This article was originally posted by the FTC. See the original article here.
As part of the FTC’s ongoing efforts to protect you from shady sellers during the pandemic, the agency sent cease and desist demands to 25 companies that claimed their products can prevent or treat COVID-19. Treatments peddled by these companies include the use of vitamin C infusions, Ivermectin, peptide therapies, herbal remedies, teas, juices, filtered water, nasal irrigation, and seaweed extract. But there is no proof, as required by law, that any of these products can prevent or treat COVID-19 or the Delta or Omicron variants.
When it comes to fighting COVID-19 and spotting unsupported treatment claims, remember:
When there’s a medical breakthrough to treat, prevent, or cure a disease, you’re not going to hear about it for the first time through an ad or sales pitch.
Always talk with your doctor or healthcare professional before you try any product claiming to treat, prevent, or cure COVID-19.
Visit CDC.gov and the FDA.gov for the most up-to-date information about COVID-19 and its variants.
This article is contributed. See the original author and article here.
Earlier in 2021, we had discussed how retailers can create an intelligent supply chain to successfully navigate through the disruptions and quickly adapt to changing customer behavior. As our retail customers embarked on the journey to create a resilient and intelligent supply chain, there were three key areas that emerged where our customers prioritized their investmentsoptimizing fulfillment, predicting supply chain risks, and enhancing supply chain visibility. Let’s take a look at some of Microsoft’s recent innovations in these areas that enable retailers to create a supply chain of the future.
Turning order fulfillment into a competitive advantage
A retailer’s success hinges on having the right inventory at the right place at the right time. As retailers and brands continue to adapt to meeting the growing e-commerce demand, determining where the inventory is fulfilled for e-commerce versus in-store orders becomes critical to ensure that customer demands are met on time and in a profitable manner.
As a recent Gartner report found, one of the ways to achieve supply chain excellence is by holding distribution center inventory in a channel-agnostic manner for flexible use of inventory to fulfill online and in-store demand effectively1. To achieve this level of flexibility, retailers need a system that offers rules-based order orchestration leveraging AI and real-time omnichannel inventory data to proactively address constraints and profitably fulfill orders on time and in full.
At Microsoft, we are at the forefront of these efforts, investing in solutions like Microsoft Dynamics 365 Intelligent Order Management that help retailers reimagine the future of global supply chains and turn order fulfillment into a competitive advantage.
This embed requires accepting cookies from the embed’s site to view the embed. Activate the link to accept cookies and view the embedded content.
Predict risk and enhance visibility with AI-powered insights
According to Gartner, 76 percent of supply chain executives indicated that compared to three years ago, their company today faces more frequent disruptions in their supply chain. Meanwhile, another 72 percent reported that the impact of disruptive events has increased.2
Retailers have made significant strides in 2021 to create resiliency in their supply chains but the response has still been very reactive in nature. Slow digitization of the supply chain continues to inhibit organizations from proactively planning for changing customer demand and supply challenges. With an increase in e-commerce, it is imperative to gain real-time visibility into inventory at every node of the supply chain, all the way from the manufacturer to shipping ports to distribution centers to stores and finally to the consumer. Brands gain affinity when they consistently deliver on their order promise to their customers.
With this need for increased visibility and consistency in mind, we recently launched Microsoft Dynamics 365 Supply Chain Insights in preview that enables organizations to predict risks in their supply chain based on news, weather, geo-political events, etc., and enables them to make better supply chain decisions with proactive risk mitigation via prescriptive insights powered by AI.
With Dynamics 365 Supply Chain Insights, retailers and consumer goods companies can create a digital representation of their physical supply chain. This enables them to simulate different scenarios at different nodes along the value chain and make well-informed decisions to mitigate any disruption. They can further gain visibility into the supply chains of their multiple tiers of suppliers, and improve the effectiveness of their demand and supply planning to ensure a delightful customer experience.
We also made significant enhancements to the Inventory Visibility add-in for Dynamics 365 Supply Chain Management. Retailers can now get near real-time inventory visibility across all their internal channels and disparate third-party supply chain systems in a single place. Adding multiple systems in a scalable manner allows them to add new third-party integrations as they grow their supplier network or acquire new businesses. The enhanced visibility enables businesses to proactively mitigate any out-of-stock situations. Furthermore, they can perform soft reservations based on omnichannel sales demand so that they do not incorrectly commit to a customer.
Retailers can further leverage enhanced planning capabilities to enable near real-time inventory planning by prioritizing certain orders over others with ease. For example, they can prioritize orders for products that are low on stock versus the ones that are not. Lastly, retailers can optimize and streamline back-of-house operations like receiving and replenishment using the Warehouse Management mobile app. The mobile app empowers distribution centers, warehouses, and brick-and-mortar locations to make inventory decisions like transferring goods from one location to another simply by scanning the items. By running critical warehouse operations on Edge, retailers can ensure business continuity across all locations despite latency or network issues at HQ.
All the supply chain solutions from Dynamics 365 are not only interoperable with each other but also seamlessly work with other third-party ERP, commerce, and supply chain systems.
Take the Supply Chain Visibility Guided Tour to see how a retailer can enhance supply chain visibility using Dynamics 365 and Microsoft Cloud for Retail.
Here are some recent examples of our retail customers who have created a resilient supply chain this past year using Dynamics 365.
Servis Industries Limited powers direct-to-consumer expansion by moving to the cloud
Established more than 50 years ago, Servis Industries Limited (SIL) is a leading manufacturer and exporter in Pakistan. To achieve its goal of becoming a global, world-class, and diversified company, SIL moved its on-premises infrastructure to the cloud by adopting Dynamics 365 Finance, Dynamics 365 Supply Chain Management, and Dynamics 365 Commerce. Now, the company has a holistic overview of its retail stores and an infrastructure management system that can support rapid national and international growth.
“To achieve our goal, we need to open 40 to 50 outlets per year. It used to be that with each new store, our team had to be on-site to provide technical support. Now, everything is cloud-based, so we don’t have to travel. The new stores can just access the systems and start their operations almost immediately.”Faisal Rizvi, Head of IT, Servis Industries Limited.
Another challenge that SIL encountered in its journey was the need to meet the evolving customer expectation for personalized engagement, omnichannel experiences, and frictionless interactions. For this, the company turned to Distributed Order Management to deliver smooth order processing between its e-commerce platform and physical stores and to optimize order fulfillment across their network by utilizing AI, automation, and real-time inventory.
Khaadi delivers rapid omnichannel success
Founded in 1998, Khaadi is Pakistan’s premier fashion retailer with more than 70 physical stores across Pakistan, the Gulf Cooperation Council (GCC), the United Kingdom, and online stores in more than 12 countries. With its growing network of physical and online storefronts, the company needed a solution that could streamline its omnichannel sales delivery and empower its daily operations with actionable store-level insights for managers. The drive towards omnichannel was forced into overdrive when pandemic lockdowns moved all of Khaadi’s operations online. Suddenly, they needed to pivot to leverage a single inventory across the business and use their stores as fulfillment hubs.
To meet this challenge, Khaadi turned to Microsoft Power Apps and Power BI, alongside Dynamics 365 Commerce, Dynamics 365 Finance, and Dynamics 365 Supply Chain Management. With this technology in place, Khaadi successfully transitioned to omnichannel.
“We were able to draw up a blueprint for omnichannel sales rapidly and implemented a complete enterprise-level scenario in just in one weekend. IT was able to transform the dynamics of our business within just a week’s time, making Khaadi a truly omnichannel enabled retailer. From there, it was only a matter of three months before we scaled the roll out ten times with help of Dynamics 365 Commerce Distributed Order Management.”Muhammad Rehan Qadri, Chief Information Officer, Khaadi.
As you can see by these recent customer success stories, Dynamics 365 Supply Chain Management is helping companies to deliver the retail supply chain of the future by empowering direct-to-consumer expansion and accelerating omnichannel success.
What’s next?
The events of the past two years have made it essential for businesses to invest in technology that can help them sense supply chain constraints and disruptions and predict spikes and troughs in demand. Microsoft Dynamics 365 assists companies in integrating these types of new capabilities, such as real-time, end-to-end visibility, priority-based planning, and AI-empowered insights so that they can effectively compete in this new normal. As we have seen here, this can take the form of accelerating direct-to-consumer and omnichannel success, empowering retailers to turn order fulfillment into a competitive advantage, and integrating advanced warehousing solutions to improve distribution processes.
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.
This article is contributed. See the original author and article here.
CISA has added 13 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and pose significant risk to the federal enterprise.
CVE Number
CVE Title
Required Action Due Date
CVE-2021-32648
October CMS Improper Authentication
2/1/2022
CVE-2021-21315
System Information Library for node.js Command Injection Vulnerability
2/1/2022
CVE-2021-21975
Server Side Request Forgery in vRealize Operations Manager API Vulnerability
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the Catalog that meet the meet the specified criteria.
This article is contributed. See the original author and article here.
Hello again! I’m Jeff Sakowicz, Principal Program Management Lead for Application Platform Security within the Microsoft Identity team. Our team’s goal is to foster a secure, trustworthy, and thriving app ecosystem. Part of achieving this goal is enabling apps to support a Zero Trust security model.
This is the second post in our series on why Zero Trust matters for developers. In the previous post, I introduced the Zero Trust principles and how they apply to identity and access management. In this post, I will focus on how you can design apps using the principle of least privileged access with the Microsoft identity platform.
Why should you care about using least privileged access?
In short, by limiting what your app has permission to do, you reduce the potential blast radius of attacks and increase adoption of your apps by customers. In our experience, IT administrators are sensitive to the levels of permission being requested by applications and are applying more scrutiny when deciding whether to grant a given app permissions. When you create an app that asks for a lot of permissions, it will be less likely to be approved or could be denied altogether.
What is overprivilege and what is an overprivileged app?
When an entity asks for, and in some cases is granted, more permissions than it needs, we call it “overprivileged.” In this post we will focus exclusively on overprivileged applications with respect to OAuth2.0 permissions in the Microsoft Identity platform and use example scenarios of client apps that call the Microsoft Graph API. That said, principles in this blog do apply to other permission models and APIs – we’ll cover this more in future posts.
Overprivilege occurs when an app has requested and been granted unused or reducible permissions:
Unused permission: Permission that is not necessary at all for the desired tasks. For example, a calendar app that obtains the Files.ReadWrite.All permission but doesn’t integrate with any Files APIs has unused permissions.
Reducible permission: Permission that has a lower-privileged alternative that would still provide the access for required tasks. For example, consider an application that needs to read files from the signed-in user’s OneDrive, but never needs to create new files or modify existing ones. If this app has requested and been granted Files.ReadWrite.All, it has a reducible permission. Instead, it should be requesting Files.Read.
What are the goals in combatting overprivileged apps?
There are three main goals for us in the Microsoft Identity team in terms of combatting overprivileged apps:
Help developers to build trustworthy apps that are adopted smoothly by avoiding excessive permissions, since requesting unnecessary privileges creates friction with users, IT, and policies applied to app consent within an environment.
Help IT Adminsand other decision makers understand how to identify, request, and grant least privileged permissions in their organization to limit overprivileged apps.
Prevent attackers from gaining elevated privileges that increase the scope of compromise and enable lateral movement within an environment.
How can you ensure your apps become least privileged?
Here are three high level best practices for developers and IT Admins to keep in mind when thinking about adhering to the least privileged principle for applications:
Prevent overprivilege by avoiding unused and reducible permissions. Fully understand the permissions required for the API calls that your application needs to make, and only request what is necessary to enable your scenario.
Audit the privileges that have been previously granted to existing apps in your app portfolio on a regular basis, identifying opportunities for privilege reduction or removal. This means IT admins audit the permissions consent granted to apps within their tenant and developers review the permissions that their apps are requesting.
Remediate by updating apps to stop requesting unused and reducible permissions and revoke previously granted permissions that are no longer necessary.
Microsoft has tools that help you with this process. For example, when Then, you can find the corresponding permissions from least to most privileged for Microsoft Graph by using this handy permissions reference.
Recent Comments