In this chapter, we learned that the foundation of sharing and visibility is the org-wide setting. If anything needs to be restricted, you need to first remove all access by making the object private, then open up access as needed using various security features.
We learned what roles are and how they are used to grant access to records. We learned how to add ownership-based and criteria-based sharing rules to grant access to records. We saw what the account and sales teams are and how to add them to accounts and opportunities. We learned how to further grant record access using profiles and permission sets.
In the following chapter, we will cover sandboxes and change sets for project management.