ERP and CRM systems are key parts of an organization’s business infrastructure and digital transformation initiatives. One Identity frequently works with customers who use systems from vendors such as SAP, Salesforce and Oracle, and we are seeing more organizations using Microsoft Dynamics products. This is probably due to two factors: a heightened awareness of the importance of Identity Governance to the Dynamics community, and the growth in the adoption of Dynamics products.
Microsoft reports growth of 24% in the Dynamics 365 product suite for the year 2023: https://www.microsoft.com/investor/reports/ar23/. The Dynamics 365 (D365) product suite consists of Microsoft Dynamics 365 Finance and Operations (F&O), Customer Experience (CE), Commerce and Retail (CR) as well as other modules: https://www.microsoft.com/en-us/dynamics-365.
Cyber maturity: Identity governance and ERP and CRM systems
As organizations mature in their cybersecurity journey, there comes a realization that a digital transformation program requires a robust incarnation of digital identity to support it. Digital identity underpins the authentication, authorization and auditing of access to digital systems. Centralized, policy-based access that covers lifecycle, access assignment, access revocation and continuous compliance monitoring is predicated on an authoritative source for digital identity.
Furthermore, streamlined, agile access to digital systems is determined to a large degree by the quality of the digital identity information available to inform risk evaluation, access decisions and MFA challenge optimization – all of which are critical to business user acceptance of security policies.
One Identity and Avanade enhance governance for Dynamics 365
The Microsoft Dynamics product suite is a great example of how an independent digital identity capability enhances access governance, improves administrator and end-user experience and offers a more robust access governance posture. The Avanade and One Identity partnership brings together Avanade’s expertise in D365 and Entra ID with One Identity’s market leading IGA solution, One Identity Manager: https://www.avanade.com/en/blogs/avanade-insights/security/d365-enterprise-level-iga-solution.
One Identity Manager and D365 Connector
Let’s break this down:
- Dynamics 365 account lifecycle:
- Entra ID provides account lifecycle for Entra ID and synchronization options, some manually triggered, into the Dynamics 365 estate. With One Identity Manager and the Avanade connector, we build on that foundation to provide flexible JML-driven access management processes, allowing automated birth-right access based on roles and business logic.
- Dynamics 365 integration and consistency:
- While there are some synchronization flows between Entra ID and Dynamics 365 accounts, not all cases are covered, and One Identity Manager maintains user account attribute level consistency from Entra ID to all the D365 estate. This negates the need for manual syncs on account naming and attribute changes.
- Identity-based governance for all Dynamics 365 modules:
- D365 modules individually provide some SOD functionality, which is great for an initial security assessment. However, SOD adherence, between applications and encompassing Entra ID and D365 and other application roles, is where One Identity Manager comes in, providing regular attestation of access in D365 and all One Identity integrated systems.
- Single business portal for identity governance collaboration:
- One Identity Manager allows business users to initiate and approve access requests in a business-friendly portal, allowing for powerful application access, multi-step approval workflows and fulfilment through provisioning and license assignment in Entra ID. The same, familiar portal interface is used for attestation, policy violation reviews and reporting.
- Improve audit readiness & reporting:
- Natively, D365 provides D365 level user and access reporting, which is a great start. One Identity Manager takes the audit and reporting a step further with enhanced estate-wide access risk, access compliance, attestation, cross-application auditing and reporting.
Conclusion
Smoothly fitting identity lifecycle and governance onto the D365 world takes some skill and expertise, and Avanade and One Identity have solved that problem so that customers don't have to – a big win for Dynamics customers, and with more to come in future!