Risk of adding Field Level Security later

I happened to see Inogic's blog on A Tip While Working with Field Level Security fly by my Twitter feed and it reminded me that you really do have to be careful when you add Field Level Security once most system testing has been completed.

Field Level Security (FLS) can be enabled at any time on all custom fields and several system fields (as of CRM 2015). The problem is if you make that decision once there already are workflows and other customizations depending on the field being available you might find that for some users once you enable FLS things start to break. The key to making this change is to do enough impact assessment to know what you might break.

Calculated and Rollup fields offer another area that you have to be careful because calculations can cause exposing of field data that was secured by FLS. For example, if you had a field on Contact called Annual Salary and it was secured by FLS. IF you created a calculated field called Average Salary per month that simply divided Annual Salary by 12. Users that don't have access to Annual Salary would be able to see the calculated field Annual Salary per month.

Field Level Security is a powerful feature that solves a lot of problems, but you have to be careful that you don't create more problems by how you use it!