Business Results and Better Security with MVISION Cloud for Microsoft Dynamics 365

By on Aug 09, 2021

We are in the midst of digital transformation to the cloud – these cloud services fuel transformative projects for businesses, empowering employees with powerful tools to do their jobs better and more efficiently. This cloud transformation has meant that a large portion of enterprise data now resides and is being accessed outside of the network perimeter and beyond the reach of traditional data security controls.  

MVISION™ Unified Cloud Edge is the SASE security fabric between an organizations’s workforce and their resources that enables fast direct-to-internet access by eliminating the need to route traffic through their data center for security. Data and threat protection are performed at every control point in a single pass to reduce the cost of security and simplify your management.  

Sensitive data uploaded to CRM has also put the service on the radar of IT security teams. Based on the Market share report Microsoft Dynamics 365 is amongst the top CRM vendors  

Data in Dynamics 365 represents anything from proprietary business information to sensitive customer data. The high volume and value of this data have made Dynamics 365 security a top priority for companies embarking on cloud security projects.  

Microsoft provides a host of security features for enterprise customers at the infrastructure and software level, but customers default lack many controls around data and user account security. For example, only 36 percent of cloud customers say they can enforce data loss prevention in the cloud. These are key security controls for organizations using Dynamics 365, especially those who upload regulated data to the service.  

MVISION Cloud for Dynamics 365, part of McAfee’s Unified Cloud Edge offering is a comprehensive solution, which allows enterprises to enforce security controls for data in Dynamics 365. It addresses four areas of Dynamics security: 

  • Visibility: Receive insights into usage analytics, user groups, privileges, and data content, both monitored dynamically and through an on-demand scan. This allows enterprises to evaluate the types of data and users within Dynamics and understand their unique risks.  
  • Compliance: Consistently enforce existing and new policies with cloud DLP for structured and unstructured data. Multitier remediation options and match highlighting allow for a positive user experience and efficient evaluation of policy violations from security teams.  

By applying cloud DLP policy you can find any sensitive info stored in Dynamics entity in near real-time. Configure via UI the entities where you know sensitive content is posted by the user and do near real time DLP. Also, you can integrate your Endpoint DLP engine policy and use the single console of MVISION to leverage the DLP policy defined on Dynamics entities. In addition, before the Auditor finds any sensitive information stored in data at rest, you can run on-demand scans on Dynamics 365 entities/attachments to ensure there is no sensitive data in Dynamics entities. MVISION Cloud Compliance scan applies to entities (structured data) and attachments (unstructured data) in Dynamics. Data privacy can save organizations from massive compliance fines, a negative public image, and loss of customer trust. Dynamics 365 data privacy is just as important as security, MVISION Cloud compliance scan ensures GDPR compliance for data at rest. In all cases whenever out of compliance is found, then raise incidents and takes remedial action for complete visibility. Malware scan to detect malware on any Dynamics 365 attachments if there is Malware. This scan could be Near Real-Time and also could be on data at rest.  

  • Threat Protection: Monitor threats from a Dynamics 365 security operations center (SOC) based on insights from user behavior analytics. Machine learning algorithms identify account compromises, insider threats, high-risk privileged users, and more. Mapping to the MITRE framework gives visibility and insights into whether Microsoft Dynamics services are used w.r.t tools and techniques for data compromise and exfiltration. 
  • Data Security: Enforce security controls based on transaction context including the user, device, and data. Block high-risk downloads in real-time.

MVISION Cloud for Dynamics 365 can act as an additional control point between enterprise users and the cloud to provide enhanced analytics into cloud usage, detect threats from insiders, compromised accounts, and privileged users, enforce compliance policies with DLP, and contextual access controls. Additionally, detecting intentional or inadvertent threats from employees or third parties, enforcing granular access controls based on parameters such as role, device, data, and location, and enforcing DLP policies. 

Finally, the MVISION platform provides benefits that a single-point solution for one cloud service cannot satisfy. A single point for cloud control removes gaps in policy enforcement. Visibility into all cloud traffic allows MVISION to correlate activity occurring across multiple cloud services, identifying high-risk users and cloud-to-cloud threats. And MVISION offers integrations with on-premises security tools to extend existing security policies to the cloud and feed cloud threats into SIEM solutions. Consolidating all cloud security data in one tool is the best way to capture a holistic view of cloud risk, in a snapshot and as it changes over time. 

Moving to the cloud does not have to be a trade-off between business results and security. Improved security in the cloud is a reality for companies that have embraced a cloud-native security approach. Using MVISION Cloud for Dynamics 365 can make data safer than ever before while empowering business teams to become more efficient and dynamic.  

For more information or to test out MVISION Cloud for Dynamics please visit us at: 

About the Author

Thyaga Vasudevan

Thyaga Vasudevan is the VP of Product Management for the McAfee's Cloud Security Portfolio that comprises of McAfee's product offerings for SASE (Unified Cloud Edge), CASB (MVISION Cloud) and CNAPP (IaaS/PaaS). He is also responsible for all product management responsibilities for McAfee's Enterprise DLP (Host, Network and Discover) and Web Gateway (MWG) product lines. He ...

Read more posts from Thyaga Vasudevan

Categories: Cloud Security

Subscribe to McAfee Securing Tomorrow Blogs