Skip to main content

Restrict Login Hours and IP Ranges

Learning Objectives

In this project, you’ll:

  • Restrict when and where users can log in to an organization.
  • Determine the levels of access users have to objects.
  • Set up a data access model using the role hierarchy, sharing, and teams.
  • Control the levels of access users have to fields.

Introduction

The CEO of AW Computing, Jon Wiseman, has some security concerns. He wants to reduce the chances of unauthorized access to data housed in Salesforce.  

Not everyone in your organization should have the same level of access. Support users should only be able to log in during the company’s standard office hours, and only when connected to the company network. All other users should have 24/7 access and be able to log in on the company network and the VPN.

Jon has enlisted your awesome admin skills to help resolve this issue. In this project, you learn to secure your Salesforce organization by controlling exactly what data your users have access to within it. Organizational setup image, showing the Field nested inside the Record, which is nested inside the Object.

Throughout this project, we revisit this org chart to see how we can set access at each of these levels.

Follow Along with Trail Together

Want to follow along with an expert as you work through this step? Take a look at this video, part of the Trail Together series.

Restrict Login Hours on the Support Profile

  1. Click the Setup gear Setup icon and select Setup.
  2. Enter Profiles in the Quick Find box, and select Profiles.
  3. Click Custom: Support Profile.
  4. Under Login Hours click Edit and set up the schedule.
    Note: Ensure the listed time is Pacific [Standard or Daylight] Time (America/Los_Angeles). If not, adjust the organization's time zone to Pacific Time (America/Los_Angeles) before adjusting the login hours: Setup > Company Information > Edit > Under Locale Settings, adjust the Default Time Zone to Pacific [Standard or Daylight] Time (America/Los_Angeles) > Save.
    Field Value
    Sunday
    		 12:00 AM to 12:00 AM
    Monday 8:00 AM to 6:00 PM
    Tuesday 8:00 AM to 6:00 PM
    Wednesday 8:00 AM to 6:00 PM
    Thursday 8:00 AM to 6:00 PM
    Friday 8:00 AM to 6:00 PM
    Saturday 12:00 AM to 12:00 AM
  5. Click Save.

Restrict the Login IP Range on the Custom: Support Profile

  1. Under Login IP Ranges, click New and enter the details. Login IP Ranges page in Salesforce.
  2. Enter these values:
    • Start IP Address: 0.0.0.0
    • End IP Address: 255.255.255.255
    • Description: San Diego
  3. Click Save.
Note

For the purpose of this step, we’re including all IP Ranges; however, in a real-life scenario, you would set a more realistic range. 

Now that you’ve restricted the login IP Range for users with the Support profile, move on to the next step, where you continue to enhance security in the AW Computing org by adding new users and setting their security levels using permission sets. 

Keep learning for
free!
Sign up for an account to continue.
Sign Up Login
What’s in it for you?
  • Get personalized recommendations for your career goals
  • Practice your skills with hands-on challenges and quizzes
  • Track and share your progress with employers
  • Connect to mentorship and career opportunities
Skip for now