Security Best Practices
The following guidelines will help you create a secure Microsoft CRM system that protects your business data:
- Require that all users use strong passwords for their accounts. Refer your users to the topic "Creating Strong Passwords" in Windows 2000 help.
- Have an approved security data plan in place for the organization's Microsoft CRM implementation.
- When setting up Microsoft CRM, divide your organization into business units that match the organizational structure, so that it is easy to restrict access based on roles.
- Assign all users roles with the minimum access levels and access rights required for them to do their jobs.
- Do not create accounts, such as Sales or Service, that multiple employees would use.
- If a user needs additional access levels or rights, create a new role with those specific privileges and add the user to the new role. A user's rights are the union of all the roles to which he or she has been assigned. Don't grant the original role privileges that are needed only by one or a few members.
- When appropriate, use sharing to give specific users specific rights on individual objects, rather than broader privileges on all objects of a given type.
- Use teams to create cross-functional groups, so that specific objects can be shared with the team.
- Train users who have sharing access rights to share the minimum information needed.