Secure and manage Dynamics 365 for phones and tablets
Applies To: Dynamics 365 (online), Dynamics 365 (on-premises), Dynamics CRM 2016, Dynamics CRM Online
Note
The information provided here is for versions of Dynamics 365 prior to Dynamics 365 (online), version 9.0. For the latest documentation, see Overview of securing and managing Dynamics 365 for phones and tablets.
You can secure and manage Microsoft Dynamics 365 for phones and Microsoft Dynamics 365 for tablets with the following technologies:
Microsoft Intune. You can use Microsoft Intune to manage Dynamics 365 for phones and Dynamics 365 for tablets on Apple and Android tablets and phones. Intune provides mobile device management, mobile application management, and PC management capabilities from the cloud. Using Intune, you can provide your users with access to corporate applications, data, and resources from virtually anywhere on almost any device, while helping to keep corporate information secure.
Important
This feature was introduced in CRM Online 2016 Update.
Microsoft Dynamics 365 for Good. Microsoft Dynamics 365 for Good, integrated with Good Dynamics, protects your Dynamics 365 data even if your users lose or leave their mobile devices somewhere. For example, if someone leaves their device in a taxi cab and can’t get it back right away, Dynamics 365 data is protected by Good encryption. If someone loses their device entirely, all they have to do is notify you so you can remotely wipe Microsoft Dynamics 365 for Good data from their device.
Important
This feature was introduced in CRM Online 2015 Update and CRM 2015 (on-premises).
Interested in getting this feature? Find your CRM administrator or support person.
Manage Dynamics 365 on mobile devices with Microsoft Intune
If your organization is set up with Intune, you can use it to manage the Dynamics 365 for phones and tablets apps on Apple, Android, and Windows 10 tablets and phones. Intune manages encryption at the device level, as well as app-to-app communications. With Intune, you can selectively wipe managed apps and related data on devices that are unenrolled, no longer compliant, lost, stolen, or retired from use.
With CRM Online 2016 Update 1, you can use Intune mobile application management (MAM) to manage Dynamics 365 mobile applications for Apple and Android without enrolling the device. This protects company data in Dynamics 365 without requiring you to enroll and deeply manage the end user's entire device. This is particularly useful for bring-your-own-device (BYOD) scenarios where end users don’t want to or can’t enroll their devices for IT management. This capability is also useful if a device is already enrolled in another mobile application management solution.
More information
For more information about getting and using Intune, see:
Set up conditional access to Dynamics 365 (online)
You can use System Center Configuration Manager conditional access to manage access to Dynamics 365 from mobile devices based on conditions you specify. For more information about setting up conditional access, see Conditional Access in Configuration Manager.
Note
To use conditional access, you must have an Azure Active Directory premium subscription.
Important
This feature was introduced in CRM Online 2016 Update 1 and CRM 2016 Service Pack 1 (on-premises).
Secure Dynamics 365 on mobile devices with Microsoft Dynamics 365 for Good
Microsoft Dynamics 365 for Good is a special version of Dynamics 365 for tablets that works with the Good Technology mobile security platform. Microsoft Dynamics 365 for Good is currently supported for Apple iPad and Apple iPhone running iOS 7 or later. To use Microsoft Dynamics 365 for Good, you must have Good Dynamics server software and services from Good Technology.
Prepare to use Dynamics 365 for Good
Your organization should have services set up with Good Technology. Then follow the common directions for configuring Dynamics 365 for tablets in Set up Dynamics 365 for phones and Dynamics 365 for tablets.
In addition, the Good Dynamics admin should do the following:
Within the Good Control server, authorize the Microsoft Dynamics 365 for Good app for mobile users.
Within the Good Control server, add connection URLs to the allowed list. Any domain that the app needs to access for connection or content must be in the Allowed Domains list.
If you are using an on-premises deployment, see Configure a Microsoft Dynamics 365 Internet-facing deployment.
Send users the email address and access key they will need to set up the app, or set up another secured application to act as an authentication delegate.
What users need to do
Users should update to the latest version of the Dynamics 365 for Good application. On the Apple App store, the latest version is 1.1. On the Good Dynamics Marketplace or Good Control Console, the latest version is listed as 1.1.0.
Direct your users to Secure your mobile data with Microsoft Dynamics 365 for Good
Install Dynamics 365 for Good
The app is listed in the Good Dynamics Marketplace and can be downloaded from the Apple App Store.
Supported languages for Dynamics 365 for Good
Dynamics 365 for Good supports the same languages as Dynamics 365 for tablets. However, when users are viewing Good Dynamics pages, only the following languages are supported:
Dutch - 1043
English - 1033
French - 1036
German - 1031
Italian - 1040
Spanish - 3082
While viewing Good Dynamics pages, if you’re not using one of the languages listed, the screens will be in English.
Things to know about Dynamics 365 for Good
Requires Microsoft Dynamics CRM 2015 or later. Connecting to earlier versions is not a supported secure configuration.
The Dynamics 365 for Good Apple app requires Microsoft Dynamics CRM Online 2015 Update 1 or later or Microsoft Dynamics 365 on-premises when running on an iPhone.
Microsoft Dynamics 365 on-premises version requires an Internet-facing deployment to use this application.
There are multiple policies Good Dynamics administrators set to control data sharing between apps on the mobile device.
Prevent click-to-call: Prevents users from initiating a phone call from within the Dynamics 365 for Good app.
Prevent click for mapping: Prevents users from opening an address in the mobile device's native maps application.
Prevent opening OneNote: Prevents users from opening Microsoft OneNote notebooks from external sources from within the Dynamics 365 for Good app.
Prevent opening Word: Prevents users from opening Word files from external sources within the Dynamics 365 for Good app.
Prevent opening Excel: Prevents users from opening Microsoft Excel files from external sources from within the Dynamics 365 for Good app.
Prevent opening PowerPoint: Prevents users from opening Microsoft PowerPoint files from external sources from within the Dynamics 365 for Good app.
Require a secure browser for opening URLs: Enable to ensure browser windows launched from the Dynamics 365 for Good app use a secure browser application.
.jpeg "System_CAPS_security")
Security NoteThe policies for preventing opening Microsoft OneNote, Word, Microsoft Excel, and Microsoft PowerPoint files block opening these files on external sources such as Microsoft SharePoint, OneDrive for Business, and Office 365 Groups. These policies don’t apply to items attached to notes in Dynamics 365 or when exporting to Microsoft Excel, Microsoft Excel templates, and Word templates. These files download to Good-compliant encrypted file stores and require a Good-compliant application for viewing.
Enable the Prevent Data Leakage setting in the Security Policies tab to cover other situations including using a secure app for email, and handling of copy/paste scenarios.
.jpeg "Enable to prevent data leakage in Dynamics 365")
All data stored on the client when using Dynamics 365 for Good is encrypted using Good Dynamics APIs.
Remote wipe is available and will not affect non-secured apps leaving personal apps and information untouched.
Contact Good Technology regarding the specific support that can be provided with your suite/pricing, as well as the correct server setup for your needs and situation.
More information
For more information, see:
© 2017 Microsoft. All rights reserved. Copyright