As manufacturers and IT professionals, one of your most important assets is your organization’s data. From financial data to personal data, sensitive information is a vital part of an organization’s profitability and success. To follow business standards and industry regulations, organizations must protect such sensitive information and prevent its inadvertent disclosure, whether it be through cyber attacks or accidental exposure. Loss prevention in Dynamics 365 for Finance & Supply Chain Management increases operational efficiency while using AI to identify and help improve at-risk business entities and functions.
Keep Sensitive Data Safe
Microsoft uses encryption technology to protect customer data while at rest in an environment’s SQL Server database and Azure Storage. D365 for Finance & Supply Chain Management uses server-side encryption with service-managed keys. Further, all key management aspects such as key issuance, rotation, and backup are handled by Microsoft. In addition to the default encryption at rest provided above, you can use the encryption API available in the Global X++ class. The methods Global::editEncryptedField() and Global::editEncryptedStringField() use the environment-specific data encryption certificate to perform data encryption and decryption. You can use these methods as an additional layer of protection beyond the default encryption at rest technology used for data storage.
Inventory Visibility
The Inventory Visibility Add-in for Dynamics 365 Supply Chain Management is an independent microservice that is highly scalable, empowering high-volume retailers and manufacturers to manage millions of inventory updates every minute and gain real-time visibility to cross-channel inventory position. Inventory Visibility lets organizations manage global, on-hand inventory with minimal setup. It comes with an easy-to-use RESTful API that enables painless integration with ancillary systems. The RESTful API supports queries based on standardized inventory dimensions, combined with configurable, calculated quantities. External systems can query Inventory Visibility to retrieve a list of available inventory quantities based on these dimensions.
Inventory Visibility Add-in Prerequisites
Before you install the Inventory Visibility Add-in, you must do the following:
- Obtain an LCS implementation project with at least one environment deployed.
- Make sure that the prerequisites for setting up add-ins provided in the Add-ins overview have been completed. Inventory Visibility doesn’t require dual-write linking.
- Contact the Inventory Visibility Team at inventvisibilitysupp@microsoft.com to get the following three required files:
-
- Inventory Visibility Dataverse Solution.zip
- Inventory Visibility Configuration Trigger.zip
- Inventory Visibility Integration.zip (if the version of Supply Chain Management that you’re running is earlier than version 10.0.18)
- Alternatively, contact the Inventory Visibility Team at inventvisibilitysupp@microsoft.com to get the package deployer packages. These packages can be used by an official package deployer tool.
-
- InventoryServiceBase.PackageDeployer.zip
- InventoryServiceApplication.PackageDeployer.zip (this package contains all of the changes in the InventoryServiceBase package, plus additional UI application components)
- Follow the instructions given in Quickstart: Register an application with the Microsoft identity platform to register an application and add a client secret to AAD under your Azure subscription.
- Register an application
- Add a client secret
- The Application(Client) Id, Client Secret, and Tenant ID will be used in the following steps.
Security Architecture
When you understand the security architecture, you can more easily customize security to fit the requirements of your business. The following diagram provides a high-level overview of the security architecture.
By default, only authenticated users who have user rights can establish a connection. Authorization is the control of access to Finance and SCM applications. Security permissions are used to control access to individual elements of the program: menus, menu items, action and command buttons, reports, service operations, web URL menu items, web controls, and fields in the client. Individual security permissions are combined into privileges, and privileges are combined into duties. The administrator grants security roles access to the program by assigning duties and privileges to those roles.
While authorization is used to grant access to elements of the program, data security is used to deny access to tables, fields, and rows in the database. IT professionals can use the extensible data security framework to supplement role-based security by restricting access to table records based on security policies. Security permissions, as part of a user role, increases the access a user has to data, while a security policy decreases access to data.
If auditing of user sign-in and sign-out is enabled, which means that the system logs when a user signs in or out of the application, a sign-out is logged even if the user’s session expires or ends. A system administrator or security administrator can access the audit logs by going to the User log page (System administration > Inquiries > User log).
Next Steps
If you are interested in learning more about loss prevention as well as maximizing the use of Microsoft Dynamics 365 for Finance and Supply Chain Management contact us here to find out how we can help you grow your business. You can also email us at info@loganconsulting.com or call (312) 345-8817.