Application Security Aligned with your Business
In earlier versions, administrators created their own user groups and manually assigned users to those groups. In Microsoft Dynamics 365 for Finance and Operations, security is role-based, and many security roles and duties are provided to help base security definitions. Using role-based security, users are assigned to roles, based on their responsibilities in the organization and their participation in business processes. Instead of identifying and granting access to application elements, the administrator assigns duties which users in the role perform. Because rules can be set up for automatic role assignment, the administrator does not have to be involved every time a user's responsibilities change. After security roles and rules are set up, role assignments are updated based on changes in business data.
In Microsoft Dynamics 365 for Finance and Operations, a single set of roles applies across all companies and organizations. The administrator no longer has to create and maintain separate user groups for each company, as was the case in earlier versions. Even though roles themselves are not specific to a company or organization, the administrator can still specify a company or organization context for a particular user in a role.
MSDN Reference Link: Security architecture