • 5. P E R M I S S I O N S E T S When was Salesforce launched? When did Salesforce launch permission sets? 2012 Sales Profile User Profile Permission Set Sales Manager Permission Set Bob, Sales Team Fiona, Sales Manager
  • 6. P E R M I S S I O N S E T S C H A L L E N G E 1000 users + 1000 permission sets = 1,000,000 permission set assignments
  • 7. P E R M I S S I O N S E T G R O U P S When did Salesforce launch permission set groups? 2020
  • 8. MINIMUM-PROFILE APPROACH Keeping the number of user profiles to the absolute minimum based only on functionality that can’t be achieved otherwise.
  • 9. I S S U E S W I T H P R O F I L E S 01 HARD TO DEPLOY 02 03 04 INFLEXIBLE NOT REUSABLE NO NEW FEATURES
  • 10. P E R M I S S I O N S A F T E R S P R I N G ‘ 2 6 User Permissions (System & App) Object & Field Permissions Record Types (not defaults) Apps (not defaults) Connected Apps Access Apex Classes & VF Pages Tab Settings Custom Permissions PERMISSION SETS PROFILES Login Hours Login IP Ranges Default Record Types/Apps Page Layout Assignments
  • 11. P E R M I S S I O N S E T S A N D P E R M I S S I O N S E T G R O U P S D E S I G N P R I N C I P L E S Secure Following the Principle of Least Privilege Reliable Scalable Simple Easy to maintain
  • 12. W A Y S T O M O D E L P E R M I S S I O N S E T S Use Case Example Naming Convention Option To provide all users a base level of access • [Company Name] - Base Access; Company-wide permission set To provide CRED access to a certain object when it's not part of the Base Access • Manage Contacts; Object-specific permission set To provide granular access to a certain object when it's not part of the Base Access • Create Contacts; • Read Contacts; • Edit Contacts; • Delete Contacts; Granular object-specific permission set Additional access for a persona/ department/ team/ user • Marketing Department; • Marketing - Edit Contacts; • CEO - Delete Opportunities; Persona/ department/ team/ user - specific permission set
  • 13. S A M P L E U S E C A S E Sales Marketing Face-to-Face Sales Team Telesales Team Email Marketing Team Social Marketing Team Executives Compliance Need to create Opportunities of 'Telesales' record type Need to create Opportunities of 'F2F' record type Need to be able to delete Campaigns
  • 14. P E R M I S S I O N S M O D E L L I N G – O P T I O N 1 Face-to-Face Sales Team Telesales Team Executives Email Marketing Team Social Marketing Team Compliance Team Minimum Access Profile Sales Permission Set Group Marketing Permission Set Group Compliance Permission Set Group F2F Sales - Create Opportunities Permission Set Telesales - Create Opportunities Permission Set Email Marketing - Delete Campaigns Permission Set Executives Permission Set Group
  • 15. P E R M I S S I O N S M O D E L L I N G – O P T I O N 2 Minimum Access Profile Face-to-Face Sales Permission Set Group Telesales Permission Set Group Executives Permission Set Group Email Marketing Permission Set Group Social Marketing Permission Set Group Compliance Permission Set Group Company-Wide Permission Set Sales Teams Permission Set Marketing Permission Set Compliance Permission Set F2F Sales Permission Set Telesales Permission Set Executives Permission Set
  • 16. C O N S I D E R A T I O N S A N D L E S S O N S L E A R N T 1000 Permission Sets 100 Permission Sets per Permission Set Group Less granular = easier to maintain Home Pages Document your model and ensure everyone follows it Lookup Filters, Duplicate Rules
  • 17. A N A L Y S E & M I G R A T E U S E R P E R M I S S I O N S F R O M P R O F I L E S T O P E R M I S S I O N S E T S A N D P E R M I S S I O N S E T G R O U P S Analyse Migrate User Access Policies (Open Beta as of Summer '23)