Security model of Customer Engagement
Applies to Dynamics 365 (online), version 9.x
Dynamics 365 (online) Customer Engagement provides a security model that protects data integrity and privacy, and supports efficient data access and collaboration. The goals of the model are as follows:
Provide users with the access only to the appropriate levels of information that is required to do their jobs.
Categorize users by role and restrict access based on those roles.
Support data sharing so that users and teams can be granted access to records that they do not own for a specified collaborative effort.
Prevent a user's access to records the user does not own or share.
Role-based security in Dynamics 365 focuses on grouping a set of privileges together that describe the responsibilities (or tasks that can be performed) for a user. Dynamics 365 includes a set of predefined security roles. Each aggregates a set of user rights to make user security management easier. Also, each application deployment can define its own roles to meet the needs of different users.
Record-based security in Dynamics 365 focuses on access rights to specific records.
Field-level security in Dynamics 365 restricts access to specific high business impact fields in an entity only to specified users or teams.
Combine role-based security, record-level security, and field-level security to define the overall security rights that users have within your custom Dynamics 365 application.
More overview information about security can be found on the Microsoft Trust Center, and in this white paper: Microsoft Dynamics CRM Online security and compliance planning guide.