web
You’re offline. This is a read only version of the page.
close
Skip to main content

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Microsoft Dynamics CRM (Archived) / Dynamics 365 On Premis...
Microsoft Dynamics CRM (Archived)

Dynamics 365 On Premise Security Assessment

(0) ShareShare
ReportReport
Posted on by Community Member

Good Morning!

In order to fulfil a security assessment prior to deployment of a Dynamics 2016/365 On Premise solution, I am looking for documentation in that will help satisfy the following questions;

- Has the Dynamics 365 On Premise solution been independently assessed by a 3rd party to provide assurance that solution (including the code) is secure?

- If so, could we review the report?

- How often is the solution independently assessed?

- Is the Dynamics 365 On Premise regularly patched for vulnerabilities?

- Please provide evidence to support this.

Can you please assist me locate the relevant documentation for the Dynamics 365 On Premise?

Thanks in advance.

George

*This post is locked for comments

I have the same question (0)
  • Suggested answer
    ScottDurow Profile Picture
    ScottDurow 21 on at

    Hi, Dynamics is built using the software development lifecycle for security - www.microsoft.com/.../default.aspx as stated by the trust centre www.microsoft.com/.../Dynamics365

    Since on prem and online share a common code base you can be assured that it is secure based on the accreditations listed in the trust centre.

    On prem deployments will be considerably influenced by local security policies of course.

    Patches are released via windows update every few months.

  • Community Member Profile Picture
    Community Member on at

    Hi Scott,

    Thank you very much for taking the time to reply.

    That is how I understand it as well. The issue is that we are unable to find any documentation from Microsoft that state that in regards to the On Premise products sharing a code base. I've heard the statement from speakers many times myself at TechEd and Ignite, but I am struggling to find a document from Microsoft that actually confirms this.

    The Microsoft Trust Center appears to deal purely with Microsoft Cloud services, and without a clear indication of the shared code base its use is limited.

    Our security team is happy with our plans for securing the solution.

    I'm going to provide this page, support.microsoft.com/.../microsoft-dynamics-crm-online-releases as evidence of the regular patching.

    So I'm still missing the key documentation in regards to code review\audit of the on premise software. Without this it is unlikely that our security team would approve the deployment of the product.

    Thanks again for your help.

    George Coburn

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Introducing the 2026 Season 1 community Super Users

Congratulations to our 2026 Super Stars!

Meet the Microsoft Dynamics 365 Contact Center Champions

We are thrilled to have these Champions in our Community!

Congratulations to the March Top 10 Community Leaders

These are the community rock stars!

Leaderboard > 🔒一 Microsoft Dynamics CRM (Archived)

Last 30 days Overall leaderboard

Featured topics

Product updates

Dynamics 365 release plans