Skip to main content

Identity and Access Management (IAM)

Work In Progress
This page is a work in progress, accuracy of the content is not guaranteed and is subject to change at any time.

Identity and Access Management (IAM) is a framework of policies and technologies for ensuring that the right people in an organisation have the appropriate access to technology resources. In the context of Salesforce, IAM is a critical component for ensuring that users have the right access to objects, fields, Apex classes, etc., to perform their job functions. A proper IAM strategy is critical for maintaining the security and integrity of a Salesforce org, and a well-designed one allows for admins to easily manage user access and permissions.

Principle of least privilege

The principle of least privilege is a security concept that states that a user should have the minimum level of access required to perform their job functions, and nothing more. In practice, this doesn't just extend to users, but also to other applications and systems that interface with Salesforce. By following this principle, you can reduce the risk of unauthorised access to sensitive data, and reduce the potential impact of a security breach.

For example, a user who approves jobs does not need access to the financial data of the company, so the user's permissions should only grant them access to the Job object and any fields required to approve them.

In general, following the principle of least privilege provides the following benefits:

  • Users can’t accidentally perform high-privilege actions without explicit permission
  • Malicious insiders can’t leverage over-privileged accounts to further their attacks
  • Attackers can’t take advantage of poor permissions to make their attacks easier

Salesforce IAM

Salesforce has a wide-ranging set of tools to provide granular control over people's access within the system. The primary tools are:

danger

Historically, Profiles were the go-to tool for managing permissions. These are being deprecated (date TBC) in favour of Permission Sets. Only use profiles for providing defaults (record types, apps) and page layouts. Use Permission sets for managing access to objects, fields, classes, etc.