Working with Information Securely

Learning Objectives

After completing this unit, you’ll be able to:

• Explain how to maintain security during your project.
  

Keep Your Information Safe

So, you’ve found an expert to help your organization through a pro bono engagement - congratulations! Pro Bono volunteers can be an invaluable resource in helping you to optimize Salesforce. Now, you might be wondering: “How will we work together? What do they need access to— and how do I ensure this is not a security risk?”

Rest assured, effective collaboration on a Salesforce Pro Bono Project should never require you to take any security risks for you or your organization's data.

Here are some security best practices to keep in mind as you engage with a pro bono volunteer.

Give Volunteers Sandbox AccessDo not share your personal admin login and password with your volunteers. Instead, give them a Sandbox or their own license if their role will require them to access the production org. Every Salesforce.org customer has, at a minimum, access to several developer sandboxes and a partial copy sandbox (the exact number and type of sandboxes are determined by your license type).

With a Sandbox, you can provide your volunteers with full access to your organization’s schema and automated processes while still protecting your production data from accidental changes. Your volunteers can try out solutions in a safe test environment and you won’t have to worry about them breaking existing functionality.

Tip: Create the sandbox a day or two ahead of your first meeting with a volunteer. Sandboxes can sometimes take some time to spin up.

Consider Data Access Level for VolunteersConsider the level of data access that your volunteer will have. You may want to use dummy data in your sandbox so that your volunteer does not have access to Personally-Identifying Data.

Tip: In cases of sensitive data, you may want to consult with your legal team for advice about the appropriate level of data visibility.

Document Changes to Your Production Org

Volunteer engagements are usually not long-term and are dependent on the volunteer’s availability, so it is not safe to assume they’ll always be available to answer any questions or make future changes. Documenting any volunteer work done is critical to ensuring you understand how Salesforce is set up and will make it far easier for you or fellow staff members to make any future updates to Salesforce.

Tip: The most basic way to monitor any setup changes is to enable “view audit trail history” in their volunteer's user permissions when first giving them access. However, it’s recommended to also have volunteers provide a more thorough documentation - not only of fields or objects they changed, but also why they made those change(s) and the process involved in making them.

After the project is complete, remove access and change any passwords that volunteer might have had access to.

Resources

• Salesforce Website: Impact Exchange
• Trailhead: Set Up a Sandbox in Your Salesforce Org
• Knowledge Article: Create or Edit Sandbox Templates
• Knowledge Article: Sandboxes: Staging Environments for Customizing and Testing
• Knowledge Article: Manage Your Sandboxes
• Trailhead: Salesforce Security Basics Trail Module
• Video: How To Understand And Document Process In Salesforce