Salesforce Chatter security is a hot topic so we thought we’d weigh in with our 5 cents.
The Salesforce CRM system is known for its robust security and Chatter is no different.
Let’s first take a look at Salesforce security and then we’ll see how Chatter fits in.
For Salesforce.com Professional Edition and above, (in Salesforce Group Edition, all users see all records) you start off with the Org Wide Defaults (OWD’s). Here is where you determine if objects (accounts, contacts, etc) are private, public read only, or public read/write. If the object is public, then all users can read and/or edit the object’s records. Each object has its own setting and child objects in a master/detail relationship inherit their parent’s selection.
Salesforce Enterprise and Unlimited editions also have profile permissions but for the purpose of this article, we will assume that all Salesforce profiles have at least read access to all objects.
If a Salesforce object is set as private, then only the owner and a system administrator can view the record. This is where sharing rules and the role hierarchy come in.
If you grant access using Salesforce hierarchies, then the people that the owner of the record reports to in the role hierarchy can also view and edit their records. This continues up the chain to the top role in the hierarchy within Salesforce.
Sharing rules allow you to open up access to an object based on roles or groups. For instance, if accounts are private so each sales rep can only see their own, how can a support rep see the account to add cases or make required changes?
You can set up a sharing rule in Salesforce that takes all accounts owned by the sales role and gives read/write access to the support role. This works the same for any object, role, and group you have so the possibilities are endless. Marketing users may only need to view accounts but not edit them and support users have no need to see leads.
In instances with a private sharing model, there is also manual sharing. If a sales rep needs to share one account with a co-worker, and the OWD’s for accounts is private, then the rep can use the Sharing button on the account record to share it with whomever they like. This is used on a single record basis and assumes that the Salesforce system administrator has enabled manual sharing.
So how does Salesforce Chatter fit into this?
In an open sharing model, or Group edition, when one user posts a feed to a record, then anyone logged into Salesforce can theoretically see the post and record. Most smaller companies have open sharing models so if you are using an open sharing model, you may want to look at making it private and then opening it back up as needed to maintain data security.
In a private sharing model, when a user posts a Chatter feed to a Salesforce record, only the people that the object is shared to can view the record or post. This applies to auto-feeds for people following the record as well. So, if sales reps can only see their own records and access is granted to support through a sharing rule, then a support user could see the record and post. If the support rep is following the account, then they would receive an automatic feed.
So, as you can see, it all depends on who has access to the record. Chatter feeds or posts cannot open up records to people that do not have access to the record itself. Now let’s take a look at Chatter profiles and groups.
Chatter profiles are viewable by all Salesforce users. If user A posts a feed to user B’s profile, then user B and any users following user B will receive the feed and any user that views user B’s profile will see the post.
Chatter groups are a little different. They can either be public or private. Any user can join a public group and then view all posts to that group. Users must ask permission to join private groups and can only see posts to that group when they are members. If user A posts to a private group, and user B, who is not a member of that group, views user A’s profile, user B will not see that group post.
Salesforce reports and dashboards follow the same rules. Assuming the administer enabled report and dashboard following, if a user does not have access to the folder for the report or dashboard, then they will not be able to see any posts associated to it.
Salesforce went to great lengths to make Chatter as secure as the rest of the CRM system so as long as your sharing settings are set for your business process, then rest assured that Chatter will not compromise them.
Contact us if you have any questions on any of the above.