Loading
Feature Disruption - Service Cloud VoiceRead More
Feature degradation | Gmail Email delivery failureRead More
Set Up and Maintain Your Salesforce Organization
Table of Contents
Filter by (0)Add
Select Filters

          No results
          No results
          Here are some search tips

          Check the spelling of your keywords.
          Use more general search terms.
          Select fewer filters to broaden your search.

            Search all of Salesforce Help
            Search all of Salesforce Help
            Field History Tracking Control

            You are here:

            1. Salesforce Help
            2. Docs
            3. Set Up and Maintain Your Salesforce Organization

            Field History Tracking Control

            Native Salesforce auditing feature that logs all changes to tracked fields on objects, capturing old/new values, user, and timestamp for compliance and forensic investigations.

            Control Name

            Field History Tracking

            Control Overview

            Native Salesforce auditing feature that logs all changes to tracked fields on objects, capturing old/new values, user, and timestamp for compliance and forensic investigations.

            Description

            When enabled on objects (Account, Contact, Case, and so on) and specific fields, creates an audit trail in the FieldHistory object and related lists; retains 18 months history; supports up to 20 custom fields + 60 standard fields per object.

            Recommended Configuration

            Select 'Enable Field History Tracking' against the object OR Select 'Track Field' by expanding each object at each field level; prioritize PII fields (email, phone, SSN), status/owner changes, and monetary amounts.

            Security Impact

            Provides granular visibility into data modifications, enabling detection of unauthorized edits, insider tampering, and compliance violations through complete before/after audit trails.

            Business Impact

            Supports regulatory audits (SOX, HIPAA), dispute resolution, and change management without external tools; essential for data governance across sales, service, and compliance teams.

            Security Risk If Not Configured

            Missing Audit Trail for data modifications (Field History Tracking) eliminates the primary mechanism for detecting systematic data tampering or privilege abuse.

            Threat Scenarios

            Significant risk of inability to detect and investigate long-term unauthorized data modifications and insider threats such as gradual PII harvesting, fraudulent opportunity manipulation, or systematic customer record corruption.

            Estimated CVSS Score Range

            Critical (9.0–10.0).

            Risk Impact Considerations

            Storage impact minimal (1-2% of data volume); 18-month limit requires Field Audit Trail upgrade for 10-year retention; critical for regulated industries.

            Higher Risk When

            External users and partner portals enabled, high-value customer data, financial transactions, healthcare PHI, or history of insider threat incidents.

            Low Risk When

            Internal users only, read-only reporting org, no sensitive data modifications, supplemented by comprehensive Event Monitoring.

            Business and Integration Considerations

            Enable on all custom objects containing PII and financial data. Combine with Field Audit Trail for long-term retention and Event Monitoring for access patterns.

            Security Health Review Guidance

            Must have.

            Who Is Impacted

            Compliance officers, auditors, data stewards, sales and service managers investigating disputes, security analysts tracking insider threats.

            See Also

             
            Loading
            Salesforce Help | Article