Security in Dynamics 365 and in Business Central Online
Some customers ask for information on the security of systems in the cloud world and also on Business Central Online; Business Central being part of the Dynamics 365 suite, it uses the same security framework as the other products.
The whole Dynamics 365 Online suite is secure, everything is controlled in multiple points and with multiple tools and technologies working together.
Business Central Security Model
For Business Central these are the elements at stake to guarantee the security of the systems.
- Azure integrated Security Framework
Microsoft Dynamics 365 operates on Microsoft’s security framework integrated with Microsoft Azure and Microsoft 365.
- Microsoft Online Services – Malware scanning, Penetration tests
All Microsoft online services apply effective and always up-to-date patches, malware scanning, vulnerability scanning and configuration scanning; penetration tests in the various systems; all the infrastructure is controlled.
- Published Apps – Validation
Dynamics 365 adopts the Security Development Lifecycle and regularly validates applications; all apps and their distribution apparatus are controlled.
- 2FA Authentication – Access control
Dynamics 365 uses multi-factor authentication, ensures proper identity and access management and configuration, and ensures that vulnerability scanning remains effective across the entire stack; all accesses are controlled.
Business Central Online is therefore to be considered a secure system.
Protecting customer data from malware
You can find useful information on the subject at this link, general information for the Dynamics 365 suite but as mentioned, also valid for Business Central Online.