Hierarchy Security

Hierarchy Security in Dynamics 365 Customer Engagement (CE) is an advanced access model that allows managers and executives to gain visibility into records owned by users lower in the organizational hierarchy - without relying on manual record sharing or overly broad Security Roles.

It provides a dynamic, scalable way to support real-world management scenarios where leaders need oversight of their teams’ data.

Why Hierarchy Security?

While Business Units and Security Roles provide strong boundaries for data access, they do not natively support common management requirements, such as:

• A Sales Manager needing to view Opportunities owned by their Sales Reps.

• A Customer Service Supervisor wanting to monitor open Cases owned by their team.

• A VP of Sales reviewing pipeline data across the entire reporting chain.

Without Hierarchy Security, organizations often resort to:

• Granting Organization-wide access (too broad, high risk).

• Manual record sharing (difficult to maintain and audit).

• Complex Team structures (hard to scale).

Hierarchy Security solves these problems by providing automatic visibility based on the organizational structure.

Types of Hierarchy Security

Dynamics 365 CE supports two models of Hierarchy Security:

Manager Hierarchy

• Based on the Manager field in the User profile (synchronized from Azure AD or set manually in Dynamics 365).

• Simple to implement and maintain.

• Best suited for small to medium organizations with flat or moderately deep structures.

Position Hierarchy

• Based on a customizable Position hierarchy that you define in Dynamics 365.

• More flexible and scalable - supports complex or matrixed organizations.

• Positions are linked to users and arranged in a hierarchy tree (Position → Parent Position).

Key difference:

Manager Hierarchy depends on user-to-user relationships; Position Hierarchy is more abstract and can represent functional or dotted-line reporting structures.

How Hierarchy Security Works

When enabled:

• Managers (or users in higher Positions) automatically gain access to records owned by users lower in the hierarchy.

• Access is granted based on the user’s existing Security Role privileges:

• Access can be limited by Hierarchy Depth:

• Supported entities:

Typical Use Cases

Sales Management:

Regional Sales Managers can review their team’s Opportunities, Accounts, and Activities - without requiring Organization-wide access.

Customer Service Oversight:

Supervisors can monitor Cases being handled by their agents, escalating or reassigning where needed.

Executive Reporting:

Leadership can access team data in dashboards and reports without manual sharing or excessive privileges.

Cross-functional Leadership:

In matrixed organizations, Position Hierarchy allows functional leaders to view relevant data across multiple BUs.

Key Considerations

• Hierarchy Security is additive:

• Depth configuration is critical:

• Manager Hierarchy is easy to set up but less flexible:

• Works well in combination with:

Common Pitfalls

• Granting overly deep hierarchy access - exposing too much data.

• Relying on Manager Hierarchy when Positions would be a better fit.

• Not keeping Manager or Position data clean - resulting in broken hierarchy chains.

• Assuming Hierarchy Security grants full access - it always respects Security Role privileges.

Best Practices

Use Position Hierarchy for enterprise-scale or complex organizational structures.

Use Manager Hierarchy for simple reporting structures or rapid deployment.

Keep hierarchy data clean - automate updates from HR systems where possible.

Regularly audit Hierarchy Security to ensure it reflects current business needs.

Configure Hierarchy Depth conservatively - start shallow and expand only as needed.

Combine Hierarchy Security with proper Security Role design - don’t use it to "patch" poor role models.

Summary

Hierarchy Security in Dynamics 365 CE is a powerful tool to enable managerial visibility and oversight without undermining the core security model.

By leveraging Manager or Position hierarchies, organizations can reduce the need for manual record sharing, maintain clean Security Role designs, and support dynamic access aligned with real-world business structures.

When thoughtfully implemented, Hierarchy Security greatly enhances both user experience and governance - helping Dynamics 365 scale with the organization’s growth and complexity.