Enhancing Security in Microsoft Dynamics 365: A Deep Dive into Security Governance and How It Compares to Argano ASM

Microsoft’s upcoming release of Dynamics 365 (version 10.0.43) introduces an exciting new feature: Security Governance. This update will provide administrators with a more comprehensive toolkit for building and managing security configurations, assigning temporary roles, monitoring user actions, and delivering more precise license consumption reports.

Security governance has long been a challenge for Dynamics 365 users, who have needed more robust security management tools. While Dynamics 365 has offered valuable features for configuring role-based security, the addition of these governance features significantly expands the capabilities available out-of-the-box.

What’s New in Security Governance?

Security Governance in Dynamics 365 10.0.43 enhances the ability for administrators to design, configure, and manage security roles across their organization. The key features include:

• Temporary Role Management: Administrators can now assign roles for temporary periods, allowing for better flexibility and control when handling user access.
• User Monitoring: New tools enable system administrators to track and monitor select user actions in real time, providing a higher level of oversight into who is doing what within the system.
• License Consumption Reporting: A revamped reporting mechanism gives admins better visibility into how licenses are being used, helping with cost management and ensuring compliance.
• Security Process Roles Maintenance: A new way of configuring security roles around processes that can leverage task recordings.

These features will help businesses streamline their security management processes and maintain tighter control over system access. The flexibility in role assignments, combined with enhanced reporting, positions Security Governance as a significant step forward in improving Dynamics 365's native security toolset.

How Does Security Governance Compare to ASM?

While there are clear improvements in Dynamics 365 10.0.43’s new Security Governance features, it is important to note that they complement rather than replace existing security offerings like Audit and Security Management (ASM). There is some overlap, but they largely serve distinct purposes.

Overlap:

• Temporary User Role Assignments: Both Security Governance and ASM allow for temporary user role assignments, which is beneficial for companies needing to elevate access during specific periods. This overlap ensures that administrators have flexibility when managing roles without compromising security.
• License Consumption Reporting: Both provide license consumption reporting directly within Dynamics 365.
• User Sign-In and Role Change Logging: Both automatically log user sign-in and role change events.
• Task Recording for Security Roles: Both offer the ability to design security roles using task recordings.

Distinctions:

• Sensitive Access Detection and Reporting: ASM provides a critical tool for identifying who can interact with high-risk system functionalities, making it indispensable for audit purposes.
• Entry Point Based Segregation of Duties: Ensures that rule checks around user roles and responsibilities are complete and accurate by checking access from the root of the security object hierarchy.
• Database Logging: Provides detailed tracking of changes across tables and fields within Dynamics 365, enabling organizations to meet critical detective control requirements. This logging is done without negatively impacting system performance or user experience—an essential feature for businesses that require rigorous oversight.
• SSRS Reporting Suite: Virtually every feature in ASM comes with a complementary SSRS report, allowing for recurring, automatic delivery of all reports required for audit. This medium of reporting also enables auditors to obtain data directly from the system, ensuring data integrity.

Moreover, ASM can integrate with a company’s Help Desk system, enabling System Administrators to request elevated permissions directly tied to specific support tickets. This integration helps streamline permissions management in response to immediate system needs, further enhancing operational efficiency. While elevated, users with System Administrator roles are monitored to ensure they are operating within the scope of their responsibilities.

Why Decision-Makers Should Pay Attention

For decision-makers overseeing security, compliance, and operational integrity, understanding these new capabilities—and how they work with or complement existing systems—is crucial. The combination of Security Governance and ASM enables organizations to build a robust security framework in Dynamics 365 and, importantly, meet their audit and compliance requirements. This dual approach addresses both internal role management and external audit compliance, which are often critical for meeting industry regulations and organizational policies.

The new updates in version 10.0.43 will provide administrators with more control over their users and roles, while ASM's primary purpose continues to be easing the burden of compliance and facilitating audit processes. For decision-makers, it is essential to understand how these solutions will help maintain organizational security, compliance, and efficiency.

Want to learn more about ASM? Reach out to schedule a demo!