The data access security model
There are several flexible options for you to control how records are accessed within your organization.
In the previous chapter, we looked at the broadest way that you can control data by setting properties for the objects that a user can view, edit, and create through the configuration and assignment of profiles.
We also looked at the creation of fields and field-level security which is set at profile level and is applied to records at the database level. Returning to the diagram, we will now look at the security model shown at the top-right corner of the following diagram:
The data access security model is the lowest level of data access and security, and enables you to control access at record level using the following four features:
- Organization-Wide Defaults (OWDs)
- Role hierarchy
- Sharing rules
- Manual sharing
The following diagram shows how, with the addition of each extra feature shown, the scope of provided access to records widens:
We will now look at mechanisms...