Protecting Data with the Principle of Least Privilege
Throughout the last few decades, cybersecurity best practices have gone through many iterations. With the evolution of supply chain threats and bad actors, traditional network security (e.g., perimeter defense, trusted networks) is no longer a viable solution. Instead, organizations are adopting a Zero Trust security strategy, built on the principle of least privilege (PLP), to protect valuable data.
Zero Trust and The Principle of Least Privilege
Think about it like your house. A traditional perimeter defense means if someone has the key or alarm code they can enter your home and have access to your kitchen pantry and bathroom cabinet. Using a Zero Trust framework means the key or alarm code only gets you in the front door; you’ll need to continuously prove your identity to gain access to individual rooms and cabinets. So what does that mean for information security?
Zero Trust takes a least privilege approach — only granting users, devices, applications, and systems the minimum privilege level they need to do their job. A user only has access to specific things (applications, services, etc.) through a predefined pathway, thus preventing a hacker from doing a lot of damage in the event they are even able to gain access to the network.
Applying the Principle of Least Privilege to Your Salesforce Org
A Salesforce Org is home to a plethora of valuable customer and user data, and protecting that data is the #1 priority. When it comes to protecting data from inside the org, one of the biggest challenges is understanding the type of information each user needs access to. This is where the PLP — a fundamental tenet of information security — can be very helpful. Following this principle means that users should have the least number of permissions necessary to do their job. Limiting users’ permissions prevents unauthorized access to sensitive records and information, and ultimately, following the principle of least privilege can significantly reduce the amount of security risk an organization faces.
The same principles can also be applied to limiting access within a Salesforce Org. Salesforce administrators have the ability to apply the PLP to their users by configuring Permissions Sets to grant minimal access, but it’s easy to accidentally over-grant permissions and common to inherit an org with over-privileged users. We recently announced the end of life (EOL) of permissions on profiles to help admins manage users with the PLP in mind, which will go live in the Spring ’26 release.
There are a couple things admins can do to prepare for this change:
-
Conduct a privilege audit by reviewing all existing accounts and permissions to ensure there is no privilege creep
-
Assign Salesforce’s least privilege profile (the Minimum Access User Profile) to users, and layer on permissions using Permission Sets and Permission Set Groups according to the access required
Setting Yourself Up for Success
Whether you’re new to Salesforce or you just finished conducting an audit to get a better understanding of what permissions your users currently have, here are some questions to ask yourself when assigning user permissions moving forward:
-
Does this user absolutely require this/this level of permission to do their job?
-
Can it be further limited or reduced in any way?
-
Can the permission be further restricted by time/session?
-
Will they still be able to do their job if it’s further limited?
Remember that according to the PLP, a user should be able to perform their regular job functions, but not have any additional or unnecessary privileges. Learn more about how end of life (EOL) of permissions on profiles will help limit user privileges in Salesforce, and stay tuned for more information on how to prepare for that release update. To learn more about how to further strengthen the security of your Salesforce instance, check out our security best practices page.
Additional Resources
Check out the resources below to learn more about the principle of least privilege.
- Learn About Data Visibility and Access with the Updated Who Sees What Video Series (Admin Blog)
- The Future of User Management (Admin Blog)
- How to Implement the Principle of Least Privilege in Salesforce (Architect Blog)
- How to Build a User Security Model (Architect Blog)
Continue your learning on Trailhead to learn even more about the principle of least privilege.
- Take the Data Security module to learn how to control access using point-and-click security tools.
- Take the Permission Set Groups trail to learn how permission set groups can make your job easier and help you to enforce assignments based on least privilege.
- Take the User Access Specialist superbadge to learn how to lock record access, build effective sharing solutions, and troubleshoot user access issues.