• Skip to main content
StarrDataStarrDataStarrData
  • Technologies
    Salesforce Revenue Cloud
    Salesforce CPQ

    Deliver fast & accurate proposals that empowers your sales team and maximizes company revenue.

    Salesforce Billing

    Seamlessly integrate your entire billing process with powerful Salesforce technologies.

    Salesforce Products
    Sales Cloud

    Empower your sales team by leveraging best practices throughout the company.

    Experience Cloud

    Connect your customers, employees & partners with the power of Salesforce.

  • Services
    Salesforce Implementation

    We'll help you get up and running quickly - from simple implementations to fully customized instances.

    Salesforce Administration

    Stop worrying about the day to day details of Salesforce and outsource to a 5-star certified Salesforce team.

    Salesforce Optimization

    Get the most out of your Salesforce investment by fine tuning your instance specifically for your needs.

  • Industries
  • Blog
  • Company

    Since 2009, StarrData has helped hundreds of companies leverage the power of Salesforce. We are a 5-star certified partner with an experienced team of consultants, solution architects, engineers, and administrators.

    Testimonials

    See what our clients say.

    Partners

    Companies we partner with to provide ancillary services and integrations.

    Commitment to Equality

    At StarrData we believe that all humans are equal, and diversity is a strength. We are committed to providing equal employment opportunities and world-class service to anyone, regardless of sex, color, gender, religion, or sexual orientation.

  • Client Portal
  • Contact

Salesforce Chatter Security and Salesforce Security, Everything You Wanted to Know (But Were Afraid to Ask)

By Darren Starr
Facebook
Twitter
Twitter

Salesforce Chatter security is a hot topic so we thought we’d weigh in with our 5 cents.

The Salesforce CRM system is known for its robust security and Chatter is no different.

Let’s first take a look at Salesforce security and then we’ll see how Chatter fits in.

Download Our Free Guide With Salesforce Best Practices

For Salesforce.com Professional Edition and above, (in Salesforce Group Edition, all users see all records) you start off with the Org Wide Defaults (OWD’s). Here is where you determine if objects (accounts, contacts, etc) are private, public read only, or public read/write. If the object is public, then all users can read and/or edit the object’s records. Each object has its own setting and child objects in a master/detail relationship inherit their parent’s selection.

Salesforce Enterprise and Unlimited editions also have profile permissions but for the purpose of this article, we will assume that all Salesforce profiles have at least read access to all objects.

If a Salesforce object is set as private, then only the owner and a system administrator can view the record. This is where sharing rules and the role hierarchy come in.

If you grant access using Salesforce hierarchies, then the people that the owner of the record reports to in the role hierarchy can also view and edit their records. This continues up the chain to the top role in the hierarchy within Salesforce.

Download Our Free Guide With Salesforce Best Practices

Sharing rules allow you to open up access to an object based on roles or groups. For instance, if accounts are private so each sales rep can only see their own, how can a support rep see the account to add cases or make required changes?

You can set up a sharing rule in Salesforce that takes all accounts owned by the sales role and gives read/write access to the support role. This works the same for any object, role, and group you have so the possibilities are endless. Marketing users may only need to view accounts but not edit them and support users have no need to see leads.

In instances with a private sharing model, there is also manual sharing. If a sales rep needs to share one account with a co-worker, and the OWD’s for accounts is private, then the rep can use the Sharing button on the account record to share it with whomever they like. This is used on a single record basis and assumes that the Salesforce system administrator has enabled manual sharing.

So how does Salesforce Chatter fit into this?

In an open sharing model, or Group edition, when one user posts a feed to a record, then anyone logged into Salesforce can theoretically see the post and record. Most smaller companies have open sharing models so if you are using an open sharing model, you may want to look at making it private and then opening it back up as needed to maintain data security.

In a private sharing model, when a user posts a Chatter feed to a Salesforce record, only the people that the object is shared to can view the record or post. This applies to auto-feeds for people following the record as well. So, if sales reps can only see their own records and access is granted to support through a sharing rule, then a support user could see the record and post. If the support rep is following the account, then they would receive an automatic feed.

So, as you can see, it all depends on who has access to the record. Chatter feeds or posts cannot open up records to people that do not have access to the record itself. Now let’s take a look at Chatter profiles and groups.

Chatter profiles are viewable by all Salesforce users. If user A posts a feed to user B’s profile, then user B and any users following user B will receive the feed and any user that views user B’s profile will see the post.

Chatter groups are a little different. They can either be public or private. Any user can join a public group and then view all posts to that group. Users must ask permission to join private groups and can only see posts to that group when they are members. If user A posts to a private group, and user B, who is not a member of that group, views user A’s profile, user B will not see that group post.

Salesforce reports and dashboards follow the same rules. Assuming the administer enabled report and dashboard following, if a user does not have access to the folder for the report or dashboard, then they will not be able to see any posts associated to it.

Salesforce went to great lengths to make Chatter as secure as the rest of the CRM system so as long as your sharing settings are set for your business process, then rest assured that Chatter will not compromise them.

Contact us if you have any questions on any of the above.

Posted in Chatter license, Cloud Computing, CRM, Enterprise IT, Salesforce Best Practices, Salesforce.com

Contact Us

888-391-4493 x101

1261 Locust St. #135, Walnut Creek, CA 94596

info@starrdata.com

Salesforce Partner Since 2009
Pledge1_ProudMember_Smallest

Additional Resources

  • Technologies
  • Services
  • Client Portal
  • Contact Us
  • Privacy Policy
  • Sitemap

About Us

StarrData is a 5-star rated salesforce.com partner who helps companies increase sales and productivity by providing Salesforce implementation and support services. Since 2009 we have helped hundreds of organizations to leverage the power of Salesforce.

© 2020 StarrData. All Rights Reserved.

Our Spring Sale Has Started

You can see how this popup was set up in our step-by-step guide: https://wppopupmaker.com/guides/auto-opening-announcement-popups/

Our Spring Sale Has Started

You can see how this popup was set up in our step-by-step guide: https://wppopupmaker.com/guides/auto-opening-announcement-popups/

Contact Us Today

To speak with someone right away, give us a call at (510) 984-3648.

  • This field is for validation purposes and should be left unchanged.