Often underappreciated and overlooked, security is the backbone of any implementation. To effectively curate an organization’s security, there must be collaboration between both the consultant and the client.
When a company goes live, it is imperative that there are clear and defined security roles that not only match the client’s needs but provide suitable access for all workstreams. Organization-wide security can be a massive headache; in this blog, I will outline some of the best practices and most efficient ways to design and implement security for a Dynamics 365 Finance and Operations implementation.
Security Mistakes
One of the most common mistakes during an implementation is leaving security until the very end, often after testing. This can cause extensive problems, specifically during Go-Live as users will have tested with far more security than they should. This creates confusion and churn as users will eventually have to relearn various processes with their ‘Go-Live Security’. This also creates additional work for the Security Administrator as they will have to constantly make permission updates and adjustments.
Security by Workstream
Having implemented security on multiple projects and industries, I have found that using a broad but detailed approach is the best way to create efficient and sustainable security.
First – By designing a security approach that looks at a business’s processes and workstreams, we can identify broader groups of security, eliminating the amount of customization and permission adjustments throughout the project and business’s lifecycle.
Second – By curating security through workstreams, rather than users, we are creating a sustainable security environment that can last forever. If we implement security per user, we will have to recreate and redesign user security each time an employee leaves or is hired.
Some examples of workstreams are below:
- Accounts Payable
- Accounts Receivable
- Purchasing
- Customer Service
- Production
- Warehouse
Now that we understand some new ways to curate Organizational Security, be on the lookout for Curating Organizational Security – Part 2, as we take a deep dive into what modifying security inside D365 looks like.
