First, let me apologize, as this post is long overdue. Salesforce CMS went GA in…
4. Salesforce Winter 20 Features – Community Security Enhancements
Security Enhancements Community
Public Community and Data Management just got a lot easier! Sharing and data visibility has come a long way in this release, with new muscle to monitor your organization’s data access levels. If you are able to contribute to your Salesforce roadmap we encourage adding a Security Audit to the list before the end of the year. It’s a prime opportunity to take advantage of configurable solutions and implement better security policies. If you need help with new features and find it may open pandora’s box to turn on, we are happy to help whiteboard the right solution and plan out the next steps so you can begin leveraging better security.
Organization Sharing Secure Guest User
A new option Secure guest user access is available in Sharing, this setting goes beyond external org-wide sharing settings and allows administrators to lock down objects for all Guest Profiles with one checkbox. If you choose not to leverage this feature remember external org-wide defaults still apply to guest users.
Sharing Rules for Guest Users
In reverse, extending record access for Guest external users just got easier as well! I was stoked just to use Sharing Sets for more external license types from the previous release. I’m continually impressed these days with the new configuration-based sharing capabilities; implementing security scenarios just 2 years ago used to be a lot more difficult. Organization level Sharing Rules now can assign record criteria to expose data to Guest Users to define clear paths for admins to see in one location. Sharing Rules now include a new choice to base a rule on criteria that impacts only Guest Users. Remember, these settings don’t supersede standard sharing model designs, you still need to grant all the Guest Profiles Read access to the object for the data to extend out to a visitor and set up a page or navigation method to access the data!
Better Default Settings for Guest Profiles
Tighter security on the system-generated Guest Profiles for Communities will automatically be created going forward to remove default features such as View all Users, View Topics, Enable UI Tier Architecture, Remove People from Direct Messages, and Send Non-Commercial Email. For existing Communities created before Winter 20, double-check these settings manually to make sure access is locked down.
Guest User Data Assignment
Now you can automate record ownership if a Guest User creates data in your system. Guest Users didn’t have the ability to launch unauthenticated flows in years prior, but now with all the functionality available in Lightning Communities it’s getting a lot trickier to keep track of all the data a Guest User might be able to generate when interacting with an unauthenticated Community process. This setting will be enforced in all orgs by March 2020 if you take no action now, so it’s best to start planning around any downstream impacts.
Design Record Assignment With Business Processes
While we are on the topic, we have a great, free app that can help you manage your Community-related assignments after you turn on this feature. For example, say you allow External Users to generate records such as Leads, Cases or even Opportunities, but you want to apply some logic to your assignment or routing. Check out our app, GearsDesign Assignment Plugin to route records through your Case or Lead Assignment Rules. If your process is extra complex, or you can’t imagine how simple Assignment rules will fit your use case, check out BREeze, our Rules Engine for Salesforce, which will allow you to build out more complex logic, as well as back up your Rules or even set additional fields on your new records beyond assigning an Owner.
This is a huge release for Community Cloud features, and we are excited about so many of these updates! Thanks for reading and as always, please reach out if you need any help with these or any of the Winter 20 features.