Salesforce Dictionary - Free Salesforce GlossarySalesforce Dictionary
Salesforce Consultant
medium

How do you design a Salesforce security architecture?

Security architecture covers authentication, authorisation, sharing, FLS, audit, compliance.

1. Authentication.

  • MFA mandatory for all internal users (Salesforce mandate).
  • SSO for enterprise — federate via Okta / Azure AD / Ping.
  • Connected Apps for OAuth integrations; per-app scopes minimised.
  • Session settings — timeout, IP restrictions.
  • My Domain — required for SSO and Lightning Components.

2. Authorisation.

  • Profiles minimal; permission baseline only.
  • Permission Set Groups model job functions.
  • Muting Permission Sets for narrowing.
  • System permissions audited regularly (View All Data, Modify All Data).

3. Record-level access (Sharing).

  • OWD per object based on data sensitivity.
  • Role hierarchy mirroring org chart.
  • Sharing rules for cross-team access.
  • Apex Managed Sharing for complex logic.
  • External users (Communities) — separate OWD column.

4. Field-level access.

  • FLS enforced via Profile / Permission Set.
  • Encryption (Shield) for Restricted / Mission Critical fields.

5. Data protection.

  • Data Classification — every field classified by sensitivity / compliance.
  • Privacy Center for GDPR / CCPA / etc.
  • Data Retention policies, archival via Big Objects.
  • Encryption at rest (Shield Platform Encryption).
  • Encryption in transit (Salesforce default).

6. Audit.

  • Setup Audit Trail — metadata changes.
  • Field History Tracking — record changes.
  • Field Audit Trail (Shield) — extended retention.
  • Event Monitoring (Shield) — runtime activity logs.
  • Login History — every login.

7. Compliance.

  • Health Check baseline.
  • Transaction Security Policies (Shield) for real-time event-based blocks.
  • Industry-specific — HIPAA, PCI, etc., features and configurations.

8. Incident response.

  • SOC integration — feed Salesforce events to SIEM.
  • Anomaly detection — Login History, Event Monitoring patterns.
  • Response playbook — what to do when compromise suspected.

Architecture document:

A diagram showing identity flow, sharing layers, encryption status per field, audit data flow. Lives in the SDD; reviewed annually.

Common pitfalls:

  • Over-permissive profiles carried from legacy.
  • No Field-Level Security audit — sensitive fields visible to everyone.
  • Sharing rules accumulating without cleanup.
  • No Event Monitoring usage — logs collected, not analysed.

A senior consultant treats security architecture as a separate workstream. Often a dedicated Security Architect drives it; consultant integrates with their work.

Why this answer works

Senior. The 8-layer model and the audit-and-incident-response inclusion are mature.

Follow-ups to expect

Related dictionary terms