Open Letter to Salesforce Nonprofit Admins

In the 20 months since I left Fight Colorectal Cancer, I would guess that I’ve logged in to no less than 150 nonprofit Salesforce organizations. First as part of my role supporting customers at Convio/Blackbaud, and now in my role at KELL Partners where I work with clients who contract with us for support or virtual administration services.

When trying to troubleshoot a problem, one of the first things I typically look at is how the organization has structured their security and sharing model. Profiles, roles, organization-wide defaults, sharing settings. I’m thrilled to say that I’ve logged in to many organizations where the System Administrator is truly that – someone whose is responsible (and accountable) for the way Salesforce works for everyone else. Someone who protects the data and their configuration. Someone who knows where experimentation is okay and where they need to tread lightly. If that’s you, then thank you – this post isn’t for you. But please read on and comment on anything I’ve missed, okay?

For this post, I’m talking to the organization whose Manage Users looks something like this (yes, this is from a real org I won’t mention by name):

security1

Read on and I’ll explain exactly why it’s a very bad idea, and I’ll give you some suggestions on what to do to protect your organization’s data and your sanity.

Continue reading

Advertisements