We’ve been asked time and again by clients looking to upgrade their current software to Microsoft Dynamics 365 Business Central, “Just how secure is Business Central?” Microsoft notes that 43% of cyber-attacks are made on small and medium sized businesses. To address this frequently asked question fully, we’ve put together this blog that should answer all of your questions regarding safety and security and what you can do to ensure your upgrade is as secure as possible.
Microsoft Business Central: Security Overview
First of all, it’s worth noting that you must have your own security procedures in place, as without clear policies on simple things like passwords and Anti-virus / Anti-Malware, then all the security in the world is negated due to poor security management. Whether this is to protect sensitive data or to prevent unauthorised access (or both) specifically, it needs to be in place and active. This in-built security system must also allow you to specify which users have access to your database, allowing you to modify which documents/data they can edit and read.
Now on to security with Business Central and Microsoft itself…
Business Central is governed by Microsoft and their Modern Lifecycle Policy; This means that not only are there continual updates throughout the year but there are also major updates every 6 months. These usually take place every April and October. Microsoft also boasts ‘application security’ which is there primarily to improve the security of your Business Central application itself, regardless of where it’s being hosted. Business Central benefits from what’s known as a layered approach.
- Authentication – before anyone can sign into their Business Central account, they must first be validated as users.
- Authorisation – once users have been authenticated, they must then be given authorisation to access specific pages/reports etc.
- Auditing – Business Central itself boasts several auditing features that help you keep tabs on who’s signing in, what permissions they may/may not have as well as any data changes they’ve made and much more.
- Data Encryption – you’re also able to encrypt data on the Business Central server. This is done simply by generating new and/or importing already existing encryption keys.
- Security Development Lifecycle – security development lifecycle or SDL is a development in software that aids developers in building secure software, allowing them to address security compliance along with the necessary requirements.
Microsoft also boasts something known as ‘online security’. Online security is there to improve the security of the Business Central tenant. This, once again, is carried out in a layered approach.
- Authentication – Business Central Online uses what’s known as Azure AD as a method of authentication. This is automatically set up and managed for you, on the users behalf.
- Encryption – in order to protect data, Business Central also uses encryption. Data is encrypted using Transparent Data Encryption when at-rest as well as backup encryption. All network traffic within the service itself is encrypted by using what’s known as, industry standard encryption protocols.
- Service Integration – lastly, it’s recommended that users use encrypted network protocols in order to connect to the PowerBI server along with Business Central wed services.
Multi-Layered Security For Ultimate Protection
The Final word from our IT Director and Head of Security Phil Draper “Business Central leverages the in-built Windows security model for on premise and can utilise MFA for the SaaS Business Central.” All communications between client and server are encrypted using SSL certificates with strong cyphers. Microsoft Business Central is without a doubt, a secure option.
Microsoft itself goes out of its way to ensure this is the case however, it always pays to have your own security settings in place. If you’d like more information or helpful hints and tips to ensure as secure an upgrade a possible, simply contact D365 Experts on 01268 724005.