Security is a top priority for Microsoft and Business Central. The product is developed and operated with a security-first approach. Microsoft conducts regular internal penetration testing and runs a public security bounty program to identify and fix vulnerabilities before they can be exploited.
A robust security system is essential for protecting your database and the information it contains. Business Central helps you control unauthorized access and specify what authenticated users can do, such as what data they can read and modify.
Key security capabilities
Business Central provides comprehensive security features organized into five key areas:
Authentication and identity
- Microsoft Entra ID integration for centralized identity management
- Multifactor authentication (MFA) for enhanced sign-in security
- Modern authentication methods support
Access control and permissions
- Granular user permission controls and role-based access control (RBAC)
- Database-level access controls for data operations
- Fine-tuned permissions for specific business scenarios
Data protection
- Enterprise-grade encryption at rest and in transit
- Secure credential management
- Built-in protections for sensitive business data
Network security
- Azure security service tags for IP-based network segmentation and access control
- Enterprise-grade encryption of network traffic
Security operations
- Continuous security monitoring and updates (by Microsoft)
- Regular vulnerability assessments and remediation (by Microsoft)
- Compliance with industry security standards (by Microsoft)
- Audit logging and activity tracking for compliance (by partner/customer/auditor)
Security resources
The following articles provide detailed guidance on implementing and managing security in Business Central: