Keep the following points in mind while setting up security:
- First, consider the user who has the least possible visibility of the objects. Set up the organization-wide defaults based on them.
- Then, prepare the matrix for the users who have access to other objects. Prepare their profiles and permission sets based on that.
- Finally, set up the role hierarchies to enable mutual sharing of the objects.
- The remaining odd records can be shared using sharing rules.
Now that we have set up the roles and profiles, it's time to add our users.
The Library Management System is now in place and users can't wait to try it out. Create a user with a Standard User profile so that they can access the system:
- To create a user, go to Username | Setup | Administration Setup | Manage Users | Users.
- Click on New User.
If required, we can also add multiple users in a fresh organization.
- The Add New User page is self-explanatory; we will take at look at the important aspects only. Assign the Standard User profile to the user.
- The checkboxes on the right-hand side determine the functionality and other desktop applications used. For instance, if the user is allowed to access Salesforce from a mobile application, select Mobile User. Similarly, if the user can access the service cloud console, select service user.
- Fill in the contact information for the user. The user can change it later themselves.
- Local settings determine the language and the time zone for the user when they log in.
- Finally, if the user is to be notified, there is a separate checkbox at the bottom of the page. If the user is created for testing purposes, there shouldn't be a need to notify the user at the time. Checking this box will send the user a temporary one-time expiry password, which the user has to change at the first login.
- Save the record.
There is one important step skipped purposely in the form that is adding of the role, which we will see in the next section.
Another important step in user security settings is the password policy for the users. Password policies help maintain a strict and complex pattern in a password with the automatic expiry.
By default, Salesforce passwords expire in 90 days and the user cannot use three previous passwords. They are eight characters in length and should be a combination of alphanumeric characters. These policies can be changed using the Password Policies settings.
To change the Password Policies settings, perform the following steps:
- Go to User Name | Setup | Administration Setup | Security Controls | Password Policies.
- Change the policies according to the requirements, as shown in the following screenshot:
- The message and help link can be provided to the users in case they forget the password. If the system administrator forgets the password, we can reset it using the reset link sent to the e-mail.
Salesforce helps us manage our business and personal accounts. We can capture the information of the customers in the Account object provided by default in Salesforce. The accounts are Public by default; however; we can make them private if the company works with sensitive clients. We can capture the employees and important contacts with the account in the Contact object.
If it is a business to Customer Company, then we can set up a personal account that creates a single link between the account and contacts. A single contact record is merged with the account when we enable the personal account.
Along with the customers, we can capture opportunities, business deals, and contracts on the account.
For more information on the Accounts and Contact, go to https://developer.salesforce.com/trailhead/en/module/admin_intro_accounts_contacts.