Empower your manufacturing journey with Tracked Components: Unveiling the future of precision, compliance, and efficiency in Dynamics 365 Supply Chain Management
Introduction
We’re thrilled to unveil the public preview of our latest feature, Tracked Components, as part of our manufacturing capabilities in Dynamics 365 Supply Chain Management. This feature, released in version 10.0.40 on April 26 2024, streamlines the process of registering batch and serial numbers for components used in manufacturing processes, seamlessly matching them to the batch and serial numbers for the finished products being produced.
Enhanced track and trace capabilities in manufacturing offer a compelling value proposition. They provide real-time visibility into the supply chain, ensuring quality control, regulatory compliance, risk mitigation, enhanced productivity, and improved customer satisfaction. These systems empower manufacturers to optimize operations, reduce errors, and base decisions on data, ultimately leading to increased efficiency and superior products.
Boosting Manufacturing Precision with Tracked Components
At Contoso Inc., Jody, responsible for assembling loudspeakers, must register the serial numbers of the components used and match them to the speaker’s serial number during assembly.
Jody selects the assembly job she is working on in the Production Floor Execution interface and open the Tracked components page. First, Jody scans the serial number of the speaker, and then the serial numbers of the two tracked components used in the assembly. The association between the serial numbers of the components and the serial number of the speaker is now complete. As Jody completes the assembly job, all the serial numbers Jody registered are automatically deducted from inventory and consumed.
During quality inspection, an issue is discovered with on one of the speakers Jody assembled early that day. Peter, the quality supervisor, opens the Item tracing report and scans the serial number of the affected speaker to trace the component serial numbers used for further inspection.
Additional information
Batch and serial numbers can be registered as tracked components in both production and batch orders.
This feature is accessible in both the web client and the production floor execution interface. Within the web client, the interface for registering tracked components is accessible from various points such as routes, jobs, picking list journals, start and report as finished dialogs, and the current operations page.
Batch and serial numbers can be registered using either the keyboard or barcode scanning operations. The feature supports GS1 barcodes, enhancing efficiency by reducing the number of scans required during the registration process.
This feature is prepared for integration to the Traceability add-in for Dynamics 365 Supply Chain Management. The Traceability feature (coming in 2024) seamlessly integrates with the tracked components feature, offering visibility into the genealogy tree, also known as the As-Built BOM structure. This integration enables tracking of the assembly process throughout manufacturing. Furthermore, the feature includes forward and backward search capabilities against the genealogy tree. This empowers manufacturers to not only trace product histories but also manage component associations with greater precision.
Image: Preview – Traceability Feature – coming in 2024
Key Business benefits to utilizing Tracked Components
Benefits of Introducing Tracked Components in Manufacturing for Dynamics 365 Supply Chain Management:
Enhanced Efficiency: Tracked Components streamline the process of registering batch and serial numbers for components used in manufacturing processes. This efficiency boost translates into time savings and smoother operations on the production floor.
Improved Quality Control: With real-time visibility into the supply chain, manufacturers can ensure that components meet quality standards before they are used in production. This proactive approach minimizes the risk of defects and rework, ultimately improving the overall quality of the finished products.
Regulatory Compliance: Tracked Components help manufacturers stay compliant with regulations by providing accurate documentation of component usage and traceability throughout the production process. This ensures that products meet regulatory requirements, reducing the risk of fines or penalties.
Risk Mitigation: By enabling quick and accurate tracing of component serial numbers, manufacturers can promptly identify and address any issues that arise during production. This proactive approach minimizes the impact of potential disruptions and reduces the risk of product recalls or warranty claims.
Enhanced Productivity: The seamless integration of Tracked Components into existing workflows allows manufacturers to optimize operations and minimize errors. This increased productivity translates into faster production cycles and higher output levels, ultimately improving overall efficiency.
Improved Customer Satisfaction: With better quality control and more efficient production processes, manufacturers can deliver products that meet or exceed customer expectations. This leads to higher levels of customer satisfaction and strengthens relationships with clients.
Conclusion
In conclusion, Tracked Components for Dynamics 365 Supply Chain Management offer a significant boost to manufacturing efficiency and transparency. This feature enables seamless batch and serial number registration and tracing, ensuring quality control and enhancing productivity. With real-time visibility and barcode scanning support, it streamlines operations and integrates seamlessly into existing workflows. The integration with the Traceability add-in further enhances functionality, promising improved efficiency and compliance. Overall, Tracked Components revolutionize manufacturing processes, optimizing operations and customer satisfaction.
Learn more about Dynamics 365 Supply Chain Management
Dynamics 365 increases agility and resilience through supply chain modernization. Plan with confidence, maximize asset uptime and streamline fulfilment to improve overall profitability learn more here with our Supply Chain Modernization Guided Tour
Learn more about how to register and track batch/serial numbers for finished products and their components (preview) – Documentation
This article is contributed. See the original author and article here.
The release of Dynamics 365 Customer Service wave 1 2024 in April introduces several compelling features available for early access. This blog post discusses how to enable the agent call quality survey so agents can provide feedback on improvements.
This functionality enables contact center managers (or their IT counterparts) to swiftly identify and respond to any issues impacting the agent experience that might go unnoticed by conventional service metrics. By promptly addressing potential pain points, you can enhance call quality, strengthen customer satisfaction, and improve overall business performance. This eliminates the necessity of implementing agent satisfaction CSAT through custom development.
Get early access features
To try the call quality survey feature, you must opt in to get early access updates in your environment.
Enable the call quality survey
Once you opt in to early access, you can locate these settings in the Customer Service admin center. Go to Search admin settings and enter the keyword “Survey”. Look for the Workspaces section on the sitemap to access these settings. Alternatively, you can access these settings directly within the Agent Experience under the Workspaces section on the sitemap.
Select Agent call quality survey (preview) and you’ll gain access to the settings provided for this feature, such as the option to opt-in or opt-out, the frequency of survey display expressed as the number of calls before it appears, and the duration for which the survey remains active.
The administrator can set up a general opt-in for the agent survey and determine how frequently the survey appears per a certain number of calls. Additionally, if there’s a need to monitor agent experience for a specific duration, such as after significant changes in voice or telephony settings, the administrator can specify the survey duration with start and end dates.
Another option to access the agent survey configuration is also provided through the Voice workstream configuration settings pane.
Now, let’s explore the agent experience with this functionality. Following each call, the agent receives a prompt to rate the overall quality of the call. If the agent response is less than 5 stars, the agent sees a new survey page with more detailed depth-in questions.
Following the submission of the survey form, the agent will have the opportunity to view the acknowledgment of their registered feedback and close the survey form.
Query call quality survey results
Once the agent’s feedback is saved (stored in Azure logs analytics), you can utilize statistics by querying the aggregated data in Azure. Before querying, make sure to enable the Call Survey Logs option in Diagnostics.
Then Administrator can go to “Logs” -> “Queries” and choose Call survey query to execute.
You can delve deeper into the answered questions regarding call quality and respond to any issues more quickly.
In conclusion, the call quality survey provides an easy way for agents to provide feedback. These surveys serve as invaluable tools for gathering immediate feedback from customers regarding their interaction experiences. By analyzing the results of these surveys, agents can identify areas for improvement and ultimately elevate customer satisfaction levels. Moreover, the data collected from these surveys can inform training programs and strategic decision-making within the organization, leading to continuous improvement in service delivery. Ultimately, prioritizing end-of-call quality surveys empowers agents to deliver exceptional customer service, fosters a culture of continuous improvement, and strengthens overall customer relationships.
This article is contributed. See the original author and article here.
The release of Dynamics 365 Customer Service wave 1 2024 in April introduces several compelling features available for early access. This blog post discusses how to enable the agent call quality survey so agents can provide feedback on improvements.
This functionality enables contact center managers (or their IT counterparts) to swiftly identify and respond to any issues impacting the agent experience that might go unnoticed by conventional service metrics. By promptly addressing potential pain points, you can enhance call quality, strengthen customer satisfaction, and improve overall business performance. This eliminates the necessity of implementing agent satisfaction CSAT through custom development.
Get early access features
To try the call quality survey feature, you must opt in to get early access updates in your environment.
Enable the call quality survey
Once you opt in to early access, you can locate these settings in the Customer Service admin center. Go to Search admin settings and enter the keyword “Survey”. Look for the Workspaces section on the sitemap to access these settings. Alternatively, you can access these settings directly within the Agent Experience under the Workspaces section on the sitemap.
Select Agent call quality survey (preview) and you’ll gain access to the settings provided for this feature, such as the option to opt-in or opt-out, the frequency of survey display expressed as the number of calls before it appears, and the duration for which the survey remains active.
The administrator can set up a general opt-in for the agent survey and determine how frequently the survey appears per a certain number of calls. Additionally, if there’s a need to monitor agent experience for a specific duration, such as after significant changes in voice or telephony settings, the administrator can specify the survey duration with start and end dates.
Another option to access the agent survey configuration is also provided through the Voice workstream configuration settings pane.
Now, let’s explore the agent experience with this functionality. Following each call, the agent receives a prompt to rate the overall quality of the call. If the agent response is less than 5 stars, the agent sees a new survey page with more detailed depth-in questions.
Following the submission of the survey form, the agent will have the opportunity to view the acknowledgment of their registered feedback and close the survey form.
Query call quality survey results
Once the agent’s feedback is saved (stored in Azure logs analytics), you can utilize statistics by querying the aggregated data in Azure. Before querying, make sure to enable the Call Survey Logs option in Diagnostics.
Then Administrator can go to “Logs” -> “Queries” and choose Call survey query to execute.
You can delve deeper into the answered questions regarding call quality and respond to any issues more quickly.
In conclusion, the call quality survey provides an easy way for agents to provide feedback. These surveys serve as invaluable tools for gathering immediate feedback from customers regarding their interaction experiences. By analyzing the results of these surveys, agents can identify areas for improvement and ultimately elevate customer satisfaction levels. Moreover, the data collected from these surveys can inform training programs and strategic decision-making within the organization, leading to continuous improvement in service delivery. Ultimately, prioritizing end-of-call quality surveys empowers agents to deliver exceptional customer service, fosters a culture of continuous improvement, and strengthens overall customer relationships.
This article is contributed. See the original author and article here.
Whether you are runningastartup or an already thriving small business, harnessing AI-driven solutions will help you discover new opportunities, streamline operations, and make data-driven decisions with confidence. Understanding and exploring the possibilities of AI is essential for small businesses and key to unlocking growth, driving innovation, and maintaining a competitive edge.
The first step is understanding the potential ofAI for your business.Microsoft has developed several online resources to help. In recognition of National Small Business Week, we havecurated a list of thoseresources that may be helpful for small business professionalswho want to get started with AI.
Establish an AI foundation
Start your AI journey by visiting the Microsoft WorkLab and examining a rich collection of content that addresses the real-world scenarios of how AI is impacting work today. New articles are regularly added that will help you understand not just AI’s high-level capabilities, but also the nuances of AI and how to directly apply AI to your day-to-day work. Key resources include:
Up-to-date market research on all the ways that AI is impacting work, like our latest, the AI Data Drop. This study provides insights into how employees feel about AI and how long it takes most employees to build effective AI habits.
Regular podcasts with business leaders, like our recent discussion with Bryan Hancock, McKinsey’s Global Talent Leader, on the different ways that managers can unlock AI’s potential for their teams.
When you’re ready to build a deeper AI skill, you explore the Microsoft AI Learning Hub. You’ll find a variety of tools to help you go from understanding AI to preparing for it. You can learn the mechanics of using the technology and even how to build it into your own apps and services.
Start with the learning journey for Business Users, which is foundational for getting an underlying understanding of AI, and then move into a more detailed guidance on how to use and implement its capabilities. If you’re an IT professional, look at the learning journey for IT Professionals, which provides a thorough grounding on the particulars of AI adoption, deployment, and small business concerns, like data classification and regulatory considerations.
To define your own path, get skilling recommendations based on your job responsibilities and objectives. No matter where you want to go, you can use the AI learning assessment to define a customized learning journey to get you there.
Put AI to work
To put your AI skills into practice or if you’re already using Copilot for Microsoft 365, visit the Microsoft Copilot Lab. This site provides easy, visual introductions into what Copilot is and how it helps you do more no matter which Microsoft 365 app you are using. These tools are designed for professionals that need a fast, tactical grounding so they can benefit from AIevery day.
One example is the prompt writing guide, which explains how to write effective prompts so Copilot can deliver exactly what you need. This toolkit teaches the art and science of prompting. It walks through a series of easy initial prompting exercises like writing an AI-powered email or creating an image, so you’ll understand how to edit a prompt to tailored it to your scenario.
Microsoft Learn has a series of freely available, advanced courses to help you gain a deeper understanding of Copilot, how it works with the apps in Microsoft 365 and best practices for everyday use.
Get started
National Small Business Week may be an annual event, but you can build your AI skills year-round. Join the Microsoft SMB Tech Community to network with other professionals using Copilot. You can come here anytime to ask questions, get help, keep up with the latest AI news specific to small and medium-sized businesses and find out about upcoming online or local events.
This article is contributed. See the original author and article here.
The domain name code.microsoft.com has an interesting story behind it. Today it’s not linked to anything but that wasn’t always true. This is the story of one of my most successful honeypot instances and how it enabled Microsoft to collect varied threat intelligence against a broad range of actor groups targeting Microsoft. I’m writing this now as we’ve decided to retire this capability.
In the past the domain ‘code.microsoft.com’ was an early domain used to host Visual Studio Code and some helpful documentation. The domain was active until around 2021, when this documentation was moved to a new home. The site behind the domain was an Azure AppService site that performed the redirection thus preventing existing links from being broken.
Sometime around mid-2021 the existing Azure AppService instance was shutdown leaving code.microsoft.com pointing to a service that no longer existed. This created a vulnerability.
This situation is what’s called a dangling subdomain which refers to a subdomain that once pointed to a valid resource but now hangs in limbo. Imagine a subdomain like blog.somedomain.com that used to handle a blog application. When the underlying service is deleted (the blog engine) you might update your page link and assume the service has been retired. However, there is still a subdomain that pointed to the blog entire, this is now “dangling” and can’t be resolved.
A malicious actor can discover the dangling subdomain. Provision a cloud Azure resource with the same name and now visiting blog.somedomain.com will redirect to the attacker’s resource. Here they control the content.
This happened in 2021 when the domain was temporarily used to host a malware C2 service. Thanks to multiple reports from our great community this was quickly spotted and taken down before it could be used. As a response to this Microsoft now has more robust tools in place to catch similar threats.
How did it become a honeypot?
Today it is relatively routine that MSTIC takes control of attacker-controlled resources and repurposes these for threat intelligence collection. Taking control of a malware C2 environment for example enables us to potentially discover new infected nodes.
At the time of the dangling code subdomain this process was relatively new. We wanted a good test case to show the value of taking over resources over taking them down. So instead of removing the dangling subdomain we pointed this instead to a node in our existing vast honeypot sensor network.
A honeypot is a decoy system designed to attract and monitor malicious activity. Honeypots can be used to collect information about the attackers, their tools, their techniques, and their intentions. Honeypots can also be used to divert the attackers from the real targets and to waste their time and resources.
Microsoft’s honeypot sensor network has been in development since 2018. It’s used to collect information on emerging threats to both our and our customers environments. The data we collect helps us be better informed when a new vulnerability is disclosed and gives us retrospective information on how, when and where exploits are deployed.
This data becomes enriched with other tools Microsoft has available and turns it from a source of raw threat data to threat intelligence. This is incorporate into a variety of our security products. Customers can also get access to this via Sentinel’s emerging threat feed.
The honeypot itself is a custom designed framework written in C#. It enables security researchers to quickly deploy anything from a single HTTP exploit handler in one or two lines of code all the way up to complex protocols like SSH and VNC. For even more complex protocols we can hand off to real systems when we detect exploit traffic and revert these shortly after.
It is our mission to deny threat actors access to resources or enable them to use our infrastructure to create further victims. That’s why in almost all scenarios the attacker is playing in a high interaction, simulated environment. No code is run, everything is a trick or deception designed to get them to reveal their intentions to us.
Substantial engineering has gone into our simulation framework. Today over 300 vulnerabilities can be triggered through the same exploit proof-of-concepts available in places like GitHub and exploitdb. Threat actors can communicate with over 30 different protocol and can even ‘log in’ and deploy scripts and execute payloads that look like they are operating on a real system. There is no real system and almost everything is being simulated.
Even so it’s important that in standing up a honeypot on an important domain like Microsoft.com that it wasn’t possible for attackers to use this as environment to perform other web attacks. Attacks that might rely on same origin trust. To mitigate this further we added the sandbox policy to the pages which prevents these kinds of attacks.
In recent years this capability has been crucial to understanding the 0day and nDay ecosystem. During Log4shell incident we were able to use our sensor network to track each iteration of the underlying vulnerability and associated proof-of-concept all the way back to GitHub. This helped us understand the groups involved in productionising the exploit and where it was being targeted. Our data enables internal teams to be much better prepared to remediate and provides the analysis for detection authors to improved products like MDE in real time.
The team developing this capability also works closely with the MSRC who our track our own security issues. When the Exchange ProxyLogon vulnerability was announced we had already written a full exploit handler in our environment to track and understand not just the exploit but the groups deploying it. This situational awareness this enables us to give clearer advice to industry, better protect our customers and integrate new threats we were seeing into Windows Defender and MDE.
The domain code.microsoft.com was often critical to the success of this as well as a useful early warning system. When new vulnerabilities have been announced, threat actors can often be too consumed with trying to use the vulnerability as quickly as possible than checking for Deception infrastructure like a honeypot. As a result, code.microsoft.com often saw exploits first, many of these exploits were attributed to threat actors MSTIC already tracks.
What happened next?
The code subdomain had been known to bug bounty researchers for several years. When receiving reports for this domain these would be closed to let them know they had found a honeypot.
In the past we’ve asked these security professionals to refrain from publishing the details of this service is in effort to protect the value we received from it. We’ve also understood for a while that this subdomain would need to be retired when it because well know what was behind it.
That time is now.
On the 25th April an uptick in traffic to the subdomain and posts on Twitter showed that domain was being investigated by a broad groups of individuals. We don’t want to waste effort researchers put into finding issues with our production systems so it was decided that the truth would finally be revealed and the system retired.
The timeline below gives an order of events from our perspective. It’s unknown exactly how the full exploit URL for our server ended up in Google search database, but it looks like this and the associated discovery on Twitter/X culminated in almost 80k Wechat exploits in a 3 hour period. it’s unlikely the Google crawler would have naturally found the URL. Our current theory is that a security researcher found this and submitted a report to Microsoft. As part of this process either the Chrome browser or another app found this URL and submitted it for indexing.
March 2024
WeChat exploit appear in Google search results for the first time
15th April 2024
Sumit Jain posts a redacted screenshot of a exploit mitigation, some debate occurs about whether the domain is the code subdomain.
21st April 2024
Google trends show that many people are now search for this domain
24th April 2024
We start to notice a significant uptick in traffic to the subdomain
26th April 2024
We are handling 126 thousand times more requests than average
By 26th April we were handling ~160k requests per day, up from the usual 5-100. Most of these requests were to a single endpoint handling a vulnerability in the Wechat Broadcast plugin for WordPress (CVE-2018-16283). This enabled anyone to ‘run’ a command from a parameter in the URI.
Looking at these URI’s we found 11k different commands being run. Most of these pushed a message by some group or another stating that the site had been hacked by them. As this was a simulation, this did not happen.
Removing these messages gives a clearer picture of the kinds of commands people were entering.
Most commands entered were Linux recon commands. These attempted to find out what the system was, what files it contained and more broadly what value it was to Microsoft. The next biggest group were running command, these ranged from basic Linux commands like ‘whoami’ but a few enterprising folks went on to run scripts of various languages.
Most people who interacted didn’t get further that the Wechat exploit. Over the three days that infosec Twitter took interest 63 different exploits in total were triggered. The biggest surprise to me was that most researchers stuck to HTTP, only three groups probed the other ports and even fewer logged into the other services that were available.
Some of the best investigation came from @simplylurking2 on Twitter/X who after finding out the system was a honeypot continued to analyse what we had in place and constructed. First constructing a rick roll and then a URL that when visited would display a message to right click and save a payload.
With such a lot of information now publicly available the usefulness of this subdomain has also diminished. On April 26th we replaced the site with a 404 message and are working on retiring the subdomain completely.
Our TI collection is undiminished, Microsoft runs many of these collection services across multiple datacentres. Our concept has been proved and we have rolled out similar capabilities at higher scales in many other locations worldwide. These continue to give us a detailed picture of emerging threats.
Recent Comments