Archive for the ‘Microsoft Dynamics CRM’ category

SQL Server 2016 Service Pack 2

April 25th, 2018

SQL Server 2016 Service Pack 2 is released. This SP2 release includes the hotfixes from all released 2016 cumulative updates: SQL Server 2016 CU1 through SP1 CU8.

SQL Server 2016 Updates
Each update is linked to its Microsoft knowledge base article with the download and the list of hotfixes included. The dates show the end of support date

SP2 2018/04/24 13.0.5026.0 2026/07/14
CU8 2018/03/19 13.0.4474.0 2019/04/24
CU7 2018/01/04 13.0.4466.4 2019/04/24
CU6 2017/11/22 13.0.4457.0 2019/04/24
CU5 2017/09/18 13.0.4451.0 2019/04/24
CU4 (w/MDS bug) 2017/08/08 13.0.4446.0 2019/04/24
CU3 2017/05/15 13.0.4435.0 2019/04/24
CU2 2017/03/20 13.0.4422.0 2019/04/24
CU1 2017/01/18 13.0.4411.0 2019/04/24
SP1 2016/11/16 13.0.4001.0 2019/04/24
CU9 2017/11/22 13.0.2216.0 2018/01/09 – out of support
CU8 2017/09/18 13.0.2213.0 2018/01/09 – out of support
CU7 2017/08/08 13.0.2210.0 2018/01/09 – out of support
CU6 2017/05/15 13.0.2204.0 2018/01/09 – out of support
CU5 2017/03/28 13.0.2197.0 2018/01/09 – out of support
CU4 2017/01/18 13.0.2193.0 2018/01/09 – out of support
CU3 2016/11/17 13.0.2186.6 2018/01/09 – out of support
CU2 (see note 1 and note 2) 2016/09/22 13.0.2164.0 2018/01/09 – out of support
CU1 2016/07/25 13.0.2149.0 2018/01/09 – out of support
None (RTM) 2016/06/01 13.0.1601.5 2018/01/09 – out of support

Note 1: CU2 has a known issue with Filestream not working when SecureBoot is enabled. If you’re on Windows Server 2016 or Windows 10, and using SecureBoot (which is enabled by default with Hyper-V Gen2 VMs), and your database has Filestream, then either need disable SecureBoot, or skip CU2 for now.

Note 2: columnstore index users should consider the on-demand hotfix update 13.0.2170.0, which includes serious performance and reliability fixes.

Warnin read the bottom note about “Uninstalling SQL Server 2016 SP2 (Not recommended): there some new features which once installed may give issues if you then try to uninstall.

https://www.microsoft.com/en-us/download/details.aspx?id=56836

Dynamics 365 Spring release and v9.2

April 23rd, 2018

We recently posted about Dynamics 365 Spring release and focused on Finance and Operations Enterprise features and enhancements.

Now lets look at the customer engagement apps. We now have the previously mentioned new Unified Interface framework and Customer Service Hub Dynamics 365 for Marketing

D365 for Marketing includes event management, email marketing and lead nurturing capabilities embedded within the Dynamics 365 user interface.

Dynamics 365 for Sales – Professional Licence. In addition to the functionality of the D365 for Sales Enterprise licence, Microsoft will offer a new streamlined licence at a lower price point for sales teams members only need lighter functionality. This new licence type restricts use of custom entities, workflows and forms and excludes some functionality including hierarchies, sales goals, social engagement and mobile offline sync.

Embedded Intelligence. Previously available as a preview feature (formerly called Relationship Insights),
• Relationship assistant helps sales users by letting them know when to: follow up on an email, answer a question, attend a meeting, follow-up with a neglected contact and much more. Alert cards are displayed throughout the application to provide relevant information for the context in which the user is currently working and uses data stored in Dynamics 365 and Exchange inbox and calendar.
• Auto capture with Outlook – analyses emails to find messages relevant to specific accounts and then tracks in Dynamics 365 with just one click
• Email engagement – insights from customer emails so sellers can prioritize the most receptive contacts.

Power BI Insights apps. Microsoft will release a series of embedded Power BI Insight apps tailored to specific business functions beginning with a previous release for Sales Insights. This is expected to include predictive lead scoring and relationship analytics to give a relationship health score calculated from emails and content exchanged, and frequency and level of customer interactions brought together from Dynamics 365, email and social networks.

New App Platform Capabilities

The application platform that sits underneath Dynamics 365 sees a significant change with this release. For Dynamics 365 v9, the legacy XRM framework behind Dynamics is npw merged with an updated version of Microsoft’s Common Data Service (CDS). This uses the same Dynamics code base and with backwards compatibility promised, there will be no obvious change, with existing Dynamics 365 apps continuing to work without any modification.
This means that the same platform that powers Dynamics 365 is also used by PowerApps, Office 365, Power BI and the Common Data Service – now renamed Common Data Service for Apps. CDS for Apps has a boost in functionality through server side logic, improved app building experiences and developer capabilities.

PowerApps. PowerApps together with the platform that powers Dynamics 365 lets you build an app and choose between a Canvas app (using a visual WYSIWYG editor) or a Model-driven app (driven by entities, their relationships & business processes). Both apps can access your data and logic in CDS for Apps.

In addition to server side logic, the latest app building capabilities include:
• Business Process Flows to model process stages and guide users through them
• Sophisticated security model providing row level security and model hierarchies
• Calculated fields that use server side logic to compute values in an entity

These new capabilities enable lightweight mobile apps to be quickly developed for field based staff to collect data and also to create new processes that will natively connect across Dynamics 365 and other Microsoft cloud services. PowerApps P2 now becomes the platform licence for users of stand-alone model driven apps. PowerApps P2 is included with the Dynamics 365 Customer Engagement Plan.

Common Data Service for Analytics. Another CDS for Analytics reduces the complexity of analysing data and extracting insights across standalone business apps and other sources. A new capability in Power BI, Common Data Service for Analytics enables organisations to integrate data from multiple sources and will provide teams with increased access to analytics across all the relevant tdata.

GDPR Microsoft states its Spring 18 release features a series of updates across Dynamics 365 products to address the requirements of the General Data Protection Regulation (GDPR). Visit the Microsoft Trust Center to find tools and auditing reports for managing cloud-data security and compliance within your organisation and to read more about what Microsoft is doing to help its customers comply with this regulation.
Use Microsoft Compliance Manager to get insights into your responsibilities for meeting compliance standards.

GDPR stands for General Data Protection Regulation effective from 18th May 2018 in Europe.
The primary objectives of the GDPR are to give citizens and residents back control of their personal data and to “simplify” the regulatory environment for international business by unifying the regulation within the EU.
As per the ICO, the UK’s independent body set up to uphold information rights, the GDPR applies to “controllers” and “processors”. The definitions of controllers and processes are broadly the same as those under the Data Protection Act. In short, the controller says how and why personal data is processed and the processor acts on the controller’s behalf.

If you are a processor, then the GDPR places specific legal obligations on you. For example, when you/ your organisation / your solution / your product maintains or stores records of personal data and includes processing activities, you will have significantly more legal liability if you are responsible for a breach. These obligations for processors are a new requirement under the GDPR and were not as such in the Data Protection Act (DPA).

For Microsoft Dynamics 365 CRM projects, this is a significant legal obligation. The majority, of Dynamics CRM projects include the storage, maintenance and processing of personal data and will most probably fall under GDPR rules if you have European operations, customers and vendors..

LinkedIn Sales Navigator Integration. Improvements to the integration between Dynamics 365 for Sales and LinkedIn Sales Navigator provides more detail about companies and LinkedIn members synchronised to Dynamics record forms and dashboard including profile pictures.

Web Portal . With the Spring Upgrade, portal search is now extended to knowledge article attachments increasing the likelihood of relevant search results.

Dynamics 365 – 9.0.2 Update. This month icrosoft will begin applying Update 9.0.2 to Dynamics 365 (Online), version 9.0 and higher. This update is focused on reliability and performance improvements as well as some new features. Any updates from version 8.x to version 9.0 are scheduled on or after April 2 will automatically get this update – no change of schedule is needed. For customers already running Dynamics 365 (Online) version 9.0.1 or higher, Microsoft begin deploying this update from April 7 through its normal deployment process. No customer action is needed to deploy this update.

Dynamics 365 Spring 2018 (v9.0.2) licensing guide:

https://mbs.microsoft.com/Files/public/365/Dynamics365LicensingGuide.pdf

#Dyn365FO Spring 18 release

March 24th, 2018

The release is due out in April and brings many new features:

Business productivity
Alerts – Client-based alert functionality enables a user to define alert rules based on business events, such as when an invoice is paid or a customer changes an address.
Optimization advisor – Uses telemetry to analyze customers’ business processes, finds optimization opportunities, uses application data to quantify the opportunities, and then recommends solutions.
Project timesheet mobile - Employees can create and submit project timesheets. The use of saved favorites and the ability to copy from a previous timesheet facilitates rapid, accurate time entry.
Edit default project fulfillment hours – Project resource managers can edit the default hours as part of the project booking fulfillment process.
Reserve project resources past the task end date – Project resource managers can fulfill resources on tasks past the current task planned end date..
Person search report - You can find a person and their personal data in Finance and Operations.
Data sharing for customer and vendor tables –share Data across customer and vendor tables and related tables across multiple legal entities.
One voucher deprecation – One voucher is turned off by default, through a General ledger parameter.

Extensibility and customization
Customizations through extensions only - Migrating customizations from one release to the next has been simplified by moving away from over-layering to the use of extensions.
Extensibility requests - Customers can submit a request to Microsoft for extension support to be added to the product for a needed scenario. The Spring ’18 release enhances this feature by moving it to Lifecycle Services.
Extensible project work breakdown structure – Enables customization of the project work breakdown structure using extensions. This replaces the hierarchical grid control used for the project work breakdown structure with a standard grid that supports hierarchical data.
Embedding PowerApps in workspaces and forms – Use PowerApps to embed data from external sources into Finance and Operations data.
Custom fields - Organizations can add custom fields to tailor their application to their business requirements, using a no-code extensibility experience.

Integration
Integration with Common Data Service (CDS)
Integration with Dynamics 365 for Field Service - Provides data integration to support scenarios where Field Service activities are done outside Finance and Operations, leveraging the data integrator.
Integration with Dynamics 365 for Project Service Automation - Supports scenarios where project and resource management activities are done outside Finance and Operations, and the project accounting activities are done in Finance and Operations, leveraging the data integrator.
Integration with Dynamics 365 for Talent (Public Preview) – Provides data integration of the appropriate HR information into Finance and Operations.

Improved support experiences
Telemetry-based KB recommendation - Telemetry from a production environment can be used to identify the application hotfixes that apply to a tenant.
• KB recommendations when entering a support case - LCS provides telemetry-driven KB recommendations.
Report production outage – Provides a quick and effective channel to escalate issues to Microsoft Support if the services in a production environment are degraded or become unavailable.

Supply chain management
Vendor collaboration – RFQ process – Enhancements make it easy to tell who entered a bid (a vendor or a procurement department).
Partial shipment of a load (split load) - Allows single loads or multiple loads to be fully or partially loaded.
Immediate replenishment of locations – Used during wave execution if allocation fails for a location directive line that has a replenishment template.
Reason codes added to warehouse counting and adjustment – Users can add a reason code when performing counts and when making an adjustment.
Batch balancing enabled for advanced warehousing processes.
Analytical workspaces with embedded Power BI for Cost management – new Cost administration and Cost analysis workspaces

Globalization
India localization – project and upgrade – Users can manage India Goods and Services Tax (GST) for the Project management and accounting module, and AX 2012 customers can upgrade to Dynamics 365 for Finance and Operations.
Enhanced configurability - New features include import and testing scenarios, and also broader support for configurability without coding.
Translation Service - In addition to supporting user interface translation, Dynamics Translation Service (DTS) now supports documentation translation in Microsoft Word and HTML formats (.docx, .html). DTS features can also be accessed directly from various development environments by using the DTS API.
• Regulatory service – configuration (available at the end of April) – Regulatory service targets a no-code programming approach, allowing users to configure electronic reporting formats or tax rules rather than write code for them in the underlying application.
Integration

Servicing, performance, and deployment
Improved delivery of platform and financial reporting updates – Enhancements to how software updates are provided, to improve deployment time and the reliability of servicing.
Upgrade automation – Upgrade automation makes major version upgrades a self-service operation for the customer, using LCS for non-production environments.
Service hardening – Added service monitoring and alerting for core business processes, and improved form load performance of the most commonly used forms.
Lifecycle Services sandbox self-service automation and RDP lockdown.
On-premises deployment updates. Much awaited!

Compliance
General Data Protection Regulation (GDPR) – Investments address the European privacy law’s requirements. Go to the Trust Center to learn more and find resources to help you comply. See our previous posts on the importance of this new legislation.
Accessibility enhancements – Go to the Trust Center to learn about industry-leading accessibility standards.

Finance Insights: Credit and collections

Credit and collections insights provides analytics that help organizations effectively manage their credit and collections processes. It provides:
• Aggregate views of credit and collections across all designated companies.
• Data broken down by company, customer group, and customer.
• Credit overview report.
• Collections report.
• Credit and collections details for a variety of dimensions.
• Predictive analytics to help identify trends.

Lots lots more : Retail, cds, flow, Power bi etc

For more information contact your Dynamics 365 Dubai partner Synergy Software Systems 009714 3365589

Dynamics Finance and Operations Enterprise- new ahshtag for easier search #Dyn365FO

March 24th, 2018

#Dyn365FO. All content on docs.microsoft.com now has the hashtag

SQL 2008 Extended support ends July 2019

March 4th, 2018

A remdnder that Mainstream Support for SQL Server 2008 and SQL Server 2008 R2 ended on July 8, 2014. – Support Lifecycle policy, found in http://support.microsoft.com/lifecycle.

Customers are encouraged to prepare and execute on their upgrade and/or sustained engineering plans as early as possible for these SQL versions. Remaining current on your SQL Server version ensures that your product remains supported per the Support Lifecycle policy. Additionally, your software benefits from the many enhancements, fixes, and security updates provided through the latest releases.

For both SQL Server 2008 and SQL Server 2008 R2, Microsoft will continue to provide technical support which also includes security updates during the duration of extended support. See the table below for extended support end date. Non-security hotfixes for these versions will be offered only to customers who have an Extended Hotfix Support agreement.

SQL Server 2017 Cumulative Update 4

March 4th, 2018

Last month Microsoft released SQL Server 2017 Cumulative Update 4, which is Build 14.0.3022.28.

There are 55 hotfixes in the public fix list. Run the special T-SQL script in the release notes if you are using Query Store and previously ever had SQL Server 2017 CU2 installed (and you were using Query Store on any of your databases at that time). The script will look for any plans that were forced while you were running SQL Server 2017 CU2, and if it finds any, it will unforce those and then clear those from Query Store.

There are several updates both for Columnstore indexes and for Availability Groups.

There will not be any Service Packs for SQL Server 2017, so test and deploy SQL Server 2017 Cumulative Updates as they become available.

SQL Server 2017 and later versions will no longer receive SPs
The Modern Servicing Model (MSM)

Starting from SQL Server 2017:
• SPs will no longer be available. Only Cumulative Updates (CUs) and critical updates (GDRs) will be provided.
• CUs will contain localized content if it’s necessary as what SPs have done.
• CUs will be delivered more frequently at first and then less frequently: every month for the first 12 months, and then every quarter for the final four years of the five-year mainstream lifecycle.

Note The MSM only applies to SQL Server 2017 and later versions.

Earlier versions of SQL Server are not affected by this SP policy change. Service Packs (SPs) will continue to be provided for the reminder of mainstream support for SQL Server 2014 and SQL Server 2016.

EAM, field service, IOT and Holo lens -ask Synergy Software Systems, Dubai

February 17th, 2018

The digital world is already here and what seemed science fiction few years back we now accept as everyday. Voice activated commands on our smear phone now also query our databases and update our dashboards, remote medical checks are done at an atm, artificial intelligence and big data influence our live every time we log onto google, amazon, facebook or ring a callcentre.

We have been investigating IoT for over a year, particularly with regard to condition monitoring for asset management and several of our team were involved in recent training that included a hands on session for Microsoft Field Services. This is built on the Dynamics 365 platform as an extension of CRM and offer comprehensive features for field service: help desk, engineer scheduling and mobile operations. Field service is aimed at service companies with a large field force of service engineers and is typically integrated with erp systems and thus the overall project can be quite complex. To reduce the risk and implementation time we offer a proven accelerator.

We also offer a Enterprise Asset Management suite which is successfully deployed in several leading UAE companies for a number of years particularly for asset tracking.

In Dynamics 365/2012 for Ax EAM also needs to consider that both engineers and equipment may be sued is production or on projects. Thus engineering and maintenance scheduling also has to consider in house planned and breakdown maintenance and servicing and more complex overhauls and asset structures, the impact of equipment downtime on production schedules and much more. We offer a Microsoft certified isv integrated suite of EAM modules built on the Ax 2012/D365 platform that covers both field service and mobile as well as in in house maintenance.

Predictive maintenance and SCADA integration and extensive condition monitoring., embedded and Power BI analytics are no longer rocket science.

At a recent client 4 day workshop we demonstrated HOLO lens assisted reality to support engineers. This can for example be used to provide step by step guidance or for collaboration from the field with an OEM a remote manufacturer, or your chief engineer.

“Meltdown” and “Spectre and azure.”

February 10th, 2018

Last month as reported on this blog, Intel revealed two critical vulnerabilities they found in Intel chips. These vulnerabilities allow cyber-attackers to steal data from the memory of running apps. This data can include passwords, emails, photos, or documents. Intel dubbed these as: “Meltdown” and “Spectre.”

Microsoft released a patch for Azure the very next day. Just as well because Microsoft Azure is a shared-computing environment by default. One server hosts applications and development of applications, and various Virtual Machines tap into the server to allow employees to and others to access these applications. As such, the Meltdown vulnerability allows an attacker to compromise the host and read all the data from every operating system tapping into it. Around 3-10 million physical servers host Azure, and these servers in turn host tens of millions of Virtual Machines. So impressively Microsoft developed deployed a patch for these vulnerabilities in less than a week’s time. Azure is a cloud-based application and so Microsoft could focus their security team to work on the cloud servers and only the cloud servers. This way, these millions of servers and users had a patch and all applications hosted on the Azure cloud-platform were immediately protected.

A good business case example for business to move to Azure cloud services.

Malware developers are still out there. German antivirus testing firm AV-Test reported 139 samples of malware trying to attack the Meltdown vulnerability in January to exploit those who have not patched.

Microsoft patched their cloud servers, but non-Azure users (as well as all Windows users, period) still need to apply their operating system patches to ensure complete protection. This is one vulnerability you definitely don’t want cyber-attackers to exploit, whether it’s your personal computer or your business’s server.

Outlook Add in for Dynamics 365 lives on – ask Dubai Dynamics partner Synergy Software Systems

February 1st, 2018

In June 2017, Microsoft announced the deprecation of Dynamics 365 for Outlook (otherwise known as the “Outlook add-in”) and the plan to replace it with Dynamics 365 App for Outlook. The deprecation announcement meant that although Dynamics 365 for Outlook would continue to be supported, it would be removed in Dynamics 365 version 10.0.

Some feature gaps in Dynamics 365 App for Outlook prevent it from being a viable replacement for the Outlook add-in. Along with many other partners and customers we voiced our concern. Microsoft has announced it is reversing the deprecation of Dynamics 365 for Outlook so that customers who are still on older versions of Dynamics 365 can upgrade and not lose core functionalities on.

Microsoft will still release Dynamics 365 for Outlook with new versions of Dynamics 365. As a result, customers upgrading to a new version of Dynamics 365 will have the same Outlook integration experience as in previous versions.

The Outlook add-in will also continue to be fully supported in current and future versions of Dynamics 365, and bugs will continue to be fixed with improvements to the performance and reliability of the Outlook add-in

From a functionality standpoint, all current scenarios will continue to be supported; we are not planning to add any new features.

The reversal of the deprecation of Dynamics 365 for Outlook does not change the fact that COM add-ins (like Dynamics 365 for Outlook) are an older and slower technology.

The Dynamics 365 App for Outlook is based on newer Office add-in technology. This is an area where the Outlook team is also investing heavily. Unlike COM add-ins, Office add-ins do not have any code physically installed on the user’s device or on the Outlook client. They are easier to deploy and maintain, much more reliable, and work across platforms.

SQL Server 2014 SP2 CU9

January 2nd, 2018

On December 18, 2017, Microsoft released SQL Server 2014 SP2 CU9, which is Build 12.05563.0.
This CU has seven public hotfixes, most of which are for the SQL Engine of SQL performance -critical for taks like mrp. inventory close, consolidation etc.

Since SQL Server 2014 SP1 and earlier are no longer “supported service packs”, there is no corresponding CU for the SP1 or RTM branches of SQL Server 2014.

As always, make an effort to stay current on cumulative updates

Dynamics Partner- Dubai, U.A.E., G.C.C. Global – Ax, erp, CRM

December 20th, 2017

As we near the end of 2017 we look back on 25 years of partnership with Microsoft and 15 years as one of the oldest Dynamics global partners, and the longest established ,Dynamics certified regional partner.

For the last 10 years we have also been the regional representative for Ax Pact global projects.

Our Ax journey from Axapta 2.5, 3, 4, then Dynamics Ax 2009, 20012, RTM. R1, R2, R3, and now Dynamics 365 Finance and Operations Enterprise, as well as Dynamics CRM though all versions since v 3 ahs taken us across the world and into many verticals and international companies. Our experience encompasses Manufacturing Trading, Construction, Oil and gas, Financial services, Utilities, Education, Government, PSA, Retail ……. we have implemented our Dynamics Ax GCC localised HR and Payroll in more than 40 companies.
We currently have Dynamics projects running in KSA, Oman, Africa, and a dozen projects in the U.A.E.

Now we have the full Dynamics technology stack with which to support customers in their digital transformation to a more agile future at a time of disruptive innovation. Dynamics 365, , Power apps, Power Bi
Flow, Common data platform, Talent, and much more. The power of the new SQL databases and of the azure cloud platform , and Edge computing open up the world of IoT, Big data, predictive analytics, Mobile any time any where, Social media monitoring and integration, new means of collaboration from teams to Surface hub to Holo lens.

Its a brave new world ahead – let us help you charter a safe course, or join us in the journey as part of one of the best certified teams globally..

SQL Server 2017

November 22nd, 2017

SQL Server 2017 went on general release a couple of weeks ago. This brings a whole host of benefits

Microsoft SQL Server 2017 features the much-anticipated SQL Graph, which provides new graph database capabilities for representing complex many-to-many relationships. Social media platforms like Facebook and LinkedIn use graph databases extensively, and in the era of big data, use cases are emerging across many industries.

Businesses can explore these relationships to reveal valuable information – from changes in the types of structures to the query abilities being requested of you and your teams. Whether it’s identifying similarities in customers behind trends in purchasing behavior, or mapping patterns in credit card usage to determine credit limits or risk indicators of defaulting on repayments, the introduction of graph capabilities to SQL Server makes the processes more streamlined.

Perhaps the most touted feature of the new version is that it will be available to be installed on Linux; an entirely inconceivable premise 10 years ago, which just goes to show how far Microsoft have changed in their approach to supporting non-Windows platforms as standard.

The announcement earlier this year that Power BI would be included as part of SSRS in was welcome. Previously, each tool was well suited for a specific reporting purpose – SSRS was great for designing reports that require a lot of visual tailoring and widely common formats for exporting, whereas Power BI is more geared towards real-time, dashboard views that marry together disparate data sources in a straightforward way. By being able to leverage SSRS to fully utilise Power BI reports, the application suddenly becomes a lot more versatile and the potential for combining together functionality becomes a lot more recognisable. So, for example, having the ability to drill down to an SSRS report from a Power BI report would be an excellent way of providing reporting capabilities that satisfy end-user consumption in 2 different, but wildly applicable, scenarios

The updated SSMS client for SQL Server 2017 has been given refreshed icons that bring the application more in line with how Visual Studio and other Microsoft products are looking these days

Inside a Microsoft cloud data centre with Synergy Software Systems

November 22nd, 2017

Get the reach and local presence you need with Microsoft’s global datacenters – https://azure.microsoft.com/en-us/regions/ Azure is generally available in 36 regions around the world, with plans announced for 6 additional regions.

Go beyond the limits of your on-premises datacenter using the scalable, reliable infrastructure that powers the Microsoft Cloud.

Transform your business and reduce maintenance costs with an energy-efficient infrastructure spanning more than 100 highly secure facilities worldwide, linked by one of the largest networks on earth.

The engine that powers Microsoft’s cloud services, the is designed to support smart growth, high reliability, operational excellence, cost-effectiveness, environmental sustainability, and a trustworthy online experience for customers and partners worldwide.

Microsoft deliver the core infrastructure and foundational technologies for Microsoft’s over numerous online businesses including: Dynamics 365, Power Bi, Cortana analytics, IoT, Bing, MSN, Office 365, Xbox Live, Skype, OneDrive and the Windows Azure platform.

The infrastructure is comprised of a large global portfolio of more than 100 datacenters and 1 million servers, content distribution networks, edge computing nodes, and fiber optic networks.

The portfolio is built and managed by a team of subject matter experts working 24x7x365 to support services for more than 1 billion customers and 20 million businesses in over 90 countries worldwide

Those are 2014 figures and the Microsoft cloud has expanded greatly since then for example the acquisition of Linked in and the launch of Dynamics 365.

To help you comply with national, regional, and industry-specific requirements governing the collection and use of individuals’ data, Microsoft offers the most comprehensive set of compliance offerings of any cloud service provider. Microsoft business cloud services operate with a cloud control framework, which aligns controls with multiple regulatory standards (https://www.microsoft.com/en-us/trustcenter/guidance/risk-assessment#Audit-reports)

Argentina PDPA – Microsoft has implemented the security measures in the Argentina Personal Data Protection Act.

BIR 2012 – Agencies operating in the Netherlands government sector must comply with the Baseline Informatiebeveiliging Rijksdienst standard.

Canadian Privacy Laws – Microsoft contractually commits to implementing security that helps protect individuals’ privacy.

CCSL (IRAP) – Microsoft is accredited for the Australian Certified Cloud Services List based on an IRAP assessment.

CDSA – Azure is certified to the Content Delivery and Security Assoc. Content Protection and Security standard.

China DJCP – Azure and Office 365 operated by 21Vianet are rated at Level 3 for information security protection.

China GB 18030 – Azure and Office 365 operated by 21Vianet are certified as compliant with the Chinese character standard.

China TRUCS – Azure and Office 365 operated by 21Vianet obtained Trusted Cloud Service certification.

CJIS – Microsoft government cloud services adhere to the US Criminal Justice Information Services Security Policy.

CS Mark (Gold) – Microsoft received the CS Gold Mark in Japan for Azure (IaaS and PaaS) and Office 365 (SaaS).

CSA STAR Attestation -Azure and Intune were awarded Cloud Security Alliance STAR Attestation based on an independent audit.

CSA STAR Certification – Azure, Intune, and Power BI were awarded Cloud Security Alliance STAR Certification at the Gold level.

CSA STAR Self-Assessment – Microsoft STAR Self-Assessment details how cloud services fulfill Cloud Security Alliance requirements.

DFARS – Microsoft Azure Government supports Defense Federal Acquisition Regulation (DFARS) requirements.

DoD – Microsoft received Department of Defense (DoD) Provisional Authorizations at Impact Levels 5, 4, and 2.

EN 301 549 – Microsoft meets EU accessibility requirements for public procurement of ICT products and services.

ENISA IAF – Azure aligns with the ENISA framework requirements through the CSA CCM version 3.0.1.

EU Model Clauses – Microsoft offers EU Standard Contractual Clauses, guarantees for transfers of personal data.

EU-U.S. Privacy Shield – Microsoft complies with this framework for protecting personal data transferred from the EU to the US.

FACT – Microsoft Azure achieved certification from the Federation Against Copyright Theft in the UK.

FDA CFR Title 21 Part 11 – Microsoft helps customers comply with these US Food and Drug Administration regulations.

FedRAMP – Microsoft was granted US Federal Risk and Authorization Management Program P-ATOs and ATOs.

FERPA – Microsoft aligns with the requirements of the US Family Educational Rights and Privacy Act.

FIPS 140-2 – Microsoft certifies that its cryptographic modules comply with the US Federal Info Processing Standard.

FISC – Microsoft meets the requirements of the Financial Industry Information Systems v8 standard in Japan.

GxP – Microsoft cloud services adhere to Good Clinical, Laboratory, and Manufacturing Practices (GxP).

HIPAA/HITECH – Microsoft offers Health Insurance Portability & Accountability Act Business Associate Agreements (BAAs).

HITRUST – Azure is certified to the Health Information Trust Alliance Common Security Framework.

IRS 1075 – Microsoft has controls that meet the requirements of US Internal Revenue Service Publication 1075.

ISO 9001 – Microsoft is certified for its implementation of these quality management standards.

ISO 20000-1:2011 – Microsoft is certified for its implementation of these service management standards.

ISO 22301 – Microsoft is certified for its implementation of these business continuity management standards.

ISO 27001 – Microsoft is certified for its implementation of these information security management standards.

ISO 27017 – Microsoft cloud services have implemented this Code of Practice for Information Security Controls.

ISO 27018 – Microsoft was the first cloud provider to adhere to this code of practice for cloud privacy.

IT Grundschutz Compliance Workbook – Azure Germany published this Workbook to help our clients achieve IT Grundschutz certification.

ITAR – Azure Government supports customers building US International Traffic in Arms Regs-capable systems.

MARS-E – Microsoft complies with the US Minimum Acceptable Risk Standards for Exchanges (MARS-E).

MeitY – The Ministry of Electronics and Info Technology in India awarded Microsoft a Provisional Accreditation.

MPAA – Azure successfully completed a formal assessment by the Motion Picture Association of America.

MTCS – Microsoft received certification for the Multi-Tier Cloud Security Standard for Singapore.

My Number (Japan) – Microsoft does not have standing access to My Number data, a number unique to each resident of Japan.

NEN 7510:2011 – Organizations in the Netherlands must demonstrate control over patient health data in accordance with the NEN 7510 standard.

NHS IG Toolkit – Azure is certified to the Health Information Trust Alliance Common Security Framework.

NIST 800-171 – Microsoft DoD certifications address and exceed US NIST 800-171 security requirements.

NIST CSF – Microsoft Cloud Services meet the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF)

NZ CC Framework – Microsoft NZ addresses the questions published in the New Zealand cloud computing framework.

PCI DSS – Azure complies with Payment Card Industry Data Security Standards Level 1 version 3.1.

Section 508 – Microsoft cloud services offer Voluntary Product Accessibility Templates.

Shared Assessments – Microsoft demonstrates alignment of Azure with this program through the CSA CCM version 3.0.1.

SOC 1- Microsoft cloud services comply with Service Organization Controls standards for operational security.

SOC 2 – Microsoft cloud services comply with Service Organization Controls standards for operational security.

SOC 3 – Microsoft cloud services comply with Service Organization Controls standards for operational security.

Spain ENS – Microsoft received Spain’s Esquema Nacional de Seguridad (National Security Framework) certification.

UK Cyber Essentials PLUS – Cyber Essentials PLUS is a UK government-defined scheme to help organizations protect against common cyber-security threats.

UK G-Cloud – The Crown Commercial Service renewed the Microsoft cloud services classification to Government Cloud v6.

WCAG 2.0 – Microsoft cloud services comply with the Web Content Accessibility Guidelines 2.0.

Bad Rabbit – a virulent wave of data-encrypting malware is sweeping through Eastern Europe

October 28th, 2017

A new, potentially virulent wave of data-encrypting malware is sweeping through Eastern Europe and has left a wake of outages at news agencies, train stations, and airports, according to multiple security companies

A new ransomware outbreak similar to WCry is shutting down computers worldwide, Ransom:Win32/Tibbar.A or Bad Rabbit, as the outbreak is dubbed, is primarily attacking targets in Russia, but it’s also infecting computers in Ukraine, Turkey and Germany, researchers from Moscow-based Kaspersky Lab said. In a blog post, the antivirus provider reported that the malware is using hacked Russian media websites to display fake Adobe Flash installers, which when clicked infect the computer visiting the hacked site. Researchers elsewhere said the malware may use other means to infect targets.

Bad Rabbit appears to specifically target corporate networks by using methods similar to those used in a June data-wiping attack dubbed “NotPetya” that shut down computers around the world.
Bad Rabbit infects Windows computers and relies solely on targets manually clicking on the installer, Kaspersky Lab said. So far, there’s no evidence the attack uses any exploits.

The Ukrainian computer emergency agency CERT-UA posted an advisory on Tuesday morning reporting a series of cyberattacks.

Kevin Beaumont said on Twitter that Bad Rabbit uses a legitimate, digitally signed program called DiskCryptor to lock targets’ hard drives. Kaspersky Labs’ blog post said the executable file dispci.exe appears to be derived from DiskCryptor and is being used by Bad Rabbit as the disk encryption module.

Bad Rabbit relies on hard-coded credentials that are commonly used in enterprise networks for file sharing and takes aim at a particularly vulnerable portion of infected computers’ hard drives known as the master boot record. A malicious file called infpub.dat appears to be able to use the credentials to allow the Bad Rabbit to spread to other Windows computers on the same local network, The malware also uses the Mimikatz network administrative tool to harvest credentials from the affected systems.

Once Bad Rabbit infects a computer, it displays a message in orange letters on a black background. It directs users to a Dark Web site that demands about $283 in Bitcoin to decrypt data stored on the encrypted hard drive. The dark Web site also displays a ticking clock that gives victims 40 hours to pay before the price increases. It’s not yet known what happens when targets pay the ransom in an attempt to restore their data. The NotPetya malware was written in a way that made recovery just about impossible, a trait that has stoked theories that the true objectives of the attackers was to wipe data in an act of sabotage, as opposed to generate revenue from ransomware. It also remains unclear who is behind the attack.

The outbreak is the latest reminder that you should back up all their data on drives that are secured with a password or other measure to protect them from ransomware.

Windows Defender Antivirus detects and removes this threat with protection update 1.255.29.0 and higher.

This threat appears as a fake Adobe Flash Player update.

Microsoft advice:
Microsoft doesn’t recommend you pay the ransom. There is no guarantee that paying the ransom will give you access to your files. If you’ve already paid, then see our https://www.microsoft.com/en-us/mmpc/shared/ransomware.aspx for help on what to do.

Review logs and shutdown or run Windows Defender Offline.

This ransomware attempts to reboot your PC so it can encrypt your files. You might be able to stop your PC from rebooting and instead shut it down or run a Windows Defender Offline scan:
Check event logs for the following IDs: 1102 and 106
• Event 1102 indicates that the audit log has been cleared, so previous activities can’t be seen.
• Event 106 indicates that scheduled tasks “drogon” and “Rhaegel” have been registered (these are ransomware wipers)
• If events 1102 and 106 are present, then issue a shutdown with the parameter -a to prevent a reboot

You can also immediately inititate a Windows Defender Offline scan by using PowerShell or the Windows Defender Security Center app.

Run antivirus or antimalware software

Use the following free Microsoft software to detect and remove this threat:
• Windows Defender Antivirus for Windows 8.1 and Windows 10, or Microsoft Security Essentials for Windows 7 and Windows Vista
• Microsoft Safety Scanner – Run a full scan to look for anyhidden malware.

Advanced troubleshooting – To restore your PC, download and run Windows Defender Offline.

Ask us about how to use cloud protection to guard against the latest malware threats. It’s turned on by default for Microsoft Security Essentials and Windows Defender for Windows 10. Go to All settings > Update & security > Windows Defender and make sure that your Cloud-based Protection settings is turned On.

Indicators of compromise
Presence of the following files in %SystemRoot%:
• infpub.dat
• cscc.dat
• dispci.exe
• You can’t access your files or your PC
• A ransom message in red on a black background

VAT registration U.A.E. – act now deadlines are imminent

October 17th, 2017

The UAE Federal Tax Authority (FTA) online portal is open 24/7 to allow for taxpayers to register for VAT purposes. The FTA has also determined the deadlines for the application for VAT registration based on business turnover.
For larger companies VAT registration is required by 31 October 2017, and such businesses should
immediately consider the timeline requirement given their turnover profile and the other registration
requirements.
Businesses that are required to register for VAT will need to set up an online account on the FTA website and complete the VAT registration form.

The FTA has announced that a phased registration approach has been introduced. In particular, those businesses that meet these criteria must comply with the relevant application dates for registration:
● Businesses with an annual turnover exceeding AED 150 million must apply for registration by
31 October 2017
● Businesses with an annual turnover exceeding AED 10 million must apply for registration by 30 November 2017

● Remaining businesses with an annual turnover exceed the mandatory registration threshold
(expected to be AED 375,000) must apply for registration by 4 December 2017
Prior to the fulfilment of the VAT registration form, the FTA provides a “Getting Started Guide” that shares essential information that businesses should be aware of. This includes information on the registration criteria, registration of a VAT group, and necessity to register if only zero-rated supplies are made.

Additional details clarifying the VAT registration mechanism are found in the VAT registration guide, a document posted on FTA online portal under the “Advice” tab. This document captures the
calculation of turnover for VAT purposes, a walk-through of VAT registration through the FTA
registration portal, registration of a VAT group and types of books and records required to be held by a
taxpayer to ensure accurate tax compliance.

We strongly advise for businesses to visit the FTA website to initiate their VAT registration application by
their applicable deadline after having considered the guidance provided by the FTA and other advice
as required (for instance VAT Grouping).
Businesses should allow time to compile the required information for the VAT registration.