Business Central On-Premises Security

This section helps you understand and improve the security of Business Central hosted on-premises. In the links below you will find information, hardening guidance and recommended best practices addressing client, database, server and network security.

Authentication

Before users can sign-in to the Business Central application, they must be authenticated as valid user in the system. Business Central supports several authentication methods. You configure the authentication method on the server-tiers of Business Central.

For more information, see Authentication and Credential Types.

Server Security

Business Central Server handles communication between clients and databases, controlling authentication, event logging, scheduled tasks, reporting and more. The following articles explain how to improve the security of Business Central Server instances.

Hardening Business Central Server Security

Locking Down Server Communication settings

Client Security

The following articles explain how to improve the security of connections from the clients to the Business Central Server.

Configuring SSL to Secure the Client Connections

Using Security Certificates with Business Central On-Premises

Database Security

The articles in this section explain how to improve database security in Business Central.

The following articles discuss configurations that you can perform on the Business Central Server:

Configuring the Database

Encrypt Traffic

The following are general articles about SQL Server security that can also help secure the database:

Upgrade to TLS 1.2

Important

Starting March, 2020, Business Central only supports Transport Layer Security (TLS) version 1.2 or later. This applies to Business Central 2019 release wave 2 online and on-premises (version 15.x). Upgrade to Business Central 2019 release wave 2 or later to remove support for earlier versions of TLS. If your solution or an add-on uses TLS 1.0 or 1.1, you must update that configuration or add-on to TLS 1.2 or later as soon as possible. For more information, see Blog post: Update to TLS 1.2 or later in Dynamics 365 Business Central in 2019 release wave 2.

Data Encryption at Rest

SQL Server Hardening

SQL Server Auditing

Backup Encryption

Azure Database Security Best Practices

Network Security

The following articles explain to secure client, web service, and PowerBI connections over a wide area network using HTTPS and security certificates.

Configuring SSL to Secure the Client Connections

Using Security Certificates with Business Central On-Premises

Connect to Business Central with Power BI

See Also

Security and Protection
Data Security
Security Tips for Business Users