Are your Microsoft Dynamics authorisations GDPR-proof?
It’s been clear for several months now that the new GDPR legislation has an enormous impact on businesses and the way they handle information. After thorough preparations and the necessary actions, May 25th was the day the new law took effect. Do you have everything organised in accordance with this complex piece of legislation? Have you gone through all the basic steps described in our previous blog?
The influence of GDPR on Dynamics
If you work with Microsoft Dynamics, you know it’s used to register the personal information of clients, suppliers and employees. Typically, this information can be accessed by a significant number of employees. And that is not a problem, as long as they all meet GDPR requirements. Even an employee who only looks at the data has to meet the requirements.
Why do a Dynamics authorisation scan?
The consequences can be severe when it turns out you aren’t as GDPR-proof as you had thought. That is why we offer you complete insight with our Dynamics Authorisation scan, to prevent any unpleasant surprises coming your way. We investigate the authorisation structure within Dynamics:
- Which Dynamics roles have access to personal information?
- Which uses have these roles got?
- Do these uses really require access to this information?
We process this scan into an interactive Power BI-dashboard. This gives you a complete overview of all employees and their access to personal information. This dashboard provides the insight that the GDPR legislation requires.
From insight to GDPR-proof
But gaining insight alone is not enough. You have to be sure that employees with access to this information actually need that access. That is why our final report includes tips for improvements and subsequent steps.
We encourage you to start a conversation within the company using this information and to make your employees aware of this law and its consequences. And when it turns out some of your employees don’t require (full) access to personal information, after all, you can limit this based on the authorisation scan. Would you like some assistance in implementing the right actions and improving the authorisations? Mprise is happy to help.