Dynamics 365 and the Power Platform were built by Microsoft to help success-driven organisations redefine their security models around their business requirements.
Let us have a close look at the different layers of encryption and authentication that Microsoft has put into place for securing critical data in the cloud. We will also look at how granular security measures are provided by security roles and privileges to access data in Dynamics 365. and what kind of additional steps can be taken to safeguard your data, depending on your unique security requirements.
How Microsoft Protects Your Data?
Microsoft does offer a series of security and preventive measures to secure your data but it's you who own the data. Your data is encrypted by Microsoft so it stays secure and through the process of authentication, it's finalised who has access to it.
Encryption
Microsoft's Dataverse securely stores and manages data that is used by Dynamics 365 and other business applications. The database makes use of SQL Server Transparent Data Encryption (TDE) for performing encryption of data when written to disk on a real-time basis.
This means that the actual information without Encryption Keys (stored and managed by Microsoft) cannot be accessed by hackers even if they somehow get access to the data. Administrators can access and self-manage encryption keys but it is always recommended to let Microsoft manage them directly.
Microsoft also encrypts connections between Microsoft data centres and customers to make sure data is secure even during transit. For this, Microsoft ensures that all public endpoints are secured through industry-standard Transports Layer Security (TLS) that ensures the highest standards of protected connections and integrity between desktops and data centres.
Authentication
Authenticated users with user rights to Dynamics 365 can establish a connection when it comes to accessing data. Microsoft Azure Active Directory (Azure AD) is used by Dynamics 365 to identify users and every Dynamics 365 Online user is required to have a valid Azure AD account in the authorised tenant. This account can be linked with other business applications like SharePoint.
Another verification step that can be deployed for conditional access authentication is Multi-Factor Authentication (MFA). Once activated, MFA prompts users for additional authentication forms to complete a login.
How Dynamics 365 Protects Your Data?
Dynamics 365 application handles authorisation for data use and services by defining and enforcing security roles and privileges.
Security Roles
Model-driven applications like Dynamics 365 Sales, Marketing and Field Service, and Customer Service utilise security roles that provide access to users based on the combination of teams, roles, and business units assigned to them. This restricts users to access only information that is relevant to their role and responsibilities. Each user is required to have a security role to sign in before they can log in. Users who have been assigned with more than one security role will have access to the combination of all security roles.
Privileges
Privileges can be assigned at the user and team levels and each security role includes record-level privileges and task-based privileges.
Record-level privileges include different record-level privileges: create, read, write, append, append to, assign, share, and delete. Task-based privileges are primarily on/off controls and are not dependent on organisational consideration or business units. Examples include being able to publish reports, bulk delete, publish duplicate detection rules, and view audit history.
How C.I.G. Consultants Can Help You Protect Data?
Certified Dynamics 365 CRM experts at C.I.G. Consultants can help you implement additional security measures to reinforce your data security.
Our team of Dynamics 365 CRM experts can help your organisation with the activation of Multi-Factor Authentication (MFA) processes to verify the identity of users and complete their login. They can also help your organisation with Data Loss Prevention Policies (DLP) to cover all scenarios and apply them to your environments.
Whether your organisation has already deployed or you’re considering Dynamics 365, contact certified Dynamics 365 CRM experts at C.I.G. Consultants to find out what further actions you can take to better protect your business data.
Explore more amazing blogs at the best Dynamics 365 blog and call our certified Dynamics 365 CRM experts at C.I.G. Consultants for any help with Dynamics 365 implementation or Dynamics 365 CRM consultancy.