Improve Org Security with the Profile Filter Option

Keep your Salesforce org as secure as possible. Limit users from viewing any profile names other than their own.

Where: This change applies to Lightning Experience and Salesforce Classic in Enterprise, Performance, Unlimited, Developer editions, and Database.com editions.

Why: If profile filtering is disabled, users can see all profile names in your org, regardless of which permissions they have. If you enable profile filtering, you can restrict who sees profile information to the users who require the access for their job roles. To allow selected users to view all org profiles, you can enable the View All Profiles permission for them.
Important

Important

Profile names are also exposed when users with permissions to perform the following tasks take these actions:

  • Create a tab or record type with a wizard step that includes the assignment of tabs and record types to profiles.
  • Configure a login flow where viewing profile lists is required to make flow associations.
  • Set up delegated admins where looking up profiles is needed to identify assignable profiles.
  • Administer an org as a delegated external user admin.
  • Administer an org as a delegated admin to view and assign profiles of the delegated group.

How: From Setup, in the Quick Find box, enter User, then select User Management Settings. Enable Profile Filtering.