Design Pattern: Security – SSL in Dynamics NAV



Context: The security of data transmission is just as important as the security of data storage. When data is transmitted over the web, Secure Sockets Layer (SSL) is available to be used with the web client in Dynamics NAV. Microsoft’s NAV cloud solution has SSL enabled by default. However, if a partner company chooses to deploy their own NAV, then they need to handle SSL explicitly.

Problem: Although data is stored securely, before it even gets to be stored, it needs to travel the web on a client-server connection, where it is vulnerable.

Forces:

  • Insecure communication: When the user enters a password, if unprotected, a network sniffer [12] could catch and read it. A sniffer is either a software program or hardware device which examine network traffic. Years ago, sniffers were tools used exclusively by professional network engineers, but nowadays, they are also popular with Internet hackers and people just curious about networking. A public Wi-Fi network could easily be eavesdropped by an unwanted actor.

By using data storage patterns like Sensitive Data Encapsulation, Encryption, Single Point of Access or Azure Key Vault, the sensitive data is preserved securely in the implementation of Dynamics NAV. But before it gets into a secure store, this data needs to be transmitted from the user, through a user interface, on a client-server connection and all the way to the database. Is the data safe while being transmitted?

Solution: To protect the data before it reaches the server, remember to configure SSL (Secure Sockets Layer) in Dynamics NAV.

 

Figure 1 – Data transmission before (http://…) and after SSL encryption (https://…).

 

Read more on NAV Design Patterns wiki site…

By Bogdana Botez at Microsoft Development Center Copenhagen

Comments (3)

  1. Mohana says:

    Read more link is pointing to “Create Data from Template”

  2. Widmer says:

    still Wrong link under “read more”..

  3. bogdanabotez says:

    Thanks for pointing it out and sorry for the late answer! I cannot update it myself, but I’ve pointed it out to our publisher and it will be updated soon.