title | description | author | ms.author | ms.topic | ms.date | ms.service | ms.custom | content_well_notification | ||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Success by design security checklist in application security |
Use the Success by Design security checklist to plan and prioritize your key activities for privacy and compliance, identity and access, and application security. |
riblack-microsoft |
riblack |
conceptual |
01/22/2024 |
dynamics-365 |
|
AI-contribution |
Done? | Task |
---|---|
✓ | Understand the responsibilities of the service provider as a data processor and the customer responsibilities as the owner and data controller. Make sure both sides comply with the relevant laws and regulations. |
✓ | Review the Dynamics 365 cloud service agreements and compliance documentation. Learn about the policies and procedures for handling data, disaster recovery, data residency, and encryption. |
Done? | Task |
---|---|
✓ | Create an identity management strategy that covers user access, service accounts, application users, federation requirements for single sign-on, and conditional access policies. |
✓ | Create administrative access policies for different admin roles on the platform, such as service admin and Microsoft 365 admin. |
✓ | Apply and follow the relevant data loss prevention policies and procedures to make changes or request exceptions. |
✓ | Have the necessary controls to manage access to specific environments. |
Done? | Task |
---|---|
✓ | Understand the app-specific security features and use the native access control mechanisms instead of customizing the build. |
✓ | Understand that hiding information from the view doesn't remove access. There are other ways to access and extract information. |
✓ | Understand the impact of losing the security context when you export the data. |
✓ | Optimize the security model for performance and scalability by following the security model best practices. |
✓ | Have a process to map changes in the organization structure to the security model in Dynamics 365. Do it carefully and sequentially to avoid unwanted cascading effects. |
- Learn about security controls in Dynamics 365
- Learn about security features in customer engagement apps
- Learn about security features in Power Pages
- Learn about security features in finance and operations apps
- Learn how to make security a priority from day one