Creating Better Access and Security with Microsoft 365
In 1992, CertaPro Painters® began with the vision of making residential and commercial painting services easier and more convenient for homeowners and business owners. From the beginning, its promise has been that of certainty, quality, and expertise. Today, CertaPro Painters has more than 350 locally owned and operated franchises, all of whom offer a quality experience at competitive prices.
Challenges
CertaPro Painters® in Audubon, PA serves as the headquarters for the 350+ locally owned and operated franchises throughout North America. To support operations, manage communications, and offer information and resources, headquarters utilizes Microsoft’s ecosystem of products. Franchisees are accustomed to using Dynamics 365 and SharePoint to access materials from headquarters.
As is the case with cloud technology, Microsoft continuously pushes updates and patches out to its software. One such update had CertaPro scrambling.
Unbeknownst to most its users, the security and entitlements set up and managed in Dynamics 365 did not carry over into SharePoint. So, if a franchisee was in Dynamics 365 they would only see information meant for them and specific to their franchise. However, if they followed links from Dynamics into SharePoint, then they could (unintentionally or inadvertently) see and edit information for other franchises and across the entire CertaPro enterprise. CertaPro was aware of this issue and working towards a solution behind the scenes.
The software update foreshadowed above to Dynamics 365 caused SharePoint links to be featured more prominently on the screen — making it more likely that a franchisee would click to enter SharePoint and potentially access privileged information. To address this more pressing security and data privacy concern, CertaPro reached out to Weidenhammer.
Solutions
Weidenhammer agreed to create a seamless solution that was quick, occurred in real time and would reside at the enterprise level instead of the franchise-level. The first step was to conduct a thorough review of the security and site settings set up in SharePoint and Dynamics 365. Once we understood the parameters of the existing security gap, we could develop a custom solution through Microsoft’s Power Automate. This would ensure that when changes were made in the Dynamics environment, the flow would be automatically triggered to configure permissions on the SharePoint document library.
We also needed to remediate the current folder permissions to make sure that privileged information went to the designated source and wasn’t accessible to anyone and everyone. To do so, we created a flow that automatically would set each folder’s permissions within Dynamics 365 for the appropriate user(s). It also had the benefit of saving CertaPro significant time, as they would not have to have an administrator set permissions in SharePoint for each individual franchise — it could all be managed in Dynamics.
By setting up custom flows through Microsoft’s Power Automate, we could address the security gap while also ensuring a secure environment for the addition of new documents.
Results
CertaPro no longer needs to worry about franchisees accessing information not relevant or pertinent to them. Through the Power Automate solution, Weidenhammer ensured that franchisees could only access the documents specific to their franchise within their franchise’s Microsoft 365 environment. The automation also ensures that any access changes to the franchise’s users or folders are reflected in SharePoint in real time. This solution is also scalable and extends to other applications in CertaPro’s Microsoft 365 environment – so, for example as the organization rolls out reports and dashboards in Power BI, they can rest assured that users will only see information intended for them.
Another benefit of implementing the automated solution meant that it cut down the amount of administrative time it takes to onboard new franchises. Instead of needing to configure individual permissions within SharePoint, administrators can set up all the relevant storage locations, access points, and users within Dynamics 365. This has the benefit of ensuring that the process remains streamlined, as does the individual access to enterprise systems.
