Small and medium business | Business Central, N...

Does NAV 2018 ever require security updates

(0) Share

Report

Posted on by Lee Evans EXAIR

Hello everyone,

Our organization is relatively new to NAV and we'd like to know more about routine updates, especially those concerning system security. We've been told that NAV does not have any security updates, but this is quite different from any other MS product we use, so I'd like to confirm with other users what they've found to be a best practice.

I believe there are monthly application/platform fixes which are released, but it is not necessary to utilize these updates unless they apply to a specific problem/issue currently being experienced. This makes sense, but it does not make sense to never update NAV, especially with regards to any security flaws which may come to light over time.

What have you all found to be the best practice regarding updating NAV 2018?

Thank you,

Lee

I have the same question (0)

All responses (5)

Answers (0)

Suggested answer

JAngle 150 on at

Like (1)

Report
Copy link

Link copied!

Hi Lee

The platform fixes may have security related coverage for very specific things. In the main though NAV2018 is an on-premise solution so it will harness the security that is wrapped around it from a server perspective. If you are using VPN to enable remote users to login that again is outside of NAV's remit.

Exposing NAV externally with web services such as ODATA or SOAP is worth reviewing but again this stems back to how you enable users to engage with this service through your firewall.

Lastly NAV uses a SQL back end to in essence, like any database sat in SQL, you need to draw on security patches directly with SQL.

NAV is not a dependency when it comes to this topic. It is wrapped in security from elsewhere.

Thanks, Josh

Was this reply helpful? Yes No
Suggested answer

THE Italian Microsoft Employee on at

Like (1)

Report
Copy link

Link copied!

It is correct that very rarely NAV have a security leak.

The vast majority of bug fixes are in the platform and application area.

The best practice is to always be on the latest application and build number. If you cannot make it to go the latest within a monthly frequency (like its equivalent, Dynamics 365 Business Central, does) then at least you have to orchestrate with your partner to deploy both platform and application hotfixes every X months (e.g. every 4 months - 3 times per year), depending on a vast plethora of factors such as the customizations in place, it's 24/7 business, etc.

Your partner should have the pulse of your business and orchestrate what's best for you in terms of updating your ERP.

Was this reply helpful? Yes No
Lee Evans EXAIR 5 on at

Like (1)

Report
Copy link

Link copied!

This is very helpful - thank you, Josh!

Was this reply helpful? Yes No
Lee Evans EXAIR 5 on at

Like (0)

Report
Copy link

Link copied!

This makes sense, and is the guidance we were looking for. Thank you, Duilio!

Was this reply helpful? Yes No
Community Member on at

Like (1)

Report
Copy link

Link copied!

The platform fixes may have security related coverage for very specific things. In the main though NAV2018 is an on-premise solution so it will harness the security that is wrapped around it from a server perspective. If you are using VPN to enable remote users to login that again is outside of NAV's remit.

You're right on that one, if we talk about security patches - we should talk about what exact specific thing we're talking about, and how it's gonna affect on the whole platform.

Was this reply helpful? Yes No