Secure Territories Using Custom Access Groups
You can create custom rules for securing territories and proposals by custom access groups. For example, use custom rules to give country administrators view access to territories. But your sales operations team uses the provided security with full access to create and update territories.
The role-based security provides different access to different levels of the hierarchy. Custom Access Group data security is additive to the standard data security policies or predefined object sharing provided for each job and functional role. If your custom access group rules apply to users who aren't administrators, take care that you don't provide inappropriate access. Update, Delete, and Full access levels are available for sharing rules, but each one provides full access. If a user deletes a territory, all descendant territories are also deleted. Therefore, the user must have full access to all the territories to successfully delete the top territory.