Security is a core part of dynamics CRM system to ensure, which users/team can access what information. This is also useful to restrict sensitive information.
Business units are the base for the security mode, role is then defined within the business unit. Each user or team will be assigned a business unit and one or more roles. this combination of entities provided base for the Dynamics CRM security model.
With the security model, you can control what actions users can including new, update, delete share or append on records. furthermore, this also allow to define access to part of the user interface, which includes forms, field security, dashboard etc etc....
Security roles define the access level which will be granted to users or teams. User or team can have one or more security roles and the sum of all privileges will become the security access for the user/team. Meaning, security roles are additive.
Roles are created at business unit level. the simple roles which will be applied to everyone in the organization will be assigned to this business unit and then child business units have more roles to it, which will allow more restrictive access but only at specific level and not everyone in the organization. The roles are inherited from parent to child.
When changing the business unit of a user the associated security roles are removed. the user will not have access to CRM until a new role is assigned. It is also worth note that, when you share a record, you are not giving any more access than what they currently have.
In security model, when setting up roles, if the entity is user owned then it support all the variations of security like none, user, business unit, parent:child business unit and organization, but when entity have organization owned, it will have either none or organization option to select.
Questions/comments/suggestions? please put it in comments below post for further discussion!!!
No comments:
Post a Comment