Micro-architecture data sampling a new security threat to chips

May 16th, 2019 by Stephen Jones No comments »

To address a novel set of side-channel attacks that allow microarchitecture data sampling (MDS).
this week Intel released a set of processor microcode fixes, for operating system and hypervisor patches from vendors like Microsoft and those distributing Linux and BSD code

These side-channel holes can be potentially exploited extract information, such as passwords and other secrets, from memory it is not allowed to touch. Browser histories can be sniffed, virtual machines snooped on, disk encryption keys stolen, and so on.

MDS can expose sensitive data held in a processor’s internal buffers: store buffers, fill buffers, and load buffers. MDS samples snippets of data as opposed to grabbing it all at once – more like eavesdropping on privileged communications than breaking in. It’s not easy to target specific data or to differentiate valuable information from background noise. Chipzilla maintains the vulnerabilities are difficult to exploit outside of a laboratory environment.

However Tech Republic commented “MDS attacks are as pernicious a threat as Spectre and Meltdown, and like those security vulnerabilities, the extent to which devices are vulnerable depends on vendor (i.e., Intel vs. AMD) and product generation. These vulnerabilities also affect cloud computing services, as they can be leveraged by attackers to escape software containers, hypervisors, paravirtualized systems, and virtual machines.”

To make such attacks more efficient, an attacker might seek to have a targeted app running on the same physical core. on an adjacent thread from the malware so as to run load and flush operations repeatedly

Speculative execution is a shortcut used by modern processors to execute software instructions before they’re needed. That boosts performance but creates vulnerabilities – however those appear to be limited to Intel hardware; and have not been replicated on Arm or AMD-designed processors.
.
The researchers who identified the flaws argue that hardware fixes for the Meltdown vulnerability implemented in Whiskey Lake and Coffee Lake CPUs are not enough and that software-based isolation of user and kernel space – which comes with a performance hit – need to be enabled even on current processors.

Intel acknowledges there may be a performance hit due to the microcode fixes in some circumstances for some workloads.

- Whiskey Lake and Coffee Lake CPUs have mitigations built in
- Earlier processors need to install microcode fixes.
- Operating systems and hypervisors need to be updated to work with the microcode updates to ensure those function properly.

Patches are rolling out today from Microsoft, Apple, Google, Linux distributions, and others.

The store buffer is a microarchitecture element that turns a stream of store operations into serialized data and masks the latency from writing the values to memory. It stores data asynchronously so the CPU can do out-of-order execution. The operations for reassembling everything in the right order make Meltdown-like unauthorized memory reads possible.A technique called Data Bounce can access supposedly inaccessible kernel addresses and break KASLR (Kernel address space layout randomization), reveal the address space of Intel SGX enclaves, and even break ASLR (address space layout randomization) from JavaScript.Data Bounce is also invisible to the operating system- it doesn’t involve a syscall and it doesn’t trigger an exception.

Intel disagrees about the need to disable hyperthreading, and says it plans to add additional hardware defenses to address these vulnerabilities into future processors.

Synergy Software Systems, Iftar 2019

May 13th, 2019 by Stephen Jones No comments »

About 120 staff and families joined together for an Iftar celebration over the weekend.

Security threats

May 13th, 2019 by Stephen Jones No comments »

Security threats continue to haunt us.

Systems at a number of Baltimore’s city government departments were taken offline on May 7 by a ransomware attack. As of 9:00am today, email and other services remain offline. Police, fire, and emergency response systems have not been affected by the attack, but nearly every other department of the city government has been affected in some way.

Calls to the city’s Office of Information Technology are being answered by a recording stating, “We are aware that systems are currently down. We are working to resolve the issue as quickly as possible.”

Meanwhile this post on identify theft https://www.schneier.com/blog/archives/2019/05/protecting_your_2.html
and this one on credit card skimming on vulnerable e commerce sites make sobering reading https://arstechnica.com/information-technology/2019/05/more-than-100-commerce-sites-infected-with-code-that-steals-payment-card-data/

Ramadan working hours 2019 – Synergy Software Systems

May 2nd, 2019 by Stephen Jones No comments »

The holy month of Ramadan is expected to start from 6th May, and to end on the evening of 3rd June.
During this period of fasting and spiritual reflection there will be several changes to our office routine,
In line with Ministry directives our working hours will be reduced.
Our office will open Sun-Thu from 9am to 4pm for support calls.
We will be closed on Fridays and Saturdays.

سائلين الله عـز وجـل أن يرزقكـم فيه مغـفـره ورحمه وعتق من النار.

May all your prayers be answered.

Dynamics 365 – LCS updates April 2019

April 28th, 2019 by Stephen Jones No comments »

New features in Lifecycle Services (LCS) enable you to configure when you get updates to your production environment and how you can pause an update when you are unable to take the update due to a critical business activity.

These features were only available to customers using version 8.1 and above. From today these features will also be available to customers that are using version 7.3. For customers that are on 7.3, LCS will update their sandbox and production environments to the latest Platform update each month.
For customers that are on version 7.1, 7.2 and 8.0, you can apply the latest platform update manually using the servicing flows.

With the features now available in LCS, you will be able to do the following:
• Configure whether to get Platform updates for your production environment in the first, second, or third week of the month and in what time zone.
• Pause updates through LCS if you are unable to take the update. You can pause a maximum of 2 continuous updates. However, if you are more than 2 releases behind, then you will not be allowed to pause updates. For example, if you are on Update 23 and the currently available platform update is Update 25, then you will be able to pause. But if you are on Update 22, then you will not be allowed to pause.
• Get notified about upcoming service updates through LCS.

Changes that will affect the servicing flows that will be released in the May 2019 update of Lifecycle Services (LCS).

Sign off on maintenance operations triggered through LCS

From today, on completion of any maintenance operation (servicing, database movement, upgrade, and putting system in maintenance mode) you have the option to sign off, or to sign off with issues as the last step to indicate completion of the operation.
Only after you indicate sign off, is your environment ready for the next operation.
The following changes we will be made to streamline the sign off process:
• Going forward the environment will be ready for the next operation after the current operation has been successfully completed. This means that sign off is no longer the terminal state, but rather it is the completion of the operation. Operation completion states are now Successful, Rollback Successful, or Aborted.

• The Sign off button will be moved to the Environment history page, so after the operation is complete, you can navigate to the Environment history page to indicate sign off if you want to validate and capture this information.

• The release candidate check for moving packages from sandbox to production will continue to check whether the package was successfully applied in a sandbox before you can move it to production. It does not depend on you signing off on the update.

•T he sign off will only apply to a servicing operation, because that is the main operation where you validate the environment state to verify whether there are any issues. For other operations, such as database movement, upgrade and maintenance mode, sign off does not apply and will not be visible.

• For service updates pushed by Microsoft, whenthe environment is not in a terminal state (environment has a pending sign off), then LCS will not apply the update. There are often instances where customers forget to sign off on a previous operation and because that is the terminal state LCS skips the environment and doesn’t apply the update. As a result, customers ask us why LCS didn’t update their environments. With this change, sign off is managed separately, so if your environment is in a Deployed state then LCS will apply the update.

Provide a single package containing all customizations and ISV solutions
One recommended best practice is to provide a single package containing all customizations and ISV solutions when doing updates to your environment. With a single package because it contains all of the changes it is easy to recreate the environment and you don’t need to worry about the order of packages applied.

This also helps with the CI/CD pipeline and provides reliability when doing the updates, because all of the dependencies are included in the package.

However, LCS doesn’t have any validation checks that enforce this best practice. Soon LCS will addi a warning check for Application deployable packages to highlight that there is a difference in the modules that exist on the environment and what is available in the package that is provided during deployment.

This will initially be a soft-check but will later become a hard check that will prevent you from applying updates when all of the modules on the environment are not accounted for in the package and in the list of modules to delete. When there are modules that are listed in the ModuleToRemove file, then those will be deleted.

With the new self-service deployment feature, it is required that you use a single package. Whatever is available in the package overwrites what is on the environment.

Today, self-service deployment is available only to new customers signing up for Finance and Operations; however, existing customers will be soon be migrated to this feature based on their Azure region. This new check to help with this transition and enforce the recommendation. From today you can manage customizations and third-party models from your build server.

In the near future LCS will also add a feature that allows you to create such a package from your development environment.

Windows 7 is out of support soon

April 25th, 2019 by Stephen Jones No comments »

PCs with Windows 7 will reach end of service soon and no longer receive security updates after January 14, 2020.

Its important to plan to upgrade to a modern desktop experience for example with Windows 10, 8th Gen Intel® Core™ vPro™ processors and Office 365 now.

Shift to Windows 10 to protect your business information, customer data, and your employee’s digital identities as well as your brand’s reputation with the latest security features. Help secure your business against today’s security threats with built-in, always up to date10 safeguards for your information and devices with a modern Windows 10 Pro device

Windows Hello
Sign in with your face or your fingerprint and replace passwords with easy-to-use multifactor authentication with Windows Hello
Use your phone and other Windows Hello companion devices12 to quickly unlock your Windows PC without using a password.

Windows Information Protection
Control how employees use business data, & blocking them from copying customer or financial data into social media apps, for example.

Windows Defender Antivirus
Windows 10 offers built-in protection from malicious software and hacking attempts

Single sign-in

Employees can use a single login across Windows 10, Office 3658, and other Microsoft PCs, tablets, and phones, using Azure Active Directory.

Benefit from superior portability, faster startup, better multitasking – so you can work and stay productive wherever you are.

Document management Dynamics 365 Finance and Operations

April 21st, 2019 by Stephen Jones No comments »

Document types are used to categorize the documents that you attach to records or the templates that you create.
Each document type can be stored in a unique location.
A default set of document types is provided. You can use these document types to categorize an attachment as a file, image, note, or URL.

By modifying the list of file extensions that are allowed, you can control the types of files that users can attach to records.

The File and Image default document types are configured to use Azure storage as the location. Microsoft SharePoint Online is one of the storage locations that are supported natively. Currently, only SharePoint Online is supported. Support for on-premises SharePoint (a local SharePoint server) may be added in the future. SharePoint communication works for the current user only if the following conditions are met:
• An Office 365 license is associated with the user’s account.
• The user is a typical user on the tenant, not an external user (for example, a user from another tenant).
• There is a SharePoint site for the tenant (for example, Contoso.SharePoint.com).

A good improvement is the document preview pane. This does exactly what you’d expect, show a preview of the attached at hand. Whether it’s an image, PDF file or in example a Word document, a preview of the file will be shown allowing you to quickly check the attachment. The preview pane is not just a fixed preview thumbnail, but allows you control over the file by for example, scrolling or zooming in and out of the preview.

The attachments preview uses the Web app Open Platform Interface (WOPI) that is provided by Microsoft Office Online Server. On the Document management parameters page, on the General tab, in the Office Web Apps Server field, specify the Office Online Server instance to use for attachment previews. The default value is https://onenote.officeapps.live.com. This value points to the cloud-based WOPI server.

Introduced with Platform Update 11, when viewing a record, the system will indicate the number of attachments on that record by showing a count on the Attachments button. This number will indicate that there are attachments associated with the record, without having to navigate to the attachment details form. The count will show up to 9 attachments, with more than 9 attached documents being represented as “9+”.

SQL 2014 updates April 2019

April 18th, 2019 by Stephen Jones No comments »

SQL Server 2014 seems to have become a lot more stable i.e this shot list is the entire list of fixes in Service Pack 3, Cumulative Update 3:
• Query plans are different on cloned databases
• CDC source preview fails with an error
• Incorrect query results for columnstore filter pushdowns
• Log reader agent fails after AG failover when trace flag 1448 is enabled

And for the entire list of fixes in Service Pack 2, Cumulative Update 17:
• SQL jobs fail due to blocking in SSISDB
• Fail to join the secondary replica if the database has a defunct filegroup
• Incorrect query results for columnstore filter pushdowns

Microsoft opens first cloud data centres in Africa and signs agreements to support U.A.E. Smart solutions

April 15th, 2019 by Stephen Jones No comments »

A landmark achievement for the MEA region. 6 March 2019 saw the launched of the first Microsoft datacenters in Africa. which opened in both Cape Town and Johannesburg. This world-class cloud infrastructure will power emerging cloud, AI and edge computing innovations across the African continent. Microsoft is the first global provider to deliver cloud services from datacenters in Africa, and has announced 54 Azure regions worldwide, more than any other cloud provider.

According to the Cloud Africa 2018 report, use of the cloud among medium and large organisations has more than doubled from less than 50 percent in 2013 to pervasive use in 2018. While Kenyan and Nigerian businesses see business efficiency and scalability as the most significant benefits of cloud computing, South African companies view time-to-market and speed of deployment as the greatest advantage. The security and reliability of cloud services are pivotal when discussing digital transformation. At the same time, cloud services help with compliance for evolving laws around data protection, which have become increasingly focused on data residency requirements.

Today the Abu Dhabi Smart Solutions and Services Authority (ADSSSA) today announced that it has signed a memorandum of understanding (MoU) with Microsoft to establish a ‘Cloud centre of Excellence’ that will aim to build its capacity for the delivery of cloud services and platforms, as well as upskill the emirate’s public sector workforce. Microsoft’s collaboration with ADSSSA will focus on the establishment of a Cloud Centre of Excellence. Under the agreement, Microsoft will provide instructor-led training for 240 government employees from various departments and agencies. The training will be distributed across 11 tracks, and will encompass all Microsoft skill levels, from 0 to 300. Instruction will ensure that Government of Abu Dhabi employees are well-versed in such technologies as Microsoft’s Azure cloud platform, Office 365, data, AI and Dynamics 365. Through Cloud Society in Box, Abu Dhabi Government employees will receive access to an online training portal hosted on ADSSSA Azure Tenant that can be customised to assign and track training paths. Microsoft specialists will be on hand to deliver regular support to all training delegates and guide them on their upskilling journeys.

Yesterday Smart Dubai today announced a landmark collaboration with Microsoft to achieve the goal of making Dubai the happiest city on Earth. The move aims to accelerate digital transformation across the emirate and empower government employees to innovate faster. Under the terms of a memorandum of understanding (MoU) signed by H.E. Dr. Aisha Bint Butti Bin Bishr, Director-General, Smart Dubai, and Sayed Hashish, General Manager, Microsoft Gulf, Microsoft will support Smart Dubai in its digital transformation journey by accelerating adoption of Microsoft Cloud technologies, and will conduct targeted training sessions as well as upskilling workshops in cloud and other associated technologies.

Smart Dubai was formed under the guidance and vision of His Highness Sheikh Mohammad bin Rashid Al Maktoum, Vice President and Prime Minister of the UAE and Ruler of Dubai, to make Dubai a knowledge hub and the happiest city on Earth. The organisation’s strategy is to urge participation and counsel from a wide array of city stakeholders, including residents, visitors and business owners.

“We all have a responsibility to accelerate towards the vision established by His Highness Sheikh Mohammad Bin Rashid Al Maktoum, Prime Minister & Vice-President of the UAE, and Ruler of Dubai, to create a Dubai that shines as a beacon for others to emulate,” said H.E. Dr. Aisha Bin Butti Bin Bishr, Director-General, Smart Dubai. “Through this collaboration with our trusted partner Microsoft, we are taking another decisive step in that journey. By upskilling and empowering our people, we are building a platform for change and innovation that will serve our citizens, residents, visitors and businesses for decades to come.”

Under the MoU, Microsoft’s UAE datacenters that are expected to open this year, will be used to support the Government of Dubai’s digital transformation efforts through the adoption of a range of Microsoft technologies. Microsoft will train departmental staff in those technologies, empowering them to achieve more in their roles, and accelerate digital transformation across the emirate of Dubai.

“The intelligent cloud has become a cornerstone of digital transformation, and Dubai’s government has led the way in its adoption,” said Jean-Philippe Courtois, EVP and President, Microsoft Global Sales, Marketing & Operations. “We remain a steadfast partner to the Government of Dubai in its journey to become a smart city. As strong proponents of lifelong learning, we are uniquely poised to reskill and upskill public sector employees in cloud, allowing them to add immeasurable value to Dubai’s excellence e-government services.”

Microsoft experts will also collaborate with Smart Dubai on use cases and adoption scenarios, and will work jointly on roadmaps for rolling out new platforms to other government entities. Microsoft will also conduct awareness sessions on its cloud technologies for government entities and guide those entities on how best to benefit from online Microsoft courses and certifications.

Last week HE Omar Sultan Al Olama, Minister of State for Artificial Intelligence confirmed that the UAE government adopts an integrated and dynamic model for the utilization of artificial intelligence that supports industry growth, development of new sectors as well as strengthening governance and ethics frameworks, ultimately anticipating future challenges and creating a positive change for humanity.

This came during the signing of a Memorandum of Understanding with Sayed Hashish, Regional General Manager, Microsoft Gulf, to enhance joint cooperation in the field of artificial intelligence development, governance and ethics in the UAE, as well as developing a set of concepts, strategies and future ideas and study implementation mechanisms then implementing them. HE Al Olama said: “The UAE government focuses on enhancing innovation in modern technology applications and employing them in achieving sustainable development, and realizing the vision of His Highness Sheikh Mohammed bin Rashid Al Maktoum, Vice President and Prime Minister of the UAE and Ruler of Dubai”

The focus of this collaboration will be on four key areas: identifying and developing technological solutions based on artificial intelligence to achieve the United Nations goals of sustainable development, enhancing the use of artificial intelligence in all government bodies in the UAE, establishing an integrated and global framework for governance and AI ethics, contributing to achieving the outputs of the UAE Strategy for Artificial Intelligence.

Wifi 6 what is it? Why does it matter?

April 13th, 2019 by Stephen Jones No comments »

Wireless speeds will soon get a lot faster thanks to the introduction of Wi-Fi 6 later this year.

Wi-Fi 6 is the next evolution of wireless local area network (WLAN) technology and it will improve upon older Wi-Fi standards, especially with the coming release of 5G wireless technology. With Wi-Fi 6 and 5G emerging onto the market at roughly the same time, it would make sense that they’re somehow related; while both promise similar improvements, they’re distinctly different technologies.

The name Wi-Fi 6 is part of a new naming convention the Wi-Fi Alliance to make these more easily understood by Wi-Fi users, making it much like the 3G/4G/5G naming convention used by cellular data networks. Behind the Wi-Fi 6 name is the latest version of the 802.11 wireless networking standard: 802.11ax. This new Wi-Fi standard is reportedly up to 30% faster than Wi-Fi 5,. Speed hasn’t been the main benefit touted by the Wi-Fi Alliance and other industry experts; Wi-Fi 6 also brings lower latency, more simultaneously deliverable data, and improved power efficiency.

Latency is a significant problem especially for mobile, internet and cloud users i.e. just about everyone. Orthogonal Frequency Division Multiple Access (OFDMA), h is an improvement on Orthogonal Frequency Division Multiplexing (OFDM). OFDM is used by Wi-Fi 5, 4, and older standards to encode and transmit data form multiple clients or access points (APs) and to contend for the ability to transmit data; once the network is idle, data can be transmitted. OFDM is a popular and reliable way to decentralize access, but it has a major problem in that it can lead to serious latency.

OFDMA, makes a major change and puts the transmission coordination in the hands of 802.11ax APs. The AP centrally schedules data transmission and is able to further divide frequencies so as to transmit data to/from multiple clients at the same time. The aim is to reduce latency and increase network efficiency—especially in high-demand environments like stadiums, conference halls, and other public spaces. OFDMA broadcasts multiple signals at the same time, and can also increase the unit interval, which means outdoor Wi-Fi deployments will be faster and more reliable.

Wi-Fi 6 will extend the capabilities of Multi-User Multi-Input/Multi-Output (MU-MIMO). MU-MIMO was previously available only for downstream connections and allowed for a device to send data to multiple receivers at the same time; Wi-Fi 6 will add MU-MIMO capabilities to upstream connections to allow more simultaneous devices on one network. MU-MIMO, is already in use in modern routers and devices, but Wi-Fi 6 upgrades it. The technology allows a router to communicate with multiple devices at the same time, rather than broadcasting to one device, and then the next, and the next. Right now, MU-MIMO allows routers to communicate with four devices at a time. Wi-Fi 6 will allow devices to communicate with up to eight. As an analogy compare adding MU-MIMO connections to adding delivery trucks to a fleet, You can send each of those trucks in different directions to different customers. “Before, you had four trucks to fill with goods and send to four customers. With Wi-Fi 6, you now have eight trucks.

Extending the truck analogy OFDMA allows one truck to carry goods to be delivered to multiple locations. The network look at a ‘truck’ and see that it has only allocated e.g. 75 percent of the load capacity of that truck and this other customer is on the same route, so it fill up that remaining space with a delivery for the second customer. In practice, this is all used to get more out of every transmission that carries a Wi-Fi signal from a router to your device.

How fast is it?

– The short answer: 9.6 Gbps. compared to 3.5 Gbps on Wi-Fi 5.

– The real answer: both of those speeds are theoretical maximums that you’re unlikely to ever reach or need in real-world Wi-Fi use. The typical download speed in the US is just 72 Mbps, or less than 1 percent of the theoretical maximum speed. The fact that Wi-Fi 6 has a much higher theoretical speed limit than its predecessor is still important because that 9.6 Gbps can be split up across a whole network of devices which means both more devices or more potential speed for each device.

When Wi-Fi 5 came out, the average US household had about five Wi-Fi devices in it. Now, homes have nine Wi-Fi devices on average, and various firms have predicted we’ll hit 50 on average within several years. Those added devices take a toll on your network. Your router can only communicate with so many devices at once, so the more gadgets demanding Wi-Fi, the more the network overall is going to slow down. At first, Wi-Fi 6 connections aren’t likely to be substantially faster. A single Wi-Fi 6 laptop connected to a Wi-Fi 6 router may only be slightly faster than a single Wi-Fi 5 laptop connected to a Wi-Fi 5 router. Devices are more likely to maintain fast speeds on busy networks

As more and more devices get added onto your network, current routers might start to get overwhelmed by requests from a multitude of devices, Wi-Fi 6 routers are designed to more effectively keep devices up to date with the data they need. Each of device;s speeds may not be faster than they can reach today on a high-quality network, but they’re more likely to maintain those top speeds in busier environments. In a home where one person is streaming Netflix, another is playing a game, someone else is video chatting, and a whole bunch of smart gadgets — a door lock, temperature sensors, light switches, and so on — are all checking in at once the top speeds of those devices won’t necessarily be boosted, but the speeds you see in typical, daily use will get likely be better. Exactly how much fast will depend on how many devices are on your network and just how demanding are those devices. In a cloud world working on html 5 pages rather tcpip protocol, and with growing use of social media, digital storage, streaming video, AI, and querying data lakes its essential that the underlying infrastructure keeps up. We are seeing similar evolution with databases, chips and memory.

Wi-Fi 6 introduces some new technologies to help mitigate the issues that come with putting dozens of Wi-Fi devices on a single network. It lets routers communicate with more devices at once, lets routers send data to multiple devices in the same broadcast, and lets Wi-Fi devices schedule check-ins with the router. Together, those features should keep connections strong even as more and more devices start demanding data.

Wi-Fi 6 will also:
• Increase the number of transmit beamforming streams to eight in order to increase network range and throughput;
• use both the 2.4 GHz and 5GHz bands simultaneously to greatly improve performance;
• use 1024 quadrature amplitude modulation (1024-QAM) to increase throughput for emerging use cases (Wi-Fi 5 uses 256-QAM);
• implement individual target wake time (TWT) to improve battery life and reduce power consumption for Wi-Fi devices;
• introduce spatial reuse technology that will allow devices to more easily access a Wi-Fi network in order to transmit data.

Wi-Fi 6 allows devices to plan out communications with a router, reducing the amount of time they need to keep their antennas powered on to transmit and search for signals. That means less drain on batteries and improved battery life in turn. This is a feature called Target Wake Time, which lets routers schedule check-in times with devices.
Your laptop needs constant internet access, so it’s unlikely to make heavy use of this feature (except, perhaps, when it moves into a sleep state). This feature will be more valuable for smaller, already low-power Wi-Fi devices that just need to update their status every now and then. (Think small sensors placed around a home to monitor things like leaks or smart home devices that sit unused most of the day.)

Wi-Fi generations rely on new hardware, not just software updates, so you’ll need to buy new phones, laptops, and so on to get the new version of Wi-Fi. new devices will start coming with Wi-Fi 6 by default. As you replace your phone, laptop, and game consoles over the next five years, you’ll bring home new ones that include the latest version of Wi-Fi. There is one thing you will have to make a point of going out and buying: a new router. If your router doesn’t support Wi-Fi 6, then you won’t see any benefits, no matter how many Wi-Fi 6 devices you have. (You may however see a benefit, though, connecting Wi-Fi 5 gadgets to a Wi-Fi 6 router, because the router may then be capable of communicating with more devices at once.)

A new security protocol called WPA3. WPA3 makes it harder for hackers to crack passwords. For a Wi-Fi 6 device to receive certification from the Wi-Fi Alliance, WPA3 is required. (so be aware that it may not be included in uncertified devices.)

So where does 5G fit in ?
5G is the umbrella term for the fifth generation of mobile network technology, and it encompasses a lot of different elements. Cellular, or mobile networks, rely on licensed spectrum bands, auctioned off to the highest bidder. Carriers, like Verizon or AT&T, pay to use those bands. To roll out coverage they build a network of connected base stations capable of sending out a strong enough signal that it can serve multiple people (thousands in urban areas) at once. To recoup their investment, we pay them subscriptions.

Wi-Fi relies on unlicensed spectrum which is free to use, but the signal is relatively weak. We pay an Internet Service Provider (ISP) to deliver the internet to our door and then use a router to fill our house with Wi-Fi. We the same frequency band as our neighbors and that is a problem, when you live in a very densely populated area. The two frequencies that Wi-Fi uses are 2.4Ghz and 5Ghz. The 2.4Ghz has a lower potential top speed but it penetrates better, so it has a longer range than 5Ghz.

(Note that that 5Ghz Wi-Fi has absolutely nothing to do with 5G mobile networks.)

In every day life, most of us rely on Wi-Fi both at home and in the office — or in coffee shops — and mobile networks when we step out the front door and move out of range of the router. (Though for security reasons I would never recommend anyone to se a public hotspot)

Smartphones switch automatically and we don’t have to give it any thought, we just want a good connection at all times. That will continue to be the case for the vast majority of people after 5G rolls out. The difference is that both mobile networks and Wi-Fi are going to get faster. The prospect of download speeds between 1Gbps and 10Gbps, and upload speed or latency of just 1 millisecond, has us excited about 5G. The reality is that we will not get anywhere near the theoretical top speeds. The speed of your 5G connection will depend on many factors including: where you are, to what network you connect, how many other people connect, and what device you use.

The aim is to achieve a minimum download speed of 50Mbps and latency of 10ms. That will represent a major improvement over current average speeds, but just as with 4G LTE, 5G coverage is going to expand slowly. It’s also going to work hand-in-hand, not just with Wi-Fi, but with earlier generations of mobile network technology, so 4G LTE will continue to be offered as a fallback and will continue to evolve and get faster.

Goodbye XP

April 13th, 2019 by Stephen Jones No comments »

This week we have the end of Windows XP support, which means the lifespan of the OS was over 17 years. That’s a long time to run any system without an upgrade. There probably still a few SQL 2000 systems out there, which is older than XP, and likely a few of them are running on Windows 2000 in a VM somewhere. Sosome companies will continue to run XP and provably some ATMs, kiosk displays, and other embedded applications will show that XP start screen on occasion.

Dynamics 365 Sales Insights- now available for MEA region

April 11th, 2019 by Stephen Jones No comments »

In November 2018, Dynamics 365 AI for Sales (Now called “Sales Insights”) was made available in North America. We are happy to announce that Dynamics 365 Sales Insights has expanded availability to also include Europe, Middle East and Africa. Customers can join the product preview, start a trial as well as purchase licenses to empower users across the sales organizations with Dynamics 365 Sales Insights.

Dynamics 365 for Customer Service is a “next-generation” application of big data and machine learning.

Region and language availability for Dynamics 365 for Sales

Before November 2018, we used the term “international availability” to capture multiple intentions: the physical location of the data, where the data is stored (“Region”), and the language in which information is displayed (“Display language”). Following the release of the new Dynamics 365 Sales Insights, there is a new intent: the Model language, specifically the language of the data that is parsed by the model to produce insights.

Region

With Dynamics 365 for Sales, System Administrators can specify the region where customer data will be stored. In the process of creating a new org, customers can select a geographic location (“Geo”) to determine where data will be stored. Data will not move from one geo to another, and Microsoft will not limit the geos/locations where customers, or their end users, can access data.

Dynamics 365 Sales Insights is now available across multiple geos, including North America, Europe and the UK.
We expect availability to additional: Australia, Asia Pacific, South America, Canada, India and Japan, also by end of April 2019.

Display language

When creating a new org, System Administrators need to select a base language for the org. The base language determines default regional and language settings for the org. Once base language is selected, System Administrators can enable additional languages for display as well as for assistance (“Help”). Dynamics 365 for Sales currently supports 45 display languages.

Currently, Dynamics 365 Sales Insights for Sellers supports all 45 display languages.

Model languages in Dynamics 365 Sales Insights

With the new Dynamics 365 Sales Insights, some features use natural language algorithms to derive insights. Those capabilities analyze text (such as email communications or notes) as well as voice utterances (from call recordings), to develop relevant and actionable insights.

From the full list of Dynamics 365 Sales Insights capabilities, two features are still limited to North America. These include Who Knows Whom and Relationship Analytics from Exchange. However, Customers in Europe, Middle East and Africa can still benefit from Relationship Analytics, to analyze the health of their customer relationships, based on activities within Dynamics 365 only.

Dynamics 365 Customer Engagement apps v 9 – User Session Timeout Management

April 11th, 2019 by Stephen Jones No comments »

The maximum user session timeout of 24 hours is being removed. This means that a user is not forced to sign in every 24 hours to use the Dynamics 365 for Customer Engagement apps and other Microsoft service apps, like Outlook, that were opened in the same browser session.

Honor Azure AD session policy

By default, the Dynamics 365 for Customer Engagement apps leverage the Azure Active Directory (Azure AD) session policy to manage the user session timeout. Dynamics 365 for Customer Engagement apps uses the Azure AD ID Token with Policy Check Interval (PCI) claims. Every hour a new Azure AD ID Token is fetched silently in the background and Azure AD enforces the Azure ID instant policy. For example, if an administrator disables or deletes a user account, Azure AD instant policy will force a user password reset and revoke the refresh token.

This Azure AD ID token refresh cycle continues in the background based on the Azure AD token lifetime policy configurations. Users continue to access the Dynamics 365 for Customer Engagement/Common Data Service data without needing to re-authenticate until the Azure AD token lifetime policy expires.

Resilience to Azure AD outages

In an event that there are intermittent Azure AD outages, authenticated users can continue to access the Dynamics 365 for Customer Engagement/Common Data Service data if the PCI claims have not expired or the user has opted in the ‘Stay signed in’ during authentication.

Set Custom Session timeout for individual environment

For environments that require different session timeout values, administrators can continue to set the session timeout and/or inactivity timeout in System Settings. These settings override the default Azure AD session policy and users will be directed to Azure AD for re-authentication when these settings expire.

Dynamics 365 ‘One Version; April 2019 release – what’s new?.

April 11th, 2019 by Stephen Jones No comments »

Dynamics 365 for Finance and Operations unifies global financials and operations to empower people to make fast, informed decisions.
Finance and Operations helps businesses adapt quickly to changing market demands to drive rapid business growth.

The April ’19 release will bring users together on One Version (version 10) for Dynamics 365 for Finance and Operations. This release marks a monumental shift in supportability based on a common codebase and continuous update cadence. that’s till allows for customers to build extensible solutions for Dynamics 365 for Finance and Operations.

This release also enhances the user experience of the solution with Net Promoter Score (NPS) feedback as a primary driver. The targeted areas of t enhancements include: performance, compliance, automation, and supportability of the service.

Financial management

The April ‘19 release for financial management provides capabilities needed to comply with IFRS 15 and for responding to the guidance on accounting for revenue recognition on contracts. An enhanced expense report entry experience with a new header and details expense report, together with an automated settlements processin the general ledger completed periodically. Bank foreign currency revaluation I also added..

Supply chain management

Product information management and inventory management

Inventory management performance improvements. The April ’19 release, introduces the ability to configure and apply unit of measure (UoM) conversions for product variants so that UoM conversions at the product variant level are supported throughout the application.

In future releases, new classes of products and production processes will evolve the product definition . The inventory valuation capabilities will be expanded to support scenarios where multiple valuation methods and multiple currencies are required—for example, in case of different managerial reporting and statutory reporting requirements. Inventory on-hand information will be more readily available in distributed scenarios, such as the retail industry.

Warehouse management

The Warehouse Management System (WMS) has been gradually enhanced since its introduction in Microsoft Dynamics AX 2012, and a large suite of additional enhancements has recently been licensed from an ISV. With the April ’19 release, the integration of these enhancements will begin, and the ability to handle catch weight (CW) products in WMS processes will be added.

The suite of 30-plus distinct features will partially be integrated as preview for the April release and its subsequent monthly releases. For example, a feature like enabling label printing during wave adds flexibility in configuration and operation.

Sales and procurement

Usability enhancements in sales and procurement will allow Super users will be able to propose filtered views and build forms where unnecessary fields or actions can be removed. Super users knowledge can thus be more easily disseminated to the organization and all skill levels of users can benefit from targeted views, crafted for the task at hand.

Going forward expect to see: supplier collaboration, extended self-service, data sharing and maintenance capabilities, and improved business support within integration scenarios such as : purchase requisition, request for quotation and purchase ordering relative to data flow and accounting distribution constraints.

A primary focus will be improvements to track and account for goods in transit.
There will also be enhanced support to kit to stock, as well as kit to order, and to enhance sales price and promotion management with extended price management flexibility.

Manufacturing

In the April ’19 release, the focus is on optimizing the resilience of master planning toward platform and infrastructure errors, as well as to deliver incremental master planning performance improvements.

To support the connected, intelligent operations of modern manufacturer integration with the intelligent Microsoft Azure IoT service will support manufacturing customers close the digital feedback loop with close to real-time information from the shop floor with business data to generate events and actionable insights.

The future road map includes enterprise asset management capabilities to track the total cost of ownership of operations assets, nd to manage the ongoing maintenance of those assets. .

Globalization

Microsoft Dynamics for Finance and Operations is localized for 37 countries/regions and provided in 42 languages directly.

To operate in many countries or regions, businesses need to quickly respond to changing regulatory requirements and meet very specific requirements of industries and verticals. The April ’19 release, will expand the areas of configurable localization to simplify this process. Configurable engines for both Electronic Reporting and Global Tax, are accessible through Regulatory Configuration Service, so that users can extend Microsoft-delivered regulatory configurations or build new configurable features from scratch.

The invoice layout is one of the most-customized areas by customers who deploy globally, in the April ’19 release there are more configurable invoice layouts beyond the Free Text Invoice layout that shipped in the October ’18 release.

Platform

Several improvements to the developer tools will be previewed in the next 3 months.
-Development of more than one application on the same environment will be possible.
- Build automation will not require build virtual machines and will enable automated deployment to Lifecycle Services (LCS).

The Web Client introduces new features guided by user productivity, usability research, and customer feedback. This includes personalization of forms and workspaces, interacting with large data sets (with better filtering), and mobile device responsive capabilities.

An improved workflow experience, including integration with Microsoft Flow, will be available.

Analytical Workspaces support new personalization options and power user editing tools of Power BI reports within the Finance and Operations client. Power users can extend reports and do data mashups using PowerBI.com functionality without any developer intervention.

New tools for management of network printers are also introduced. The Entity Store is supported for on-premises deployments.

Integration

Customers will be able to seamlessly link to Common Data Service (CDS) for Apps from Dynamics 365 for Finance and Operations. A breadth of Finance and Operations entities will be available in CDS for Apps.

Entity Store will be staged in a customer’s Azure Data Lake. Microsoft will keep the data fresh with incremental syncs.

Event-driven integrations is a new capability that provides a framework to allow Finance and Operations business and workflow events to be consumed by Microsoft Flow and external systems. For example, this will enable a PO confirmation to trigger fulfillment by the vendor earlier; or enable a receipt of a damaged part to trigger the vendor claim process in real time.

Cloud operations and lifecycle services

Microsoft will manage the continuous updates of Platform, Application (Finance and Operations, Retail), and Financial Reporting . A set of tools and experiences to support this experience (called One Version) will be made available in Lifecycle Services and will enable predictability, reliability, and continuous delivery.

The service will also be made available in the China Sovereign Cloud with all customer data maintained within the region.

Diagnostic assistant enables an IT administrator to diagnose user-reported issues or performance issues using a guided troubleshooting experience in Lifecycle Services (LCS). The administrator selects from a list of predefined issues and provides a set of inputs to narrow down the search results. The inputs could vary based on the issue selected. They will then be guided on a drill-through experience that correlates multiple sources of information to help the administrator identify the root cause quickly and efficiently. Today, a lot of this information is available in LCS, but you need an expert to correlate the different pieces.

To troubleshoot the issues that arise from customization, activity monitoring, SQL insights, critical health metrics, and live view are made available to the IT administrator. The goal of this feature is to help simplify this experience. Once a potential root cause is identified, the administrator can choose from a set of predefined actions that they can take to mitigate the originally reported issue.

The true value of a cloud service is realized through continuous updates that can provide both improved reliability and new features, while minimizing operational impact.

Microsoft is optimizing the way it w ll deliver updates. A monthly update cadence aims to provide predictability, lower upgrade costs, user access to the latest product capabilities and performance improvements, and a better support experience. the ONE-V update experience available to customers and partners. You first need to Onboard: This is a one-time activity in LCS Project Settings to configure the environments for the update, configure the date and time for the production update, or select to pause updates up to three months, and to sign up for any first-release programs.

Tools to support the continuous testing process include:

Impact analysis tool: This tool provides insight into the usage, churn, and feature areas that can help assess risk and drive smarter testing.

Regression Suite Automation Tool (RSAT): Customers and partners can use this tool to validate business processes by using the web client without having to write code. This tool relies on the task recording framework that allows functional users to record business flows and play them back.

Data Task Automation: This tool allows the automation of data import and export tasks by using a data task manifest and data project definition, which therefore provides a robust framework for regression testing of data integration scenarios.

Power BI updates April 2019 – ask Synergy Software Systems

April 10th, 2019 by Stephen Jones No comments »

We have delivered many Power BI models, reports and training sessions over the last two years, and it has been enthusiastically adopted by customers. Microsoft is continually adding new features.

– Power BI Report Builder, is the latest companion application for Power BI that lets you author Paginated Reports is a free, standalone Windows Desktop application that can now be downloaded from the Power BI website. As the name suggests, paginated reports can run to many pages. They’re laid out in a fixed format and offer precise customization. Paginated reports are .rdl files. You can store and manage paginated reports in the Power BI Report Server web portal, just as you can in the SQL Server Reporting Services (SSRS) web portal. You create and edit them in Report Builder or Report Designer in SQL Server Data Tools (SSDT), then publish those to a web portal. Report readers in your organization can then view the reports in a browser or in a Power BI mobile app on their mobile device.

Power BI Report Builder enables you to:
•Use the Report Builder ribbon to quickly add items your reports, launch table, chart, and map wizards, and format your report data.
•Add data from built-in data providers.
•Create and use report parameters and other interactive features.
•Preview reports in HTML or print format.
•Export reports to file formats such as Microsoft Excel or PDF.
•Save your report locally
•In a future update, you’ll be able to both open and publish from/to the Power BI Service

To download and install Power BI Report Builder, you can click on the COG icon in the title bar of Power BI site and select the Report Builder option.

The March 2019 release of Power BI Desktop has brought us keyboard accessible visual interactions. One of Power BI’s natural strengths is that you can click on a data point within a visual and have it cross-highlight or cross-filter the other visuals on a page. Keyboard-only users weren’t able to use this feature until now. Interact with a visual using keyboard commands. Notice you can select specific data points within the line chart, and the other charts on the page filter based upon the selection.