Security in Business Central SaaS: A Comprehensive Overview

In recent years, Cloud ERPs like Business Central Software as a Service (SaaS) have gained immense popularity due to their enhanced flexibility and heightened security measures. These cloud-based solutions not only provide the freedom to work from any location but also offer robust security features.  

With a staggering 43% of cyber-attacks targeting small and medium-sized enterprises, it’s vital to protect the information held within your business for both your organisation and your customers. Effective security measures include setting appropriate user permissions, password protocols (like changing your password every 90 days) and employing top of the range antivirus software. Without these measures, the security of solutions like Business Central could be compromised.  

Understanding the Security of Business Central SaaS  

Business Central, a product of Microsoft, is subject to the rigorous standards outlined in Microsoft’s Modern Life Cycle Policy. This ensures a steady stream of updates, including major ones every six months, enhancing the platform’s security and functionality. The platform also employs ‘application security’ measures to bolster its security, irrespective of the hosting environment. The security approach within Business Central SaaS is layered and encompasses critical elements:  

1. Authentication: Verification of user identity is a prerequisite before granting access to your Business Central account.  
2. Authorisation: Post authentication, specific permissions are granted for accessing pages, reports, and other functionalities.  
3. Auditing: Business Central boasts comprehensive auditing features, facilitating the monitoring of logins, permissions, data modifications, and more.  
4. Data Encryption: Data on the Business Central server is securely managed through the generation or import of encryption keys.  
5. Security Development Lifecycle (SDL): This approach integrates security compliance and necessary requirements into the software development process, aiding in building secure software.  

Ensuring Data Security in Business Central  

Microsoft actively contributes to the online security of Business Central by employing robust authentication and encryption methods. Business Central uses Azure AD for authentication, automatically set up and managed for users. This authentication is further strengthened through Transparent Data Encryption (TDE). TDE is also extended to all backups, and encryption protocols secure all network traffic within the service.  

Data backups play a pivotal role in ensuring data security. When utilising Business Central SaaS, it is deployed in a Microsoft Azure data centre. Within the data centre, backups occur weekly (full database backups), hourly (differential database backups), and every five minutes (transaction log backups). These backups are retained for a period of two weeks.  

Summary  

Business Central SaaS ensures not only the convenience of cloud-based operations but also a strong security infrastructure. Microsoft’s security measures, regular updates, and a holistic approach to data security make Business Central SaaS a secure and reliable choice for businesses of all sizes. The emphasis on authentication, encryption, and comprehensive backups further underlines its commitment to safeguarding critical business data and operations.