Archive for the ‘Security and Compliance’ category

Wifi 6 what is it? Why does it matter?

April 13th, 2019

Wireless speeds will soon get a lot faster thanks to the introduction of Wi-Fi 6 later this year.

Wi-Fi 6 is the next evolution of wireless local area network (WLAN) technology and it will improve upon older Wi-Fi standards, especially with the coming release of 5G wireless technology. With Wi-Fi 6 and 5G emerging onto the market at roughly the same time, it would make sense that they’re somehow related; while both promise similar improvements, they’re distinctly different technologies.

The name Wi-Fi 6 is part of a new naming convention the Wi-Fi Alliance to make these more easily understood by Wi-Fi users, making it much like the 3G/4G/5G naming convention used by cellular data networks. Behind the Wi-Fi 6 name is the latest version of the 802.11 wireless networking standard: 802.11ax. This new Wi-Fi standard is reportedly up to 30% faster than Wi-Fi 5,. Speed hasn’t been the main benefit touted by the Wi-Fi Alliance and other industry experts; Wi-Fi 6 also brings lower latency, more simultaneously deliverable data, and improved power efficiency.

Latency is a significant problem especially for mobile, internet and cloud users i.e. just about everyone. Orthogonal Frequency Division Multiple Access (OFDMA), h is an improvement on Orthogonal Frequency Division Multiplexing (OFDM). OFDM is used by Wi-Fi 5, 4, and older standards to encode and transmit data form multiple clients or access points (APs) and to contend for the ability to transmit data; once the network is idle, data can be transmitted. OFDM is a popular and reliable way to decentralize access, but it has a major problem in that it can lead to serious latency.

OFDMA, makes a major change and puts the transmission coordination in the hands of 802.11ax APs. The AP centrally schedules data transmission and is able to further divide frequencies so as to transmit data to/from multiple clients at the same time. The aim is to reduce latency and increase network efficiency—especially in high-demand environments like stadiums, conference halls, and other public spaces. OFDMA broadcasts multiple signals at the same time, and can also increase the unit interval, which means outdoor Wi-Fi deployments will be faster and more reliable.

Wi-Fi 6 will extend the capabilities of Multi-User Multi-Input/Multi-Output (MU-MIMO). MU-MIMO was previously available only for downstream connections and allowed for a device to send data to multiple receivers at the same time; Wi-Fi 6 will add MU-MIMO capabilities to upstream connections to allow more simultaneous devices on one network. MU-MIMO, is already in use in modern routers and devices, but Wi-Fi 6 upgrades it. The technology allows a router to communicate with multiple devices at the same time, rather than broadcasting to one device, and then the next, and the next. Right now, MU-MIMO allows routers to communicate with four devices at a time. Wi-Fi 6 will allow devices to communicate with up to eight. As an analogy compare adding MU-MIMO connections to adding delivery trucks to a fleet, You can send each of those trucks in different directions to different customers. “Before, you had four trucks to fill with goods and send to four customers. With Wi-Fi 6, you now have eight trucks.

Extending the truck analogy OFDMA allows one truck to carry goods to be delivered to multiple locations. The network look at a ‘truck’ and see that it has only allocated e.g. 75 percent of the load capacity of that truck and this other customer is on the same route, so it fill up that remaining space with a delivery for the second customer. In practice, this is all used to get more out of every transmission that carries a Wi-Fi signal from a router to your device.

How fast is it?

– The short answer: 9.6 Gbps. compared to 3.5 Gbps on Wi-Fi 5.

– The real answer: both of those speeds are theoretical maximums that you’re unlikely to ever reach or need in real-world Wi-Fi use. The typical download speed in the US is just 72 Mbps, or less than 1 percent of the theoretical maximum speed. The fact that Wi-Fi 6 has a much higher theoretical speed limit than its predecessor is still important because that 9.6 Gbps can be split up across a whole network of devices which means both more devices or more potential speed for each device.

When Wi-Fi 5 came out, the average US household had about five Wi-Fi devices in it. Now, homes have nine Wi-Fi devices on average, and various firms have predicted we’ll hit 50 on average within several years. Those added devices take a toll on your network. Your router can only communicate with so many devices at once, so the more gadgets demanding Wi-Fi, the more the network overall is going to slow down. At first, Wi-Fi 6 connections aren’t likely to be substantially faster. A single Wi-Fi 6 laptop connected to a Wi-Fi 6 router may only be slightly faster than a single Wi-Fi 5 laptop connected to a Wi-Fi 5 router. Devices are more likely to maintain fast speeds on busy networks

As more and more devices get added onto your network, current routers might start to get overwhelmed by requests from a multitude of devices, Wi-Fi 6 routers are designed to more effectively keep devices up to date with the data they need. Each of device;s speeds may not be faster than they can reach today on a high-quality network, but they’re more likely to maintain those top speeds in busier environments. In a home where one person is streaming Netflix, another is playing a game, someone else is video chatting, and a whole bunch of smart gadgets — a door lock, temperature sensors, light switches, and so on — are all checking in at once the top speeds of those devices won’t necessarily be boosted, but the speeds you see in typical, daily use will get likely be better. Exactly how much fast will depend on how many devices are on your network and just how demanding are those devices. In a cloud world working on html 5 pages rather tcpip protocol, and with growing use of social media, digital storage, streaming video, AI, and querying data lakes its essential that the underlying infrastructure keeps up. We are seeing similar evolution with databases, chips and memory.

Wi-Fi 6 introduces some new technologies to help mitigate the issues that come with putting dozens of Wi-Fi devices on a single network. It lets routers communicate with more devices at once, lets routers send data to multiple devices in the same broadcast, and lets Wi-Fi devices schedule check-ins with the router. Together, those features should keep connections strong even as more and more devices start demanding data.

Wi-Fi 6 will also:
• Increase the number of transmit beamforming streams to eight in order to increase network range and throughput;
• use both the 2.4 GHz and 5GHz bands simultaneously to greatly improve performance;
• use 1024 quadrature amplitude modulation (1024-QAM) to increase throughput for emerging use cases (Wi-Fi 5 uses 256-QAM);
• implement individual target wake time (TWT) to improve battery life and reduce power consumption for Wi-Fi devices;
• introduce spatial reuse technology that will allow devices to more easily access a Wi-Fi network in order to transmit data.

Wi-Fi 6 allows devices to plan out communications with a router, reducing the amount of time they need to keep their antennas powered on to transmit and search for signals. That means less drain on batteries and improved battery life in turn. This is a feature called Target Wake Time, which lets routers schedule check-in times with devices.
Your laptop needs constant internet access, so it’s unlikely to make heavy use of this feature (except, perhaps, when it moves into a sleep state). This feature will be more valuable for smaller, already low-power Wi-Fi devices that just need to update their status every now and then. (Think small sensors placed around a home to monitor things like leaks or smart home devices that sit unused most of the day.)

Wi-Fi generations rely on new hardware, not just software updates, so you’ll need to buy new phones, laptops, and so on to get the new version of Wi-Fi. new devices will start coming with Wi-Fi 6 by default. As you replace your phone, laptop, and game consoles over the next five years, you’ll bring home new ones that include the latest version of Wi-Fi. There is one thing you will have to make a point of going out and buying: a new router. If your router doesn’t support Wi-Fi 6, then you won’t see any benefits, no matter how many Wi-Fi 6 devices you have. (You may however see a benefit, though, connecting Wi-Fi 5 gadgets to a Wi-Fi 6 router, because the router may then be capable of communicating with more devices at once.)

A new security protocol called WPA3. WPA3 makes it harder for hackers to crack passwords. For a Wi-Fi 6 device to receive certification from the Wi-Fi Alliance, WPA3 is required. (so be aware that it may not be included in uncertified devices.)

So where does 5G fit in ?
5G is the umbrella term for the fifth generation of mobile network technology, and it encompasses a lot of different elements. Cellular, or mobile networks, rely on licensed spectrum bands, auctioned off to the highest bidder. Carriers, like Verizon or AT&T, pay to use those bands. To roll out coverage they build a network of connected base stations capable of sending out a strong enough signal that it can serve multiple people (thousands in urban areas) at once. To recoup their investment, we pay them subscriptions.

Wi-Fi relies on unlicensed spectrum which is free to use, but the signal is relatively weak. We pay an Internet Service Provider (ISP) to deliver the internet to our door and then use a router to fill our house with Wi-Fi. We the same frequency band as our neighbors and that is a problem, when you live in a very densely populated area. The two frequencies that Wi-Fi uses are 2.4Ghz and 5Ghz. The 2.4Ghz has a lower potential top speed but it penetrates better, so it has a longer range than 5Ghz.

(Note that that 5Ghz Wi-Fi has absolutely nothing to do with 5G mobile networks.)

In every day life, most of us rely on Wi-Fi both at home and in the office — or in coffee shops — and mobile networks when we step out the front door and move out of range of the router. (Though for security reasons I would never recommend anyone to se a public hotspot)

Smartphones switch automatically and we don’t have to give it any thought, we just want a good connection at all times. That will continue to be the case for the vast majority of people after 5G rolls out. The difference is that both mobile networks and Wi-Fi are going to get faster. The prospect of download speeds between 1Gbps and 10Gbps, and upload speed or latency of just 1 millisecond, has us excited about 5G. The reality is that we will not get anywhere near the theoretical top speeds. The speed of your 5G connection will depend on many factors including: where you are, to what network you connect, how many other people connect, and what device you use.

The aim is to achieve a minimum download speed of 50Mbps and latency of 10ms. That will represent a major improvement over current average speeds, but just as with 4G LTE, 5G coverage is going to expand slowly. It’s also going to work hand-in-hand, not just with Wi-Fi, but with earlier generations of mobile network technology, so 4G LTE will continue to be offered as a fallback and will continue to evolve and get faster.

Goodbye XP

April 13th, 2019

This week we have the end of Windows XP support, which means the lifespan of the OS was over 17 years. That’s a long time to run any system without an upgrade. There probably still a few SQL 2000 systems out there, which is older than XP, and likely a few of them are running on Windows 2000 in a VM somewhere. Sosome companies will continue to run XP and provably some ATMs, kiosk displays, and other embedded applications will show that XP start screen on occasion.

Cloud back ups or on-premise?

February 16th, 2019

Pretty scary.
We have suffered catastrophic destruction at the hands of a hacker, last seen as aktv@94.155.49.9 This person has destroyed all data in the US, both primary and backup systems. We are working to recover what data we can.

Though they’re back up and running, who knows if customers will stick by them, or will sue them.
What impact that had on infrastructure mail servers, backup servers, and SQL Servers for customers is hard to judge.
A large number of people might have lost their mailboxes and previously stored mail that was in IMAP storage.
This is likely an annoyance for individuals, but potentially catastrophic for businesses. Imagine your small business hosted with them and all your mailboxes were lost with customer communications and who knows what else.

Could this happen with a cloud provider like Azure O365, Google Apps or AWS?
Maybe but they will have DR backups,
But what if you store back ups on the cloud but run on premise- how long would it take to mass restore multiple, customers? Do you still have ad3qute on premise test systems to restore on and the staff and the time to do it?

Do you assume that you will always have either a primary server and an online backup server/share/bucket/container and can download data.
The problem is that online systems that connect to the primary can be accessed.
If an attacker were to access one, they potentially could access the second.
The world seems to be moving towards more online storage, or in the case of cloud vendors, a reliance on snapshots. That might be good enough for cloud vendors, but is it good enough for your on-premise system.
It’s likely that an attacker, possibly even with insider help, would wipe out backups first, then primary systems.
Some sort of disconnected offline backup of data, especially database servers gives you a third line of defence.
don’t forget that back up- need to be tested- if the back up software compatible with old versions, does your back up use the same version as the current erp software installed on your primary, or the same SQL version (i.e when you upgrade do you also upgrade your back ups, or maintain an older environment?)

Microsoft and other large vendors have had downtime whether self induced by releasing code too early, or due to hardware failure, or malicious attach . What is important to realise is just how infrequent are just issues given the number of clients they have across a range of solutions, and how little was the downtime and how fast they are at in addressing issues that arise. The think about how you would have been able to deal with the same issues in your own server room?

There are increasing risks, and increasing issues of statutory compliance with regard to data protection e.g, GDPR. The cloud generally offers cheap storage nd robust systems, yet it needs to be part of a holistic approach to reduce overall risk and cost, and not the only line of defence.

What does GDPR mean for Big Data Analytics and AI?

January 27th, 2019

By 2020, there will be an estimated 24 billion internet-connected devices globally – more than four devices for every person. Many consumers have concerns about data privacy and how their data is used and protected (some surveys put this at 90% of users). As businesses learn to extract value from and utilize data at a deeper level, it is essential for companies to be extremely conscientious about protecting personal information.

The recent Google 50 Million Euro GDPR fine posted about on our blog has major implication means for data insight driven companies. Secondary processing of date using iterative analytics and AI needs to remain legal under the GDPR – i,e.GDPR compliant technical and organizational safeguards in place that:

(1) Satisfy a balance of interest test that requires functional separation (to separate the information value of data from the identity of data subjects) to reduce the negative impact on data subjects, so that the data controller’s legitimate interests are not overridden. see Annexures 1 and 2 of this note: https://ec.europa.eu/justice/article-29/documentation/opinion-recommendation/files/2014/wp217_en.pdf

Recent high-profile lawsuits against Oracle and Acxiom make it clear that simply claiming a “legitimate interest” in commercializing personal data is not enough. (see the video here http://fortune.com/2018/11/08/privacy-international-oracle-acxiom/)

(2) Ensure compliance with requirements that the secondary processing is compatible with the original purpose for which the data was collected;

(3) By default restrict access to only the minimum data necessary for each purpose for which it is processed – such Data Minimisation, is a level of granular control and protection that cannot be technologies like encryption alone.

The “Data Privacy Day 2019″, which is tomorrow: Monday 28 January 2019, is led by the National Cyber Security Alliance (NCSA) in the United States, is built on the theme, “Respecting Privacy, Safeguarding Data and Enabling Trust.”

GDPR starts to bite

January 22nd, 2019

Google has been hit with a record fine by French data regulator CNIL, of 50m euros ($56.7m) for breaching GDPR after finding that Google had a “lack of transparency, inadequate information and lack of valid consent regarding ads personalisation”.
The regulator also said that the users were not sufficiently informed about how Google users personal data for advertising. The fine relates to two complaints filed by privacy advocacy groups, which were filed as soon as GDPR came into place in May last year. The groups also claim that Google does not not have a valid legal basis to process user data for ad personalisation, as mandated by the GDPR. Google also selects ad personalisation by default for new users, instead of offering an ‘opt in’, which is also against GDPR rules.

Under the GDPR, complaints are transferred to local data protection regulators. While Google’s European HQ is in Dublin, the CNIL concluded that the team in Dublin doesn’t have the final say when it comes to data processing for new Android users.

In a statement, Google said: “People expect high standards of transparency and control from us. We’re deeply committed to meeting those expectations and the consent requirements of the GDPR. We’re studying the decision to determine our next steps.”

The large fine reflect the view thatthe violations were continuous, and still occurring. Google’s violations were aggravated by the fact that “the economic model of the company is partly based on ads personalisation”, and that it is therefore “its utmost responsibility to comply” with GDPR.

Dr Lukasz Olejnik, an independent privacy researcher and adviser, said the ruling was the world’s largest data protection fine. “This is a milestone in privacy enforcement, and the history of privacy. The whole European Union should welcome the fine. It loudly announced the advent of GDPR decade,” he said.

Facebook is also faced with huge fines. Facebook has been fined €10m (£8.9m) by Italian authorities for misleading users over its data practices. The two fines issued by Italy’s competition watchdog are some of the largest levied against the social media company for data misuse, dwarfing the £500,000 fine levied by the British Information Commissioner’s Office in September for the Cambridge Analytica scandal– the maximum that body was able to issue. The Italian regulator found that Facebook had breached articles 21, 22, 24 and 25 of the country’s consumer code by: Misleading users in the sign-up process about the extent to which the data they provide would be used for commercial purposes.

Emphasising only the free nature of the service, without informing users of the “profitable ends that underlie the provision of the social network”, and so encouraging them to make a decision of a commercial nature that they would not have taken if they were in full possession of the facts. Forcing an “aggressive practice” on registered users by transmitting their data from Facebook to third parties, and vice versa, for commercial purposes.

The company was specifically criticised for the default setting of the Facebook Platform services, which in the words of the regulator, “prepares the transmission of user data to individual websites/apps without express consent” from users. Users can disable the platform, but the regulator found that its opt-out nature did not provide a fully free choice. As an additional penalty, the authority has directed Facebook to publish an apology to users on its website and on its app.

In a statement, a Facebook spokesperson said: “We are reviewing the Authority’s decision and hope to work with them to resolve their concerns. This year we made our terms and policies clearer to help people understand how we use data and how our business works. We also made our privacy settings easier to find and use, and we’re continuing to improve them. You own and control your personal information on Facebook.”

On Friday (14 December), Facebook disclosed that a bug gave hundreds of apps unauthorised access to photos that users had uploaded but hadn’t made public. The bug is understood to have ran for 12 days between 13 and 25 September. To compound matter it failed to promptly disclose the issue within 72 hours.

The bug is the latest in a series of privacy scandals. Facebook disclosed a security breach on Sept. 28, saying 50 million accounts had their login access tokens stolen. That figure was reduced to 30 million , and Facebook lconfirmed that 29 million of the impacted users had their names and contact information exposed. Among those users, 14 million of also had other personal information, such as their gender, relationship status and their recent place check-ins, stolen by the attackers. Facebook told the Irish Data Protection Commission that 10 percent of the affected accounts were European, according to Graham Doyle, the commission’s head of communications. the accounts were hacked in an access token harvesting attack. The security incident, revealed last week, was caused by a vulnerability in Facebook’s code which permitted attackers to steal access tokens. Access tokens are used to keep Facebook users logged in when they switch over to a public profile view via the “View As” feature.

A KPMG global study in 2018 revealed that 77% of consumer are totally against their data being sold.

A CNIL ruling in October last yearagaisnt the company Vectuary has a lot of significance. Data privacy experts consider the regulator was stating that consent to processing personal data cannot be gained through a framework arrangement which bundles a number of uses behind a single “I agree” button that, when clicked, passes consent to partners via a contractual relationship. That CNIL decision implies that bundling consent to partner processing in a contract is not, sufficient, or valid consent under the European Union’s General Data Protection Regulation (GDPR) framework.

The firm was harvesting personal data (including people’s location and device IDs) on its partners’ mobile users via an SDK embedded in their apps, and receiving bids for this data via another standard piece of the programmatic advertising pipe — ad exchanges and supply side platforms — which also get passed personal data so those can broadcast it widely via the online ad world’s real-time bidding (RTB) system to solicit potential advertisers’ bids for the attention of the individual app user… The wider the personal data gets spread, the more potential ad bids. CNIL discovered the company was holding the personal data of a staggering 67.6 million people when it conducted an on-site inspection of the company in April 2018 and yet Vectuary’s website claims it doesn’t store 70% of its data.

GDPR, Article 5, paragraph 1, point f, requires that personal data be “processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss.” If you can not protect data in this way, then the GDPR says you can not process the data. So the complint ius not just about the data or the consent but also about the processing. of the data sharing but rather that it is not adequately secure or controlled.

End of mainstream support for Microsoft Dynamics AX 2009, Dynamics AX 2012, and Dynamics AX 2012 R2

December 29th, 2018

Reminder – End of mainstream support for Microsoft Dynamics AX 2009, Dynamics AX 2012, and Dynamics AX 2012 R2 was ‎10‎/‎05‎/‎2018

Upgrade is not trivial especially when you have lots of customisations and bespoke reports and interfaces. Plan plenty of time for conversion and for testing and contingency. There is backlog of companies who need to migrate and only a limited number of skilled consultant available.

Decide as soon as possible whether on-premise or on cloud. If on-premise then consider what extra hardware you will need and whether you also need to upgrade SQL server. Don’t forget that SQL license costs have also changed.

It is not too early to start budgeting – find out what you get and don’t get on the cloud, there are both hidden costs, (e.g. extra back up storage space) and hidden savings (e.g. electricity). What extra environments or storage will you need e.g for dev and test over those used by Microsoft. How have license types and costs changed, understand the Modern Lifecycle Support update policy, .

Dynamics AX 2009 Service Pack 1 (SP1), Dynamics AX 2012, and Dynamics AX 2012 R2:
Mainstream support fends on October 9, 2018 after that date, only security hotfixes will be provided for these three versions through the extended support period that continues until October 12, 2021.

Dynamics AX 2012 R3
Mainstream support for continues through October 12, 2021. Microsoft will provide security hotfixes, non-security hotfixes, and regulatory updates for Dynamics AX 2012 R3 throughout that mainstream support period. The source code for these non-binary, non-security hotfixes and regulatory updates will continue to be available for customers active on the Enhancement Plan or Software Assurance.

Can customers on Premier Extended Hotfix Support or on Unified Support Advanced and Performance Levels get a non-security hotfix or regulatory update?

No. Neither non-security hotfixes nor regulatory updates will be available for Dynamics AX 2009 SP1, Dynamics AX 2012, or Dynamics AX 2012 R2 during the Extended Support phase of the product lifecycle.

While the ability to request a non-security hotfix for select products is included with Unified Support Advanced and Performance Levels, Microsoft has determined that non-security hotfixes cannot be provided with a commercially reasonable effort for these products. As a result, no requests for non-security hotfixes or regulatory updates will be accepted.

However, Microsoft will continue making security hotfixes, non-security hotfixes, and regulatory updates for Dynamics AX 2012 R3 throughout that mainstream support period. The source code for these non-binary, non-security hotfixes and regulatory updates will continue to be available for customers, and their partners, active on the Enhancement Plan or Software Assurance. Dynamics AX 2009 SP1, Dynamics AX 2012, and Dynamics AX 2012 R2 customers can selectively integrate those changes as required. Customers and partners can get the source code from packages attached to relevant Dynamics AX 2012 R3 KB articles published on LCS and discoverable through LCS Issue Search.

Will I still get a regulatory update for Dynamics AX 2009 Service Pack 1, Dynamics AX 2012, and Dynamics AX 2012 R2?

No, Microsft will only provide regulatory updates for Dynamics AX 2009 Service Pack 1, Dynamics AX 2012, and Dynamics AX 2012 R2 for regulatory changes with the law enforcement dates on or earlier than October 9, 2018.

What happens if a new bug is found by a customer in Dynamics AX 2009 Service Pack 1, Dynamics AX 2012, or Dynamics AX 2012 R2?

The bug must be reproducible in Dynamics AX 2012 R3. If it is reproducible and accepted, then a hotfix will be provided for Dynamics AX 2012 R3 and the customers can elect to integrate this hotfix in their version themselves, or work with their partners to integrate the changes.

How are binary hotfixes handled for Dynamics AX 2009 Service Pack 1, Dynamics AX 2012, and Dynamics AX 2012 R2?

If a hotfix is needed for a part of the system where Microsoft does not provide the source code and it is not a security bug, then a hotfix will not be provided.

To discuss a move to Dynamics 365 Finance and Operations call Synergy Software Systems your Dynamics Partner for over 15 years : 009714 3365589

Get ready for year-end close in Dynamics AX and Dynamics 365 with Synergy Software Systems, Dubai.

December 20th, 2018

There many tasks to be done for the Fiscal year-end closing process.
Those include task for all functions not just finance.
For over 10 years Synergy has conducted Year end training courses to help prepare Dynamics users for their fiscal close.
Our 2 day workshop encompasses:
Key tasks and sequence
Tips and trick
Key reports,
Use of MR and Power Bi
Sales, Supply chain, HR, IT tasks
Hands on practice
The course content applies to almost all versions and will be run in Dynamics Ax 2012 R3. it will however will also introduce the Dynamics 365 Financial closing workspace.

Date: 2 day course: 09.00 – 17.00 8th and 9th Jan 2019
Venue: SYNERGY SOFTWARE SYSTEMS. Al Karama, Dubai.
Ample parking and bus stops and metro nearby.
For a trouble-free and timely, year-end close, book today.
Experienced, expert instructors.

Shared Access Signature (SAS) token authorization model and Dynamics 365 systems

November 29th, 2018

In November 2018, all ACS components were permanently shut down. This affects all requests to the service i.e. those fail. This includes the Access Control management portal, the management service, secure token service, and token transformation engine rule. Microsoft made changes to Azure Service Bus that affect Microsoft Dynamics AX 2012 Azure connector, and impact email workflow approvals, companion/mobile applications, and vendor portals. It also affects any other application or service that uses Access Control Service (ACS).

If for example you use Dynamics AX 2012 mobile or tablet applications for time and expense management, and/or approve workflows via email, then be aware of the changes to Azure Service Bus. The Microsoft Dynamics AX 2012 Azure connector uses the Access Control Service (ACS) for user authentication. The management of authorization rules is managed inside by the Azure Active Directory Access Control Service (ACS), and the tokens obtained from ACS are then passed to Service Bus to authorize access to functionality in AX.

ACS is now replaced by Shared Access Signature (SAS) token authorization model. A shared access signature (SAS) provides you with a way to grant limited access to objects in your storage account to other clients, without exposing your account key. A shared access signature provides delegated access to resources in your storage account. With a SAS, you can grant clients access to resources in your storage account, without sharing your account keys. This is the key point of using shared access signatures in your applications–a SAS is a secure way to share your storage resources without compromising your account keys.

To continue using email workflow approvals, mobile applications, and other Dynamics AX features, if you have nit already done so then you will need to migrate your components previously using Access Control Service (ACS) to Shared Access Signatures (SAS). This token model is provided directly by Service Bus and can be used without any intermediaries through access to the SAS rule name and rule key.

https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-acs-migration

https://docs.microsoft.com/en-us/dynamics365/customer-engagement/developer/walkthrough-update-service-endpoint-acs-sas-authorization

RPA certifications for Synergy Software Systems, Dubai

November 25th, 2018

I am pleased to announce that following extensive training over recent weeks two of our consultants have already achieved certifications.

If you have an ROA project in mind and need support for your project from a proven, local. UAE partner then please call Synergy Software Systems on 0097143365589

Making Tax Digital (MTD)

November 19th, 2018

If you have U.K operations then be aware of Making Tax Digital (MTD), a transformational approach to taxation in the UK from HMRC. The first change is coming in 2019 and will affect every organisation from processes to how systems are set up to record and report tax.

This will affect all companies with U.K, financial operations and all financial software. From April 2019, businesses that are registered for VAT and have turnover above the VAT registration threshold of £85,000 will be required to keep digital records for VAT purposes and submit their quarterly VAT return updates to HMRC through functional compatible software

The new VAT record keeping rules requires that all applicable VAT return data is digitally linked so that transactions can be traced from source data (i.e. purchase/sales ledger) to VAT return completion and upload.

Key benefits for businesses include improved visibility over their tax situation and easier access to tax information online; enabling businesses to plan and budget more effectively, driving performance and growth

With Making Tax Digital, the new regulation from HMRC going live from 1 April 2019, it’s time to start preparing. This is similar to the legislation already implemented in the U.A.E. which we have done for both infor SunSystems, and Dynamics 365/Dynamics Ax.

Which versions of Dynamics AX will Microsoft be ‘Making Tax Digital’ compliant?

Any Dynamics product that is still under mainstream support will get an update from Microsoft to ensure full compliance. This means for Dynamics AX only Dynamics AX 2012 R3 will be automatically updated. Microsoft have not confirmed when this update will take place – there are still some further details to come from HMRC.

Receiving the Microsoft update may not be enough to guarantee full compliance – there will likely need to be a number of small updates such as capturing the right fields and updating commercial forms, and reporting format that will need to be confirmed.

In addition, by April 2020 you will need to ensure all of your processes are fully digital.

ROI On Microsoft Dynamics

November 14th, 2018

what’s the true return on investment (ROI) for an average Dynamics 365 deployment?”

Thanks to a newly released independent analysis from Nucleus Research, we can reveal the answer:

For every dollar spent, companies realize an average of $16.97 in returns.

According to the report summary, “this is significantly higher than the average for both enterprise resource planning (ERP) and customer relationship management (CRM), which deliver, on average, $7.23 and $8.71 respectively. Nucleus found that companies taking advantage of Microsoft’s investments in cloud and usability, as well as integration and analytics, were able to achieve significant returns by increasing productivity and revenues and reducing costs.”

The report dives in the value drivers for the cases, and revels that the common elements to the financial success of deployments include:

• The ability to integrate Microsoft solutions with existing applications and data sources
• The enablement of new lines of business, such as cross-selling and up-selling with field service
• A focus on a standardized, easy-to-use user interfaces—the familiar Microsoft look and feel that can help speed up onboarding and user adoption
• Cost savings and greater innovation realized by deploying cloud-based Microsoft business applications
• The focus on improving user productivity by automating, or standardizing, repeatable manual processes

The report is a fascinating read that we invite you to explore on your own. If you are interested in investing in the modern Dynamics enterprise system system then contact Synergy Software Systems and we will send you a copy.

0097143365589

IFRS 9

November 7th, 2018

The Standard includes requirements for recognition and measurement, impairment, de-recognition and general hedge accounting. This standard has replaced IAS 39 and responds to the criticisms that IAS 39 was too complex,
inconsistent with the way entities manage their businesses and risks, and defer the recognition of credit losses on loans and receivables until too late in the credit cycle.

The new standard is based on the concept that financial assets should
be classified and measured at fair value, with changes in fair value recognized
in profit and loss as they arise (“FVPL”). That is unless restrictive criteria are met for classifying and measuring the asset at either Amortized Cost or Fair Value Through Other Comprehensive Income (“FVOCI”) subject to a special
FVOCI designation option for investments in equity instruments, only
loans, receivables, investments in debt instruments and other similar
assets ( “loans and receivables”), can qualify for measurement at Amortized Cost or FVOCI. The key questions are whether:
• The objective of the entity’s business model is to hold assets only to collect
cash flows, or to collect cash flows and to sell (“the Business Model test”),
and
• The contractual cash flows of an asset give rise to payments on specified
dates that are solely payments of principal and interest (“SPPI”) on the
principal amount outstanding (“the SPPI test”).

Both of these tests determine whether to account for an instrument at
Amortized Cost or FVOCI

IFRS 9 specifies how an entity should classify and measure financial assets, financial liabilities, and some contracts to buy or sell non-financial items. IFRS 9 , deals separately with the classification and measurement of financial assets, impairment and hedging.

IFRS 9 requires an entity to recognise a financial asset or a financial liability in its statement of financial position when it becomes party to the contractual provisions of the instrument. At initial recognition, an entity measures a financial asset or a financial liability at its fair value plus or minus, in the case of a financial asset or a financial liability not at fair value through profit or loss, transaction costs that are directly attributable to the acquisition or issue of the financial asset or the financial liability.

So why does it matter if you are not in the Financial services sector?
Any entity with long-term loans, equity investments, or any non-standard financial assets, or only holding short-term receivables may find that it requires
significant changes to its financial reporting as the result of this standard.

Possible consequences of IFRS 9:
Income statement volatility. More assets will
have to be measured at fair value with changes in fair value recognized in
profit and loss as they arise.

Earlier recognition of impairment losses on receivables and loans,e.g. trade receivables. Entities will have to provide for possible
future credit losses in the first reporting period that a loan goes on the books
– even when it is highly likely that the asset will be fully collectible.

New disclosure requirements—the more significantly impacted may even need new systems and processes to collect the necessary data.

IFRS 9 is an opportunity for balance sheet optimization, enhanced efficiency of
the reporting process and cost savings.

Before your year end audit consider the possible impact on financial statements, systems, processes, controls.

Financial assets

When an entity first recognises a financial asset, it classifies it based on the entity’s business model for managing the asset and the asset’s contractual cash flow characteristics, as follows:

Amortised cost—a financial asset is measured at amortised cost when both of the following conditions are met:
◦ the asset is held within a business model whose objective is to hold assets in order to collect contractual cash flows; and
◦ the contractual terms of the financial asset give rise on specified dates to cash flows that are solely payments of principal and interest on the principal amount outstanding.

Fair value through other comprehensive income—financial assets are classified and measured at fair value through other comprehensive income when these are held in a business model whose objective is achieved by both collecting contractual cash flows and selling financial assets.

Fair value through profit or loss—any financial assets that are not held in one of the two business models mentioned are measured at fair value through profit or loss.

When, and only when, an entity changes its business model for managing financial assets it must reclassify all affected financial assets.
Financial liabilities

All financial liabilities are measured at amortised cost, except for financial liabilities at fair value through profit or loss. Such liabilities include derivatives (other than derivatives that are financial guarantee contracts or are designated and effective hedging instruments), other liabilities held for trading, and liabilities that an entity designates to be measured at fair value through profit or loss (see ‘fair value option’ below).

After initial recognition, an entity cannot reclassify any financial liability.

Fair value option

An entity may, at initial recognition, irrevocably designate a financial asset or liability that would otherwise have to be measured at amortised cost or fair value through other comprehensive income to be measured at fair value through profit or loss when doing so will either eliminate, or significantly reduce a measurement or recognition inconsistency (sometimes referred to as an ‘accounting mismatch’) or will otherwise result in more relevant information.

Impairment

Impairment of financial assets is recognised in stages:

Stage 1—as soon as a financial instrument is originated or purchased, 12-month expected credit losses are recognised in profit or loss and a loss allowance is established. This serves as a proxy for the initial expectations of credit losses. For financial assets, interest revenue is calculated on the gross carrying amount (ie without deduction for expected credit losses).

Stage 2—when the credit risk increases significantly and is not considered low, full lifetime expected credit losses are recognised in profit or loss. The calculation of interest revenue is the same as for Stage 1.

Stage 3—when the credit risk of a financial asset increases to the point that it is considered credit-impaired, interest revenue is calculated based on the amortised cost (ie the gross carrying amount less the loss allowance). Financial assets in this stage will generally be assessed individually. Lifetime expected credit losses are recognised on these financial assets.

Hedge accounting

The objective of hedge accounting is to represent, in the financial statements, the effect of an entity’s risk management activities that use financial instruments to manage exposures arising from particular risks that could affect profit or loss or other comprehensive income.

Hedge accounting is optional. An entity applying hedge accounting designates a hedging relationship between a hedging instrument and a hedged item. For hedging relationships that meet the qualifying criteria in IFRS 9, an entity accounts for the gain or loss on the hedging instrument and the hedged item in accordance with the special hedge accounting provisions of IFRS 9.

IFRS 9 identifies three types of hedging relationships and prescribes special accounting provisions for each:

fair value hedge: a hedge of the exposure to changes in fair value of a recognised asset or liability or an unrecognised firm commitment, or a component of any such item, that is attributable to a particular risk and could affect profit or loss.

cash flow hedge: a hedge of the exposure to variability in cash flows that is attributable to a particular risk associated with all, or a component of, a recognised asset or liability (such as all or some future interest payments on variable-rate debt) or a highly probable forecast transaction, and could affect profit or loss.

hedge of a net investment in a foreign operation as defined in IAS 21.

When an entity first applies IFRS 9, it may choose to continue to apply the hedge accounting requirements of IAS 39, instead of the requirements in IFRS 9, to all of its hedging relationships.

IFRS 9 is effective for annual periods beginning on or after 1 January 2018.

End of Support for SQL Server 2008 and 2008 R2 on July 9, 2019

November 2nd, 2018

End of Support for:
- SQL Server 2008, and 2008 R2, on July 9, 2019
and
- Windows Server 2008, and 2008 R2, on January 14, 2020

Risks with an outdated data platform include:
• Non-compliance with GDPR and other market standards
• Exposure to unexpected attacks and security breaches
• Higher costs and inefficient data management
• Incompatibility with modern releases of business applications
• Missed opportunities for innovation and business intelligence

Options:
Upgrade to SQL 2012 or 2017
Ask us about our Advanced SQL database tools – and our special discounted bundled price offer to year end to support GDPR compliance.

Migrate to the azure cloud platform
If it also time to upgrade your servers then now might be a good time to look at a move to the cloud.

Azure Hybrid Benefit
• Save up to 40% on windows Server with Azure Hybrid benefit
• Save up to 55% on migration to Azure SQL database with Azure hybrid benefit
• Go at your own pace – move a few workloads or entire datacenters
• Maximize your investment in Microsoft software.

Paths to Upgrade and Stay Protected
Migrate apps to Azure VMs: get free extended security updates for Windows Server 2008 and 2008 R2 VM’s for 3 years after deadline.

Migrate Data to Azure managed instances or VMs
Azure SQL Database Managed Instance offers a version-free option.
Get free Extended Security Updates for SQL Server 2008 and 2008 R2 in Azure VM’s for three years after the deadline

Modernize when ready
Upgrade in Azure when ready
Or transform apps and data with Azure services

To reduce the cost of on premise servers ask about our Firewall Solutions that provides may other integrated features. Reduce the number of servers needed and the cost of supporting multiple server systems, vpn, sms, ftp, anti virus, and more all in one solution.

To discuss your options contact Synergy Software Systems a Microsoft partner since 1993.
If you are considering a Microsoft Dynamics solution on the cloud then when comparing costs do’t forget that the subscription includes not only the hardware platform but also the significant cost savings of the database, Windows server, and firewall and anti-malware software licenses, but also the savings in server rooms and electricity boils both to power the servers and the server room air conditioning. Nor is there any extra cost is for license enhancements fee for continuous upgrade versions of the ljcences. That also redcues yoru GDPR compliance challenges.

If your SQL database, or your servers, or your Windows Server licenses are due for renewal, or its time to move an any time anywhere, any device new business system then call Synergy Software Systems to discuss your options

Microsoft partner since 1994
Dynamics Partner since 2003

VAT in Bahrain – Update your Sunsystem financials with Synergy Software Systems

October 23rd, 2018

Bahrain will be the next country to implement five per cent value-added tax (VAT) after the UAE and Saudi Arabia as part of the GCC framework agreed between the six states, according to tax experts. Bahrain’s parliament in an extraordinary session ordered by royal decree. has approved the introduction of 5 percent value-added tax (VAT) in the kingdom from January 1 2019. The move must also be approved by Bahrain’s upper house.

The introduction of VAT will be a big challenge for the local Bahrain market, and businesses now have less than 3 months to be prepared for these changes. This announcement of a definitive date for the tax to become effective means that businesses should accelerate their VAT readiness preparations. Last week, Bahrain announced a fiscal overhaul meant to balance its budget by 2022, backed up by a $10 billion economic support package from Saudi Arabia, the UAE and Kuwait. The plan aims to raise $2.1 billion a year as Bahrain looks to curb its debt after years of lower oil prices.

At the start of 2018 VAT was introduced in both K.S.A, and the U.A.E. Synergy Software Systems has extensive experience of VAT implementation in business systems like Dynamics 365 Finance and Operations, Dynamics Ax, and Infor SunSystems in both K.S..A and the U.A.E, across almost 200 customers in varied vertical sectors.

VAT Registration
• The compulsory VAT registration threshold in Bahrain is BHD 37,000 per annum.
• A voluntary registration for businesses below this threshold is permitted, although this has its own minimum threshold of BHD 18,850 per annum.
• There is scope for related businesses to apply for a single, Group VAT registration.
• There is no threshold for non-resident businesses, which must register prior to their first supply. Foreign registrations may be either direct, or via a local Fiscal Representative.

Bahraini VAT rates
Generally, Bahrain follows the terms of the Agreement, including the harmonised standard VAT rate of 5%, but has a wider range of zero and reduced VAT rates to provide subsidies to the less well off in society.

Which goods or services, at what rate?:

% Zero Basic foodstuffs; domestic and international transport; new properties; healthcare; exports of goods and services; high-value metals; oil and gas; education; and medicine and medical equipment.

Exempt: Sale and lease of real estate; and financial services.

5% Standard From 1 January 2019: All other supplies of goods, or services, including imports, in accordance with the Unified VAT Agreement.

Bahraini VAT invoices
VAT invoices must contain the following information as a minimum:
• Date of invoice (and date of supply if different)
• Unique, sequential invoice number
• Tax ID number of the supplier
• Name and address of the supplier and customer
• Description and quantity of the goods supplies; nature of services provided
• Gross, VAT and net values of supply
• VAT rate applied, and explanation where not the standard rate
Invoices must be issued within 15 days following the month of supply of the taxable goods or services.

Bahraini VAT Returns
Registered tax payers must submit their periodic returns each month.
Returns must be filed by the last working day of the month following the reporting period.

Penalties for non-compliance
Timely preparation is critical because VAT is generally a self-assessed tax, and errors are often subject to severe penalties and business disruption.
Businesses that have been operating in a largely non-tax environment should already have started to prepare and to analyze in detail what the implications of the new tax will be for example on: their pricing, contracts and IT systems.
The following penalty regime for non-compliance is in place, with financial penalties and potential prison terms:
• BD10,000 for failure to register for VAT within 60 days of the required date
• Failing to issue a VAT invoice within 15 days of the month following the taxable supply
• Failing to submit a VAT return and/or pay any VAT due by the end of the month following the reporting month,

Transition rules
The following rules will apply to supplies contracted and supplied over the introductory period:
• Where invoices were issued, or payments made, prior to 1 January 2019 for post-implementation supplies, then VAT is still due. In this case, a debit note for the original invoice should be issued with the correct VAT indicated.
• Initially, goods supplied to other GCC states that have also implemented VAT (Saudi Arabia and UAE) will be treated as exports. There are plans to introduce zero-rating with reverse charge supplies to eliminate import VAT, but this is dependent on the introduction of an Electronic Services System transaction reporting platform, which has yet to be developed.
• For pre-January 2019 contracts which are silent on the VAT treatment, then the price will be VAT inclusive. This presents a cash flow risk for the supplier.

Other GCC Countries
The Sultanate of Oman announced that VAT would be introduced in 2019, most likely mid-2019.
The Kuwaiti parliament is yet to vote on the VAT bill which should be introduced in the upcoming session before the year-end. The expected timeline of introduction of VAT in Kuwait is late 2019 or 2020.

EY, estimated that a five per cent VAT rate will produce revenues of over $25 billion per annum for the six GCC countries.

Contact:
Synergy Software Systems: 009714 3365589/ 33734282
Deyafa Systems: 009714 3240066

AI why will it make any difference?

October 1st, 2018

For all the talk around the rise of AI, or Artificial Intelligence, the technology isn’t new. We use AI in our daily lives.

Predictive text is the most visible example.Google searches, Word spellcheck are examples. You frequently text a friend to meet at the mall. You type: “Meet me at the …” Your phone suggests “park” or another common place to meet. Over time, your phone learns, and the suggestions start to prioritize “mall” over other words.

A basic case is that AI:
• takes data,
• analyzes it,
• implements a solution (suggesting the next word),
• evaluates the results (recognizing that you almost always type “bar” with that friend),
• and then repeats the process with improved recommendations based on data.
• Over time, the system grows smarter.

Typically ‘triggers’ to execute a ‘script’ were ways to automate processes. A log fiel is mintored and akey word triggers a support ticket, or runs a script.Over time thje system learns and can predict and run checks before the error happens.
Other examples of AI in everyday life include pricing on ridesharing apps, facial recognition in social media and even non-player characters in video games.

Until recently, the technology was available to a few companies with deep pockets. To take advantage of AI, you had to have a big data center, specialized software and data scientists in house. We’ve reached a tipping point. With cloud-based technology, companies of all sizes can more easily plug into AI-infused applications at a much lower entry cost.
AI is the next big disrupter in many industries.

Let’s look at the wholesale trading industry. Here are two ways you can leverage AI to benefit a business:
Optimize where a team spends their time.
- Imagine the ability to direct your Accounts Receivable team to the late-paying customers that are most likely to respond.
– AI can help distributors differentiate between those who aren’t going to pay and need to be turned over to collections, and those who are more likely to pay with just one phone call.
- AI could also direct a call centre team to focus on certain times of day to increase the likelihood someone picks up the phone. Given the importance of cashflow to distributors, this is a powerful application of the technology.
- The same idea goes for a sales team. With which customers should they be spending more time? AI can identify the data points that influence purchasing, such as whether a prospect downloaded a whitepaper, they have an account exec assigned to them, or they have previously purchased related products.

It could even be something you can’t control, like the weather forecast. If it’s going to be 110 degrees, you can expect an uptick in sales of air conditioning units or parts to fix them in certain geographies. AI can identify these opportunities for salespeople. AI then adjusts those recommendations based on how customers respond, and the cycle continues.

Grow sales and margin with existing customers.
When a customer is checking out on a website, via your call center, at the counter or through another channel, how can you engage them more? Enter AI. For example, let’s say that data show that electrical contractor customers of a particular size regularly buy red, green, white and black 10-gauge copper wire at the same time. So when an electrical contractor of that size selects just red, green and white, a salesperson should be prompted to ask: “Are you forgetting black?” Chances are, the customer will add black wire to the basket.

To identify those relationships, however, and to code them into your system is a lot of work. We can do much of this already with BI analysis and on screen prompts.Add to that the evaluation of whether the offers were effective – how often they were accepted, how often they weren’t (and why) – and adjusting for that on the next sale, or updating sales scripts and offers. It becomes increasingly difficult if not impossible to do that manually across thousands of products.
AI can do this far more quickly and effectively than a human can, and can have a big impact on the top line. A foodservice distributor grew sales volume by 5% nearly overnight after turning on an AI-powered cross-sell and upsell recommendation engine on their website.

This is not just about selling online. Sure Distributors use cross-sell/upsell technology to grow share across their channels. However, they can also provide more meaningful, targeted content to make the customer’s selection process smoother and better informed, to draw his attention to designs or offers that are likely to be of interest, and so on. The ROI can be huge, and it requires very little upfront work by humans.

Pricing software is a more mature application of AI-based technology, determining the optimal price for a particular item based on lost sales, historical sales volume, competitor pricing, and potential for up sell or cross sell or repeat sell. and other data points. Hotels and airlines use revenue yield management. If it’s a business trip they may feel you will spend more in their restaurant on an expense account. I may only book when rates are cheap but I might always eat in house use, pay tv, and order wine with my meal and be a more profitable customer. If my rooms for tonight or my airline seats are less than 50% sold then I might discount heavily to ensure I sell enough to cover costs, but once past 80% I may charge a premium price because you may be desperate with little choice and a few high value sales will make up for the one or two I lose.

If a product has excess stock and is nearing the end of its shelf life, or a cinema is going to be half empty then AI can auto trigger instant sms sales promotions or happy hours but can it learn and predict and better tune the films shown in a given cinema, and whether average clothes sizes are trending bigger, or whether some colours and sizes will sell better in one branch than another and how that correlates with other data, How much is spent on marketing, what other sales are happening nearby, are temperatures going to rise, what si te epxcted change on the exchange rate or inflation rate or oil price and will that affect the number of tourist, and will revised parking fees affect who shows where and when?

is this a Big Brother nightmare, or does it mean that we are going to get better service because what we need to buy is going to be in stock even before we realise we need it.

As new younger generation z employees are hired into purchasing roles, they expect the kind of customer experience that AI-powered technology can deliver. This technology is here now. It’s not just a technical decision. There are real business benefits to using AI, including growing average order size, boosting margins and tightening customer relationships.