Blockers with “Data Security” Module

Control access to data using point-and-click security tools.

Photo by Scott Webb from Pexels

Hello, fellow Trailblazers, if you are following any of the following Trails then you would be completing the “Data Security” module.

  1. Administer Salesforce from Anywhere During COVID-19
  2. Admin Intermediate
  3. Developer Beginner
  4. Discover B2B Core Features and Concepts
  5. Protect Your Salesforce Data

In any case, if you’re stuck in this module and want to get the above badge, then this blog is for you only. Here, I tried to discuss various blockers that you might be facing in this Module. So let’s discuss these blockers, dealing one unit at a time.

Unit 2: Control Access to the Org

In this unit, we have to create a new user, with System Administrator as Profile, Salesforce as License, and the username of this user should contain “guest admin” somewhere in it.

The point that can block this unit to complete is forgetting to deactivate this new user.

Hence, before clicking on the Check Challenge, just check whether you have deactivated the user or not.

Unit 3: Control Access to Objects

In this unit, we need to clone the “Minimum Access — Salesforce” profile and provide the following settings to it

  • Profile Name- Cleaner
  • Object Permissions: Accounts (Read, Edit)
  • Object Permissions: Contacts (Read, Edit)
  • Object Permissions: Leads (Read, Edit)

Here the following blockers can arise.

  1. Instead of cloning the profile we created a new profile. So make sure, don’t create any new profile, you just need to go to the profile page and then clone the “Minimum Access-Salesforce” profile.
  2. The second blocker can be assigned permission to the wrong object. This might seem to be impossible, but this can happen. Contacts and Contracts are two such objects which seem to be almost the same.
  3. One more issue that can arise here is related to wrong permission. It might happen that you have selected the wrong permissions for the objects and this may occur as the header row of the permissions is not visible as soon as we scroll down. Though this header row should be frozen, it’s not and hence can be a blocker.
  4. Another blocker for this unit can be ignoring the last instruction given and that is to “Make sure Edit and Create object permissions aren’t enabled for any other objects in the Cleaner profile”.
Point — 1
Point — 2
Point — 3

Unit 4: Control Access to Fields

In this unit as well we need to clone profiles but with that, we also need to create new permission sets.

Task 1 — Cloning Profile

Current Profile- Standard User

Cloned Profile Name- Sales

Object # 1- Accounts (Read, Create, Edit)

Object # 2- Contacts (Read, Create, Edit)

Field- Rating field of Account Object (no access)

Keep the rest of the permissions of the Standard User profile as it is.

Task 2 — Creating Permission Set

Label & API Name- Rating

User License- Salesforce

Field- Rating field of Account Object (Read, Edit)

Following blockers may be stopping for this unit to complete.

  1. Blockers of the previous unit can also occur in this unit as well. So keep a note of that.
  2. Other than object-level permission we need to set field-level permission which we may forget to give. One of the common blockers is we might try to find field level permission after clicking on the Edit of the specific profile. But for reaching the field level permission, click on the Profile first (instead of clicking the edit) and then scroll down to field level security and click on the view icon on the Account object. Now you would be able to see all the fields, from where you can edit and revoke the read and edit permission from the Rating field.
  3. Another blocker in this unit can be disturbing the Permission Set of Standard User Profile. It’s being asked to keep the rest of the settings as it is, so make sure not to commit these mistakes.
  4. In Creating a permission set task, there can be a blocker of not getting the place to update the field level sharing settings. One of the best and fastest ways to find the place is to search for the Object name in the “Find Settings” box. On that page, you will get all the fields of that object.
Point — 2.1
Point — 2.2
Point — 4.1
Point — 4.2

Unit 5: Control Access to Records

In this unit, we need to create a custom object with the following configuration.

Label- Project

Plural Label- Projects

Object Name- Project

Record Name- Project Name

Record Name Data Type- Text

This is one of the simplest units to go with but still one of the blockers has fair chances to occur here and that is related to the last instruction of the challenge, which we generally don’t focus on or simply ignore. It says to “Configure organization-wide default sharing settings for the Project object so that Project records are visible only to the record owner and to users above them in the role hierarchy.”

  1. One straightforward blocker here is to ignore this statement, so please don’t do that.
  2. Another blocker related to the same step is not getting where to provide the Org-Wide sharing settings. So the answer is at Sharing Settings and to go there just go to the setup and search Sharing Setting in Quick Find Box.
  3. One more blocker related to the step is providing wrong settings, for following the instruction we have to provide ‘Private’ to the default internal and default external access of the Project Object.
  4. Another blocker for the step is clicking on the “Check the Challenge” button as soon as the org-wide settings are saved. This setting takes time to apply so just wait for a few minutes and then check the challenge.

Unit 6: Create a Role Hierarchy

In this unit, we need to create 3 Roles and hence this is also a very easy unit to complete but there can be a blocker in this unit as well and that is to provide wrong “Reports to” value for the roles hence makes sure to provide correct Reports to value for each role.

  • Role- “Chief Sales Officer” ==> Reports to- “CEO”
  • Role- “Sales Strategy Manager” ==> Reports to- “Chief Sales Officer”
  • Role- “Training Coordinator” ==> Reports to- “Sales Strategy Manager”

Unit 7: Define Sharing Rules

In this unit, we need to create a Custom Field and a Sharing rule for the object. One of the common blockers related to this unit is to find the place to provide sharing rules. So, to overcome this blocker all you need to go to the Sharing Settings page and scroll down till you find the Project Sharing Rule section from where you can provide the new Sharing rule.

Friends, I have tried to add as many blockers as I can think of in this situation, please leave comments in case if you are facing any blockers or if you have faced any which I have left here to discuss.

Hope, this will help you clear this “Data Security” Module.

Thank you and Happy Trailblazing…




4x Salesforce Certified, Developer, Trainer, Author and amateur Poet Mostly writes about Salesforce Technologies, Latest Releases & programming Languages…

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Photo by Radu Florin on Unsplash

Blog Series: Understanding Microservices using AbhiShop App

How to connect Stackdriver to your smart home server for error logging

Scaleway: public IP not attached to network interface

Setup basic public key authentication

Spring Boot with OSGi

Basic Git Commands you need to Master

A Complete Guide to the API-First Approach

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Amit Kumar

Amit Kumar

4x Salesforce Certified, Developer, Trainer, Author and amateur Poet Mostly writes about Salesforce Technologies, Latest Releases & programming Languages…

More from Medium

What is Salesforce Einstein and why should you use it in your business?

Top 5 Open Source Automation Testing Tools

Google has dropped FLoC to replace third-party cookies in advertising favoring new Topics API

How to create Galera claster using MariaDB 10.6.5 on Centos 7