Salesforce launched a new tool to analyze guest user access. I’m a big fan of using public Community Cloud pages to help with information sharing from our Salesforce to constituents. This is free to Power of Ten license holders. A new tool came out this month to help make sure you are as secure as you need to be. It’s simple:
- Navigate to is in the settings menu by searching for guest: Guest User Sharing Rule Access Report
- Pick a site from the drop-down menu. Note: this includes on Community Cloud sites. It does *not* include legacy sites (which is a shame).
- Review the objects and fields the guest user has access to and reduce if any are unnecessary. You want to keep these things locked down to avoid exposure of your data through link exploits or other hacks. In the example below, we have a couple of unnecessary objects that are leftover from implementation options we eliminated!