Report event policies monitor when data is viewed or downloaded from your reports. So, what could be the different use cases where you can use its magic. Here are a few examples:
- Require two-factor authentication for all users accessing or downloading reports over a specific size. To attain maximum coverage, write a policy that notifies you and blocks access to reports that process more than a certain number of rows.
- Block the downloads for specific user IDs, report IDs, and dashboard IDs.
- Disallowing to run or export reports having a column with a specific name. It could contain some sensitive patent data.
Available in – Salesforce Classic and Lightning Experience
Available in – Performance, Enterprise, Unlimited, and Developer Editions
Necessities – Salesforce Shield/ Salesforce Event Monitoring with add-on subscriptions
Let’s consider a scenario of blocking a classic user when exporting any opportunity report over “N” rows of data. For demo purposes, let’s assume maximum size of 10.
First and foremost, enable ‘Transaction Security Policy’ in the salesforce setup.
STEP 1: CONDITIONS
Create a new policy using the ‘Content Builder’ option which is suitable out of the box option for this simple use case.
Provide conditions below:
Event: Report Event
Condition Logic: All Conditions Are Met
|Rows Processed||Greater than||10|
STEP 2: ACTIONS
Define an action (blocking the user) to receive a notification via email to a specific user when conditions met and give it a name.
Notification: Check ‘Email notification’ to receive emails to a specific user when condition met
Recipient: Select a user (Maybe yourself for testing purpose)
Name: Block over 10 rows for classic users <User defined>
Description: <User Defined>
STEP3: TEST IT!
Try exporting an opportunity report over 10 rows in classic.
Check your mail, if you are the recipient; you will be receiving an email with triggered policy info:
Report Event Policy in a Nutshell
|Object||Conditions Available in a Condition Builder||Actions||Considerations|
|ReportEvent||Username, User ID, Scope, Source IP, Session Level, Queried Entities, Rows Processed, Report ID, Name, Name of Columns, Number of Columns, Owner ID, Operation, Event Source, Is Scheduled, Dashboard ID, Dashboard Name, Description.
|Block, Notifications, Two-Factor Authentication (for UI logins)||Two-factor authentication policies apply to the following UI-based report actions:
1) Printable View
2) Report Export
3) Report Run (in Salesforce Classic only)
Keep in mind:
Transaction security policy is not limited to Report Events! It could be of Login, API, ListView events.
The platform is yours 😊 Explore different types of events, conditions and don’t forget to test! How about a use case to block running a report or list view involving patent data?