May 11, 2020

The 3 "A" s of ERP Security = Authentication, Authorization, Auditing

test alt text

The headline news is currently focused on the coronavirus pandemic. But let us not forget that in addition to protecting ourselves and staying safe, we also need to safeguard the security of our ERP application. While we are holed up, safe, and secure in our homes, hackers may be exploiting the vulnerabilities of our ERP systems.

Keeping Microsoft Dynamics 365 Business Central (BC) Secure

takes your security seriously. Fortunately, many layers of security are already built into Microsoft Dynamics 365 Business Central, as depicted in this diagram:

f149a4 bfff3f18efba4b80a8b563c953aea364 mv2

Let's start with a brief overview of the 3 "A" s

Authentication

Before users can sign-in to the Business Central application, they must be authenticated as a valid user in the system. Business Central On-Premises supports several authentication methods, such as Windows and Azure Active Directory. Business Central Online uses strictly Azure Active Directory (Azure AD).

Authorization

Once authenticated, authorization determines which areas a user can access, such as the pages and reports that they can open, and the permissions that they have on associated data. AuditingBusiness Central includes several auditing features that help you track information about who is signing-in, what their permissions are, what data have they changed, and more.

Beyond the 3 "A" s

Yes. There is more that you should be doing. Best practices include, as but 2 examples, the following: Data Encryption

You can encrypt data on the Business Central server by generating new or importing existing encryption keys that you enable on the Business Central server instance that connects to the database. Security Development Lifecycle

Microsoft's Security Development Lifecycle (SDL) is a software development process that helps developers build more secure software and address security compliance requirements while reducing development costs.

Stay tuned for part 2 of this series on application security

Security is not just a hot topic. It is imperative. We will take a deeper dive in our upcoming blog: "Security in Microsoft Dynamics 365 Business Central Online and BC On-Premises." Stay tuned!

Meanwhile, if you have any questions, please call us at 630-858-7388 or email us at nav@libertygrove.com.

Related Article:

What Return on Your Investment Can You Expect from Microsoft Dynamics 365?

Tags

Article written by Liberty Grove Software
Liberty Grove Software grew out of its predecessor company, Studebaker Technology, which in 1996 became one of the first Navision developer/resellers in North America (Navision was the predecessor to Microsoft Dynamics 365 Business Central/NAV). ​ As you can tell from our website, we focus exclusively on Business Central/NAV. Almost all our certifications, third-party add-ons, associates, services, and projects are Business Central/NAV-related. This is intentional because we want to offer only the highest caliber expertise to our clients, and we feel we can achieve this only if we devote ourselves to one ERP product.
cross
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram