Skip to main content
GroupsData Classification
Group

Data Classification

Feedback on our new Data Classification pilot and upcoming beta
Rhys Cuff (IT Applications Specialist at HASI)
Apr 17, 2024, 3:14 PM
How to bulk update BusinessOwnerId

I'm trying to update the BusinessOwnerId classification field on a bunch of our custom fields. I've seen reference to somehow doing it using the Metadata API to update CusomField but I'd like to know what that means in practical terms. I can query FieldDefinition but when I try to update it I get the error "You can't update records for the object: FieldDefinition". When I try to query CustomField I get an error that "sObject type CustomField is not supported".  

 

Is there a step by step guide for how to set BusinessOwnerId on multiple fields for people who aren't developers? 

2 answers
  1. Sushil Kumar (UKG) Forum Ambassador
    Apr 17, 2024, 3:26 PM

    And see this - https://developer.salesforce.com/docs/atlas.en-us.api_tooling.meta/api_tooling/tooling_api_objects_fielddefinition.htm, only query/describe calls are supported. 

Write an answer...
0/9000
Rakesh Gupta (Enterprise Architect at Salesforce MVP | Author | Blog: automationchampion.com) posted in #Flow
Nov 19, 2023, 5:44 AM

Read the following articles to improve your Salesforce knowledge.  

 

  1. The Shield of Security: Preventing Data Downloads with Data Classification
  2. When to Use Before-Save vs After-Save Record-Triggered Flows
  3. Salesforce Flow Design Patterns – from Fundamentals to Mastery
  4. Find All Record-Triggered Flows for an Object

#Flow #Slack #Salesforce Developer 

4 comments
Write a comment...
0/9000
Jodie Miners (Director at The Detail Department | Salesforce MVP HoF | Salesforce Indicators)
Jul 10, 2019, 3:51 AM

Sorry if some of these questions have been aksed before. I have been playing with this new feature and really like it.... but....

  • The Data Owner field does not seem to be a regular User / Queue picklist (I'm assuming that's becuase it's User / Public Group which doesn't exist anywhere else in Setup). You can not type in part of a name and have it automatially resolve on save. Eg my user's name is Integration, I can not type "integ" and save (which would resolve to Integration as it is the only user with that combination of characters). 
  • The Metadata is then hard coded with the sanbox name and makes deployment impossible without manually modifying the xml file. Eg the integration user name in Sandbox is integration@mycompany.com.devsandbox and that is what is hard coded in the metadata of the field XML. 
  • Why can I not set the Data Classification fields on creation of a field (I know it is going to be a similar answer as to why I can't set Permission Sets as part of the field creation wizard, which is probably becasue some other team looks after the field creation wizard and there is probably not a PM assigned to the field creation wizard functionality at the moment, or something equally as strange as that). Bottom line is, to us, it doesn't matter who's team it's on, this misisng functionality means this feature is only partially delivered. 
  • Why out of two picklists, do I have two different ways of updating the values, why can't both of them be editable via the UI? What is so special abou the Business Status picklist that it can't be edited via the API? 

But overall I love this feature and would love to see it extended, like @Cheryl Feldman said.

 

One use-case for extension is a picklist for which external system or which component of which external system it's in. Yes, I know the ideal is that each external system has it's own user name, so you can set the user, but currently I'm transitioning from one external system to another which will use the same user. I can probably set up each system as Public Group and use that as the owner, but it seems a bit of overkill just to provide a bit of documentation.

 

Since the day they announced the metadata dependency API I have thought wouldn't it be fab to have a way of determining which fields are in use by external sytems and then NEVER allow the API names to be changed on those fields (yep, been there, done that, changed an API name and broke an integration). This looks like it could be the start of something as valuable as that!  

7 comments
Write a comment...
0/9000
Aske Bong-Saxe (Head of Functional Solutions at Giveclarity.org Ltd)
Jun 13, 2019, 9:03 AM

Hi @Marla Hay. I have a fairly basic question about the data classification fields and their values.

 

I have tried to look through the release notes and the help documentation (https://help.salesforce.com/articleView?id=data_classification_metadata_fields.htm&type=5), but I can't seem to find the answers to my questions.

 

My core question is; what do each of the picklist values in the new fields actually do, or what do they mean?

  1. For example, what impact does it have that I assign Field Usage to be ‘DeprecateCandidate’ compared to ‘Hidden’? And how does that impact manifest itself?
  2. Does it have a technical impact somewhere in Salesforce that I put the ‘Data Sensitivity Level’ to “Confidential” compared to “Restricted”?

Basically, the relationship or particular differences between these different settings aren't immediately clear to me. Would it be possible to publish your definition for each of those picklist values in Field Usage and Data Sensitivity?

 

Also, can the field metadata be accessed by Apex? For example, if I would like to manipulate the data from all fields on a record which are classified as 'Data Sensitivity' = "Public", could I invoke an Apex class to do that?

 

Thank you.

5 comments
  1. Marla Hay (Salesforce)
    Jun 29, 2019, 1:35 AM
    Thanks - we will definitely add documentation on the meaning of the list. I'm not sure it makes sense to automatically make a field active. Some customers go through an evaluation process when a new field is released and it may make sense to allow a field to start in a blank state and only become active after it's been processed by the team making the determination to use the field. This is good information for us to consider and continue to research, though, and we'll put some additional thought into it. Thanks again!
Write a comment...
0/9000
zachary hinsdale (Manager at Deloitte at deloitte)
May 5, 2022, 5:13 PM
How to implement and use data classification for security

I am trying to implement data classification for my org, using our data masking as the guide on what to classify. question is, once I add the classification to the fields, how can I use that classification to stop reports from being exported with sensitive records that have a certain classification? Can data classification metadata be used in TSP rules to prevent that data from being exported? and, is the metadata maintained if we sync with another org? so that down stream that data keeps its classification so that other tools will be able to see it and act on it? 

1 answer
  1. Marla Hay (Salesforce)
    May 5, 2022, 5:26 PM

    Yes, you can use data classification in TSP - use Apex to get the classification and make a policy determination based on that classification value (the data classification values are outlined here: https://help.salesforce.com/s/articleView?id=sf.data_classification_metadata_fields.htm&type=5, in FieldDefinition)  The metadata can be retrieved for syncing with other orgs, you can pull the data through SOQL queries, etc. It's stored as metadata against the field within FieldDefinition, so whatever you can do with that metadata you can do with Data Classification.

Write an answer...
0/9000
Melodie Johnson (Salesforce Administrator at GWG)
Nov 22, 2019, 2:17 PM

I am new to using the Data Classification fields within our org, and am looking for a solution to mass update all the classification fields:

Data Owner

Field Usage

Data Sensitivity Level

Compliance Categorization 

 

Is there a tool that can be used to upload all our necessary fields at once or will it be more of a manual effort?

 

Thanks!

9 comments
Write a comment...
0/9000
Brenda Murphy (Skyward)
Nov 17, 2020, 3:09 PM

I work in Security, not Sales, and know very little about Salesforce. I'm trying to help the Sales team set up data classification. Everything is working fine, but I'd prefer to assign the "Data Owner" to a group rather than an individual so it's easier to maintain. The Administrator created a public group for me, but it isn't discoverable when I click the lookup for Data Owner. When I type the group name and save I see the attached error. The help files say group assignment is possible so I'm assuming this is a simple configuration issue. Does anyone have a suggestion?

 

Thanks!

Screen Shot 2020-11-17 at 9.02.20 AM.png
Write a comment...
0/9000
Jodie Miners (Director at The Detail Department | Salesforce MVP HoF | Salesforce Indicators)
Sep 26, 2019, 5:43 AM

There was something mentioned in one of the Release Readiness videos about the Data Classification fields being used in Apex to extend the functionality of the new release of Event Monitoring. Is there any further documentation on that, and is there any other cool ways that you can use the data classification fields in a more active way? 

2 comments
Write a comment...
0/9000
Scott Eng (Salesforce Architect at The Glenmede Trust Company, N.A.)
Sep 9, 2019, 2:42 PM

Does anyone have any tips on where to start with the Data Classification feature?  Like a way of prioritizing which fields should be documented first, or a methodology of how to tackle the documentation/classification issue when you're starting from near-zero?

1 comment
  1. Marla Hay (Salesforce)
    Sep 30, 2019, 3:24 PM
    Hi Scott - Internally, for the default classification (which required the same exercise) we started with 'people' objects, because one of our goals was to be sure we understood what data and fields were PII. So, we classified every object that related to a person (Contact, Lead, Users, Accounts, Individuals.) From there, we looked at what objects were related and branched out. This kept our classification focused on the people's data stored in the system.
Write a comment...
0/9000
Toni V. Martin (MVP) posted in Salesforce Business Analysts
Jul 8, 2019, 6:14 PM

Hey y'all! What tools/software do you use that you think more Salesforce Business Analysts should know about? What's made your life 10 times easier since you started using it? 

 

Looking for companies/contacts who want to reach the more than 1100 attendees of the Salesforce Business Analyst Virtual Summit--Elements.cloud is a great example, who's already on board!

 

@WIT Group, Atlanta, US @Admin Group, Atlanta, US @Marketer Group, Atlanta, US @* Salesforce Administrators * @Admin to Admin Academy @AdminHero.com Community @Women in Tech 

11 comments
Write a comment...
0/9000