Workshop #3: Defining your Access and Security Model
Why Your Access and Security Model Matters
Your Salesforce access and security model defines who can see and do what within the system. It’s not just a security feature - it’s the foundation for collaboration, data protection, and operational clarity.
A well-designed access and security model:
Gives users the visibility they need without overexposing sensitive data
Enables managers to coach, report, and reassign as needed
Prevents lead poaching, accidental edits, or pipeline confusion
Scales with your team as you grow or restructure
The design of the access and security model will depend on how your team works - so we will discuss the different ways we can achieve a well-designed access and security model tailored to you.
Core Access and Security Models: What Are Your Options?
When we refer to the access and security model in the Sales Hub, we’re talking about access to:
Accounts (your customers, partners and competitors)
Contacts (your Contacts against those Accounts)
Opportunities (your pipeline and deals)
Leads (a potential customer who has shown interest in your product or service)
By default, Accelify’s Sales Hub follows our recommended access level by default (Hybrid Model):
Object | Default Access | What This Means |
|---|---|---|
Account | Public View Only (Open) | This means all users can view all of the Accounts in the system by default |
Contact | Controlled by Parent (Open) | The contact inherits the sharing from the Account object, which means that all users can view all of the Contacts in they system by default |
Lead | Private (Closed) | This means users can only view Leads they own (plus their managers) |
Opportunities | Private (Closed) | This means users can only view Opportunities they own (plus their managers) |
Most Accelify clients work based on a Hybrid access and security model for balanced collaboration and control - however, let’s review the different types of Hub access and security models below.
Model | Description | Use Case |
|---|---|---|
Open | Most users can see most records of a given type | Small teams with shared selling efforts |
Closed | Users can only see records they own (plus their manager) | Competitive pipelines or data-sensitive industries |
Hybrid | A mix: Open for Accounts/Contacts, Closed for Leads/Opportunities | Most common setup for growing teams |
Read the https://docs.accelifycrm.com/sales/security-model document to see dive more into the details of our default access and security model.
Accelify offers a Team Account Management and a Team Selling module that can be purchased with Innovation Credits through the Innovation lab - reach out to your Accelify Account Manager for more information.
Workshop Activity 1: Choose Your Base Access and Security Model
Step 1: Select your access philosophy for the Sales Hub:
Open
Closed
Hybrid
Step 2: Describe your rationale:
e.g. Hybrid – Open for Accounts so everyone can see customer history, but Closed for Leads and Opportunities to protect deal ownership.
Workshop Activity 2: Define Refined Access by Object
This should only be completed if you have reviewed thehttps://docs.accelifycrm.com/sales/security-modeldocumentation and have specific object access modifications you would like to make.
Use this table to define any adjustments to object visibility by default
Object | Who can see it? | Any Notes/Exceptions |
|---|---|---|
As listed below | All users | List any additional useful information |
|
|
|
|
|
|
|
|
|
|
|
|
Workshop Activity 3: Define Your Salesforce Roles
What are roles, and why do they matter?
In your CRM, roles represent the different types of people using the system, based on what they do, what they need to see, and how they work with customer information.
Think of roles as your internal job hats. Clearly defining roles helps your system:
Show the right information to the right people
Keep sensitive data (like pricing or deals) protected
Let leaders see their team’s progress
Stay clean, consistent, and easy to manage
Roles don’t need to match job titles exactly - this purely just reflects how someone uses the CRM.
Common Role Types
Role Type | Description | Typical Access Scope |
|---|---|---|
Sales Rep | Frontline seller managing leads, deals, and accounts | Own records only |
Sales Manager | Oversees a team of reps; reviews deals, reassigns leads, coaches | Team records + reporting |
Sales Director | Manages multiple managers; oversees pipeline across departments | All records across all teams |
Admin | Internal CRM manager; handles config, user management, and setup | Full access + Setup/Metadata |
Define Your Roles Table
Use this table to list the roles your business needs in Salesforce and what each role should be able to do.
Role Name | Description / Department | Who Do They Report To? | Key Responsibilities |
|---|---|---|---|
e.g. Sales Rep | B2B Sales | Sales Manager | Manage pipeline, update opp stages |
e.g. Sales Manager | Head of Sales | All team records, dashboards | Oversee team deals, coach, report |
|
|
|
|
|
|
|
|
Common Mistakes to Avoid
Over-Sharing
Exposes sensitive data and creates user confusion.
Over-Restricting
Makes collaboration hard and creates bottlenecks.
Inconsistent Rules
Frustrates users who don’t understand visibility logic.
Set-and-Forget
What works at 5 users won’t work at 50.
Final Checklist
You’ve reviewed Accelify’s default access and security model:https://docs.accelifycrm.com/sales/security-model
You’ve selected Open, Closed, or Hybrid
You’ve made any object-specific refinements
You’ve outlined all of your roles
You’re confident this model can scale with your team
Next Step
Once you’re happy with your access and security model
Add your choices into the Access and Security Model step of your Setup Wizard
Need help or want a sanity check?
You can book a review with our team anytime during your onboarding period.