How do you protect your data?
Do you use the import function in your Dynamics environment? Is it on the standard security role for your users?
I was recently speaking with a customer about how they have restricted security roles on their Dynamics environment. They consciously made the decision to remove ‘delete’ from their standard users’ permissions to minimise risk and protect data. We then asked them if they were restricting import and received the answer, ‘no, why?’
Have you ever had a shared Excel file where people have either deleted information or re-sorted a single column (but, not a table) so that none of your data makes sense? Unfortunately, done wrong, the same thing can also happen when using import within Dynamics.
In any of the views, if you click on the downward arrow next to ‘Export from Excel’, you have the option to open in Excel online. What you are actually doing is opening an online version of Excel with the functionality to import any changes as they are made.
The screen below shows you the format that allows you to view and manipulate data. From this screen, we can add information into a cell, delete information from a cell, or, add in new rows.
As soon as you click on ‘save’, the system will try to update your Dynamics environment.
Let’s imagine that the email column had been populated when we exported the screen, and before we clicked ‘save’, the entire column of data was removed.
You are now submitting your data changes. This means all of the records on this export will no longer have an email address for the contact. Has this made you think again about giving people the ability to import?
Is the ability to import data a risky permission to give to your employees like deleting? Or, do you think it is safe for everyone to have without training?
Making it safe
Most things in Dynamics are customisable to you. Thankfully, it is fairly easy to take the ability to import away from your employees. However, you do not remove it on table / entity level (i.e. contacts) – you’re doing it for the entirety of your Dynamics environment.
Has this made you think about how importing works in your organisation? The main thing to remember is, if you understand the ramifications of doing something, you have all the information to make a calculated risk that you need. Within our organisation, we all have the ability to import, but, hopefully, we all understand the risks to doing so to use it safely.