Microsoft CRM Security Model
Microsoft CRM provides you with a security model that both protects data integrity and privacy and also supports efficient data access and collaboration. The Microsoft CRM security model is designed to support recommended security best practices. The goals of the model are as follows:
- To provide users with access only to the appropriate levels of information required to do their jobs.
- To categorize types of users in order to define roles and restrict access based on those roles.
- To support data sharing, so that users can be granted access to objects that they do not own for a specified collaborative effort.
- To prevent a user’s access to objects the user does not own or share.
The first two goals relate to role-based security; the last two goals relate to object-based security.
Role-based security in Microsoft CRM focuses on grouping a set of privileges together which describe the responsibilities (or tasks that can be performed) for a user. Microsoft CRM includes a set of predefined security roles, each of which is a set of user rights aggregated to make user security management easier. Each application deployment can also define its own roles to meet the needs of different users.
Object-based security in Microsoft CRM focuses on access rights to the primary business objects, namely Leads, Opportunities, Contacts, Accounts, Competitors, Products, Sales Literature, Quotes, Orders, Invoices, Contracts, and Incidents (Cases), which form the core of a sales force automation or customer service solution.
You combine role-based security and object security to define the overall security rights users have within your custom Microsoft CRM application.
The following sections provide the details of the main concepts in the Microsoft CRM security model:
- Security Principals
- Role-Based Security
- Object-Based Security
- Security Dependencies
- Active Directory
- Security Best Practices
© 2005 Microsoft Corporation. All rights reserved.