Archive for June, 2021

Identity theft

June 28th, 2021

In recent years, there has been a huge rise in the number of cases of identity theft. Around 49 million people have reported falling victim to crimes under this category. Identify fraud caused a total loss of approximately $56 billion in 2020 alone. This spike in identity theft has caused more and more people to think seriously about how they can better protect their identity.

You might find it helpful to read this extensive guide On What To Do If Your Identity Gets Stolen

Synergy Microsoft Gold partnership

June 23rd, 2021

Our Microsoft Partner Network Gold competency membership has been confirmed again for the 15th time.

Natural remote hybrid meetings in Teams

June 22nd, 2021

With office environments becoming increasingly “hybrid” post-pandemic, Microsoft is readying multiple improvements to its software to facilitate remote meetings.

Specifically, the company announced coming perks for users of the Microsoft Teams collaboration service, as well as Microsoft Viva, Microsoft’s relatively new “employee experience platform.”

Software improvements also are coming for Microsoft Whiteboard, a screen app used for collaboratively sketching ideas during meetings. Emerging Microsoft 365 “fluid components,” used to facilitate collaborations on the fly in applications, also are coming.

More Natural Remote Meetings
Microsoft’s meetings enhancements support the current work-from-home trend, dubbed “hybrid work,” Jared Spataro, corporate vice president for Microsoft 365, in the announcement suggested that Microsoft’s solutions bring organizations “a new operating model for people, places and process.”

The future improvements announced on Thursday aim to make remote meetings seem more natural. Microsoft concluded from its research findings that offering “a good view of the in-room participants” to remote viewers and “normalizing the sizes of people’s remote video feeds” would make remote meetings seem less fatiguing to viewers.

Fluid Components Expansion
Microsoft had introduced a preview of fluid components for Microsoft Teams in its May 2021 Build event. Fluid components enable messaging from software components, such as action items, lists or tables, when using the Teams service. Microsoft’s Thursday announcement explained that fluid components also are now coming to “OneNote, Outlook and Whiteboard to make it easier to collaborate synchronously and asynchronously across Teams and Office apps.” The exact timing when these fluid components will be integrated, though, not yet announced.

Fluid components are new Microsoft 365 solutions built on the Microsoft Fluid Framework, a Web-based “componentized document model for shared, interactive experiences” that was first introduced at the 2019 Microsoft Build event. These fluid components will are expected come to the Microsoft Teams and Whiteboard applications sometime this summer,

Front Row View in Teams Rooms
A major improvement for enhancing remote meeting experiences is its new “front row” feature for Teams Rooms.

With the front row feature, remote meeting participants appear in a row at the bottom of a screen, which is supposed to be at the same eye level as would be experienced if they had actually been seated in a meeting room. The top of the screen can then be used to display presentation materials. There’s also screen room on the sides to display other materials, such as a meeting agenda and a chat window.

The new front row feature “will be supported across both single and dual display configurations,” Microsoft explained in a Teams Rooms announcement. It’s expected to arrive “over the course of this year.”

New Whiteboard App
The Microsoft Whiteboard application, which lets people draw diagrams collaboratively using digital inking, is now described as being “completely new.” It has a new “Fluent toolbar” and improved inking capabilities when using a mouse. Drawn shapes get automatically straightened with a “shape recognition” capability.

The new Whiteboard app has various collaboration improvements. “Collaboration cursors” appear to identify people working together on a whiteboard. Microsoft added a laser pointer tool. It also added a “follow along” feature and new templates.

Ransomware – are you ready for the inevitable attack?

June 12th, 2021

The question about whether your organization will be hit with a ransomware attack is not “if” but “when.” Ransomware attacks are still on the rise, and can hit anything from critical infrastructure to smaller enterprises that try to stay under the radar of cybercriminals. An epidemic of security breaches involving ransomware and other types of malware is hitting large companies. In some cases, including the May ransomware attack on Colonial Pipeline, hackers first gained access using compromised accounts. Many such credentials are available for sale online. The ransomware attackers prompted major disruptions to gasoline and jet fuel supplies in the Southeastern US.

Ransomware attacks in North America have soared by 158% and globally by 62% since 2019, according to the 2021 SonicWall Cyber Threat Report

Earlier this month, JBS, the largest US supplier of meat, temporarily shut down its US plants following a ransomware attack on its network.

Game-maker Electronic Arts and the Presque Isle Police Department in Maine are responding to an event they had both been dreading: the theft of gigabytes of private data by hackers who breached their Internet-connected networks.

In EA’s case, the theft included 780GB of source code and tools for FIFA 21,

In another recent incident around 200GB of private data belonging to the Presque Isle Police Department was dumped online by a ransomware group known as Avaddon. The police department was hacked on April 18 and given 10 days to pay a ransom. The department was able to rebuild its network using data backups, and it declined to pay. Earlier this week, Avaddon posted the data on its website hosted on the dark web. The haul included 15,000 emails, according to leak site Distributed Denial of Secrets, which is making the data available to journalists and researchers. The Avaddon site also showed a sampling of police reports and witness statements that date back to at least 2011. The files document incidents of domestic violence, shoplifting, and physical assault and in many cases provide phone numbers, addresses, and other personal information belonging to victims and defendants.

Researchers have discovered yet another massive trove of sensitive data, a dizzying 1.2TB database containing login credentials, browser cookies, autofill data, and payment information extracted by malware that has yet to be identified.

In all, researchers from NordLocker said on Wednesday, the database contained 26 million login credentials, 1.1 million unique email addresses, more than 2 billion browser cookies, and 6.6 million files. In some cases, victims stored passwords in text files created with the Notepad application.

The stash also included over 1 million images and more than 650,000 Word and .pdf files. Additionally, the malware made a screenshot after it infected the computer and took a picture using the device’s webcam. Stolen data also came from apps for messaging, email, gaming, and file-sharing. The data was extracted between 2018 and 2020 from more than 3 million PCs.

Dark web ads for these viruses promise that they can build a virus to attack virtually any app the buyer needs. Once infected, a PC will regularly send pilfered data to a command and control server operated by the attacker. The files can be useful in piecing together the habits and interests of the victims, and if the cookies are used for authentication, they give access to the person’s online accounts.

If you want to determine whether your data was swept up by the malware check the Have I Been Pwned breach notification service, which has uploaded a list compromised accounts.

So what can you do to protect yourself. There is some good advice here

In Theordore Levitt’s book, Thinking About Management, he says managers should ask simple questions. Why do we do it this way? What are the alternatives? What are the potential business costs? Who does it better? It is time for CEOs to start asking these kinds of simple questions about their firm’s security posture.

Contingency plans are part of sound preparedness. One of them should be that, in the case of a ransomware attack: How can the company ensure near-instantaneous recovery if the ransomware attack is ignored? Secondly, how can the company ensure that the data is not corrupted? Knowing and strategizing to have contingency plans in place to address these challenges will give a company’s leadership greater confidence to move forward.

IT executives need to have a seat at the crisis management table and be empowered to speak the truth, even if the other executives are reluctant to hear it. In the midst of a cyber attack, the communication within a company can easily be disrupted, fragmented, and isolated. Weaknesses in internal communication, and a disconnect between business executives and IT executives, is exposed. When business executives have limited information and do not have a full, clear picture of what the company can and can’t do, knee-jerk decisions are made, that lead to financial loss, reputation damage, and business disruption, when with preparation it can be avoided. 

Ransomware criminals have unlimited dollars and every tool and technology needed to succeed. 

Are you ready?

Azure Virtual Desktop

June 10th, 2021

Microsoft’s Windows Virtual Desktop (WVD) service is now called “Azure Virtual Desktop,” or AVD, to indicate that it is intended to be “a flexible cloud VDI platform for nearly any use case — accessible from virtually anywhere.

Windows Virtual Desktop, commercially launched in September 2019, to let organizations remotely access true Windows 10 and Windows 7 desktops, as well as applications, which are hosted in virtual machines on Azure datacenters. This virtual desktop infrastructure (VDI) approach brings the benefits of centralized management and the option to use thin-client devices. It was both complex to set it up, with the added ae complexities of overseeing Azure hosting costs.

The added flexibility and the AVD name change hints that Windows may not be the only operating system hosted.

In addition to the name change, the announcement described some new capabilities coming to the AVD service, mostly at the preview stage. Microsoft plans to further discuss some of these in a June 18 Web presentation.

One of the enhancements is a new per-user AVD pricing option for organizations, which will be available starting on Jan. 1, 2022. With this option, organizations can offer streaming applications to their external “customers and business partners” something that independent software vendors might want to do.

The cost on Jan. 1, 2022 for this per-user option will be $5.50 per user per month, or $10 per user per month if organizations also want to include the use of the desktop OS. Also, there will be Azure hosting costs to pay.

A no-cost promotional offering of this per-user AVD service for external users will be available from July 14, 2021 through Dec. 31, 2021, the announcement indicated.

IFRS 17 and IFRS9 – Insurance contracts – are you ready? Ask Synergy Software Systems

June 1st, 2021

IFRS 17 is the newest IFRS standard for insurance contracts and replaces IFRS 4 on January 1st 2022. Mainly to make the financial statement easier to compare across insurance companies and among industries

It states which insurance contracts items should by on the balance and the profit and loss account of an insurance company, how to measure these items and how to present and disclose this information.

This is a big change for insurance companies because data administration, financial presentation and actuarial calculations will need to change!

IFRS 9 explains the classification and the measurement of financial instruments. Hence IFRS 9 helps to improve the information disclosure around financial instrument. Many perceive the information disclosure around financial instruments during the financial crisis as inaccurate for example impairments on financial instruments were taken too late and the amounts were too little.
IFRS 9 makes the classification of each financial instrument more logical and principle based. There are two questions which need to be answered for the classification:
• Why is the company holding the asset; just for collecting the cash flows from the underlying asset, or is the asset also held for trading?
• What kind of asset is the financial asset? Is it a derivative, an equity or a debt instrument? With the SPPI (solely payment of principal and interest) model it can be tested whether an instrument is really a debt instrument.
The classification determines:
• which accounting principle is used;
• should the instrument be measured at fair value or at amortized cost
• and whether earnings and losses should go through the profit and loss account or through the OCI (other comprehensive income) account.
IFRS 9 also includes a more dynamic credit loss model instructing when an insurer should take an impairment on financial assets. The model is forward looking thereby also expected future losses should be taken into account with the impairment.
IFRS 9 also makes hedge accounting possibilities more rule based, thereby being in line with how risks are managed within insurers.

Why are IFRS 9 and IFRS 17 implemented together?
• The insurance liability (IFRS 17) is always closely connected to the financial instruments (IFRS 9) within insurers.
• When a client buys an insurance, the insurance liability is created and with the paid premiums are financial instruments bought.
• Insurers want to reduce the volatility in their earnings and there are some choices within IFRS 9 and IFRS 17 which they can make which can impact the volatility.
• Under IFRS 17 insurers can decide whether results of changing financial risk assumption go through OCI or through the profit and loss account.
• Under IFRS 9 insurers can decide whether changes in equity will go through profit and loss or through OCI.
Both standards will impact earning volatility and hence balance sheet management choices are connected. Consequently, the IFRS board decided it is better that insurers are granted the option to implement both standards together.

Likely impacts
• New concepts and terms are introduced. for example components like unbiased Cash Flows, Risk Adjustment, Discount Rate and CSM
• The standards will have an impact on the presented numbers. Under IFRS 17 the insurance liability needs to be based on updated assumptions which is currently not the case with IFRS 4.
• Faster disclosure is needed, which needs faster processes within the organization
• Insurance liability needs to be specified in a different way, the importance of gross written premiums disappears, while equity will be impacted.
• Risk engines are needed to calculate the CSM and cope with all the different groups
• The general ledger system will change as new measurements are introduced
• Big impact on presentation of the balance and P&L
• More data is needed. with finer granularity and with more history, which challenges internal data quality and consistency and IT performance.
• Reporting timelines are also shortened. both challenging the systems but also the cooperation between different departments.
• Staff training will be needed.

To find out more about the requirements contact us or your auditors.
To update your financial software or to acquire software to support IFRS 17 please call Synergy Software Systems on 009714 3365589