Application Security in Business Central
This section helps you understand and improve the security of your Business Central application regardless of where it is hosted. In the articles listed below, you will find guidance and recommended practices related to authentication, authorization, and auditing, as well as data encryption and secure development practices that can be applied to any Business Central environment.
Business Central uses a layered approach to application security, as outlined in the following diagram.
Before users can sign-in to the Business Central application, they must be authenticated as valid user in the system. Business Central On-Premises supports several authentication methods, such as Windows and Azure Active Directory. Business Central Online uses strictly Azure Active Directory (Azure AD). For more information, see the following articles:
Once authenticated, authorization determines which areas a user can access, such as the pages and reports that they can open, and the permissions that they have on associated data. For more information, see the following articles:
Business Central includes several auditing features that help you track information about who is signing-in, what their permissions are, what data have they changed, and more. For more information, see the following articles:
You can encrypt data on the Business Central server by generating new or importing existing encryption keys that you enable on the Business Central server instance that connects to the database. For more information, see Encrypting Data in Dynamics 365 Business Central.
Security Development Lifecycle
Microsoft's Security Development Lifecycle (SDL) is a software development process that helps developers build more secure software and address security compliance requirements while reducing development cost. For more information, see Security Development Lifecycle.
Send feedback about: