Microsoft Dynamics 365
Dynamics 365 is the next generation of intelligent business applications that enable your organization to grow, evolve, and transform to meet the needs of your customers and capture new opportunities. It combines our current customer relationship management (CRM) and enterprise resource planning (ERP) cloud services into a single service, and includes new, purpose-built applications to help manage specific business functions.
Software Development Lifecycle
Dynamics 365 is built using the Security Development Lifecycle, a mandatory Microsoft process that embeds security requirements into every phase of the development process.
Identity and access management
Azure Active Directory helps protect Dynamics 365 from unauthorized access by simplifying the management of users and groups and enabling you to assign and revoke privileges easily.
Microsoft uses encryption technology to protect your data while at rest in a Microsoft database and when it travels between user devices and our datacenters.
Increased network security and defense against threats
Dynamics 365 production environments are monitored to help protect against online threats by using distributed denial-of-service (DDoS) attack prevention and regular penetration testing to help validate security controls. At the interface with the public network, Microsoft uses special-purpose security devices for firewall, NAT, and IP filtering functions.
Microsoft complies with leading data protection and privacy laws applicable to cloud services, and our compliance with world-class industry standards is verified by third parties. As with all our cloud services products, Dynamics 365 is enabled to help customers comply with their national, regional, and industry-specific laws and regulations.
Compliance framework and offerings
We offer a comprehensive framework to help you comply with your specific requirements. Dynamics 365 meets many international and industry-specific compliance standards including:
- EU Model Clauses
- FedRAMP (for Dynamics 365 U.S. Government)
- ISO/IEC 27001
- ISO/IEC 27018
- SOC 1 and SOC 2 Type 2 Reports
Compliance and financial reporting
As an ERP system, Dynamics 365 for Operations includes features and functionality designed to help organizations meet specific tax, accounting, or financial reporting requirements.
You are the owner of your data
- We do not mine your data for advertising.
- If you ever choose to terminate the service, you can take your data with you.
Microsoft is the custodian or processor of your data
- We use your data only for purposes that are consistent with providing the services to which you subscribe.
- If a government approaches us for access to your data, we redirect the inquiry to you, the customer, whenever possible. We have challenged, and will challenge in court, any invalid legal demand that prohibits disclosure of a government request for customer data.
- Privacy controls help you configure who in your organization has access to the service and what they can access.
- We prevent mingling of your data with that of other organizations.
Data location and access
You know where your data is stored, who can access it, and under what conditions.
Find out where your data is stored for the following:
- Dynamics 365 for Customer Service
- Dynamics 365 for Field Service
- Dynamics 365 for Financials
- Dynamics 365 for Operations
- Dynamics 365 for Sales
- Dynamics 365 for Project Service Automation
We are accountable to you
If you have requested notifications, we will notify you about changes in our service operations. As an administrator, you will receive security, privacy, and audit information, as well as service and compliance notifications regarding datacenter location changes.