Month: June 2020

Real-time processing is data processing that occurs as the user enters in the data or a command. Batch processing involves the execution of jobs at the same time. The main difference is that administrators can postpone batch processes, while real-time processes must occur as soon as possible.

1. Time Frame

The time between when the user inputs the data into the computer and when the computer performs the expected output is called the response time. Real-time systems have predictable response times. Outputs are successful if they are accurate and timely. Response times do not necessarily have to be fast. There is no speed where a process is considered real-time and all processes have some delay. A system is “real-time” when processing activities have deadlines. Batch processing does not have a specific moment at which tasks are completed, with tasks being completed when the computer is able to complete them, based on the processing demands of the tasks and the processing speed of the computer.

2. Deadlines

A hard real-time system is one in which the failure to meet even one deadline indicates a complete system failure. With soft real-time, missing a deadline indicates that the system is not working at its peak. In batch processing, missed deadlines might mean that the computer needs more processing capacity to finish tasks.

3. Embedded

Real-time systems are usually reactive, meaning they behave based on the conditions of the environment. Real-time processors are usually embedded, meaning they do not have an operating system interface and are used only to control hardware devices. For example, a digital thermometer might have a real-time processor embedded in the thermometer that gives a continuously correct temperature. Batch processes are usually a part of a larger computer system.

4. Predictability Vs. Flexibility

Real-time systems have specific and predictable outputs that occur in response to an input. The number of outputs that a real-time system can have is usually fixed. For example, on the thermometer, the number of readings the thermometer has is fixed and the thermometer will not perform unique actions, such as reading “the meat is done.” Administrators can usually adjust batch processes to serve different purposes.

5. Postponing

With batch processing, processes are saved for when the computer is not executing very many tasks, such as in the evening when a business is not very busy. For example, a company can refrain from running antivirus scans when the company is busy, since the scans use up computer processing power. Administrators often start antivirus scans at night, when most of the workers have gone home. Real-time processing usually occurs whenever the processor receives an input.

6. Outside Computing

Batch processing also occurs outside computers. For example, instead of sending a bill to a customer every time the customer pays for a service, a company might send a bill every month so that the company doesn’t have to spend as much on postage. Real-time processing usually only refers to computers and microcontrollers.

Real Time System vs Online System

We are all used to real time systems as we deal with them in all walks of life. We also know what an online system is as surfing is a particular example of online system that is all pervasive today. There are online systems that are almost real time as RTGS which is online system of transfer of funds electronically. When there is so much similarity between online and real time systems, there is bound to be confusion among the minds of readers pertaining to their differences.

Online has just one meaning and that is when one is logged on to internet. Whether you are playing a game online, tracking movement of share prices, or talking to your friend via instant messenger, you are effectively dealing with online systems. There are systems that update automatically after a specified time and there are systems where you need to refresh the page manually. There is some time lag between the event that is happening and the time when the web page refreshes. If you are watching a live telecast of a cricket match online, it is not real time as you get to see a wicket falling or a ball being bowled after a lag of a few seconds.

A real time system changes its state as a function of physical time. Some examples of real time systems are command and control systems, defense and space systems, air traffic control systems, automated electronics. Real time systems are not dependent upon just logical results of manual computations but also on the exact instant that the events happen or take place. One example of real time system is when you are chatting with your friend online. You see the reaction of the system as soon as you type in the messenger. Because of advancements in technology and increase in the number of users, many online systems today are almost real time.

Railway reservations systems are one example where you get immediate booking as soon as you press the button ‘confirm’ and thus it is an online system that is also real time.

An automated teller machine (ATM) is an electronic banking outlet that allows customers to complete basic transactions without the aid of a branch representative or teller. Anyone with a credit card or debit card can access cash at most ATMs.

ATMs are convenient, allowing consumers to perform quick self-service transactions such as deposits, cash withdrawals, bill payments, and transfers between accounts. Fees are commonly charged for cash withdrawals by the bank where the account is located, by the operator of the ATM, or by both. Some or all of these fees can be avoided by using an ATM operated directly by the bank that holds the account.

ATMs are known in different parts of the world as automated bank machines (ABM) or cash machines.

An automated teller machine (ATM) is an electronic telecommunications device that enables customers of financial institutions to perform financial transactions, such as cash withdrawals, deposits, funds transfers, or account information inquiries, at any time and without the need for direct interaction with bank staff.

ATMs are known by a variety of names, including automatic teller machine (ATM) in the United State (sometimes redundantly as “ATM machine”). In Canada, the term automated banking machine (ABM) is also used, although ATM is also very commonly used in Canada, with many Canadian organizations using ATM over ABM. In British English, the terms cashpoint, cash machine and hole in the wall are most widely used. Other terms include any time money, cashline, nibank, tyme machine, cash dispenser, cash corner, bankomat, or bancomat. Many ATMs have a sign above them indicating the name of the bank or organization that owns the ATM, and possibly including the networks to which it can connect. ATMs that are not operated by a financial institution are known as “white-label” ATMs.

Using an ATM, customers can access their bank deposit or credit accounts in order to make a variety of financial transactions, most notably cash withdrawals and balance checking, as well as transferring credit to and from mobile phones. ATMs can also be used to withdraw cash in a foreign country. If the currency being withdrawn from the ATM is different from that in which the bank account is denominated, the money will be converted at the financial institution’s exchange rate. Customers are typically identified by inserting a plastic ATM card (or some other acceptable payment card) into the ATM, with authentication being by the customer entering a personal identification number (PIN), which must match the PIN stored in the chip on the card (if the card is so equipped), or in the issuing financial institution’s database.

According to the ATM Industry Association (ATMIA), as of 2015, there were close to 3.5 million ATMs installed worldwide. However, the use of ATMs is gradually declining with the increase in cashless payment systems.

Types of ATMs

There are two primary types of ATMs. Basic units only allow customers to withdraw cash and receive updated account balances. The more complex machines accept deposits, facilitate line-of-credit payments and transfers, and access account information.

To access the advanced features of the complex units, a user must be an account holder at the bank that operates the machine.

Analysts anticipate ATMs will become even more popular and forecast an increase in the number of ATM withdrawals. ATMs of the future are likely to be full-service terminals instead of or in addition to traditional bank tellers.

Although the design of each ATM is different, they all contain the same basic parts:

• Card reader: This part reads the chip on the front of the card or the magnetic stripe on the back of the card.
• Keypad: The keypad is used by the customer to input information, including personal identification number (PIN), the type of transaction required, and the amount of the transaction.
• Cash dispenser: Bills are dispensed through a slot in the machine, which is connected to a safe at the bottom of the machine.
• Printer: If required, consumers can request receipts that are printed here. The receipt records the type of transaction, the amount, and the account balance.
• Screen: The ATM issues prompts that guide the consumer through the process of executing the transaction. Information is also transmitted on the screen, such as account information and balances.

Conclusion

• Automated teller machines are electronic banking outlets that allow people to complete transactions without going into a branch of their bank.
• Some are simple cash dispensers while others allow a variety of transactions such as check deposits, balance transfers, and bill payments.
• To keep ATM fees down, use an ATM branded by your own bank as often as possible.

If you work with purchasing or sales, you will inevitably come across EDI transactions. Electronic Data Interchange, commonly shortened to EDI, is a standard format for exchanging business data.

EDI transactions are a type of electronic commerce that companies use for transactions such as when one company wants to electronically send a purchase order to another. EDI transactions were designed to be independent of the communications used by companies or the software technology that generates the EDI data.

EDI Formats

EDI works based on standards which determine how each message should be formatted.

Four EDI standards exist: UN/EDIFACT, which is the only internationally-recognized standard, used mostly outside of North America; ANSI ASC X12, used within North America, TRADACOM, used by British retail companies, and ODETTE, which is used by European automakers.

The implementation of EDI is important for companies as it can significantly reduce the cost of sending documents.

EDI Costs Versus Benefits

A paper purchase order requires resources to print the document, fax it, or post it to the vendor. EDI automatically sends the electronic document to the vendor thus reducing the cost of sending the PO. Studies of the cost savings of implementing EDI have been performed, including a report from the Aberdeen group in 2008, which highlighted that in the US it cost $37.45 to produce and send a paper PO, while it only cost $23.83 to send it using EDI.

Not all companies use EDI. There is a cost to implement and maintain the technology required to perform EDI. Each trading partner that a company wants to use EDI with may require resources to set up and this can be cost-prohibitive for smaller companies or companies without technical resources.

Some companies who profess to use EDI may receive orders electronically but are unable to automatically load those orders into their sales systems. The EDI orders are printed out and manually entered into their computer systems.

This situation is common where companies have aging order systems that do not have the capability to accept or generate EDI orders.

EDI How It Works

There are a number of ways EDI messages are transmitted between trading partners. The most common method was to use a value-added network or VAN. This allowed companies to send a transmission which was then reviewed by the VAN and then sent to the correct recipient.

More recently a new method for EDI transmission is being used. This is called AS2, which stands for Applicability Statement 2, and was championed by Wal-Mart, who requires all of their vendors to use this method. Using AS2, the EDI documents are transmitted across the internet and the security of the document is achieved by encryption and the use of digital certificates.

There are dozens of EDI documents that can be implemented by a company and their trading partners. Under the ANSI ASC X12 standard, EDI documents are part of a series, for example, such as an order series, a warehousing series, or a financial series.

In addition, a number of series that relate to specific industries such as government, insurance, mortgage and automotive.

Many companies will only implement a small number of EDI documents with their trading partners, commonly in the ordering series, material handling series and the delivery series.

For example a company who is implementing EDI between themselves and a third party logistics company may only implement five EDI documents such as an EDI 940 for a warehouse shipping order, EDI 943 for a warehouse stock transfer shipment advice, EDI 944 for a warehouse stock transfer receipt advice, EDI 945 for a warehouse shipping advice, and EDI 947 for a warehouse inventory adjustment advice.

E-Cash was a digital-based system that facilitated the transfer of funds anonymously. A pioneer in cryptocurrency, its goal was to secure the privacy of individuals that use the Internet for micropayments. eCash was created by Dr. David Chaum under his company, DigiCash, in 1990. Though there was interest in the platform from large banks, eCash never took off and DigiCash filed for bankruptcy in 1998. DigiCash, along with its eCash patents, was eventually sold off. In 2018, Chaum launched a new startup focused on cryptography.

The idea for eCash came from Dr. David Chaum in 1983. He was ahead of his time in thinking about privacy concerns in the age of the Internet. And not only did he advocate for privacy but he took it a few steps further in creating an anonymous based payment system for the digital age. This was even before the Internet was available for public use. In 1990, Chaum created the company, DigiCash, to realize his idea for eCash.

The core concept behind eCash was blind signatures. A blind signature is a type of digital signature in which the message’s content is invisible prior to signing. In this manner, no user is able to create a link between withdrawal and spend transactions. The money used in the system was called “CyberBucks.”

E-Cash’s Rise and Fall

DigiCash gained a lot of traction in the 1990s when Internet companies were taking off. The company signed deals with many banks that intended to use the platform. These banks included Deutsche Bank (DB), Credit Suisse (CS), and other banks across the globe. Microsoft was also interested in eCash for Windows 95 but the two companies couldn’t agree to a deal.

The banks that decided to implement eCash started testing the platform but never sold it as a viable product to its customers. The only bank that actually used the platform was Mark Twain Bank in St. Louis, Missouri. The service was free to buyers, but sellers had to pay a transaction fee. Mark Twain Bank had signed up 300 businesses and 5,000 individual users but the platform never gained traction. According to Chaum, “As the Web grew, the average level of sophistication of users dropped. It was hard to explain the importance of privacy to them.”

DigiCash eventually filed for bankruptcy in 1998. It was sold off to eCash Technologies along with its patents for eCash. The trademark for the name is now with Due Inc.

E-Cash and Online Security Today

Despite the failure of DigiCash and with it eCash, online security is an ongoing issue in the digital realm to this day. Financial information, stored on a computer or electronic device, or the Internet more generally (e.g., the cloud) is vulnerable to hackers. Cryptocurrencies, such as Bitcoin, are extremely popular and owe their foundations to eCash. In fact, many consider Chaum to be the father of digital currency.

In 2018, Chaum launched a new startup called Elixxir, whose purpose is to create a cryptography network focused on communication anonymity, that is controlled by users to protect their information, as opposed to the current setup, where companies have detailed access to consumer information and use it for targeting ads to generate revenue.

The electronic cash-system is deliberate to contribute to the consecutive replacement of money in the retail sector. One among its attractive assets from the merchant’s perspective is the payment guarantee given by the issuing bank after the effectual authorization. Due to its efficiency, electronic cash is ready to grow even in competition with different POS-systems. For cardholders, electronic cash transactions are free of charge.

E-cash actually globalizes the economy, since the user will transfer cash into his cyber-wallet in any currency desired. A merchant will accept any currency and convert it to local currency once the cyber cash is uploaded to the bank account.

To the extent a user needs E-cash off-line; all that’s necessary is smart card technology. The cash is loaded onto the smartcard, and the special electronic wallets are used to offload the cash onto different smartcards or directly to an on-line system. Smartcards are used successful in different countries for such transactions as phone calls for a number of years.

Four major elements in an electronic cash system:-

• Issuers
• Merchants
• Regulators
• Customers

For E-Cash dealing, we want to go through a minimum of three stages:-

• Account setup
• Purchase
• Authenticatio

We can classify E-Cash payment systems:-

• Account -based systems
• Token- based systems
• Notational systems
• Smart card-based notational systems.

Pros and cons of e-cash payment system:

Pros:

• We can transfer funds, purchase stocks, and offer a variety of other services without having to handle physical cash or checks as long as bank is providing such services online.
• Debit cards and online bill payments allow immediate transfer of funds from an individual’s personal account to a business’s account regardless the designated place.
• Consumers will have greater privacy when shopping on the Internet using electronic money instead of ordinary credit cards.

Cons:

• E-cash and E-Cash transaction security are the major concern.
• Frauds on E-Cash are on the catch recent years.
• Hackers with good skill able to hack into bank accounts and illegally retrieve of banking records has led to a widespread invasion of privacy and has promoted identity theft.
• There are many other tricks including through phishing website of certain banks and emails.
• With the continued growth of E-Cash, money flow in and out of countries at immediate speed without being traced will weaken the government’s ability to monitor and income in tax.

Properties of Electronic Cash:

• Digital cash must have a monetary value; it must be backed by cash, bank-authorized credit, or a bank-certified cashier’s check.
• When digital cash created by one bank is accepted by others, reconciliation must occur without any problems.
• Digital cash must be interoperable or exchangeable as payment for other digital cash, paper cash, goods or services, lines of credit, deposits in banking accounts, bank notes or obligations, electronic benefits transfers, and the like.
• Digital cash must be storable and retrievable.
• Digital cash should not be easy to copy with while it is being exchanged.
• It should be possible to prevent or detect duplication and double-spending of digital cash.

The concrete security requirements of electronic payment systems vary, depending both on their features and the trust assumptions placed on their operation. In general, however, electronic payment systems must exhibit integrity, authorization, confidentiality, availability, and reliability.

1. Integrity and authorization

A payment system with integrity allows no money to be taken from a user without explicit authorization by that user. It may also disallow the receipt of payment without explicit consent, to prevent occurrences of things like unsolicited bribery. Authorization constitutes the most important relationship in a payment system. Payment can be authorized in three ways: via out-band authorization, passwords, and signature.

2. Out-band authorization

In this approach, the verifying party (typically a bank) notifies the authorizing party (the payer) of a transaction. The authorizing party is required to approve or deny the payment using a secure, out-band channel (such as via surface mail or the phone). This is the current approach for credit cards involving mail orders and telephone orders: Anyone  who knows a user’s credit card data can initiate transactions, and the legitimate user must check the statement and actively complain about unauthorized transactions. If the user does not complain within a certain time (usually 90 days), the transaction is considered “approved” by default.

3. Password authorization

A transaction protected by a password requires that every message from the authorizing party include a cryptographic check value. The check value is computed using a secret known only to the authorizing and verifying parties. This secret can be a personal identification number, a password, or any form of shared secret. In addition, shared secrets that are short like a six-digit PIN are inherently susceptible to various kinds of attacks. They cannot by themselves provide a high degree of security. They should only be used to control access to a physical token like a smart card (or a wallet) that performs the actual authorization using secure cryptographic mechanisms, such as digital signatures.

4. Signature authorization

In this type of transaction, the verifying party requires a digital signature of the authorizing party. Digital signatures provide nonrepudiation of origin: Only the owner  of the secret signing key can “sign” messages (whereas everybody who knows the corresponding public verification key can verify the authenticity of signatures.)

5. Confidentiality

Some parties involved may wish confidentiality of transactions. Confidentiality in this context means the restriction of the knowledge about various pieces of  information related to a transaction: the identity of payer/payee, purchase content, amount, and so on. Typically, the confidentiality requirement dictates that this information be restricted only to the participants involved. Where anonymity or un-traceability are desired, the requirement may be to limit this knowledge to certain subsets of the participants only, as described later.

6. Availability and reliability

All parties require the ability to make or receive payments whenever necessary. Payment transactions must be atomic: They occur entirely or not at all, but they never hang in an unknown or inconsistent state. No payer would accept a loss of money (not a significant amount, in any case) due to a network or system crash. Availability and reliability presume that the underlying networking services and all software and hardware components are sufficiently dependable. Recovery from crash failures requires some sort of stable storage at all parties and specific resynchronization protocols. These fault tolerance issues are not discussed here, because most payment systems do not address them explicitly.

Cross Border Transaction services means services related to transaction which involve two or more countries. In India there are two Acts which primarily seems to show concern when a person (Indian Resident or foreign Resident) undertakes cross border transactions viz. Foreign Exchange Management Act, 1999 and Income Tax Act, 1961. Therefore it is imperative that a person needs to deal with both the above mentioned Acts to enter into a cross Border Transaction.

Types of Cross Border Transactions

1. Cross-Border Financing

This term refers to any financing arrangement that crosses national boundaries. Cross border financing could include loans, letters of credit or bankers acceptances, Bank guarantees, depositary receipts etc.

2. Buying or Selling Products & Services

This term refers to any buying or selling activities of products or services. Both may have different features with respect to infrastructure, permanent establishment, producing product or services outside the one’s jurisdictional area, trading across the borders, bridging between local resources and outside supply etc.

3. Combined research/ shared services

In present business styles, entities are finding it fancier to have a shared service point. Entities are introducing joint research programs for entire industry as one cartel or chamber of commerce or group of commerce. This type of arrangements of shared service centers are also concern matter in international trade if those shared service centers providing services across the borders scattered in different locations. They are very useful to outsource the routine work in less expensive areas.

Furthermore, the following things may be consider before entering into a Cross-Border Transaction:

• Advance ruling
• Legal compliances
• Contract with States
• Change in Law (An exit route in case of change in ‘Laws of the Land’).
• Choice between Liaison office set up or Branch office set up or subsidiary incorporation
• Taxation Direct and Indirect
• Transfer pricing
• International taxation and applicable foreign laws
• Corporate tax planning
• Accounting and financial analysis
• Currency and Repatriation Issues

The Indian Scenario

In India, Reform initiative has been taken in the field of investment, trade, financial sector, exchange control simplification of procedure. India provides liberal, attractive and investor friendly environment to investors. The world is looking at India as an attractive destination with strategic incentives and lucrative commercial advantages. As compared to other developed markets, the India is largely under penetrated with a huge potential for growth.

As more and more investments are coming in India the clarity on regulatory and taxation front also strengthened. In India taxation system is under the Department of Revenue, Ministry of Finance. Taxability of income is determined by Indian Income Tax Act, 1961. With the countries with which Indian Government have signed Double taxation avoidance agreement in that cases the taxability shall be determined by Indian Income Tax Act, 1961 read with DTAA. As per section 90(2) of the Act an assesse has an option to choose from ACT or DTAA whichever is more beneficial to him.

Foreign companies engaged in business activities in India become liable to Indian Income Tax. According to Sec. 5 (2) Indian Income Tax Act, 1961 (“ITA”) nonresident companies are taxable in respect of the income received or deemed to be received, accrued or deemed to have been accrued or arisen in India. This definition covers income accruing or arising or and also deemed to have accrued or arisen to a non-resident whether directly or indirectly, through or from any business connection in India, Sec. 9 ITA.

The term “Business Connection” involves a relationship between the business of the assessee and some activity in India which contributes directly or indirectly to the earning of profits and gains by the assessee from his business. This is a verybroad definition rendering almost any activity of a nonresident entity subject to tax in India. It is however required to be read with Double Taxation Avoidance Agreements (DTAAs) entered into by India with respective countries.

The DTAAs aim at restricting the right of a state to levy tax on income received by a nonresident entity from business activities pursued in that state. According to national Indian tax law, the provisions of a DTAA apply if they are beneficial for the foreign entity (“assessee”), Sect. 90 (2) ITA.

Any foreign entity may ask for an advance ruling with respect to any activity/ investment in India before starting such activity. Such advance rulings are precisely applicable to the parties of advance ruling and concerned tax authorities and it helps in limiting the dispute and tax liabilities.

Due Diligence before Cross Border Transactions

The Due diligence checklist before entering into a cross-border transaction is a wide list of several essential elements to be kept in mind by the transacting states/Parties:

1. Legal and Regulatory Measures

• Detailed schedule of all ongoing, pending and threatened action, arbitration, audit, examination, investigation, hearing, litigation, claim, suit, administrative proceeding, governmental investigation, or governmental inquiry affecting the Entity, its assets or operations.
• Copies of all correspondence, reports to and filings with all regulators, including but not limited to the Securities & Exchange Commission, state securities authorities, foreign securities authorities, Environmental Protection and the ministry of Commerce.
• Copies of all notices of legal or regulatory violations and
• infringements including correspondence, reports, notices, and filings related to any dispute, alleged violation or infringement by the Entity, its agents or employees of any local, state, federal or foreign laws, regulation, order or permit relating to employment violations, unfair labor practices, equal opportunity, bribery, corruption, occupational safety and health, antitrust matters, intellectual property and environmental matters.
• All local, state, federal and foreign approvals, authorizations, certifications, clearances, licenses, permits, registrations and waivers related to the Entity, its operations or assets.
• A detailed schedule of all breaches or defaults that have occurred under agreements to which the Entity is a party, including all agreements which would be affected by the contemplated transaction.
• A list of expenses by the entity under the schemes of corporate
• Social responsibilities during last 3 years along with description of ongoing social programs by the entity.

2. Securities & Investments

• A detailed schedule of companies in which the Entity holds an interest of 2% or more.
• Copies of all offering circulars, private placement memoranda, syndication documents, or other securities placement documents, prepared or used by the Entity over the last 3 years.
• Copies of contracts, agreements or engagement letters with investment bankers, finders, business brokers or other financial advisers pursuant to any contemplated financial transaction over the last 3 years.

3. Contracts

• A detailed schedule of all subsidiaries, partnerships, joint ventures and strategic alliances along with copies of all related agreements.
• Copies of all contracts between the Entity and its officers, directors, shareholders and affiliates.
• Copies of all loan agreements, bank financing agreements, lines of credit, promissory notes, guarantees, security agreements, mortgages, indentures, collateral pledges or other contracts with creditors.
• Copies of all contracts related to sales, agency, franchise, dealer, marketing or distribution agreements or arrangements, supplier or vendor agreements.
• Copies of all performance assurance agreements, non-compete agreements by/ for the entity.
• Copies of all licensing agreements, franchise agreements and conditional sales agreements.
• Copies of the Entity’s standard quote, purchase order and invoice forms, including standard terms and conditions.
• Copies of any understanding, letters of intent, contracts,
• agreements, or closing documents related to any acquisition or disposition of corporate shares, companies, divisions, businesses, or other significant assets by the Entity.

4. Financial

• All annual and quarterly financial statements for the last 3 years for the Entity and all its subsidiaries, if any, along with latest available interim financial information.
• A detailed description of all accounting policies, including depreciation methods. A schedule of any changes in accounting policies, principles or procedures in the last 3 years, including justifications for such changes.
• Details and descriptions of any extraordinary or non-recurring items appearing in the financial statements along with detailed schedule of all deferred income items during last 3 years.
• A detailed schedule of all off-balance sheet transactions including lease liabilities and credit derivatives.
• A detailed description of the Entity’s internal controls. All available entity-wide departmental budgets for the last 3 years.
• Details of all transactions between the entity and its subsidiaries, parents, or other related parties.
• A detailed schedule of long term investments, including shareholding, bonds and debt instruments along with statements of terms and condition related to Investments.
• A detailed schedule of all property, plant and equipment, including acquisition cost, accumulated depreciation and depreciable life.
• A detailed schedule of all contingent liabilities, litigations and suits.
• The latest financial projections and estimates for the Entity and its subsidiaries, including a discussion of assumptions made.
• The latest available capital budget, including a discussion of essential, non-essential and strategic investments.
• A detailed schedule of all cash holdings and short-term investments.
• A detailed aged schedule of accounts receivable by customer and geography along with confirmatory letters from debtors acknowledging their debts as far as possible.
• An analysis of the entity’s monthly breakeven cash flow, broken down by fixed and variable cash inflows and outflows.
• A detailed schedule of revenues and cost of sales broken down by customer, geography, and product for the last 3 years.
• A detailed schedule of selling, general and administrative expenses by division, subsidiary and geography for the last 3 years.
• A detailed schedule of all capital expenditures for the last 3 years, including a description of each major expenditure and abandoned projects, if any.
• A detailed schedule of all accounts payable by vendor. A detailed schedule of all outstanding notes payable, bonds, mortgages and other long term debts along with terms and conditions thereof.

5. Credit Facilities

• A detailed schedule of all long-term debt facilities, including capitalized leases, guarantees and other contingent obligations, along with copies of all related documents.
• A detailed schedule of all short-term debt facilities, including capitalized leases, guarantees and other contingent obligations, along with copies of all related documents.
• Copies of all correspondence with lenders including consents, notices, waivers of default, and compliance certificates.

6. Taxes

• All local, state, federal and foreign tax returns and filings along with all documents related to compliance with tax laws and regulations for the last 3 years.
• All correspondence with local, state, federal and foreign tax authorities including audits, notices of proposed or final adjustments to the Entity’s tax liabilities for the last 3 years.
• Assessment orders from the tax authority received in the past 3 years.
• All agreements, consents, elections, requests, rulings, settlements and waivers made with any local, state, federal or foreign tax authority in the last 3 years.
• All tax opinions received from attorneys, accountants or other specialists for the last 3 years.
• A detailed schedule of all tax liabilities, tax basis of all assets, its accumulated depreciation and the depreciation method used.
• Detailed schedules of all tax carry forwards and carry backs, including their source, their expiration dates and any limitations on their use.
• A detailed schedule of all tax free transactions not listed on the Entity’s tax returns.
• A description of transfer pricing methodologies and description of advance ruling, if any.
• A detailed schedule of all tax liens against the Entity’s assets.

Threat hunting is, quite simply, the pursuit of abnormal activity on servers and endpoints that may be signs of compromise, intrusion, or exfiltration of data. Though the concept of threat hunting isn’t new, for many organizations the very idea of threat hunting is.

The common mindset regarding intrusions is to simply wait until you know they’re there. Typically, though, this approach means that you’ll be waiting an average of 220 days between the intrusion and the first time you hear about it. And even then, it’s typically an external party such as law enforcement or a credit card company that’s telling you.

With threat hunting, you use humans to go “find stuff” versus waiting for technology to alert you. Don’t sit back and wait for a knock on the door. Proactively chase down signs that intruders are present or were present in the recent past. What are you looking for when you’re threat hunting? You look for anomalies things that don’t usually happen.

To do this effectively, you need tools that give you highly granular visibility into the goings‐on in the operating systems of every endpoint and server things like processes that are launched, files that are opened, and network communications that take place.

Tools such as CB Response are tailor made for effective threat hunting across an enterprise.

Threat hunting is systematic. Threat hunters need to be continually looking for anything that could be evidence of intrusion. Threat hunting needs to be instilled as a process that security teams make and schedule time for. The types of threat attributes that are hunted include the following:

1. Processes

Hunters are looking for processes with certain names, file paths, checksums, and network activity. They want to find processes that make changes to registry entries, have specific child processes, access certain software libraries, have specific MD5 hashes, make specific registry key modifications, and include known bad files.

 Width = The MD5 hash, also known as checksum for a file, is a 128‐bit value (like a fingerprint of the file). You can get two identical hashes of two different files. This feature can be useful both for comparing the files and their integrity control.

2. Binaries

Here hunters look for binaries with certain checksums, file names, paths, metadata, specific registry modifications, and many other characteristics.

3. Network activity: This threat attribute includes network activity to specific domain names and IP addresses.
4. Registry key modifications

Hunters can look for specific registry key additions and modifications.

Threat hunting isn’t about just finding “evil” within your systems. Instead, it’s about anything that could be evidence that evildoers leave behind on your systems. With threat hunting, you’re looking for things that indicators of compromise (IOC)‐based detection wouldn’t catch.

Need of Threat Hunting

The definition of insanity is doing the same thing over and over and expecting a different result. Many organizations may work in this insanity pattern because they continue to use passive intrusion detection, which clearly isn’t working (hence the word passive).

Attackers’ initial objectives generally include stealing valid login credentials. These attackers are virtually insiders that seek out “live off the land” activities of organizations’ networks, systems, and applications. But like the personnel whose login credentials they’ve stolen, attackers use these credentials to carry out search‐and‐steal (or search‐and‐destroy) missions, using tools and techniques that end‐users don’t use. These are the anomalies that threat hunters should be actively looking for.

Instead of passive intrusion detection, you need threat hunting for the following reasons:

• Malware stealth: Passive intrusion detection doesn’t work because of the stealthy techniques used by cybercriminal organizations and the malware they produce. Today’s malware is able to easily evade antivirus software through polymorphic techniques that enable it to change its colors like a chameleon.
• Evolving attack vectors: Attackers are innovating at a furious rate, which results in new forms of attack that are developed regularly.
• Dwell time: You can’t afford to wait weeks or months to learn about incidents. From the moment of intrusion, the cost, damage, and impact from a breach grow by the hour and by the day. The average time to detection of 220 days is no longer acceptable.

Your stakeholders will want to know what your organization is doing to seek out and detect the advanced attacks, with a skilled human being on the other side. Threat hunting is the answer.

Threat hunting is becoming a part of infosec table stakes: the essential tools and practices required by all organizations. Threat hunting will soon be a part of the due care for information protection expected by customers, regulators, and the legal system.

Microsoft Outlook, or simply Outlook, is a personal information manager from Microsoft, available as a part of the Microsoft Office suite. Though primarily an email client, Outlook also includes such functions as calendaring, task managing, contact managing, note-taking, journal logging, and web browsing.

It can be used by individuals as a standalone application; or by organizations as a multi-user software, through Microsoft Exchange Server or SharePoint, for such shared functions as mailboxes, calendars, folders, data aggregation (i.e., SharePoint lists), and appointment scheduling. Microsoft has also released apps for most mobile platforms, including iOS and Android. In addition, Windows Phone devices can synchronize almost all Outlook data to Outlook Mobile. Using Microsoft Visual Studio, developers can also create their own custom software that works with Outlook and Office components.

In March 2020, Microsoft announced the launch of a series of new features to appeal to business customers of its Teams platform, in addition to the features introduced the previous month. The chat and collaboration module now includes more efficient and integrated waypoints, designed to simplify group work for organizations and encourage them to adopt the Microsoft platform and become the go-to company chat platform. The main new feature, the integration of Teams with Outlook, allows users to: move email conversations directly from Outlook to Teams chats; and share conversations from Teams to emails on Outlook. Microsoft has also added the ability to assign a tag to members of an organization so that users can better target their messages.

Use of Outlook:

1. Outlook and Microsoft Exchange Play Well Together

If your e-mail server runs Microsoft Exchange, Outlook is a no-brainer. They go together like bacon and eggs, toast and coffee, peaches and cream.

Users need to know absolutely nothing to connect. They just fire up Outlook, enter their e-mail address, and it and Exchange commune. Transparently. That cuts down on IT involvement in client configuration and allows users to switch computers easily.

2. Outlook Plays Well With Active Directory.

Active Directory’s authentication extends to Exchange. That means that a user can simply log on to a computer, start Outlook, and her Active Directory credentials are passed to the Exchange server-no typing or separate logon required.

In fact, since the e-mail address is stored in Active Directory, a user need not even enter that information if authenticating through AD. Outlook automatically figures out the right e-mail address (and, yes, you can bypass that functionality if you need to), log you in and you’re good to go.

3. Outlook Integrates with Many Devices and Applications

If you’re possessed by any sort of PDA or smartphone, there’s a way to synch it with Outlook. Some vendors don’t even provide a native personal information manager for their devices, but rely on the fact that most customers have a copy of Outlook that does the trick very nicely.

Even third party add-on applications for devices like BlackBerry or various Windows Mobile models manage to talk to Outlook. Skype talks to Outlook. ACT! talks to Outlook. In fact, it’s hard to find a desktop tool that doesn’t talk to Outlook. And you can find dozens of little add-ins that extend Outlook even farther-check out Office Addins.com for example.

4. Outlook Makes it Easy to Organize Your Assets

Most e-mail clients offer some sort of rules for sorting and managing e-mail, but Outlook 2007 (in conjunction with Exchange 2007) really raises the bar. Sure, you can sort messages into folders, or forward or redirect them according to selected criteria. However, you also have the option to send different automatic Out of Office (OOO) messages to internal and external addresses. For example, users who subscribe to mailing lists may not want to send messages to addresses outside their company at all (mailing list admins frown on OOO messages, which act like spam to the list), but need to give internal senders information on who’s covering for them.

If you need to follow up on a message, Outlook offers flags of various colors that can be tied to reminders if you need a friendly nag. A shortcut folder called “Follow Up” gathers links to all flagged messages to make them simple to locate. And if you want to be sure the boss’s messages leap out at you, with a couple of clicks you can make them show up in the color of your choice in your in-box listing. My boss’s mail, for example, is red, and his counterpart with whom I also deal is an unsubtle lime green. There’s no missing either of their tomes in the clutter!

5. Outlook Plays Nicely With SharePoint

Microsoft’s SharePoint is a collaborative platform offering tools for building and managing websites, intranets and workspaces. But Microsoft realizes that many users have neither the time nor the mental bandwidth to log on to yet another server to check forum discussions or to examine shared documents.

What to do? Simple-Outlook users can opt to receive notifications of new or changed content by e-mail, then click through to the SharePoint site. They can also add content to a shared workspace or participate in forum discussions by e-mail, thanks to integration with Outlook and Exchange.

6. Outlook Expedites Workflow

Outlook’s messaging isn’t limited to mere e-mail. Companies can set up workflows for functions such as online voting. For example, if a group wants to decide on a location for a festive lunch, the coordinator can send a message offering several options. Recipients simply click a voting button within the e-mail message to send their responses.

Using Outlook’s forms feature, things like requests for time off can be automatically routed to approvers, and the reply returned to the user.

7. Outlook’s User Interface is Familiar

Since Microsoft Office is the market leader in productivity software, the Outlook user interface is familiar to users, cutting down on the learning curve. Sure, there’s a ton of functionality to discover, but the basics are relatively intuitive to someone who’s used to Microsoft Office. That can save a bundle in training costs. And since the familiarity extends to the development environment, it’s also relatively easy for developers using Microsoft Visual Studio to interface with Outlook, either to add functionality or to tie it to other corporate applications.

8. Outlook Offers Integrated Calendar, Tasks, etc.

Outlook includes an address book, calendar, task list and virtual sticky notes. All pieces are integrated; dragging and dropping an e-mail message can create an appointment or a task or a note. Tasks may be delegated with a click or two. Not only does the responsible victim get informed of the job he’s inherited, but the delegator can get regular status reports. And with the purchase of the version containing Microsoft Business Contact Manager, Outlook becomes a business in a box for a small enterprise.

9. Believe It or Not, Outlook Has Pretty Good Security

Yes, I know Microsoft has a bad reputation on the security front. But Outlook 2007, in particular, has good junk mail filtering (as long as you keep it up-to-date), blocks external content such as web bugs and downloaded images and data from foreign sites, disallows executable attachments and prevents the execution of ActiveX applets, by default. You can bypass the security if you like, but it has to be a conscious decision.

10. Outlook Offers One-Stop e-mail

You’re not limited to a single account in Outlook. Several accounts using different protocols (including POP3 and IMAP) can feed into the same set of folders, and be managed with one set of rules. Or, if you prefer, they can be sorted into separate folders by account. You choose.

Yes, other e-mail clients can integrate multiple accounts, but Outlook’s advantage lies in its native support for Exchange.

Of course, in the grand scheme of things, it all comes down to picking the right tool for the job, and that job is primarily e-mail. Microsoft Outlook is now robust, secure and versatile enough to be that tool. The extra functionality is just the cherry on the sundae for lucky Outlook users.

Outlook is one of the most popular email clients in the world, and has a host of powerful features. In order to get the most out of Outlook, you’ll want to add your email accounts so that you can find all of your messages in one place, import your calendar so that you can see upcoming events, and add your contacts from your various online contacts lists.

1. Understand the difference between POP and IMAP email services

There are two ways that email can be delivered to your email client: POP (Post Office Protocol) and IMAP (Internet Message Access Protocol). POP is the older method of transferring email messages, and works by downloading new messages to your client and then deleting them from the server. IMAP was designed to allow you to check email from multiple devices, as messages and organization are synced between all of the clients you use.

• There is really no practical reason to use POP if IMAP is available. IMAP is more stable, more secure, and allows you to check your email from your computer, phone, and laptop without losing any messages.
• Most email services allow you to use IMAP, though some may charge for it. Gmail, Yahoo!, Outlook.com (Hotmail), AOL, and most service providers allow for IMAP.

2. Configure your service for IMAP (Gmail)

Most email services allow you to access the IMAP functions without making any changes. The major exception to this is Gmail, where you will need to manually enable IMAP.

Log into the Gmail website and click the Gear button. Select “Settings’ and then click the “Forwarding and POP/IMAP” tab. Select “Enable IMAP” and click “Save Changes”.

3. Open Outlook

When you add an IMAP email service, you’ll be able to check, organize, and manage your email in Outlook and on all of your other devices. Any changes you make in Outlook will be reflected in your other email clients.

4. Click the “File” tab. In the “Info” section, click the “+ Add Account” button.
5. Select “Manual setup or additional server types”. This will allow you to enter any email account.

Note: If you’re using Gmail or Hotmail (Outlook.com), you can enter your email address and password in the “E-Mail Account” section of the Add New Account window and skip the rest of this section. Outlook will take care of the rest of the configuration for you. You can also manually set them up if you prefer by reading on.

6. Select “POP or IMAP”. This will enable you to enter a web-based email account.
7. Enter your email account information. Enter your name as well as your email address in the top section. Leave the Server Information blank for now (see next step). In the Logon Information section, enter your account User Name (usually the same as your email address) as well as the password you use to access the account.
8. Enter your mail server information

In the Server Information section, enter in the information for your mail service. Select “IMAP” from the Account Type drop-down menu. Below is information for some of the more popular mail services:

9. Click the .More Settings… button. Click the Outgoing Server tab.
10. Check the “My outgoing server (SMTP) requires authentication”. Select “Use same settings as my incoming mail server”. This setting is the same for nearly all email services.
11. Click .Next > after entering all of your account settings. Outlook will begin testing your settings to ensure that it can connect to the server to send and receive messages.
12. Wait for your messages to sync. once you’ve connected your email account, your messages and folders will begin syncing with Outlook. Depending on how many messages you have, this may take a few moments. You can monitor the process from the status bar at the bottom of the window.

Outlook will only have to do a major sync the first time you connect your account. After this, it will just sync any changes made from any of your email clients.

14. Browse through your messages. On the left side of the window, you’ll see your email account with its associated folders listed underneath. You can browse through these folders to see all of your messages. Any organizational changes you make in Outlook will be reflected in the web version of your email account, and vice versa.