The security of the solutions in the cloud is questioned in many occasions. We know it, but … why? Maybe, fear of change? lack of information?
Dynamics 365 and, in general, Azure and the cloud model , is Microsoft’s great bet for all the benefits that it entails for large and medium-sized companies (communication in mobility, process improvement, access to information …). As a partner, we guarantee that they are safe and we want to explain why.
Azure and Microsoft security
Already in 2014, the company Microsoft received a recognition from the Spanish Agency for Data Protection (AEPD ) [Read resolution] for the solvency and guarantees of their services in the cloud. Microsoft has been working for many years and anticipating new regulations , both local and global, to provide an adequate data processing and ensure the security of all our business information. (We also use your solutions!)
At the state level, for example, it is the only and first to comply in high category with the characteristics of the certification of conformity of the ENS (National Security Scheme) and already complies with the GPDR : new regulations on Data Protection that take effect in May 2018. It also complies with the policies of the CSA (Cloud Security Alliance), the LOPD in level 3, the ISO 27001 standards …
Microsoft is a pioneer in our country in terms of security and that is why we trust it as partners and users.
azure security certifications
Business solutions such as Dynamics 365 and Office 365 are consumed as SaaS (software as a service) in the cloud, and Microsoft Dynamics NAV can work on local servers or in cloud environments. All these applications have the same guarantees when working on Microsoft Azure . Details about your security:
Control and access management. It is possible thanks to the administration of entities and credentials for each user.
More security in your infrastructure and your network. Azure’s technology is able to connect different virtual machines and traditional data centers ( on-premise ) applying its security protocols on all systems. In this way it guarantees the blocking of unauthorized traffic.
Communications and encrypted processes. Azure has data encryption protocols in transit to ensure communications between devices and Microsoft datacenters , as well as while they are stored (Azure Storage).
More defense against threats. Microsoft constantly monitors s US servers, networks and applications to detect new threats. Applies a risk management strategy in all its processes to strengthen their algorithms defe nsa and reduce risks.
Security in Dynamics 365: access management policies and user management
In addition to the security and privacy of the information before the external access to your organization, it is also necessary to contemplate a series of access management policies for the users themselves . We explain the configuration options of these services in Dynamics 365. But first of all, what is this recent business solution?
Dynamics 365 is the Microsoft solution that unites all the management of business solutions such as CRM, ERP and operations, among others, under the same platform. [Know more]
Dynamics proposes a security model to protect the integrity and privacy of the data. In this way, it ensures access to the levels of information that allow each user to perform their work depending on their role in the company (without additional information that could be modified), with the possibility of giving special permissions to users or specific teams. These access policies are configured based on:
Roles and equipment: a series of privileges (reading, writing, sharing …) that describe the responsibilities or tasks that a certain type of user can perform are associated. Microsoft Dynamics 365 includes a set of predefined security roles although it is also possible to define your own roles in your organization, adapted to the needs of each type of user within your company.
Registers: Access rights associated with specific registers are configured. It serves to perform actions on individual records.
Field level: it is possible to restrict access to fields that contain high business impact content. Applies in a last phase, after having assigned the privileges.
By combining these three levels it is possible to define the security restrictions that users have in their Microsoft Dynamics 365 portal. For example, with a commercial role you could have the read, write and share sharing of accounts of the entire organization associated, but you could only delete the records that are your property. In this case, you would not have the possibility of accessing system administration tasks, such as updating or managing new users. Thanks to the configuration of permissions by roles, the risks are greatly reduced in the event of loss of information. Finally, the roles of administrator and customizer deserve special interest: it is recommended that few users have these levels of permission since they are very broad.
The solutions Microsoft cloud offer much more than access to all your data wherever you are; or rather, they offer much more than access to data if you have assigned privileges , wherever you are.
Business solutions in the cloud facilitate the collaboration of workers in mobility, simplify the analysis of financial data in real time, allows working with a software always updated, adapt the types of license (and costs) according to the specific needs of each user … and above all, with total security and availability .