Salesforce Optimizaion

Too Many Keys to the Castle? The danger of too many system admins.

September 12, 2025

blog

Have you ever added a user as a system administrator because it’s just “easier to grant them full access”? They help with administrative duties, after all. You can trust them!

Unfortunately, this mentality is exactly what can cost companies millions of dollars and horrible damage to their reputations. All it takes is one accident, one malicious actor, or one wrong decision. Let’s talk about why securing your Salesforce investment by limiting the number of highly privileged users is critical for your organization.

The Risks

There is a massive cost associated with security breaches. According to an official report from IBM, in 2024 companies on average spent 4.88 million USD to deal with data breaches. Of course, this number is an average across all companies, and company size will determine the cost, but it still highlights the tremendous risk of a breach.

In the cybersecurity world, we refer to something called the "Principle of Least Privilege (PoLP)”. This principle essentially states that a user should only be given the access that is needed for them to successfully perform their jobs. 

With full system administrator access, users can do a plethora of things, ranging from frustrating to down-right damaging. A perfect example of such risk comes from a recent incident in which admins across the globe inadvertently granted a malicious third-party access to their Salesforce orgs by granting elevated permissions to a particular data loading tool. Major companies including Google and Air France lost millions of records and had their customer data compromised, forcing them to release statements that urged users to update credentials to avoid further damage. The full impact of this breach is yet to be known, but it has caused companies to take a hard look at their security policies.

Here are some other examples of the powerful actions system admins can take:

  • Mass delete data
  • Mass export (and steal) data
  • Mass update (and corrupt) data
  • Allow unauthorized users into the system
  • Change system security protocols
  • Break/change automation directly in production
  • Change objects and fields, thus damaging your data model
  • Change layouts and apps, causing user confusion
  • Lock user access or change user access

None of this is to say that you should become paranoid and assume all of your users are out to steal data and corrupt your system. In fact, the vast majority of security breaches are caused by simple human error. The Mimecast Human Risk Report of 2025 reports that 95% of data breaches involve some form of human error and are not solely due to malicious activity.

If that is the case, the more people you have with unnecessary system administrator access the higher the likelihood of human error causing a serious problem. Typically, someone performing a system administrator role at an organization will have undergone more intensive security training for how to recognize phishing attempts and other potential scams or security breaches. Not to mention the fact that system security is likely part of their day-to-day responsibilities Having a smaller group of specialized people with elevated access drastically reduces the potential of a breach.

Best Practices

So... how many is the right amount? Unfortunately there is no magic formula, since there are multiple factors you need to consider. 

According to Salesforce and general IT standards, you want one person with system administrator access per every 75-100 users up until you reach around 700-800. After this threshold, you probably want to explore additional support roles that have alternative privileges to a full system administrator profile. We’ll explore this in detail shortly.

Minimally, it’s usually best to have at least one other person other than your admin that is granted these alternative permissions. This way, you have a backup admin when the admin is out of office unexpectedly or has technical issues accessing the system (we’ve seen admins lock themselves out and need help to get back in… it happens!). 

Additionally, if you need 24/7 up-time then it’s a good idea to have people who can assist with system support in all timezones so that users don’t have to wait for a country to come online to get critical help.

Admin Alternatives for System Support

It’s critical to adhere to best practices and lock down system administrator access to mitigate risks to your org, but we also appreciate the problem of making sure you have enough support so you don’t burn out your few, valuable system admins. 

To solve this, it’s important to remember that Salesforce gives you a ton of tools to help ensure your instance can be properly administered without everyone getting full-blown System Administrator profiles.

Delegated Administrator

If you need system administrator support, the best alternative to having a bunch of admins is leveraging Delegated Administrator privileges. Delegated Administrators can be given narrow, targeted administrator abilities without fully compromising your system. For example, maybe you want your finance leaders to be able to grant permissions to anyone with a finance related role but don’t want to give them access to anything else, including permissions for other user groups. This is a perfect use case for a delegated admin!

Manager Users System Permission

It can be helpful for other users to share the load of basic user management. It can also be good to have someone on backup to help with “keep the lights on” activities like resetting passwords, assigning new permissions, logging in as other users for troubleshooting, etc. 

Users don’t need full system administrator access to do this. The “Manage Users” system permission allows users to do a multitude of user management tasks. It’s generally a best practice to have a dedicated permission set with this permission that you can use to grant trusted users these elevated rights.

Create a “System Admin Lite” Permission Set 

In addition to the alternatives highlighted above, some Salesforce customers decide to create a stripped-down “System Admin Lite” permission set that gives a user enough access to help with day-to-day operations but not enough power to cause serious damage.

Avoid including critical system permissions like Metadata API Edit Access, allowing object, field, and automation edits, or Modify All Data (MAD), allowing users to edit, delete, reassign, etc. any and all data in the org. Fun fact, that last permission is humorously referred to merely as “MAD” because giving it to too many users makes admins mad!

Using a permission set (group) means you can add these elevated permissions to any base user profile and keeps your org future-proofed for upcoming profile and permission set changes. The other added benefit is that you can set an expiration to this permission set if you just need temporary admin support.

Take Action Today

Security and access can be complicated and intimidating, especially if you're unsure of best practices and the potential "gotchas" of your decisions. Thankfully, at Summit One we're experts at Salesforce security! We can help you audit your current security situation and make recommendations on how to improve. We can even help with the heavy lifting so you can be at ease and focus on your organization's true mission.

Let's face it—the work to make more appropriate profiles and permission sets is less than doing damage control for a major security breach! 

Doing an assessment can never be a bad thing, which is why we offer a free 24-hour Health Check that includes an assessment of potential security risks and potentially harmful technical debt lurking in your org. Schedule your free Health Check today →

Previous post

Empowering Scientific Research: A Grant Management Transformation With Salesforce
pagination

Next post

How to Cut Costs While Maximizing Efficiency Through Fractional Support

Let’s get in touch

We don't turn away any questions - big or small. If you have anything you'd like to discuss, or you're interested in chatting about how we can contribute to the growth of your business, please feel free to contact us.

Interested in
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Testimonials
"My firm accepted a tech project that was punching above our weight and Summit One saved the day! They truly are SalesForce gurus and one of the few with deep expertise in a lot of platforms that tie to SalesForce. Summit One always had a calm demeanor and was proactive in both explaining and addressing any problems which surfaced. I look forward to being able to work with Summit One in the future and highly recommend their services."

Jay Judas

CEO at Life Insurance Strategies Group

Follow Us on LinkedIn
© Summitone.io, LLC. All Rights Reserved 2025.