Customer Engagement & Dynamics CRM Forum

Expand all | Collapse all

securing certain fields

  • 1.  securing certain fields

    GOLD CONTRIBUTOR
    Posted Apr 03, 2020 11:10 AM
    Starting with an 'open' D365 system in that all users are in one Org, one Business Unit and there are no limitations on users viewing records, would Field Level Security (FLS)  be the most efficient/effective way to secure a subset of fields on several different entities?


    For example, let's say we want to restrict access to

    • 10  fields in 1-2 entities
    • Or maybe 10-25 fields or more across several entities
    • an entire tab of fields on one or more forms
    Restricting access means locking out some users from viewing the data, even via advanced find.

    I presume field level security would be the appropriate approach for a small number of fields.  Does it scale to 10, 25 or 50 fields or do you consider a different approach as more fields need to be protected from certain users?  if anyone has developed a more creative way to handle this scenario, please share!

     



    ------------------------------
    John Cisek
    Director, Operations
    Family Office Exchange
    Chicago IL
    ------------------------------
    Academy - Online Interactive Learning from Experts


  • 2.  RE: securing certain fields

    TOP CONTRIBUTOR
    Posted Apr 06, 2020 04:21 PM
    John - I think field level security would likely be your best option.  Any other ideas I can think of wouldn't prevent a savvy user from being able to see things in advanced find unless those field weren't available for advanced find.  I have field level security profiles with 30 fields and it seems to work fine no matter how many you have.

    ------------------------------
    Jill Vazquez
    Technical Specialist - CRM
    Bioventus, LLC
    Durham NC
    ------------------------------

    Academy - Online Interactive Learning from Experts


  • 3.  RE: securing certain fields

    SILVER CONTRIBUTOR
    Posted Apr 06, 2020 06:46 PM
    Hi John,

    You are on the right track. Just group the restricted users in a Team so you only need to set a team in the Field Level Security Profile. In case you need to add or remove users from it, you don't need to modify the Field Level Security. Just manage the users in the Team.

    ------------------------------
    Lyrio Amurao
    Technical Consultant
    North York
    ------------------------------

    Academy - Online Interactive Learning from Experts


If you've found this thread useful, dive deeper into User Group community content by role