For new and current implementations of Dynamics 365 that require adherence to strict regulations such as FedRAMP and HIPAA, there are now powerful options available in the July 2017 update for Dynamics 365. These new features specifically address User Session Management, and Activity Log Management. To clarify for those slightly confused by the nomenclature of the latter, it does not specifically have to do with CRM Activity records, but is rather better described as functionality to replace the Audit Log.
User Session Management Settings in Dynamics 365
Some government regulations and company policies require strict management of session timeouts in software for security purposes. In previous versions of Dynamics CRM, the session timeout for a user was generally configured to 24 hours, which does not meet these guidelines.
Nevertheless, with the new User Session Management features in Dynamics 365 we can now easily configure within System Settings to change the timeout to what works best for your organization. This includes a setting for overall session timeout, as well as for inactivity timeout. Users can now receive a gentle warning when their session is about to expire, giving them the ability to save their work before it happens, or re-authenticate as needed. These new settings will reassure Compliance Officers that the system fully conforms with their security requirements going forward.
Activity Log Management in Dynamics 365
Perhaps one of the more interesting enhancements in the July 2017 release is a completely new framework for Activity Logging, which would replace what was previously known as the Audit Log.
The new Activity Logging functionality in CRM essentially provides the following benefits over the previous functionality:
- Management in a central location on the Office 365 portal: Office 365 Administrators can now manage settings and activity reporting for all environments within the “Security & Compliance Center” by simply browsing to https://protection.office.com. Previously, Audit Logging was set up separately within each instance of a Dynamics CRM environment.
- All data in the system is now logged: All data transactions including plugin operations, entity operations, bulk operations, user login/out sessions, and even Microsoft Support Personnel operations are logged by this new functionality. The previous Audit Log functionality was set up on an entity-by-entity basis.
- Configurable Alert Policies: The system can now be set up to notify administrators or Compliance Officers of certain events, according to configurable settings.
- Audit Log Search capability: Administrators can now easily query audit logs via predefined or custom filters.
- Analyze suspicious behavior with Security Information and Event Management (SIEM): Functioning in near real-time, the SIEM will work to analyze and alert administrators of possible suspicious behavior within the system, and provide actions to address these events. Needless to say, this new feature will be a powerful tool for Compliance Officers tasked with managing data integrity.
- SIEM Vendor Integration: Dynamics 365 now provides out-of-box integration with multiple SIEM vendors such as ArcLight, Microsoft OMS, Okta, SumoLogic, BetterCloud, and many others.
- Minimized impact to system performance: This new Activity Logging Management functionality has a smaller footprint on system resources compared to the previous Audit Log functionality.
With these new security tools available to organizations for configuring user sessions and audit logging, Dynamics 365 has demonstrated its long-term commitment to addressing the security and regulatory needs of all its customers.
To learn more about Dynamics 365 July Updates, sign up for our Update Webinar Series – running now through August 22.
Happy Dynamics 365’ing!
Please note: All content and information is presented on preview versions and not the launched product. Product is subject to changes per Microsoft’s discretion.