Microsoft Dynamics NAV, like most other ERP solutions, was originally developed for on-premise deployment. With these systems moving to the Cloud, key financial and business information is moving offsite, and it is only natural that organisations be concerned about the security of sensitive data.Cloud or On-Premise, which is more secure?
When deploying our software solutions as Cloud-based applications, Elysys makes use of Microsoft Azure datacenters to ensure the highest level of data security and maximum uptime.
By making use of Microsoft Azure, Elysys is able to provide businesses with top-notch data security and privacy built into their solution, through multiple safeguards that protect customer and enterprise data. These security practices and technologies include identity and access management, data encryption, secure networks, threat management and compliance with best practices in Cloud security.
Identity and Access Management
Azure Active Directory helps ensure that only authorized users can access your environments, data, and applications, and provides multi-factor authentication for highly secure sign-in.
SSL certificates are one of the ways by which Azure authenticates and secures data communication between company appliances (on-premise or mobile devices) and Cloud servers. An SSL, or public key certificate, usually just called a certificate, is a digitally-signed statement that binds the value of a public key to the identity of the company, device, or service that holds the corresponding private key. One of the main benefits of certificates is that hosts no longer have to maintain a set of passwords for individual subjects who need to be authenticated as a prerequisite to access. Instead, the host merely establishes trust in a certificate issuer. If something is wrong with the certificate, the connection will be rejected.
Once a certificate has been authenticated and connection has been established the system uses Windows Communication Foundation (WCF) transport-level security (TLS) over the TCP/IP protocol to encrypt the messages.
Microsoft Azure Data Encryption
Azure Cloud-based applications utilise industry-standard protocols to encrypt data as it travels between an organisation’s devices and Microsoft datacentres, and crosses within datacentres.
The encryption method used is so-called public-key cryptography, also known as asymmetric cryptography. This cryptographic algorithm requires two separate keys, one of which is secret (or private) and one of which is public. Although different, the two parts of this key pair are mathematically linked. The public key is used to encrypt messages, whereas the private key is used to decrypt ciphertext.
The public key is made public and available to everyone. If a person e.g. Bob wants to send an encrypted message to e.g. Alice, then Bob will use Alice’s public key to encrypt the message. As Alice is the only person that has the private key she is the only one who can encrypt the message.
One can think of encryption as locking something valuable into a box with two locks. With public key one can open first lock but not the second. With the private key, one can open the first and the second lock.
Microsoft Azure Secure Networks
Azure datacentre’s infrastructure is based on security practices and technologies that connect virtual machines (company PC’s, laptops, mobile devices) to each other and to on-premises datacentres, while blocking access to any device that does not pass authorisation checks. Azure Virtual Networks extend your organisation’s on-premises network to the Cloud by creating a site-to-site virtual private network (VPN).
Microsoft Azure services and virtual machines are protected from threats by employing multiple layers of constantly evolving safeguards:
Microsoft Azure Cloud services comply with international and industry-specific compliance standards and participate in rigorous third-party audits that verify their security controls. The service also boasts adoption of the world’s first code of practice for cloud privacy, ISO/IEC 27018.
From Challenge to Opportunity with Microsoft Dynamics NAV
Cloud-based software solutions create new challenges for the financial industry such as security risks associated with a particular Cloud-service and the underlying infrastructure that has been deployed. By making use of secure solutions such as Microsoft Azure’s Cloud-services, small to mid-sized financial organisations have access to all the benefits of Cloud, without compromising the security and privacy of their financial data.
Max has an educational background in Computer Science and Management Information Systems with over 20 years of experience in the software industry including the past 10 years at Elysys. Prior to joining Elysys, Max was MIS Manager at Sonatest PLC, UK where he spent 8 years after starting his career as a software design engineer at BNFL Sellafield.