locked
CRM 4.0 Remote User Security Questions RRS feed

  • Question

  •  

    How are you guys managing the remote user security ?

    Do you use http or https ?

    I used a basic role, CSR, and removed the ability to delete records,

    I also removed the ability to use excel, print or bulk email.

    Is there anything else i should do to protect my data ?

    Thanks  

    Friday, December 19, 2008 1:30 PM

All replies

  • We implement a CRM IFD deployment with a valid SSL certificate (usually from GoDaddy.com).

     

    We ideally only give people the ability to create, edit and delete records for the required entities only.

     

    I cannot stress how important it is for the users to set very strong domain passwords with or without CRM access (obviously I stress more if CRM is involved due to the sensitive data in the system).

     

    So, it's now up to your users basically. Set the Active Directory Passwords to expire every say 15days or something.

    Monday, December 22, 2008 8:47 AM