Whether you have deployed Microsoft Dynamics SL in the cloud or on premises, data security is incredibly important, as recent news events have shown. Rob Curls has recently posted an article for MSDynamicsWorld listing his eight key components for any good data security plan. For details, see the article, but the list itself is as such:
- Classification of Critical Assets. Before a plan is developed to protect assets, they need to be reviewed and classified according to their risk, sensitivity, and compliance requirements. You also need to identify where to access and store assets.
- Physical Security. This includes building security measures like fences, gates, exterior lighting, video cameras, and electronic access controls, and for organizations with extremely sensitive data, it can include on-site security guards and a badge system for identifying employees, contractors, and visitors.
- Classification, Reporting, and Response. Have a clear plan in place for responding to a security incident.
- Change Management. Test to ensure that new systems or changes to existing systems don’t adversely affect security.
- Emergency Procedures. In an emergency it may be necessary to temporarily suspend your security measures.
- Documentation. A critical part of any security plan, documentation should be recorded and maintained according to your organization’s existing practices and / or industry regulations.
- Maintenance and Regular System Testing. Maintain not just your software security, but your physical security systems as well. Regularly test security.
- Sabotage Recognition and Reporting. Keep tabs on activities in your environment. As with disease, early detection and recognition of potential or actual sabotage events are critical. Monitor for things like a large volume of unauthorized access attempts, unauthorized people requesting information about operations or software, unauthorized physical presence, and repeated minor acts of vandalism.
