Setting up security roles in Dynamics 365

LinkedIn
Twitter
Facebook
In order to prevent information leaks and make sure sensitive data is kept under control and available only to those who are supposed to see it, Dynamics 365 uses security roles. Security roles are a combination of privileges and access levels for various entities within an organization.

This blog takes a look at how to set up these roles and provide the right access levels to every one of your company’s employees.

Security Roles

When setting up security in a Dynamics 365 app or solution, you have the ability to restrict access, so users only have the information they need, but nothing more. Think of it as a hierarchy – security roles are created within business units – every user must be connected to just one unit and have at least one security role to be able to log in.

Security roles are a combination of privileges and access levels, which you can assign to groups of users, such as your Sales, Marketing or any other team. This doesn’t mean you can’t have teams that cross business unit boundaries. For example, if you have someone from Marketing, Sales and Services working on the same account, you can enable them to access the same set of records by assigning them the same security roles.

Dynamics 365 uses Privileges to determine what kind of actions users can take on records. There are currently eight types of Privileges in D365:

  • Create
  • Read
  • Update
  • Append
  • Append to
  • Assign
  • Share
  • Delete

Access levels determine the scope of records users can take action on. These are the five access levels in D365, sorted from the most restrictive to the least restrictive:

None – Users cannot perform the specified action (privilege) on any record.
User – Users cannot perform the action on records they own, or that are shared with them or their team.
Business Unit – Users can perform actions on records assigned to their business unit.
Parent: Child – Users can perform the action on all records in their business unit, and all subordinate (child) business units.
Organization – Users can perform the action on all records in the organizations.

Predefined security roles

In order to help organizations structure their business operations more easily, Dynamics 365 comes with many pre-defined security roles – there are templates for positions such as CEO, VP, System Manager, Sales or Marketing Manager, Technician etc… These can be modified by clicking on the settings tab in D365.

When implementing Dynamics 365 and establishing security roles, one main business unit will be created above it automatically. If a company is smaller in size, this usually covers everything organizations need to keep track of in terms of security. If we’re talking about companies with operations which are more complex, different departments often have different security needs and separate business units. The security hierarchy is organized in such a way that there’s always a root business unit and others below it.

As we mentioned earlier, employees can be assigned privileges which go beyond business unit boundaries. Dynamics 365 was built with integration in mind and it aims to help everyone stay on the same page, while making sure sensitive data stays in the right hands. Learn more about how it can protect your data with the help of the Cloud by clicking here. You can also browse our website for more insights and information about the security, benefits and implementation methods of D365.

You Might Also Like:

Leave a Reply