Success by design security checklist for key activities in application security
Privacy and compliance
Done? | Task |
---|---|
✓ | Understand the responsibilities of the service provider as a data processor and the customer responsibilities as the owner and data controller. Make sure both sides comply with the relevant laws and regulations. |
✓ | Review the Dynamics 365 cloud service agreements and compliance documentation. Learn about the policies and procedures for handling data, disaster recovery, data residency, and encryption. |
Identity and access
Done? | Task |
---|---|
✓ | Create an identity management strategy that covers user access, service accounts, application users, federation requirements for single sign-on, and conditional access policies. |
✓ | Create administrative access policies for different admin roles on the platform, such as service admin and global admin. |
✓ | Apply and follow the relevant data loss prevention policies and procedures to make changes or request exceptions. |
✓ | Have the necessary controls to manage access to specific environments. |
Application security
Done? | Task |
---|---|
✓ | Understand the app-specific security features and use the native access control mechanisms instead of customizing the build. |
✓ | Understand that hiding information from the view doesn't remove access. There are other ways to access and extract information. |
✓ | Understand the impact of losing the security context when you export the data. |
✓ | Optimize the security model for performance and scalability by following the security model best practices. |
✓ | Have a process to map changes in the organization structure to the security model in Dynamics 365. Do it carefully and sequentially to avoid unwanted cascading effects. |
Next steps
- Learn about security controls in Dynamics 365
- Learn about security features in customer engagement apps
- Learn about security features in Power Pages
- Learn about security features in finance and operations apps
- Learn how to make security a priority from day one
Feedback
https://aka.ms/ContentUserFeedback.
În curând: Pe parcursul anului 2024, vom elimina treptat Probleme legate de GitHub ca mecanism de feedback pentru conținut și îl vom înlocui cu un nou sistem de feedback. Pentru mai multe informații, consultați:Trimiteți și vizualizați feedback pentru