Hijacked website domains – keep control of your content

July 9th, 2020 by Stephen Jones No comments »

An oversight has long plagued Azure-hosted sites. It was recently reported that 240 website subdomains belonging to organizations large and small, were hijacked to redirect netizens to malware, X-rated material, online gambling, and other unexpected content. All due to the way they were hosted in Microsoft’s Azure cloud. Those organisations include: Chevron, the Red Cross, UNESCO, 3M, Getty Images, Hawaiian Airlines, Arm, Warner Brothers, Honeywell, Autodesk, Toshiba, Xerox, the NHS, Siemens, Volvo, Clear Channel, Total, and more. Microsoft itself accidentally allowed some of its own long-forgotten subdomains to slip into the hands of spammers. It’s not that these organizations were hacked; they rented a corner of the internet, added their logo and name, and when they no longer needed that space, they emptied it but left the door open for others to enter and run a casino or a porno store at the same address under the same brand.

Xerox found that one of its subdomains, advanced.core.freeflow.xerox.com, was commandeered to host pages linking to websites advertising escorts, kitchenware, oil paintings, and more, in the hope that the reputation of xerox.com would boost the linked-to sites in web search engine rankings. At one point advanced.core.freeflow.xerox.com was hosted in the Microsoft cloud on a server named something along the lines of webserver9000.azurewebsites.net, chosen by Xerox’s IT admins. When whatever was living at advanced.core.freeflow.xerox.com was no longer needed, Xerox would have spun down webserver9000.azurewebsites.net, releasing it for others to use. The point is that advanced.core.freeflow.xerox.com still pointed to webserver9000.azurewebsites.net, so when someone else came along and spun up a virtual server using that hostname, they could control the content of advanced.core.freeflow.xerox.com.

This is doubly embarrassing for Xerox, because the Maze ransomware team also claims to have infiltrated the tech giant’s network and exfiltrated gigabytes of internal data, which will be leaked unless the extortionists are paid off.

The latest list of hijacked subdomains was drawn up by Zach Edwards, who reported the URLs at the end of June to Microsoft as well as the affected organizations,. He said he earlier reported two to three dozen commandeered government and university subdomains as a priority.

Many of these subdomain takeovers appear to be by a single group that has been active for years. Some pages redirect to malware, some redirect to porn or casinos or other potential clients that pay them for inbound links, some direct to malicious chrome extensions, or cracked software.

Crooks try to hide their presence once they’ve hijacked a subdomain, by making the root URL show a 404 or “coming soon” message. Further down the directory tree, however, are potentially thousands of files containing everything from malicious redirects through affiliate links to pages designed to trick people into installing malware to links to blogs and seedy sites to boost their rankings.

At the end of last month, Microsoft published a support article explaining to customers how to avoid losing control of their subdomain content.

IPaaS – Snaplogic for rapid integration – ask Synergy Software Systems

July 1st, 2020 by Stephen Jones No comments »

Forrester TEI Report – contact us for a copy. Learn how Box easily integrated 30 apps and saved $1M

the latest additions to a growing liwt of awards.

Oman launches tax card from July 1

June 29th, 2020 by Stephen Jones No comments »

The Oman Tax Authority will launch a new tax card system from July 1, which will be the proof of the registration for any taxpayer from the tax Authority. The card will be issued for RO 10.

All ministries, public authorities and institutions, and companies, which has more than 40 percent holding by the state must request the taxpayer to submit a copy of the tax card when issuing any contracts, or directly undertaking any transaction with the taxpayer. The chairman of the Oman Tax Authority may impose a fine in the event of failure to obtain the tax card.

Every taxpayer must apply to obtain the tax card when initiating the incorporation or licensing procedures for practicing the activity or registration in the commercial or Industrial registry and shall request for renewal upon the end of the validity of the card.

The Tax card will replace the tax certificate currently in use at the Authority that is required by some government authorities, except in cases where the tax certificate Is requested for the purposes of canceling a commercial registry. dissolution, merging. or liquidation of any company.

KSA to add VAT on on-line purchases

June 29th, 2020 by Stephen Jones No comments »

Saudi Arabia announced it will levy 15 percent value added tax (VAT) on items bought from online sellers and online stores based abroad. The Saudi customs authority said on Sunday (June 28) the new rule will be applicable to all products shipped to the kingdom on or after July 1. Saudi Arabia is tripling its VAT from 5 percent to 15 percent starting on July 1. It will also suspend the cost of living allowance to its citizens on July 1.

The online order placed before June 30, 2020 is delivered to the buyer after June 30, then 15 per cent VAT will apply on the selling transaction, whereas the seller should issue an additional tax invoice pertaining to the difference of the applicable tax due. E-commerce companies should ensure to collect additional 10 per cent from the buyer if the products will be delivered to the buyer on or after July 1, 2020 because they have to pay 15 per cent VAT at the time of custom clearance of the goods.

With the implementation of VAT on online selling, e-commerce companies are expected to collect additional fees from buyers if products are delivered to Saudi Arabia.

The kingdom will also suspend cost of living allowance from next month in order to shore up state finances, which have been battered by low oil prices and the coronavirus. The revised higher VAT rates will be applicable to all supplies of taxable goods and services in the country.

KSA Higher Customs Duty June 2020

June 29th, 2020 by Stephen Jones No comments »

The Kingdom of Saudi Arabia (KSA) has published the new list of goods on which higher customs duty rates which are effective from 20 June 2020.

Earlier the Customs duty increased was supposed to be effective from 10 June 2020.

Further, in view of the VAT rate increase to be effective 1st July 2020, it is recommended for the businesses operating in KSA to do an impact assessment to identify the impact of VAT and Customs duty increase on their business.

KSA VAT changes 1 July 2020

June 29th, 2020 by Stephen Jones No comments »

The Government of the Kingdom of Saudi Arabia (KSA)announced that the Value Added Tax (VAT) rate will increase to 15% from the current 5%, effective 1 July 2020.The increase is one theof additional measures taken by the KSA government in response to the economic impact of the COVID-19 crisis, due to the decline in government revenue resulting from lower oil prices, reduced economic activity and increased healthcare expenditure.

How could this impact your business?
In addition to the increased VAT rate, businesses in KSA should expect an increased level of scrutiny from the General Authority of Zakat and Tax (GAZT), as VAT becomes a more important source of revenue.

Businesses whose sales are partially or fully VAT exempt, will experience an increase in costs as a direct effect of the rate increase. Nevertheless, the rate increase will impact all industry sectors in KSA and not primarily the Financial Services, Insurance and Real Estate sectors. All consumers will finally bear the brunt of the increases and it is not clear whether a lower rate of VAT, may still continue to apply to such items as food and utilities, to mitigate the impact.

We advise to review existing contracts that provide for continuous or periodic supplies of goods/services, and consider the required documentation changes that should be effected before 1 July 2020. Be clear on the correct rate of VAT to charge on contracts and supplies that span both June and July 2020. As o the 2018 introduction of VAT shows, transitional rules can be difficult to implement.

The rate increase will also impact cash-flow for businesses due to the timing difference between the payment and recovery of VAT, so cash flow planning will take on renewed significance.

Review the internal systems and processes to reflect the increased VAT rate. What systems and report need update and testing when.

We remind taxpayers that the window for voluntary disclosures without incurring penalties remains open only until tomorrow 30 June 2020, he rate increase heightens the importance for businesses to ensure they are fully compliant from a VAT perspective.

Outlook fails to start for some users after June 2020 upgrade

June 25th, 2020 by Stephen Jones No comments »

Microsoft says in a support document recently published that Outlook will fail to start for some users, automatically displaying an error prompting the users to repair some inbox files. According to the company, all users who have updated Outlook to version 2005 Build 12827.20268 or higher will see an error prompt saying that “Something is wrong with one of your data files and Outlook needs to close. Outlook might be able to fix your file. Click OK to run the Inbox Repair Tool.”

Microsoft lists this known issue as being caused by the June 2020 updates on a support page with fixes and workarounds for recent issues affecting Outlook for PC.

After Outlook users click the “OK” button, the Inbox Repair Tool launches and walks them through the repair process. The next step is to reboot the computer to apply the fixes and, hopefully, have the issue resolved but, instead, Outlook will again display the same error.

No fix yet, workaround available
Microsoft says that an official fix is not yet available for customers using stable Outlook versions after updating to version 2005 Build 12827.20268 or later, however, an initial fix is being tested by users of Outlook Insider Beta version 13004.10000.
“The Outlook Team is investigating this issue with the Windows Team,” the support article reads. “We are not sure yet if the primary fix will come from Outlook or Windows. When we have more information on fix details we will add them here.”

Microsoft does provide a workaround that should make Outlook usable again for all users and it requires modifying the registry by deleting a number of keys related to the PST document format.

Another issue preventing Outlook and other Windows 10 programs from launching was fixed by Avast on June 13 after Avast and AVG security applications inadvertently set registry keys blocking executables from running on Windows 10 versions 2004, 1909, and 1903.

Earlier this month, Microsoft also issued the KB4484398 Microsoft Office non-security update to address an issue causing sporadic crashes in Outlook 2016 and shared folders to disappear from Favorites when customers started Outlook in an offline state.

In mid-May, Redmond also started rolling out a fix for Outlook search issues affecting clients updated to versions 2004 12730.20236 and 2004 12730.20250.

Microsoft Gold Partnership Synergy Software Systems

June 18th, 2020 by Stephen Jones No comments »

I am pleased to note that our Gold Partnership with Microsoft has been confirmed again for the next year.

Economic Substance Regulation (ESR) in the U.A.E. ask Synergy Software Systems

June 16th, 2020 by Stephen Jones No comments »

Existing companies should have complied with the regulations by now, since the starting date was 30th April 2019.

(If an entity fails to meet the requirements or if inaccurate information is given to the regulatory authority, annual administrative penalties of AED 10,000 to AED 300,000 will apply. If they fail to meet the requirements for consecutive years, the penalties will increase and might force the authorities to suspend, revoke or deny renewal of an entity’s license.)

(In the case of new entities, regulations must be complied with upon receiving its trade license.)

This legislation (collectively, referred to as the “Economic Substance Regulations“) were issued in response to the UAE’s inclusion in the European Union’s list of non-cooperative jurisdictions for tax purposes, and their aim is to facilitate tax transparency and fair tax competition in the UAE’ The Economic Substance Regulations apply to natural or juridical (legal) persons, including all UAE onshore and free zone companies, branches, foundations, non-profit organisations and partnerships (referred to as “Licensees“) that carry out one or more of the following “Relevant Activities” in the UAE -see below for the details. With the introduction of ESR, UAE has been removed from the blacklist of tax havens.

BEPS [Base Erosion Profit Shifting)] Base Erosion Profit Shifting directives are regulations issued by the Organization for Economic Cooperation and Development [OECD] to combat corporate policies for Tax Planning which would shift the profits of companies from low tax rate jurisdictions to high tax jurisdictions. Thus “eroding” the tax base in high tax jurisdictions.

The appropriate regulatory authority varies depending on the type of Relevant Activity and the location in which it is undertaken. Each regulatory authority will set out the form of the reports to be filed and the mechanisms for submitting such forms.

What is the economic substance test?
The economic substance test requires a Licensee to demonstrate that:
• the Licensee and the Relevant Activity are being directed and managed in the UAE;
• the relevant Core Income Generating Activities (“CIGAs“) are being conducted in the UAE; and
• the Licensee has an adequate number of employees and adequate physical assets and expenditure in the UAE.

Licensees carrying out a holding company business or a high risk IP business are subject to different economic substance test requirements.

See: https://www.mof.gov.ae/en/StrategicPartnerships/Pages/ESR.aspx for some useful documents including a flow chart.

The Regulations require UAE onshore and free zone companies and other UAE business forms that carry out any of the “Relevant Activities” listed below to maintain an adequate “economic presence” in the UAE relative to the activities they undertake.

Relevant Activities:
• Banking Business
• Insurance Business
• Investment Fund management Business
• Lease – Finance Business
• Headquarters Business
• Shipping Business
• Holding Company Business
• Intellectual property Business (“IP”)
• Distribution and Service Centre Business

The Regulations provide a definition to each of the above Activities. The provisions of the Regulations shall not apply to Companies in which the Federal Government of the UAE or the Government of any Emirate of the UAE, or any governmental authority or body or any of them has at least 51% direct or indirect ownership in their share capital.

Entities that are governed by the Regulations will need to submit a notification to their Regulatory Authority (defined under Cabinet Decision No (58) of 2019 issued on 4 September 2019) from 1 January 2020 onwards, and prepare and submit to the same Regulatory Authority an economic substance declaration within 12 months from the end of their financial year (e.g. 31 December 2020 for entities with a financial year ending 31 December 2019).

An entity is not required to meet the economic substance test and file an economic substance declaration for any financial period in which it has not earned income from a Relevant Activity. Failure by an entity to comply with the Regulations shall result in administrative penalties, spontaneous exchange of information with the Foreign Competent Authority (as defined in Article 1 of the Regulations), and potential suspension, revocation or non-renewal of its registration.

In the DIFC, the ESR will be administered by the Registrar of Companies (“Registrar”) for all DIFC entities, including entities that are regulated by the DFSA. Key points to note about ESR and how to prepare your business for it :
1. All DIFC entities are required to submit an economic substance notification by 30 June 2020 in the DIFC Client Portal
2. The UAE Ministry of Finance has issued a Relevant Activities Guide which should assist you in determining whether your business conducts a relevant activity and falls within the scope of the ESR.
3. Your business may also be required to file an economic substance return (“ES Return”), within 12 months of your financial year end, to demonstrate that your business meets the ESR requirements. Information relating to the ES Return will be issued in the second half of 2020.

There is a requirement for a business to use the “Substance over Form” approach when evaluating whether they undertake a relevant activity or not. This means that companies will not only be evaluated on what activities are stated on their commercial license but their activities will be evaluated and ESR applied accordingly.

It is not a requirement that a UAE entity is directly engaged in the performance of a relevant activity directly. When an entity is earning income passively from a relevant activity, it will be sufficient for the application of Economic Substance Regulations [ESR].All Entities which assess that they are involved in the performance of a Relevant Activity will carry out the Economic Substance Test for Economic Substance Regulations [ESR].

The Economic Substance is composed of two parts:
1. The Direct and Managed Test:
The Entity needs to be directed and managed in the UAE with regards to the relevant activity carried out in the Emirates.

2. The Core Income Generated Activities Test [CIGA]:
1. The Entity that performs the relevant activities for the purpose of application of Economic Substance Regulations [ESR], need to demonstrate that the CIGA’s are undertaken in the UAE.The activity which constitutes as a CIGA varies with the activity being performed.

The Entities which exist in the United Arab Emirates and carry out relevant activities within its jurisdiction need to follow certainly and comply with certain reporting requirements. The entities will be required to submit an annual notice to their Regulatory Authority indicating that they are carrying out a Relevant Activity in the preceding Financial Year and whether there has been any Income from the Relevant activity that has been subject to Taxation outside the United Arab Emirates.

UAE entities that qualify for an exemption from the Economic Substance Regulations, or those that did not earn any income from their Relevant Activities will still be required to file a notification with the Relevant Authority.

UAE Entities which qualify for submission of notification, and those that earned any income from the same, will also be required to file an Annual Economic Substance Return. The purpose of the Return is to make an assessment of the requirements of economic substance regulations are met, the income earned, qualifications of the staff involved, and information about the premises and other assets used in carrying out the relevant activity.

What are the Penalties for Non-Compliance of [ESR]?
In addition to an exchange of information by the UAE with countries which are a member of Organization for Economic Cooperation and Development [OECD] to remove the possibility of Base Erosion and Profit Shifting, failure to comply will cause the levy of administrative penalties not less than 10,000 AED and not more than 50,000 AED for failure to comply for the first year. In case of failure to comply with ESR, the minimum amount of penalty will be increased to 50,000 AED and the maximum amount to 300,000 AED. In addition to this, additional penalties, such as suspending, revocation of UAE Trade License may also be levied.

Microsoft Universal Print is coming.

June 16th, 2020 by Stephen Jones No comments »

Microsoft’s Universal Print, which debuted in March, is a cloud-based solution that promises to let organizations forgo both maintaining print servers locally and installing print drivers. The service just requires having Azure Active Directory domain-joined PCs running Windows 10 version 1903 or later.

Microsoft conceives Universal Print as being a simpler option in terms of deployment compared with its existing Windows Server Hybrid Cloud Print solution. It described Universal Print as a “Microsoft 365 subscription-based service” that “runs entirely in Microsoft Azure.

Universal Print is based on a standard that’s getting implemented in printers, but Microsoft also has a Connector application that adds support for older “legacy” printers that lack native support for Universal Print.

On May 13, Microsoft talked more about Universal Print during a 30-minute online event “Live Webcast: Universal Print Overview.” Some of the Webcast’s highlights, which featured an extensive Q&A.

Universal Print Overview Highlights
The timeline for releasing Universal Print in public preview is Q3 2020. It’s expected to reach “general availability” commercial release in Q4, ( Rani Abdellatif, a program manager on the Universal Print team.)

To use the available private preview of Universal Print, organizations will need a Microsoft 365 Enterprise, Education or Business subscription. Its not yet clear which Microsoft 365 products will have access to Universal Print when it gets commercially released.

Universal Print maintains the familiar Windows print experience for end users. Universal Print-registered printers will show up like any other printer. Users can print from anywhere when connected to the Internet and authenticated via Azure AD, . The print jobs will get “spooled to the cloud from client,” Microsoft explained, in the Q&A segment.

Universal Print uses the Internet Print Protocol (IPP) standard from the Printer Working Group, to expose print and management functionality through the Microsoft Graph. There is no print driver to install. Once an IT administrator configures Universal Print, end users can discover nearby printers IT can manage the printers and get reports on how they are used.

During the Q&A, Microsoft explained more about the reporting aspect of Universal Print:
Administrators have access to a basic set of reports that include print usage grouped by user/printer.

Use Microsoft Graph API to download a raw data stream of completed print jobs to generate custom reports.

With Universal Print, IT pros need to assign printers and make these viewable to end users. Printer locations are assigned using the Azure Portal.
All communications are over secured HTTPS connectors.
Printers are deemed to be Azure AD objects, and are backed by an X.509 certificate.
No firewall ports are needed to support Universal Print. “There are no incoming requests to printers or Connectors (all requests are outgoing), so as long as Universal Print endpoints are not blocked, everything will work,” the Q&A indicated.

TMicrosoft is “working with ISV [independent software vendors] in print,” including vendors such as Papercut, Kofax and uniFlow.
Microsoft was also asked about actual printer hardware support for Universal Print. It’s mostly still a work in progress, per the Q&A:

Security, Agile and DevOps

June 13th, 2020 by Stephen Jones No comments »

As we move to an era of no code citizen developers there is increasing risk that security remains an afterthought when organizations are building software. The latest Verizon threat report identified that web application attacks have doubled, and that cloud-based data is under attack. The surge in web app security breaches in 2019 further solidifies that ‘crowd funded’ testing is no substitute for proper QA. The whole agile /DevSecOps approach has done much to improve user feedback to developers to improve the functionality and speed to market of business solutions, but informal end user tests alone are not sufficient where security is concerned,

With the rush to embrace digital services, organizations are too often focused on the speed of release rather than on the quality of services. To accelerate the pace of digital transformation, security must be a fundamental part of software development. To develop code faster, you should also identify vulnerabilities sooner. Otherwise, you run the risk of DevOps, simply creating software with vulnerabilities, more quickly.Embed security within all aspects of your software deign and development process rather than expect it to be bolted on as an afterthought. The threat is real sophisticated and growing. Criminals also use automation and Machine intelligence to identify and to attack vulnerabilities faster.

Attackers recently hijacked powerful machine-learning clusters inside Microsoft’s Azure cloud-computing service so that they could mine cryptocurrency at the expense of the customers who rented services. The nodes, which were misconfigured by customers, made the perfect target for so-called cryptojacking schemes. Machine-learning tasks typically require vast amounts of computing resources. By redirecting thsoe to perform the compute-intensive workloads required to mine digital coins, the attackers found a means to generate large amounts of currency at little, or no cost.

The infected clusters were running Kubeflow, an open source framework for machine-learning applications in Kubernetes, which is itself an open source platform for deploying scalable applications across large numbers of computers. Microsoft said compromised clusters it discovered numbered in the “tens.” Many of those ran an image available from a public repository, apparently to save users the hassle of creating one themselves. Upon further inspection, Microsoft investigators discovered it contained code that surreptitiously mined the Monero cryptocurrency.

After finding the infected clusters, investigators turned their attention to how the machines were compromised. For security, the dashboard that allows administrators to control Kubeflow is, by default, accessible only through istio ingress, a gateway that’s typically located at the edge of the cluster network. The default setting prevents people across the Internet from accessing the dashboard and making unauthorized changes to the cluster.

This week Yossi Weizman, a security-research software engineer in the Azure Security Center, said : “We believe that some users chose to do it for convenience. Without this action, accessing the dashboard requires tunneling through the Kubernetes API server and isn’t direct. By exposing the Service to the Internet, users can access the dashboard directly. However, this operation enables insecure access to the Kubeflow dashboard, which allows anyone to perform operations in Kubeflow, including deploying new containers in the cluster.”

Once attackers have access to the dashboard, they have multiple options for deploying backdoored containers in the cluster. For instance, attackers can create what’s known as a Jupyter Notebook server that runs on the cluster. They can then place a malicious image inside of the Jupyter Notebook. If a Jupyter Notebook is already installed, it can be maliciously modified.
Weizman wrote.:” Azure Security Center has detected multiple campaigns against Kubernetes clusters in the past that have a similar access vector: an exposed service to the Internet. However, this is the first time that we have identified an attack that targets Kubeflow environments specifically.”

Hyperautomation with Synergy Software Systems

June 8th, 2020 by Stephen Jones No comments »

Gartner coined the term hyperautomation to describe how the combination of Robotic Process Automation (RPA) and disruptive technologies such as artificial intelligence (AI), machine learning (ML), process mining, decision management, and more can be used together in an end-to-end automation solution.

The recent UiPath 2020 Fast Track release 20.4 adds literally hundreds of new features and exciting new capabilities across every stage of the automation lifecycle.

The UiPath Automation Hub is the ‘operating system’ for the Center of Excellence (CoE) to effectively manage the automation lifecycle wit:h instant visibility, transparency, and control. UiPath Automation Hub now offers branding options, new dashboards, and saved views for your team to truly make Automation Hub your own.

Through a UiPath Task Capture and Automation Hub integration you can launch Task Capture directly from Automation Hub to quickly create a process definition document (PDD) and send it from Task Capture to Automation Hub.

Process Mining joined the product family in October 2019 through an acquisition. It is now deeply integrated into the UiPath Platform, and delivering new capabilities.

The 20.4 release includes an improved Process Compare dashboard that now includes comparisons over two periods. This makes it possible to compare changes in a process over time, for instance, to see the impact that implementing a new automation might have had. Process Mining has also been updated with UiPath branding including logos and colors.

The new release has improved localization and added out-of-the-box language support for Japanese. Developers can now add new translations for other languages as desired.

UiPath Task Mining is a completely new product in the Discover phase in 20.4.
Task Mining leverages a low-touch way to discover employee workflows by setting up centralized process capture from the admin portal and securely capturing real employee data with no interruption to their activities. The turnkey solution uses AI to get scientific process maps, a true pulse on repetitive tasks, and provides machine learning (ML)-discovered automation suggestions.
Task Mining captures only whitelisted applications and anonymizes and aggregates individual data. Data upload and transfer is encrypted and secured. Get the benefits of full integration with the entire end-to-end UiPath Enterprise RPA Platform with one-click exports into UiPath Studio and complete impact assessment after deployment with UiPath Insights.

Build UiPath Studio has always been about empowering the developer and delivering the best environment to build automations. This release is a special one for Studio. It is evolving from a single offering to a family of products. UiPath Studio now offers a dedicated experience based on the user’s level of expertise. We like to say that there is an edition of Studio for everyone.

There are a ton of new features across the family from a new UI Automation approach to robust governance.

UiPath Studio Pro is the new home for high-end developer capabilities. In the initial release, we have Application Testing and RPA Testing, including Mobile Automation to cover all the testing needs within your company. Studio Pro is a key component of a larger UiPath Test Suite to design and map test cases and their execution results to requirements and defects in Jira to deeply integrate testing. This is a major new area for the platform and one that will enable you to deliver a higher quality automation program.

Another new product in the 20.4 release is UiPath Document Understanding which combines RPA and AI to help you extract and interpret data from different documents and ensure end-to-end document processing. UiPath Document Understanding works with a wide range of documents including:

– Structured forms like passports or timesheets
- Semi-structured documents like invoices, receipts, and purchase orders
– Unstructured documents like emails or contracts

It is also able to recognize different objects like tables, handwriting, signatures, and checkboxes in addition to being able to deal with various file formats.

Available directly from UiPath Studio, Document Understanding provides drag-and-drop elements designed for intelligent document processing. Leverage a combination of approaches including templates and ML models, to automate complex document-intensive processes. This ensures rapid and accurate results even when the location of data fields changes or documents are scanned at an angle.
Integrated within the UiPath Platform, Document Understanding can work with any tasks involving documents, to save time, reduce error and security risks of manual document processing.

Manage
Version 19.10, introduced zero-touch provisioning for attended robots and processes to UiPath Orchestrator. This release, further increase UiPath Orchestrator scalability by adding zero-touch provisioning for unattended robots and processes, so you can now manage your entire robot and process infrastructure from within modern folders—optionally with active directory (AD) integration. This simplifies enterprise-scale deployment and removes the need to manage software robots in two different ways. In 20.4, you can:

1. Create a user with an unattended robot
2. Create a machine template
3. Associate those to a folder
4. Execute them on any machine

A new unique option for unattended robots to choose to run multiple jobs in a single Microsoft Windows session (using different user credentials)— to scale the return on your hardware investments.

There are many othe rnew UiPath Orchestrator features.

Job Prioritization
- Storage Buckets that developers can use to store binary large objects (BLOBs) at a folder level
- New compare capabilities in the Package Explorer that show the changes between versions of a package
– Support in Orchestrator for personal folders, which enable Studio and StudioX users to publish their automation packages to themselves, have a process automatically created, and have the process appear in their own robot tray (broader library and deployment permissions are still respected for any publication or distribution beyond the user themselves).
- In addition to the plumbing to make this work, the Orchestrator user interface (UI) adds the ability to turn personal folders on overall and choose whether to automatically provision a personal folder to a user.

Back in January, 2020 UiPath released the first version of UiPath AI Fabric, which allows you to apply AI to your RPA workflows in minutes. In this release, the AI Fabric has been enhanced to include Model Retraining that allows exceptions and corrections to make the models better over time. This means the more you use AI Fabric, the harder it can work for you; and your robots will learn from their mistakes and become better at their job over time.

There are several pre-trained Starter Models for common use cases. These allow you to easily get started with UiPath AI Fabric. For example:
- The Language Identification model allows customer service teams to automate routing of tickets to specific departments. – Sentiment Analysis model allows customer service teams to prioritize tickets that need urgent attention based on customer feedback.

This release includes the first delivery of AI Fabric on-premises. It initially supports UiPath first-party models such as those used by UiPath Document Understanding. It will be enhanced over the months ahead to achieve parity with AI Fabric in the UiPath Automation Cloud. This will include support for capabilities such as custom model deployment, single click scalability, and high availability deployments options.

Run
While the automation industry began with unattended scenarios running in the back office, we have always believed in also empowering all employees with the power of attended automation and their very own software robots. This is a big focus of this release and worthy of its own detailed web page:

Expanded native integrations enable easier and more efficient automation across the applications you use every day. Today, UiPath offers more than 100 integrations with third-party technologies, built directly by UiPath or our community of over 300 technology partners.

This release, adda new native integrations with ServiceNow, NetSuite, Oracle, Workday, and Box and additional Amazon Web Services (AWS) offerings, such as Amazon Textract, as well as additional Microsoft services, such as Microsoft Form Recognizer and Microsoft Dynamics.

Engage
The Engage phase of the automation lifecycle is all about software robots and people collaborating smoothly to get work done together. Sometimes a robot works alongside you helping you get you work done. We call that attended automation and UiPath is enhancing its robots with a new and improved attended experience called the UiPath Assistant. The modern and easy-to-use interface makes it easier to set preferred processes, install, run, and pause, or even set reminders for when a process needs to start.

Sometimes a robot works in the back-office processing (we call this unattended automation). Occasionally, that robot needs help. A person may need to validate or approve its work, or to answer a question the robot has not seen before. That’s where UiPath Action Center comes. UiPath Action Center provides a place for unattended robots to get help when they need it. A place for people to engage in unattended processes when they are needed. A place that keeps the work flowing.

This release, has built a completely new experience for the Action Center that will come to Cloud users first. It looks like this:

We also added important new capabilities to UiPath Action Center including support for easy integration with business process management (BPM) systems.

Measure
Back in January, we saw the first version of UiPath Insights delivering powerful, embedded analytics that measure, report, and align RPA operations with strategic business outcomes. This release, enables the ability to track and measure all robot types including their accuracy, availability, and capacity. Users can now gain seamless visibility into business outcomes with custom-defined metrics and key performance indicators (KPIs). There’s also simpler support for organizational-wide decision making with shareable dashboards, forecasting, ML-based anomaly detection embedded directly within UiPath Orchestrator.

Additionally, Insights’ growing out-of-the-box dashboard library now includes: Processes, Queues, Robots, Licensing, and Business ROI, extensible to include Long Running Workflows through the UiPath Marketplace.

UiPath Enterprise RPA Platform offers a tremendous set of new capabilities and is truly built for hyperautomation

SnapLogic May 2020 many enhancements – ask Synergy Software Systems

May 14th, 2020 by Stephen Jones No comments »

We are thrilled to announce the general availability of the May 2020 release of the SnapLogic Intelligent Integration Platform (IIP).

New Iris artificial intelligence (AI) innovations within this release allow you to build painless integrations, increase collaboration within your organization with new Stickies, and automate workflows with new SAP S/4HANA Snaps, among many more.

New Mask Snap, powered by Iris AI: Simplify data masking!

As you work with a variety of data in your dev and test environments, it is always good practice to shield and protect sensitive information. Masking sensitive or personally identifiable information such as: social security numbers (SSN), email addresses, names, street addresses, and birthdates is easy with our new Mask Snap.

With the Mask Snap, Iris AI is embedded in every step :
- suggestions on the fields you should mask,
- recommended search mode,
- recommended match mode,
- recommended masking options

You can remove or mask fields, and it works with all data types, including highly-nested JSON.

We continue to enhance our industry-leading AI technology to make it easy for you to build integrations and automations, easily and painlessly. With the new May 2020 release, as you are configuring a database or an application Snap, Iris AI now provides configuration recommendations such as schema name, object name. To provide these recommendations, Iris employs over five years of metadata information and usage patterns to intelligently determine the most commonly used schemas and objects in your organization.

From source to destination, Iris AI continues to simplify schema mappings – map even complex schemas in minutes. With the May 2020 release, Iris now provides target recommendations in Mapper for exact matches between source and destination schemas.

Boost collaboration with peers using Stickies!
SnapLogic customers who have previewed our May 2020 release have embraced our new Stickies feature with great enthusiasm. Stickies enables better collaboration and documentation of your pipeline building efforts. Stickies allow you to create and post notes on the Designer canvas to annotate different parts of the pipeline and document the workings of a pipeline in detail.
Stickies provide a great collaboration tool between IT teams, who might create pipelines, and business teams, who might want to customize and run pipelines based on their specific needs.

Stickies reside at the pipeline level, thus, they complement the Snap level ‘note’ feature already present in the platform. Additionally, Stickies are part of a pipeline’s metadata – export stickies along with your pipelines.

Deeper operational insights with Insights dashboard and task monitoring

In the May 2020 release, to provide you with trends data on operational parameters and task level insights into your SnapLogic deployment, there are significant updates to the Dashboard tab.

USe the enhanced Insights tab to improve operational efficiency with a view of historic usage and trends across key performance indicators (KPIs) such as :
- documents processed,
- pipeline executions,
-Snap executions, etc.

Filter these KPIs by specific criteria and personalize the view stohave the most relevant visualizations at the top.

The May 2020 release introduces a new tab, called ‘Task’, to provide a task level view of your SnapLogic deployment. Monitor the performance and health of your tasks and drill down into historical information to identify where certain tasks are failing or underperforming. Significantly improve your efficiency as you troubleshoot the root cause of a dip in performance or failure.

Automate your customer journey with new SAP S/4HANA Snap Pack

Another key update in the May 2020 release is the new SAP S/4HANA Snap Pack. SAP S/4HANA, is a modern enterprise resource planning (ERP) system that leverages SAP HANA, an in-memory database. Here are a few key use cases k:

- Order-to-Cash from Salesforce to SAP S/4HANA
- Real-time inventory management from databases to SAP S/4HANA
- Advanced financial planning with data from SAP S/4HANA to Anaplan
- Managing and engaging talent with automations across Workday and SAP S/4 HANA
- Managing organizational spend across Coupa or SAP Ariba and SAP S/4HANA

The SAP S/4HANA Snap Pack provides Create, Delete, Read, and Update Snaps and massively simplifies data modeling as you build automated business processes to connect SAP S/4HANA with other systems.

Build a single source of truth for your customer profile data inAdobe Experience Platform

We have updated the Adobe Experience Platform,( previously referred to as Adobe Cloud Platform Snap Pack). Use it as the single source of truth for your customer profile data. Update and maintain customer data in real-time to power accurate, up-to-the-moment, insights for your sales, marketing, and support teams. This Snap Pack update consists of a Write Snap, an S3 connector, and an AEP File Generator to leverage the capabilities of the Adobe Experience Platform and eliminate data silos for your customer profile data.

Connect with other Snap updates with confidence

Cassandra Snap Pack: now updated to support v3, with an updated JDBC driver
Snowflake Snap Pack: updated to JDBC driver version 3.12.3.
ServiceNow Snaps: now certified against Madrid, Orlando, and New York versions.
Oracle Snaps now supports version 19c.

SnapLogic eXtreme enhancements

Offering enhanced account encryption and cross-account IAM roles, SnapLogic eXtreme gets a big security boost with this release. These two new enhancements help your organization improve its security posture while delegating access to AWS EMR resources that SnapLogic eXtreme leverages to execute Spark-based pipelines.

Enhanced Account Encryption leverages Amazon KMS asymmetric keys– you no longer need to put in the secret key associated with your account in the SnapLogic UI.

Cross-Account IAM Role enables SnapLogic to assume an authorized role for the purpose of managing the lifecycle of Amazon EMR clusters that run Spark mode data transformations, so you don’t have to do it..

SnapLogic eXtreme is broadly applicable with support for any JDBC compliant data store.

Use a Spark mode pipeline to read from or to write to any JDBC compliant database.

Important for big data workloads – no longer need to use a data lake like S3 for staging.

Dynamics 365 – most popular erp system with users in 2020 survey – ask Synergy Software Systems, Dubai

May 12th, 2020 by Stephen Jones No comments »

Which ERP Systems Are The Most Popular With Their Users In 2020? the title of a recent
Forbes reports which indicates that 84% of Microsoft Dynamics 365 for Finance and Operations users are the most likely to recommend their ERP system to industry colleagues evaluating ERP solutions.

Call us: on 0097143365589 to find out how we are helping organisationsto digitally transform, optimise business process workflows and seamlessly connect with their customers, stakeholders and teammates.

No change to end of life support for Ax 2012 – plan your migration with Dynamics Gold Partner Synergy Software Systems

May 11th, 2020 by Stephen Jones No comments »

Coronavirus tis impacting many IT project for Dynamics AX customers migrating from legacy versions of Ax 4/2009/2012 to dynamics 365.

Be aware that extended support plans for Dynamics AX 2009 Service Pack 1, AX 2012, and AX 2012 R2 are due to end on October 12, 2021. AX 2012 R3 users have until January 10, 2023. And Microsoft is advising customers these dates will remains in place, at least for now.

A Microsoft spokesperson provided this statement:

There is currently no plan to extend support further; however, we continue to monitor market needs including impact of the current COVID-19 pandemic related to support for Dynamics AX 2009 and Dynamics AX 2012.

So while the legacy versions are robust they will increasingly be incompatible with the latest versions of operating systems and browsers, and SQQL database and be increasingly vulnerable to malware and cybercrime. The coronavirus pandemic is affecting projects in many ways especially for global projects, for example: travel/quarantine, lockdowns and curfews on working, the need for remote collaboration, and e learning, and for global rollout more use of local partners.

There is no immediate end in sight so projects and timelines will be impacted for at last another year in which case we strongly advise you start your preparations for migration as early as possible. there is mush to consider: the on premise vs on cloud decision is now of greater importance, environmental sizing for cloud or on premise needs is significantly different as is new licensing and features for D365, new security set ups, code and data migration, project methodology via LCS , budgetting and project planning all take a lot of time.

The new challenges are accelerating different ways of working and some Business Process re-engineering should also be considered- e-commerce, Robotic Process automation, Lean manufacture, cross platform and application processes, self service, vendor collaboration, Customer portals, increased use of smart phones and mobiles from bar cod e driven WMS operations to Advanced analytics on your phone anytime anywhere any devices. To compete needs omni channel tailored services – there has never been a greater need for increased cost control, efficiency, and customer service. Start the process now while you can – as deadlines get nearer there will be backlog of customers seeking to upgrade and shortage of available resources both internally and externally.