With over $1B in annual investment in cybersecurity, Microsoft has established unprecedented security measures for Dynamics 365 Finance and Dynamics 365 Supply Chain Management (previously Dynamics 365 for Finance and Operation). Yet, when it comes to a cloud-based version of Microsoft ERP, customers ask many questions before assuring themselves that the risks posed by cyberthreats are minimized. In this article, we have laid out and examined the most frequently asked questions about Microsoft Dynamics 365 security, all in an effort to probe at the main issue: is the Cloud secure?
What are the benefits of cloud-based version of Microsoft Dynamics 365?
The cloud opens the door to numerous opportunities for businesses of different sizes and sectors. According to forecasts, cloud technology is set to increase within the coming decade leaving on-premises solutions far behind. Indeed, cloud technology has a number of benefits, including improved operative stability, scalability, 24/7 support, and tangible cost savings due to the reduction of expenditure on hardware, software, and IT support staff. You get all the latest features without any extra purchases. The cloud also helps to increase productivity outside the office as employees have ready and remote access to the data whenever they need it, from wherever they may be.
Another great benefit of the Cloud lies in data recovery and redundancy. You don’t need to worry about backups since the cloud provider does it automatically for you on a regular basis. Thus, the threat of destroying or losing data is considerably diminished.
Is on-premises data storage more secure than cloud-based data storage?
It is a common myth that on-premise data storage is more secure simply for the fact that you can always keep an eye on physical hardware storage in your vicinity – and conversely, you can never be sure where your data is and who has access to it at this very moment, in the case of the Cloud. As specialists note it’s just the opposite: all authorized cloud data centers follow strict regulations, making them the safest places for data storage.
Dynamics data is stored in regional Microsoft Azure data centers all around the world. Each center has strong disaster protection and access control. All centers are ISO-27001, Cloud Security Alliance (CSA) and Cloud Computing Matrix (CCM) certified. The data at each center is always co-located, meaning it is duplicated at another storage center, thereby protecting it from total disappearance in the case of any unforeseen incidents.
All virtual machines in Microsoft Azure exclusively utilise the latest Transport Layer Security – TLS 1.2, which makes the connection between the servers and the point of use highly secure.
Who can use my cloud data?
With Dynamics 365, you remain the solitary owner of your cloud data. Microsoft is the first cloud service provider to adhere to the ISO 27018 Code of Practice – the first-ever standard for cloud data protection. According to this COP, any unauthorized access is restricted physically as well as virtually. No external parties, Microsoft included, may use your data for marketing or advertising purposes without explicit consent. Disclosure of data without prior permission can only be made if there is legally-binding obligation. Even in such cases, all requests for access will be made known to you whenever possible. Microsoft serves as a data custodian or processor and uses your data only for the purposes of cloud service provision. You may access, manipulate or extract your own data at any time and for any reason without the need to notify anyone in advance. In case of a subscription cancellation, all data, including all cached or backed-up copies, remain stored on Microsoft servers for a period of 90 days, following which all data is deleted.
Who else has access to my cloud data?
Microsoft’s personnel and their subcontractors do have access to some of your data, however, this administrative access within MS Dynamics 365 for Finance and Operations is strictly controlled and logged. No one except for the operations response team has direct access to client data – but even in this case, access is audited, and limited to the duration of support activity. Customer Support services and engineers can use screen sharing for debugging issues, but they have no direct access to any personal data.
Though your data is stored on the servers together with the data of other Microsoft clients, Microsoft ensures that no two sets of data intersect using a logical isolation technique that protects data located on the same server from unauthorized access. If by some means someone outside your company obtains preliminary access to the data in the cloud, the complex encryption procedures make it all but impossible to identify who exactly the data belongs to.
Feel free to enquire at the Microsoft Trust Center for more information on how Microsoft Dynamics security is safeguarded at the operations response team, support team, and engineer levels.
How does Microsoft protect my data from cybercrimes?
Data hacking is one of the greatest threats of the modern world. It’s no wonder business owners and decision-makers ask a great deal of questions about the system’s resistance to data breaches. Being one of the world’s largest software providers, Microsoft is often targeted by hackers. This is a significant stimulus for improvement which forces the company to constantly strengthen its security measures.
Microsoft Dynamics’ security model contains several layers, among which are included:
- complex encryption procedures – all data is encrypted by a wide range of techniques up to AES-256 during transfer between user devices within your company and Azure data centers;
- a secure network gateway – users can create encrypted IPSec tunnels and segment instances within multiple deployments;
- secure key log – Azure keys are secured with 256-bit AES encryption;
- integrated malware protection from all kinds of online threats;
- Distributed Denial-of-Service (DDoS) attack prevention;
- two-step verification authentication;
- continuous safety upgrades – Microsoft follows its own Security Development Lifecycle Policy, according to which it keeps current updates of the security model on a regular basis;
The company operates its own Cyber Defence Operations Center (Azure Security Center) aimed at the protection of Microsoft cloud security. It provides users with everything they need to keep their cloud solution(s) safe.
Can I rely totally on Microsoft in my data protection?
As we can see, the measures taken by Microsoft to protect clients’ cloud data are exceptional. Yet no system can ever be considered completely secure as the threats and risks from cybercriminals are constantly increasing in their complexity and severity. Importantly, we must remember that security is a shared responsibility. There are always things which depend solely on you, the end user – for example, who within your company is given access to your data and how these people use this data.
But even here, Microsoft tends to its clients and tries to minimize the possible dangers with the help of a role-based security approach, separation of duties. In one of our next articles, we will tell you how to apply a role-based method of security in your company and what else you can do to improve your data protection. Stay tuned!
Our team is also ready to provide you with the necessary support on security design for Microsoft Dynamics 365 Finance and Operations/AX. Contact us here to receive comprehensive information on how to boost your Microsoft Dynamics security.