Concept of Sharing in Salesforce
Salesforce has often proven itself to be a dynamic and easy-to-use interface. Salesforce lets you control access to data at different levels. For example, you can control the access your users have to objects with object permissions and within objects and you can control the access users have to fields using field-level security. Sharing settings can be used to control access to data at the record level.
Sharing allows record-level access control for all custom objects and also many standard objects. The administrators first set an object’s organization-wide default sharing access level, and then grant additional access based on factors pertaining to the types of sharing involved in Salesforce.
Methods of sharing in Salesforce
1. Managed Sharing
- Record ownership
- The role hierarchy
- Sharing rules in Salesforce

Record Ownership in Salesforce
Role Hierarchy in Salesforce

Sharing Rules in Salesforce
Administrators use sharing rules as a means of granting users who are a part of a specific group or a role-access, automatic access to records owned by another group of users. They represent the exceptions to organization-wide default settings. If organization-wide sharing defaults of ‘Public Read-only’ or ‘Private’ exist, additional rules can be defined that give additional users access to records that are not owned by them. Sharing rules in Salesforce can also be used to extend sharing access to users in public groups, roles or territories.

Need for Sharing rules in Salesforce
There are security components that are necessary to define the level of access to data whenever the role hierarchy grants vertical access to data. Companies often face a situation where information requires to be withheld or shared based on roles. For example, if marketing managers are interested in taking an idea of all closed-won opportunities and this information is limited to sales managers only, by default, this access can be extended to marketing specialists with the help of sharing rules.
Deciding on data availability, ie, whether data can be seen by all users or a particular group within an organization is a vital decision that affects overall security of the organization. Hence, a robust security model must be created by using sharing rules appropriately. This facilitates horizontal access to data whenever necessary and prevents data from being stolen. It also offers a limited access, thus preventing misuse of information by other users. This is how organizations use security components such as sharing rules to benefit them.
The basic objective of sharing rules is to open up horizontal access to data. Access cannot be restricted with sharing rules and if restricted access is required to be maintained then another security layer is necessary in this scenario. Sharing rules are of two types-
- Owner based sharing rules in Salesforce
- Criteria based sharing rules.
Owner-based sharing rules in Salesforce opens access to records owned by certain users. For example, let us consider a scenario wherein a company’s sales manager needs to see the opportunities owned by sales managers in a different region. The sales manager of one region, let us call this region ‘X’, could give access to opportunities owned by him to the sales manager of region ‘Y’ using Owner based sharing in Salesforce. Unlike criteria based sharing rules, Owner based sharing rules in Salesforce share data based on the ownership of said object.
2. Manual Sharing in Salesforce
Manual sharing in Salesforce is also referred to as User-managed sharing. It allows greater flexibility than managed sharing where the record owner is allowed to share with any user or user group. Contextually, this is often utilized by an end-user for a single record. Full access for the record is only granted to the record owner and users above the owner in the role hierarchy while other users cannot be granted full access.
The record can also be manually shared by users who are given the ‘Modify-all’ object-level permission. Manual sharing in Salesforce is disabled when the record owner changes or if the access granted through sharing does not grant additional access beyond the object’s organization-wide sharing default access level.
For example, let us consider that a partner user wants to collaborate with the sales representative. If disabled, community users can only be seen by themselves and their superiors in the role hierarchy. Using manual sharing, you can grant the partner user read- access to the sales representative. This enables both parties to interact and collaborate.
Managed sharing provides a great amount of data security and accountability while Manual sharing provides a great amount of flexibility. There is a third means of sharing called Apex managed sharing which provides even more incentive to share data securely.