Keeping Data Secure in Microsoft Dynamics 365 Business Center

by

May 26, 2019

Microsoft Dynamics 365 Business Center is a powerful enterprise resource planning solution, designed to integrate data and deliver transparency and collaboration across the enterprise.

With so much data in motion, in use and available, companies need to be sure that they have the right policies and procedures in place to manage who has access to what data, to keep data protected at rest and in transit and to uses the tools within the software to set and change permissions as needed.

How Do We Provide Access to Microsoft Dynamics 365 Business Center?

Access begins with determining your list of users. Those users can then be bundled into user groups and provided individual permissions or have sets of permissions applied. Authorized administrators can easily pull up a list of users and see what those users have access to.

The Microsoft solution offers several options for authentication:

  • Windows Authentication, which is the most commonly used and draws on the Active Directory listings already in use at your organization to allow for login access
  • Business Central Password Authentication, used by organizations that do not use Active Directory for identity management or those that have too many domains in use that make a Windows authentication solution unwieldy
  • Office 365 Authentication, which is becoming an increasingly popular option for businesses that have moved to the cloud-based Microsoft Office 365 solution. Your login to Office 365 also logs you into Dynamics 365

Another way to control access is to consider your license type. Based on the licensing agreement, you may have several different user options in order to optimize the user licenses you have:

  • Full User (access to everything)
  • Limited User (3 tabs or tables per session allowed)
  • Device User (For uses such as barcode scanning)
  • Windows Groups (Permissions flow through site-defined workgroups in Active Directory)
  • External Users (rarely used and typically for systems functions)

How Do You Determine What Each Person or Group Can Access?

Microsoft has introduced a new feature called Effective Permissions, which is located on the user table menu and provides you with details on what each user has access to. For each Object Name for whom the person has access, it will indicate whether the user has permission to read, insert, modify (edit), delete or run the object. Most of the items will indicate a Yes or a No for each function. For some cases, there is an Indirect entry selected, meaning that the user can only deal with the data via a process not directly.

How Can You Build Permissions?

Setting permissions user by user is an unproductive way to control data access. You can bundle permissions in two ways.

Permission Sets are groups of objects that are related to a certain work process, such as posting bank deposits, cash flow or sales and inventory forecasting. You can create permission sets of related objects and then assign those sets to users, allowing you to quickly give access to those working on similar processes. For example, there may be one permission set for those who need to edit bank deposits and another for those who can see bank deposits but not edit them.

These bundles of permissions include a large number of items that are pre-defined and included with the software solution and those that are user-created.

User Groups are bundles of permission sets and are typically used by larger organizations with more complex security needs. They allow the organization to collect groups of permission sets and assign users to those larger groups. User groups are usually not necessary in small organizations and generally are only needed when you have more than 20 users.

How Do We Determine Who Has Access to Which Data?

The key driver behind permission sets and user groups is to separate duties and limit access to those who need to use the information. The goals are to:

  • Protect financial data and records
  • Hide confidential data
  • Prevent fraud by dividing labor

How Can We Manage Roles?

The solution provides a Role Center where Microsoft has pre-defined roles that are common for a particular set of job duties. It allows you to define for each user what systems they can access, languages they will use, The Role Center should conform to your permission sets and user groups to maintain data security.

We're Integris. We're always working to empower people through technology.

Keep reading

How to Choose an IT Consultant in Boulder, CO

Regardless of industry size or type, Boulder IT consultants play a massive role in the way companies in the Boulder area do business. While most companies may have their own in-house IT department, many of these departments are small and cannot handle all the...

7 Signs Your Denver Business Needs a Tech Update

Regardless of size or industry, technology is an essential part of every Denver business. That being said, technological improvements and advancements can develop quite quickly, leaving some businesses scrambling to keep up. While many businesses cite expenses in the...

Cybersecurity best practices for Boston Businesses

Securing your businesses sensitive data, networks, and devices is non-negotiable in the technologically-driven world we live in. Whether you are a small business or or corporation in Boston, it is imperative that you prioritize cybersecurity. It is no longer enough to...