The solution section provides an overview of how to solve this scenario, and why that solution was chosen. The Solution Steps section immediately following outlines the exact steps used to replicate the solution.
Remove field-level security access to the fax field on lead and account for the inside sales profile.
Optionally, remove the fax field from the corresponding page layouts. Removing the fax fields from the page layouts does not remove access to the data through other means (reporting, API, etc.).
There are several different ways that you can change field-level security (1. Setup –> Security Controls –> Field Accessibility, 2. edit the profile, 3. on the field). Which method you choose to use is up to you, but the net result will be the same!
- Setup –> Customize –> Leads –> Fields. Click Fax. Click Set Field-Level Security. Uncheck visible from the Inside Sales profile. Save.
- Setup –> Customize –> Accounts –> Fields. Click Fax. Click Set Field-Level Security. Uncheck visible from the Inside Sales profile. Save.
My platform account does not have a customize option. What I have done is:
security>field accessibility>lead.view by fields> fax> edit inside sales reps> untick visible for fax field.
Does this have the same effect?
Yeah it does – these instructions are written from classic, if you are Lightning that is the reason you aren’t seeing the same thing
Hello, I was able to edit field-level security for the Account Object and uncheck the Fax visibility box for users with the Inside Sales profile. And that worked for a user I had assigned to the Inside Sales profile – account fax numbers no longer appear to them on an account detail page. However, I can’t do the same thing for the Lead Object. When I go into field-level security for the Lead Object, many profiles are missing from the picklist, including Inside Sales. Shouldn’t a picklist for Profiles always show all available profiles? How can I get all profiles to display? Thank you.
What license is listed on the profile? It should be Salesforce. Also I would double check that the profile has access to the lead object.
Can I do this by adjusting the profile setting -> field level security and remove edit and read access instead?
Yes it depends on where you are modifying from – that should have the same effect
I did this scenario, but had the wrong idea in the beginning because I only thought about hiding the ‘Fax’ field from page layouts ( Contact and Accounts). I actually didn’t think about the Leads object.
I did go through both scenario solutions, but i still have an issue. I’m not sure if i am understanding the question properly.
When i logged in as ‘James Smith’ and i ran a report, i was still able to add the fax field onto the report, but i guess since they wont have that field available to capture when the ‘Inside Sales’ team capture leads there wouldn’t be anything to report, but if there was information there wouldn’t they be able to see it?
That’s why you need to use field level security rather than page layouts – fls will remove reporting ability
I suppose this was the response to my question above. Thanks
So you are saying that even though i was able to see the field in the reports, this profile would not be able to see any information ( even if there were fax numbers there) because that field is hidden from the ‘Inside Sales’ profile?
I’m saying that that’s why removing the field from the page layout doesn’t necessarily prevent the user from seeing the data- they can report on it, access via the API, etc.
The instructions state that ‘the inside sales team should no longer collect or use fax numbers’. Therefore, I took that as throughout all of Salesforce, not just Leads/Accounts. So would it be safe to say that if I remove the Fax view/edit abilities from the Contact field section of the Profile that would suffice? By doing so, the Fax check boxes don’t even appear in Leads/Accounts (they only re-appear if the Fax check box within the Profile is enabled).
Yep- good call
Nice to see the other ways like going thru Security Controls as Jose Tejeda posted and Object Settings as Christopher Loncar showed.
I would not go thru Page Layout since the user could still report it or maybe even serach it or create a formula field and get the data.
I went Profile ==> Field-Level Security ==> Account ==> Fax ==> Unchecked
Same for Lead and Contacts.
There are often multiple paths to complete action in Salesforce, which I suppose is good and bad 😉
I see that for this scenario, I could either modify the profile, select account object, and then field permissions…. Or I could follow the solution and customise object then FLS.
They both seem to achieve the same result. For certification I’m wondering if there are scenarios where one method would be “more correct / appropriate” than the other? (More than one right answer on a multiple choice would get confusing).
There is no “better” way from a ui standpoint – the exam is going to test you on what needs to be done not the click stream to get there. Good q!
In my org. I have a situation where group of employees carry certain profile and they use a certain Opportunity (that capture their work process). One individual should have extra fields that are not relevant for the other users, and those fields should not be relevant to the other users.
If i remove all those fields from the opportunity and create 2 Permissions Sets (one for that individual for her fields, and Second for other users for their use of fields) – this means that they cannot report on each others fields
The other options is to create a separate profile for that one individual and allow access to fields via Field level Security (and than all be able to report on all fields).
Could you recommend me of best way to look at it?
Yeah you’re on the right track. I would think about if the person with the elevated privileges is a “common” (or standard) user type (e.g. are you going to have many other users down the line assigned this set of permissions).
If the answer to that is yes, then I’d lean towards a profile. Otherwise, I’d lean towards a permission set.
Another question- will you need to assign those subset of permissions to users that belong to another profile? If yes, then permission set sounds more appealing again.
Great, thank you
Is there a way of solving this using two different page layouts and using different record ID’s?
So was wondering – is it necessary to also remove the check on the Contact Fax field?
Yes. Removing the fax fields from the page layouts does not remove access to the data through other means (reporting, API, etc.).
So if the user should not have access to the data, you absolutely need to disable access to the field. Make sure you really understand the difference, I would expect this to appear on the exam.
I went with removing it from the page layouts, and modifying the FLS permissions. I didn’t consider the lead objects which is an excellent point. Would it make sense to consider cloning the page layout, or do you assume they wouldn’t see the data period with the FLS permissions?
Thank you in advance
Exactly – they can’t see the field even if it is listed on the page layout if the FLS doesn’t give them access.
Please help me to understand, following the steps to removing the viewing of Lead Fax and Account Fax from Inside Sales, I get. The part I dont understand is put how can I ensure Inside Sales ability to not “report” on these fields as well. It seem like the assignment is a two part scenario: 1.Users assigned the “Inside Sales” profile cannot VIEW or REPORT on the lead fax field or account fax field.
Changing field level security (as in the steps above) will remove visibility to the field data itself, and therefore those users will no longer be able to report on this data (or access via the API). If you were simply to remove the field from the page layout, the users could potentially still report on the underlying data.
Don’t we need to remove the fax field from “Contact” object first?
You can’t remove standard fields (fax being a standard field) – you can only remove a user’s access to the field.
I also went through manage users route, is this correct?
*Account Layouts then removed the Fax button and saved and then same for Leads Layout.
Yes – there are many ways to change the same settings. I haven’t tested each of these but it would not surprise me if there were 3-4 different routes to accomplish the same configuration change.
I know I’m a little late to the game here, but users would still be able to see the field in reports if it’s only removed from the page layouts. So keep in mind for confidential / sensitive fields, this solution alone won’t be sufficient.
I went another way and it seems to have the same result:
Setup > Manage Users > Profiles
* Choose “Inside Sales”
* Choose “Object Settings”
* Select Leads (or Accounts)
and remove the Read permissions for Fax.
Just an FYI-
One can also navigate this way:
Setup>Security Controls>Field Accessibility
*Choose record type (LEAD)
*Click “view by fields”
*Select fax fields from dropdown menu (all record types will display containing Fax fields)
*Under specific profile type, click on “Editable”
*Uncheck “Visible” box from specific profile type.’ click save (field will now display “hidden”)
Should we disable the contact fax number too?
Hi Andrew. Good catch – yes disabling fax on the contact records would be appropriate as well!
Same should go true for Leads’ fax/fax opt-out fields as well since both Sales & Marketing teams are phasing out the non-electronic form of communication.
I have also noticed that the fax is editable/viewable from the account details.