Skip to main content

As Microsoft Dynamics AX mobile options evolve, security requirements gain importance

by Mark Anderson
Contributing Writer,
May 06 2014

Microsoft Dynamics ERP and CRM, like much of enterprise IT today, is shifting to accommodate mobile devices in the workplace. And bring-your-own-device - allowing for more and varied devices accessing company data from more and varied locations - can present new enterprise security challenges.

In a previous post we considered some of the changes companies may want to consider at the server level.

Here we'll look at security for mobile solutions related to Dynamics AX. Security can be particularly challenging with Dynamics ERP systems, in part because of the varied levels of access to financial data that different people have within an organization and in part because financial data is also subject to laws dictating corporate disclosure.

The Role of Roles

Security solutions must walk a tightrope of IT, legal, technical and organizational challenges, says Nima Bakhtiary, CEO of Arbela Technologies. And the deployment of mobile solutions become one more element of the overall security initiative.

Bakhtiary says AX leaves open an important question that requires input from both IT and human resources teams. In brief: What is everyone's role?

"Microsoft has given us some standard roles," he says. "However, we're finding out that standard roles are a great start, but the ability to change roles based on each business's needs and vertical industry is very critical. And then of course after you change your roles, maintaining it, and then because of auditing requirements, you want to prove that these roles had access to only the data that they're supposed to."

For example, workers in a ...

FREE Membership Required to View Full Content:

Joining gives you free, unlimited access to news, analysis, white papers, case studies, product brochures, and more. You can also receive periodic email newsletters with the latest relevant articles and content updates.
Learn more about us here

About Mark Anderson

Mark Anderson is a science and technology journalist, author and copywriter. Based in western Massachusetts, he's written for many top publications and about everything from IT to genomics to energy. He recently launched a business copywriting service and is the author of two nonfiction books about science, history and literature.

More about Mark Anderson
Submitted by ramasridhar on Thu, 06/12/2014 - 17:45 Permalink

I agree with you that the security roles in AX should be flexible enough to address country specific compliances rather than being global(partition specific). Also, I feel the ERP business processes associated with the OOTB roles should be transparent enough. Say for example, if a sales manager wants to have access to the credit card related information of a user, then he should be part of a sales clerk role too, as the sales manager role cannot access this information as per AX. This could be true for upper mid sized or large organizations, but in small or lower mid markets, the same person does both the job! As an AX business analyst, unless you evangelize the business processes associated with each AX OOTB role, it is going to be a night mare to figure out and configure the system as per the client requirements!

In reply to by anonymous_stub (not verified)