O slideshow foi denunciado.
Utilizamos seu perfil e dados de atividades no LinkedIn para personalizar e exibir anúncios mais relevantes. Altere suas preferências de anúncios quando desejar.

365 Saturday Milan 2019 - Who did what? Data security and auditing in Dynamics 365

184 visualizações

Publicada em

This presentation is about the Security and Auditing in Dynamics 365 Customer Engagement and the Power Platform. Would you like to know who has done what in your Dynamics deployment? Then you will probably find this useful.

These slides were part of an entertaining presentation that we delivered in Milan during the 365 Dynamics event. During the session, we covered practical and real examples and we explained how the Microsoft Dynamics auditing capabilities have improved considerably since the first version of Microsoft Dynamics CRM until today, where we can already integrate Dynamics 365 with the Office 365 Security and Compliance center.

Publicada em: Tecnologia
  • Seja o primeiro a comentar

  • Seja a primeira pessoa a gostar disto

365 Saturday Milan 2019 - Who did what? Data security and auditing in Dynamics 365

  1. 1. Milan 2019 Dynamics 365 Saturday Milan 8 February 2019
  2. 2. Milan 2019
  3. 3. Milan 2019 Dynamics 365 CE & Power Platform Ramon Tebar / Marco Amoedo Who did what? Data Security and Auditing
  4. 4. Milan 2019 http://MarcoAmoedo.com @MarcoAmoedo Business Applications MVP http://www.linkedin.com/in/MarcoAmoedo
  5. 5. Milan 2019 https://RamonTebar.net @RamonTebar http://www.linkedin.com/in/RamonTebar Business Applications MVP Investec Bank (London) Solution Architect
  6. 6. Milan 2019 Why? • Regulation (GDPR) • Internal Security • Collaboration • Adoption • Freak Controller
  7. 7. Milan 2019 A long Auditing Journey 2003 2019 Dynamics CRM 1.0 Dynamics 365 Customer Engagement & Power Platform Activity Logging Office 365 Security and Compliance Center Created By / Modified By 2011 Dynamics CRM 2011 Auditing out-of-the-box
  8. 8. Milan 2019 Created / Modified
  9. 9. Milan 2019 Created / Modified Dynamics 365 Customer Engagement (CE)
  10. 10. Milan 2019 Created / Modified Custom App Dynamics 365 CE Service Account
  11. 11. Milan 2019 Created / Modified Who is making the change?
  12. 12. Milan 2019 Created / Modified What about this?
  13. 13. Milan 2019 Created / Modified How can we change Created By and Modified By? ?
  14. 14. Milan 2019 Created / Modified Impersonation How can we change Created By and Modified By?
  15. 15. Milan 2019 Created / Modified Impersonation using CallerId https://github.com/rtebar/Dynamics-Utils/blob/master/Dynamics.Utils/Dynamics.Utils.Tests/ImpersonateUser.cs
  16. 16. Milan 2019 Created / Modified overriddencreatedon What about the Created On? Could we force a change in this out-of-the-box attribute?
  17. 17. Milan 2019 Created / Modified createdon by overriddencreatedon https://github.com/rtebar/Dynamics-Utils/blob/master/Dynamics.Utils/Dynamics.Utils.Tests/ImpersonationByOverRidden.cs
  18. 18. Milan 2019 Created / Modified Created By Modified By CallerId Created On OverriddenCreatedOn Modified On ? What if we need to run a data migration and set Modified On?
  19. 19. Milan 2019 Created / Modified “By the Power of Plugins!” Modified On ? What if we need to run a data migration and set Modified On?
  20. 20. Milan 2019 Created / Modified CDS Operation Pipeline Pre Validation Pre Operation Pos OperationCore Operation Transaction Entity[“modifiedon”]=MyValue Entity[“createdon”]=MyValue Entity[“modifiedby”]=MyValue Entity[“createdby”]=MyValue Stage where you can register a Plugin
  21. 21. Milan 2019 https://github.com/rtebar/Dynamics-Utils/blob/master/Dynamics.Utils/Dynamics.Utils.Plugins/ImpersonateRecord.cs
  22. 22. Milan 2019
  23. 23. Milan 2019 Created / Modified Created By Modified By CallerId Created On OverriddenCreatedOn Modified On Client side Server side N/A CallerId Pre- Operation Plugin
  24. 24. Milan 2019 Created / Modified Conclusions Now you can travel in time It is not what it looks like
  25. 25. Milan 2019 CRM 2011 - Auditing out-of-the-box!
  26. 26. Milan 2019 CRM 2011 - Auditing out-of-the-box! Today in v9
  27. 27. Milan 2019 • CRM 2011 auditing still has several limitations • Reads are not registered • e.g. account records with bank details • Metadata changes are not registered • e.g. customisations published in production unexpectedly • Huge amount of storage • Difficult to interrogate and manipulate logs CRM 2011 - Auditing out-of-the-box!
  28. 28. Milan 2019 Scarcity sharpen people’s creativeness CRM 2011 - Auditing out-of-the-box!
  29. 29. Milan 2019 Custom Read Auditing Entity Form Web Resource Azure Application Insights Custom Plugin Retrieve Retrieve Multiple Cosmos DB
  30. 30. Milan 2019 Custom Metadata Auditing Custom Plugin Publish Publish All Cosmos DB • New entity • Change an attribute • Delete a form • Remove a view • …
  31. 31. Milan 2019 Organization Insights https://admin.powerplatform.microsoft.com
  32. 32. Milan 2019 Organization Insights https://admin.powerplatform.microsoft.com
  33. 33. Milan 2019 Solutions History
  34. 34. Milan 2019 Activity Logging Dynamics 365 CE Office 365 Security and Compliance Azure AD SharePoint Exchange Flow PowerApps Power BI Teams
  35. 35. Milan 2019 Activity Logging Enabling Activity Logging in Dynamics 365 CE
  36. 36. Milan 2019 Activity Logging Enabling Activity Logging in Dynamics 365 CE
  37. 37. Milan 2019 Activity Logging https://www.office.com/ => https://protection.office.com Enabling Audit Search in Security & Compliance Center
  38. 38. Milan 2019 Activity Logging Enabling Audit Search in Security & Compliance Center
  39. 39. Milan 2019 Activity Logging Audit Search in Security & Compliance Center
  40. 40. Milan 2019 Activity Logging Audit Search in Security & Compliance Center
  41. 41. Milan 2019 Activity Logging Audit Search in Security & Compliance Center
  42. 42. Milan 2019 Activity Logging Dynamics 365 CE Office 365 S&C Power BI User Azure Function Azure Queue Cosmos DB Office 365 Management API
  43. 43. Milan 2019 Activity Logging Some considerations • Some operations don’t have all information yet (e.g. ExportToWord) • Audit log and retained for 90 days • Available for Production and not Sandbox instances • An Office 365 Enterprise E3 or E5 subscription is required • Dynamics 365 CE events can take up to 30 minutes to be available in logs results
  44. 44. Milan 2019 Thank you! @RamonTebar @MarcoAmoedo
  45. 45. Milan 2019 Questions?
  46. 46. Milan 2019

×