Blog
The news and information your business needs.
Cloud security in your Dynamics 365 workplace
Cloud security is a shared responsibility between cloud service providers and their customers.
Whether you are considering Dynamics 365 Business Central, or other Microsoft solutions like Dynamics 365 Sales, what the cloud service provider is responsible for and what the customer is responsible for depends on the type of service offered:
Infrastructure as a Service (IaaS)
In this model, cloud service providers offer computing, network, and storage resources on demand. The provider is responsible for securing the core computing services. Customers must secure everything else including applications, data, runtimes, middleware, and the operating system itself.
Platform as a Service (PaaS)
Many providers also offer a complete development and deployment environment in the cloud. They take responsibility for protecting the runtime, middleware, and operating system in addition to the core computing services. Customers must safeguard their applications, data, user access, end-user devices, and end-user networks.
Software as a Service (SaaS)
Organizations can access software on a pay-as-you-go model, such as Microsoft Office 365. In this model, customers still need to secure their data, users, and devices.
Customers of Joesoftware are using a range of these offerings. Some have chosen to host their Dynamics GP with IaaS providers, but more commonly with the PaaS model. However, as customers are looking to transition from GP to Business Central, SaaS is quickly becoming the most frequently used service model.
Five pillars to ensure cloud security
Regardless of the cloud service utilized, there are five primary pillars to cloud security:
1. Limit access
In the cloud, everything is internet accessible. It’s important to ensure that only the right people have access to the right tools for the right amount of time.
2. Protect data
Your organization needs to understand where your data is located and put the appropriate controls in place to safeguard both the data itself and the infrastructure where the data is hosted.
3. Data recovery
A good backup solution and data recovery plan are critical in the event there is a security breach.
4. Response plan
If your organization is attacked, you need a plan to reduce the impact and prevent other systems from being compromised.
5. Keep security teams focused on emerging threats
Strengthen cloud resource configurations to reduce security issues that could impact your operations. Ensure your team has the time and resources to be looking ahead at new and emerging threats.
In our next and final post in this series, Joesoftware will explain how your organization can implement cloud security so you get the most out of your Microsoft Dynamics solutions.