You are here:
Data Classification Settings Control
Applies data sensitivity and classification settings to fields.
Control Name
Data Classification Settings
Control Overview
Applies data sensitivity and classification settings to fields.
Description
Enables companies to define data sensitivity levels to properly identify and protect sensitive data aligned with internal business use.
Recommended Configuration
Select 'Use default data sensitivity level' or align with internal business use.
Security Impact
Identifies and protects sensitive data, preventing unauthorized access to critical information.
Business Impact
Without data classification in Salesforce, companies cannot properly identify and protect sensitive data like PII or regulated information, leading to heightened risks of breaches, unauthorized access, and compliance violations.
Security Risk If Not Configured
Misconfigured or absent data classification fails to identify and protect sensitive data, allowing unauthorized access to critical information.
Threat Scenarios
Misconfigured or absent data classification fails to identify and protect sensitive data, allowing unauthorized access to critical information.
Estimated CVSS Score Range
Critical (9.0–10.0).
Risk Impact Considerations
Unauthorized access to sensitive data like PII, compliance failures (for example, FedRAMP non-conformance), insider threats from misconfigured sharing rules.
Higher Risk When
Data sensitivity and classification settings for fields are absent.
Low Risk When
Customers can lower risks by using the Security Center for bulk classification of high-risk fields, encryption, and transaction security policies to restrict access and downloads on classified data.
Business and Integration Considerations
Customer action and configuration should be selected depending on the specific use case and internal business use.
Security Health Review Guidance
Select depending on the use case.
