The security model of Microsoft Dynamics CRM 2013
Applies To: Dynamics CRM 2013
Microsoft Dynamics CRM 2013 and Microsoft Dynamics CRM Online provide a security model that protects data integrity and privacy, and supports efficient data access and collaboration. The goals of the model are as follows:
Provide users with the access only to the appropriate levels of information that is required to do their jobs.
Categorize users by role and restrict access based on those roles.
Support data sharing so that users and teams can be granted access to records that they do not own for a specified collaborative effort.
Prevent a user's access to records the user does not own or share.
Role-based security in Microsoft Dynamics CRM focuses on grouping a set of privileges together that describe the responsibilities (or tasks that can be performed) for a user. Microsoft Dynamics CRM includes a set of predefined security roles. Each aggregates a set of user rights to make user security management easier. Also, each application deployment can define its own roles to meet the needs of different users.
Record-based security in Microsoft Dynamics CRM focuses on access rights to specific records.
Field-level security in Microsoft Dynamics CRM restricts access to specific high business impact fields in an entity only to specified users or teams.
Combine role-based security, record-level security, and field-level security to define the overall security rights that users have within your custom Microsoft Dynamics CRM application.
More overview information about security can be found in this white paper: Microsoft Dynamics CRM Online security and compliance planning guide.