How Secure is Microsoft Dynamics 365 Business Central SaaSAs a robust, cloud-based, all-in-one business management solution, Microsoft Dynamics 365 Business Central enables small & mid-sized organizations to upgrade from their entry-level accounting software or legacy ERP system to one single, comprehensive solution to manage finances, operations, sales and customer service. Available as SaaS (Software as a Service), Dynamics 365 Business Central helps organizations to leverage digital transformation at much lower upfront cost. Organizations can easily streamline their processes; improve customer relations while enabling growth. Despite the Microsoft proposition, many customers are still full with doubts related to data security in Microsoft Dynamics 365 Business Central SaaS deployment model.
Microsoft Dynamics 365 Business Central SaaS is governed by Microsoft’s Modern Lifecycle Policy. Under this policy, the product or service remains in support for following criteria.
• Customers must stay current as per the servicing and system requirements published for the product or service.
• Customers must be licensed to use the product or service.
• Microsoft must currently offer support for the product or service.
The security features in D365 Business Central enables you to control which objects or tables a user can access within each database. You can specify the type of access that each user has to these objects and tables, whether they are able to read, modify, or enter data. Furthermore, you can also specify which records are stored in the tables that each user is allowed to access. So, permissions can be allocated at both the table level and the record level. Permissions that are granted to each user who can access a particular database are also contained in the security system.
Business Central comes with following security features.
Database Level Security – Once you start Business Central and attempt to open the database, your credentials are checked. D365 Business Central allows administrators to manage user access to the objects and data. As D365 Business Central database is on SQL Server or Azure SQL Database, the security system work to ensure that only authorized users can gain access to the database. To get access to application, users require valid user account in the application alongside permissions.
Company Level Security – After getting access to the database, you can open the company that you want to work with. The security features of Business Central enable you to open only those companies which are in the current database that you have been given permission to access. A database can contain several companies. Each company can use its own tables and can also share tables with other companies. Users' access to companies is controlled by permission sets. When you assign a permission set to a user, you can specify a company to restrict the user’s access for that permission set to that specific company.
Object Level Security – It is the set of permissions that constitute a permission set. Permission sets determine the access that users have and the tasks that users can perform on objects in the database.
Record-level security – Microsoft Dynamics 365 Business Central enables you to implement record-level security by creating security filters on table data. A security filter describes a set of records in a table that a user has permission to access. Record-level security filters are handled by SQL Server just like other filters that are applied by the user. They do not adversely affect performance unless the security filtering mode is Validated. When the security filtering mode for a record is Validated, then Business Central must validate whether each record is in the filter expression.
Database Logins – Users are given a database login when they have their own user ID and password in Business Central. The user must enter the user ID and password to access the database. Database security then validates the user’s permissions by checking the database user accounts on the server. The permissions that the user has been granted to the various objects within the database, such as tables, are determined by the information contained in the user’s database user account.
Permissions – Business Central has a number of standard predefined security permission sets. You can use these permission sets as defined or you can change a permission sets to suit your particular needs. You can also create your own permission sets and assign them the permissions that you want. If you have been granted permission to read a page, then you can open the page and view the data that it displays. If, however, you do not have write permission, you are not allowed to enter data into this page.
Other advantages associated with Business Central SaaS model
• With Business Central SaaS, you can start with less upfront cost.
• Software will be automatically upgraded by Microsoft twice per year for minimal cost.
• For most upgrades, you will pay nothing.
• Incremental changes are much easier to handle than periodic major upgrades.
• Business Central SaaS will be deployed into a Microsoft Azure datacenter.
• Full Database backups are done weekly, differential database backups are done hourly and transaction log backups are done every five minutes by Microsoft.
• Microsoft will be looking after your data and protecting it against malware and viruses.
Contact us for technical support