Salesforce Developer Security Authorization Sensitiveprofile

salesforce-developer-security

// Salesforce - Developer - Security - Authorization-SensitiveProfilePermissions:

The following profile permissions also have security implications on an 
organization and should be highly controlled:

1. Author Apex – Allows creation of Apex and Visualforce.

2. Customize Application – Enables configuration of Salesforce settings.

3. Data Export – Enables UI based data export on supported objects.

4. Edit Read Only Fields – Enables users to edit fields that are considered 
   read-only.

5. Export Reports – Allows exporting of reports to CSV.

6. Deploy Change Sets – Allows a user to deploy functionality such as profile 
   updates, visualforce, and Apex.

7. Manage Users – Permits creation and modification of the user table.

8. Modify All Data – Full access to all configuration settings and records, 
   bypassing sharing rules. Can update own profile to add any permission.

9. Password Never Expires – User's password will never expire.

10. View All Data – Gives the user read on all objects bypassing configured 
    sharing rules.

11. View All Forecasts – Allows the user to view all forecasts despite any 
    sharing.

12. View Encrypted Data – Allows the user to view encrypted data unmasked.
Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License