Summarizing data security capabilities in the Lightning Platform
Data security in the Lightning Platform is performed using a set of layered features that allow or prevent users from creating, reading, updating, or deleting records for different datasets. This means users can be set up to only have access to the data that their job function stipulates.
Using permission sets and profiles, the overarching level of data security at the object level can be set along with the control of access at the field and record level.
To determine how users can be provided with access to record data, the various data security mechanisms that are available in the Lightning Platform are summarized in the following diagram: