Dynamics 365 user/audit logs

For new and current implementations of Dynamics 365 that require adherence to strict regulations such as FedRAMP and HIPAA, there are now powerful options available in the July 2017 update for Dynamics 365. These new features specifically address User Session Management, and Activity Log Management. To clarify for those slightly confused by the nomenclature of the latter, it does not specifically have to do with CRM Activity records, but is rather better described as functionality to replace the Audit Log.

User Session Management Settings in Dynamics 365
Some government regulations and company policies require strict management of session timeouts in software for security purposes. In previous versions of Dynamics CRM, the session timeout for a user was generally configured to 24 hours, which does not meet these guidelines.
Nevertheless, with the new User Session Management features in Dynamics 365 we can now easily configure within System Settings to change the timeout to what works best for your organization. This includes a setting for overall session timeout, as well as for inactivity timeout. Users can now receive a gentle warning when their session is about to expire, giving them the ability to save their work before it happens, or re-authenticate as needed. These new settings will reassure Compliance Officers that the system fully conforms with their security requirements going forward.
Activity Log Management in Dynamics 365
Perhaps one of the more interesting enhancements in the July 2017 release is a completely new framework for Activity Logging, which would replace what was previously known as the Audit Log.
The new Activity Logging functionality in CRM essentially provides the following benefits over the previous functionality:
·         Management in a central location on the Office 365 portal: Office 365 Administrators can now manage settings and activity reporting for all environments within the “Security & Compliance Center” by simply browsing to https://protection.office.com.
·         Previously, Audit Logging was set up separately within each instance of a Dynamics CRM environment.
·         All data in the system is now logged: All data transactions including plugin operations, entity operations, bulk operations, user login/out sessions, and even Microsoft Support Personnel operations are logged by this new functionality. The previous Audit Log functionality was set up on an entity-by-entity basis.
·         Configurable Alert Policies: The system can now be set up to notify administrators or Compliance Officers of certain events, according to configurable settings.
·         Audit Log Search capability: Administrators can now easily query audit logs via predefined or custom filters.
·         Analyze suspicious behavior with Security Information and Event Management (SIEM): Functioning in near real-time, the SIEM will work to analyze and alert administrators of possible suspicious behavior within the system, and provide actions to address these events. Needless to say, this new feature will be a powerful tool for Compliance Officers tasked with managing data integrity.
·         SIEM Vendor Integration: Dynamics 365 now provides out-of-box integration with multiple SIEM vendors such as ArcLight, Microsoft OMS, Okta, SumoLogic, BetterCloud, and many others.
·         Minimized impact to system performance: This new Activity Logging Management functionality has a smaller footprint on system resources compared to the previous Audit Log functionality.


With these new security tools available to organizations for configuring user sessions and audit logging, Dynamics 365 has demonstrated its long-term commitment to addressing the security and regulatory needs of all its customers.

Comments

Post a Comment

Popular posts from this blog

D365 F&O - Adding custom entities to Case Management

Image
Case management is a generic cross module solution where you can log cases with or without a defined process and keep a information. A case can be related to a number of various entities in the solution. There are 11 case categories where you can group processes: General Sales Purchase Service Project Production Collections Audit Human Resources FMLA Product Change You also have 27 entities you can associate the case with: None Lead Opportunity Customer Vendor Prospect Project Sales order Purchase order Worker Service order Item Customer transaction Expense report Expense report line Vendor invoice Vendor invoice line Purchase order line Returned order Case Product BOM/Formula Route Production order Quality order Customer invoice Customer invoice line Both categories and entities can be extended. We also added a lot of other entities to our standard expansion solution to our customers. For example, I created new entity 'Contra...
Read more

Microsoft Dynamics CRM Time zones

Time Zones Dynamics CRM stored Date/Time fields in the database as a SQL datetime field that is always converted to a UTC date.  Each user has a Time Zone Code associated with their user settings. ·          To list all the available TimeZoneCodes use the following query against the MSCRM database: SELECT TimeZoneCode, UserInterfaceName FROM TimeZoneDefinition order by UserInterfaceName ·          To list all user's selected Time Zone Code use: Select SystemUserId, TimeZoneCode from UserSettings There functions available in the MSCRM database for converting to and from UTC to local dates. The following function accepts a utc date and converts it to a local date based on the time zone code matching those in TimeZoneDefinition. dbo.fn_UTCToTzCodeSpecificLocalTime(@utc,@timezonecode) Dates are stored as UTC Consider the following: ·        ...
Read more