Dynamics 365 Security:
How To Keep Your Data Safe
• Overview and Why It’s Important
• Role-based Security
• Business Units
• Record-based Security
• Hierarchy Security
• Field-based Security
Overview and Why It’s Important
• Data hacking and security breaches
don’t always happen because of
hackers. Employees and people tasked
with handling this information are
mostly responsible for these breaches
and according to Verizon, 77% of data
breaches include an insider.
• For example, in 2014 Facebook
released 6 million user’s personal data
by mistake and an employee at
Snapchat was a victim of a phishing e-
mail scam, divulging information on
700 employees. Accidental or not, the
biggest threat to data security are the
ones responsible with using and
handling the data.
What can be done?
The key is finding the perfect balance between
security and usability. Some companies conjure
far too tight a control over their systems
(biosecurity, multi-level authentication, data
policies which allow access to only basic
information, etc) which makes using the systems
impossible for employees. This has a negative
effect, with users opting out of inputting data
and creating their own systems for record
keeping, in order for them to have easier access
to the information.
Finding the right business system is key and Microsoft Dynamics 365 is one
CRM system that helps make data secure while providing ease of use to users.
By taking advantage of the following functions, companies can ensure greater
• Role-based security is ideal for grouping collections of privileges into roles that underline the
tasks that can be performed by certain users or teams. The system includes a set of predefined
security roles, which makes security management easier. The privileges define access to
creation, reading, writing, deleting and sharing records set by entity type. They also define how
broadly the privilege applies, whether it’s at user level, business unit level, or across the entire
• The clusters can be as general or detailed as desired. So, for example you can choose what a
Sales representative has access to, whether they can read, write and share accounts and whether
they have the option of deleting any accounts except their own. If say there’s a more senior user,
like a Head of Sales, they can perform more tasks such as modifying data and viewing resources
as well as assigning accounts to anyone in the system.
• All Dynamics 365 users need to have a security role to access the system. These roles are
cumulative as well, which means that a user can fulfil more than one role in the company and be
given multiple roles to combine access to privileges required.
• Business units are groups of users in Dynamics 365 that allow for a company to build
their business structure in the system. Some data needs to be kept separate from
different groups in the organisation, but there also needs to be room for collaboration
and by taking advantage of business units, companies can do that.
• Companies can use record-based security to take data security even further. This
feature allows for users with certain privileges to share them with users who lack those
particular ones. So, for example one user who owns a record can grant access to the
record to a user on another team if required. This sharing of privileges can be
customised, like say wanting to allow the user to view the record, but not give them
access to write.
• Once these privileges have taken effect, only then can the user access the rights. If the
user does not have the privilege to view, or read an account, they won’t be able to, even
if another user may give them access to a specific account through sharing.
By taking advantage of the teams function,
companies can effectively group users
together. It’s an easy way to share business
objects and allow for collaboration with
different people across different units. If a
team is part of a business unit, it can
include users from other units. So, for
example if you have users part of an IT
department that are split into two teams:
development and testing, but there is a
project that needs them to collaborate.
Therefore, access levels are shared
Field-based security restricts access to certain high business impact fields in an entity only to certain
users or teams. In layman’s terms it allows to read or write access of unique fields to be controlled
tightly. For example, a user may have rights to read an account, but can be restricted from viewing
specific fields in all accounts.
The hierarchy security model is a feature that came into being in 2015. This a crucial feature for
companies where the hierarchical structure changes often. This function is useful for example when
a director is assigned a senior manager as a direct report. This way the director can access their
report’s information and data. Also, if a colleague is covering for another employee, a company can
assign them as a subordinate and the colleague will have access to all of the information required.
It’s a simple and flexible approach to ensuring the right access to data at the correct time.
Looking for Talent?
Are you currently going through a
migration or plan to undertake one and
need some extra hands on deck? We’re
specialists in MS Dynamics recruitment
so contact us to find out how we can
help you attract the best talent out
Telephone: 0161 839 4330