First, you need to know about the Lightning Platform. Lightning Platform is an app development platform that makes building apps faster, easier, and more fun. It empowers the next generation of app creators in every corner of the business to join forces with IT and turn their ideas into working apps that transform business.
What are security settings in Salesforce?
To provide a security model that satisfies numerous, unique real-world business cases, Salesforce provides a comprehensive and flexible data security model to secure data at different levels. Salesforce also provides sharing tools to open up and allow secure access to data based on business needs. Profiles controls object-level and field-level access. Permission sets are used to provide access to additional objects. Field-level security controls provide access to individual fields within an object.
Below video explaining full Lightning Platform Security model
Source : From Trailhead Live
Salesforce Security Health Check
As an admin best practices, you must use Health Check to identify and fix potential vulnerabilities in your security settings, all from a single page. You can see in below screenshot, a summary score shows how your org measures against a security baseline, like the Salesforce Baseline Standard. You can upload up to five custom baselines to use instead of the Salesforce Baseline Standard.
How it works?
Go to the Setup -> Find Health Check in the Quick find box -> Select Health Check
1 In the Salesforce baseline dropdown
2 The baseline consists of recommended values for High-Risk, Medium-Risk, Low-Risk, and Informational Security Settings
3 & 4 Status – If you change settings to be less restrictive than what’s in the baseline, your health check status, score and grade (4) Decreases
5 Your settings are shown with information about how they compare against baseline values
6&7 To remediate a risk, edit the setting (7) or use Fix Risks
8 Without leaving a health check page, quickly change settings to your selected baseline’s recommended values. You can import, export, edit, or delete a custom baseline with the baseline control menu