Articles

Dynamics 365 security roles – best practices

Data fraud risk is real. If you want to control data access effectively, you must set up a structure within an organization that both protects sensitive data and enhances collaboration. This is why you need to set up business units, then security roles, relevant permissions and field security profiles. What you also gain is the reduction of your licensing costs.

What are the best practices of Microsoft Dynamics 365 security roles generation? Let’s get going.

CREATING TAILORED DYNAMICS 365 SECURITY ROLES

Obviously, you can generate Dynamics 365 security roles using what the standard offers. However, the process is extremely time consuming (up to one day to create a single custom role), not to mention the complexity of the security project itself. The problem with the standard security assignment within Dynamics 365 is that the menu display items are deeply embedded in the code. That means a great deal of work for developers. Also, the system requirements that can be handy are still too general for the system access config. That is why you should be looking for an alternative, more cost-efficient solution.

 

AIM HIGHER, DO THINGS BETTER – HOW TO GO ABOUT DYNAMICS 365 SECURITY ROLES CREATION

What’s the best way to go about creating and managing Dynamics 365 security roles then? The solution is here. With the dedicated tool – Security Setup – you can actually convert real business processes into precise duties and roles that you need for your organization. No strings attached.

How does it work? We gather a list of all the positions within the company, then we identify (one-by-one) their daily responsibilities. We continue with recording the business processes and setting them up against the roles as duties. In this way, you get a coherent security structure that reflects actual business processes and positions in the company. Naturally, we finish off with cross-checking each and every role (position) in the system to check if they meet all the requirements.

SECURITY SETUP – SECURITY ROLES JUST AS YOU NEED THEM

When you want to set your Dynamics 365 security roles, with Security Setup tool it’s up to you how you do it. Choose one of the following options:
  1. Go for detailed security creation:

    the goal is to create precise security setup with the sufficient number of entry points. Business processes are converted into security duties. Then, created duties are combined into security roles. Finally, the role is applied to the business user.
  2. Go for general security creation:

    the business processes are mapped onto security roles. The roles are applied to the users on the basis of the standard system privileges. This is intended to fill the gaps that were found in the business processes recordings to make them more effective. The number of entry points allocated per users gets significantly reduced.
  3. Go for extension of the existing security setup:

    Security Setup can be also used to re-modify the existing security setup within Microsoft Dynamics 365 and change current security roles.

DYNAMICS 365 SECURITY ROLES VS. DATA FRAUD – STAY SAFE

Apart from setting up security roles effortlessly, your business should also consider security roles in the context of test automation. It is recommended that Dynamics 365 test automation projects are executed with the role (testing persona) that is handling the specific business process. The idea is to test the environment in the exact same way as it was created and developed.


If you want to follow the best practices in this respect, you need to establish the testing personas (that is business users and their roles) as early as possible during the implementation project. If you don’t do that, security verification might be a hiccup later on. That is why you need an easy-to-use tool for security creation and management such as Security Setup (read more about testing and security setup in our article)