Blue Mountain Data Systems Tech Update SummaryDecember 2016

For CTOs, CIOs & CISOs

Visit Blue Mountain Data Systems https://www.bluemt.com

For CTOs, CIOs & CISOs

Every business day, we publish a Daily Tech Update for Federal & State CTOs ,CIOs & CISOs on the

Blue Mountain Data Systems Blog. We hope you will visit our blog for the latest information.

You can also receive these updates via email. Click here to subscribe.

Here’s the summary of the Daily Tech Updates for December 2016. Hope the information and ideas

prove useful.

Best,Paul VeselyPresident and Principal ArchitectBlue Mountain Data Systems Inc.

Encryption

Encyption

FUTURE: Three Touchy Questions for Tech Leaders to Ask Trump. The incoming administration will inherit contentious policy debates about cybersecurity, privacy, and Internet regulation. Read more[TECHNOLOGYREVIEW.COM]

SECURITY: This App Wants to Be Your Encrypted, Self-Destructing Slack. If you use a workplace collaboration tool like Slack or Hipchat, it’s easy to fall into an assumption of privacy, throwing around gossip and even sensitive business as if it were normal cubicle chatter. It’s not. Anything you write in one of those collaborative chatrooms can be stored, and is potentially vulnerable to government surveillance, hacking, or a subpoena in a run-of-the-mill lawsuit. The encrypted-messaging startup Wickr wants to solve that potential Slack-snooping problem. Find out more[WIRED.COM]

Encyption

TWITTER: Are Encrypted Direct Messages Coming to Twitter? Following his chat with whistleblower Edward Snowden, @Jack dropped a hint about what privacy features might be in the cards for Twitter. In the tweeted exchange, Dorsey and Snowden continued the conversation that streamed on Periscope Tuesday, veering back to the topic of Twitter itself. When Snowden asked if Twitter might consider making the platform’s private messages more secure in some way, Dorsey left the door open for a major security tweak. Find out more[TECHCRUNCH.COM]

Encyption

OPINION: Mandate Encryption for All Devices. In today’s ever-connected society, the need for strong, mandatory encryption for all devices is more important than ever. Current events have shown us the dangers which an unencrypted society faces – from losses of personal information to leaking critical vulnerabilities in our nation’s infrastructure. If the federal government wants to ensure a greater degree of safety (and privacy) for its civilians, it should reverse its stance on encryption and learn to embrace it as a valuable security tool. Read the rest[CAVALIERDAILY.COM]

Federal, State & Local IT

Federal, State & Local ITREPORT: Cloud Enters Mainstream in Federal IT Investment Plans. United States government agencies will continue to invest hefty sums in cloud computing technology over the next five years. After that period, spending on cloud is likely to moderate, but the amount of investing will remain at impressive levels. Find out more[ECOMMERCETIMES.COM]

READ: Debt Myths, Debunked. Sometime in early December, the federal government’s official debt will likely cross the $20 trillion mark – an amount no country has ever owed. As we approach this milestone, there are a few myths regarding the debt that should be debunked. Find out more[USNEWS.COM]

Federal, State & Local IT

CHIEF INNOVATION OFFICERS: An Unclear Role in the Federal Government. Federal obsession with innovation is rampant. The government appears intent upon emulating a Silicon Valley-style startup culture that can keep up with the evolution of commercial technology – or at least shake up how agencies approach problems. Its efforts include the Presidential Innovation Fellows program, a one-year tour of duty lawmakers are attempting to make permanent; the digital consultancy 18F, which aims to help other agencies buy agile software development; and a rash of incubator-style hubs where employees can build out their own ideas. Find out more[NEXTGOV.COM]

Federal, State & Local ITCOLLEGES: Federal Government Shuts Down Controversial College Watchdog. An organization that was supposed to oversee the embattled for-profit college industry and protect students from fraud lost its recognition Monday, potentially putting hundreds of thousands of students in limbo. The Secretary of Education ruled Monday to terminate his agency’s recognition of the Accrediting Council for Independent Colleges and Schools (ACICS), which critics say allowed billions of dollars in federal financial aid funds to flow to bad actors. Find out more[MARKETWATCH.COM]

Databases

Databases

SLIDESHOW: Gartner's 19 In-Memory Databases for Big Data Analytics. Amid the big data boom, the in-memory database market will enjoy a 43 percent compound annual growth rate (CAGR) – leaping from $2.21 billion in 2013 to $13.23 billion in 2018, predicts Markets and Markets, a global research firm. What’s driving that demand? Simply put, in-memory databases allow real-time analytics and situation awareness on "live" transaction data – rather than after-the-fact analysis on "stale data,” notes a recent Gartner market guide. Here are 19 in-memory database options mentioned in that Gartner market guide. Find out more[ENTERPRISETECH.COM]

Databases

CrateDB: Tackles Machine Analytics with Scale-Out SQL Database. Developers who want to analyze big, fast-moving machine data without the complexity of a NoSQL database have another option in CrateDB, an open source, scale-out SQL database that just became generally available today. The CrateDB project began two years ago when a group of German programmers felt dissatisfied with the database options available to them for storing and analyzing fast-moving machine data, including security log files and sensor data from the Internet of Things. Find out more[DATANAMI.COM]

Databases

VIDEO: But I Need a Database that _Scales_. Aaron Spiegel reviews common scaling techniques for both relational and NoSQL databases, discussing trade-offs of these techniques and their effect on query flexibility, transactions and consistency. Find out more[INFOQ.COM]

GRAPH DATABASES: How Neo4j is Taking Graph Databases into the Mainstream. Q&A with Neo4j CEO Emil Eifrem on the development of the graph database, his biggest competition, and taking on the enterprise. Read the rest[ZDNET.COM]

More About Blue Mountain

BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S. Dept. of Labor, Employee Benefits Security Administration. Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support. Read more.

Electronic Document Management

Electronic Document ManagementSECURE DOCUMENTS: 18 Ways to Secure Your Electronic Documents. Electronic Document Management Systems (EDMS) are electronic repositories designed to provide organized, readily retrievable, collections of information for the life cycle of the documents. How can you keep these electronic files secure during the entire chain of custody? Here are 18 security suggestions. Read more[BLUEMT.COM]

LEGAL DEPT DOCUMENT MANAGEMENT: Investing in New Technologies: How Corporate Legal Departments Are Leading the Way. Many departments are looking to technology to assist with automation of processes, resource and budgetary management, and tracking. Connie Brenton, co-founder of Corporate Legal Operations Consortium (CLOC), a non-profit association of legal operations executives, explains, “Corporate executives expect the GC’s office to be a business counselor to the firm, and to discuss numbers, data and analytics. Efficiency is now essential for legal departments, and this has advanced software’s role and accelerated technology adoption.” Find out more[INSIDECOUNSEL.COM]

Electronic Document Management

CFPB: Looks to Embrace Cloud for Email, Office Application Needs. The Consumer Financial Protection Bureau wants to move to a public cloud setup for some of its core enterprise apps. The financial watchdog agency recently sent out a Request for Information (RFI) on the process, technical requirements and costs of moving to cloud services in fiscal year 2017. CFPB wants to establish a more complete understanding on the costs associated with moving fully to a cloud solution for email and office applications (e.g., documents, spreadsheets, presentations, SharePoint and more).Read the rest[FEDTECHMAGAZINE.COM]

Electronic Document Management

ROI: 4 Ways Business Document Management Software Can Save You Money. Lisa Croft, Group Product Marketing Manager at Adobe Document Cloud, talks about the many ways business document management can save your company time, space, and more importantly, loads of money. Here are the four most obvious ways these tools provide excellent return-on-investment. Read more[PCMAG.COM]

Security Patches

Security Patches

MICROSOFT: Modifies November Patches to Bypass Lenovo Server Conflicts. Microsoft released patches for Server 2016, 2012R2, and 2012 on Nov. 8 that freeze specific Lenovo servers on reboot. The servers don’t finish the POST process and hang at the Lenovo splash screen. After many complaints, Lenovo issued six new UEFI firmware patches on Nov. 22. The next day, Microsoft altered six of its security patches, including the latest Win10 version 1607 cumulative update, KB 3200970, to add logic bypassing automatic installation of those patches on the affected servers. Read more[INFOWORLD.COM]

Security PatchesTOR: Patched Against Zero Day Under Attack. The Tor Project has provided a browser update that patches a zero-day vulnerability being exploited in the wild to de-anonymize Tor users. “The security flaw responsible for this urgent release is already actively exploited on Windows systems. Even though there is currently, to the best of our knowledge, no similar exploit for OS X or Linux users available, the underlying bug affects those platforms as well,” the Tor Project said in its announcement. “We strongly recommend that all users apply the update to their Tor Browser immediately. A restart is required for it to take effect.” Find out more[THREATPOST.COM]

XXS: Flaw on Wix Leaves the Door Open to Worms. A researcher found a cross-site scripting flaw in Wix templates that a worm could have used to infect all Wix-hosted sites, but couldn’t find a way to report the vulnerability. Find out more[INFOWORLD.COM]

Security Patches

FIREFOX: Updated for Security Bugs. Mozilla has released a number of security fixes affecting two of its Firefox browsers: the widely used consumer edition, v50, and ESR 45.5, intended for enterprises which manage client desktops. Read the rest[SCMAGAZINE.COM]

CIO, CTO & CISO

For the CIO, CTO & CISO

CTO: 5 Key Skills Needed To Succeed As A CTO. Is your dream career to become the Chief Technology Officer (CTO) of a company you love? According to a list of former and current CTOs, you should start perfecting these skills. Read more[FORBES.COM]

CIO: Why AWS is the IBM for the Cloud Computing Age. Scalable cloud computing that helps businesses get up and running quickly and securely means you’ll never get fired for buying Amazon Web Services. Find out more[CIO.COM]

CIO, CTO & CISOCISO: Aflac CISO Tim Callahan on Global Security, Risk Management. With today’s cyberthreats, the CISO has to know more about intelligence, working with government and private industry, and how to tailor the security program to further the business. Find out more[SEARCHSECURITY.TECHTARGET.COM]

CAREERS: Arkansas CTO Mark Myers Resigns. The details surrounding Arkansas’ abrupt IT leadership changes are few, but what is clear is that a recent forced resignation signals a potential shift in the state’s direction. Read the rest[GOVTECH.COM]

Penetration Testing

Penetration Testing

ANALYTICS: The New Security Mindset: Embrace Analytics To Mitigate Risk. Merely conducting a penetration test may find a weakness. But conducting a creative analysis of the network and carefully analyzing the results will truly identify key areas of risk. Security professionals who can sniff out abnormalities in their IT network and applications can foil intruders’ plans before they escalate. This is a far different approach than simply finding a single weakness and then declaring “mission accomplished.” Read more[DARKREADING.COM]

Penetration Testing

HOW TO: Respond to Social Engineering Incidents: An Expert Interview. Steven Fox is a top government cybersecurity expert, Distinguished Fellow with the Ponemon Institute and frequent speaker at top security events all over America. In this exclusive interview, Steven shares several low-tech but sophisticated social engineering techniques that hackers use to gain (unauthorized) privileged access into government systems and large and small company networks. Most important, what can we do to prevent fraud and respond to incidents that do occur? Find out more[GOVTECH.COM]

TOOL: Where’s the BeEF? BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser. Read more[GITHUB.COM]

Penetration Testing

RISK MANAGEMENT: The Truth About Penetration Testing Vs. Vulnerability Assessments. Vulnerability assessments are often confused with penetration tests. In fact, the two terms are often used interchangeably, but they are worlds apart. To strengthen an organization’s cyber risk posture, it is essential to not only test for vulnerabilities, but also assess whether vulnerabilities are actually exploitable and what risks they represent. To increase an organization’s resilience against cyber-attacks, it is essential to understand the inter-relationships between vulnerability assessment, penetration test, and a cyber risk analysis. Find out more[SECURITYWEEK.COM]

Open Source

Open SourceFEDERAL GOVERNMENT: Code.gov is the US Government’s Open-Source Software Hub. Back in August, the Obama Administration announced a new policy that requires 20 percent of the federal government’s software projects be open source. To make all of that material easily accessible, there’s now a place for you to view all of the code. Code.gov is the web-based hub for the initiative and it features around 50 projects from 10 different agencies. Those projects include the White House Facebook chat bot, Data.gov and the “We the People” petitions API. Read more[ENGADGET.COM]

Open Source

VIDEO: Technical Writing as Public Service: Working on Open Source in Government. What if U.S. federal agencies decided to reuse and contribute to open source software projects built by other agencies, since agencies often have similar technology problems to solve? And what if they hired technical writers with open source community experience to write documentation for these projects? Britta Gustafson explains surprising and rewarding aspects of working on documentation in government, through the lens of the cross-agency eRegulations project. Find out more[YOUTUBE.COM]

Open Source

TOOLS: 10 Open Source Tools for Your Sysadmin Toolbox. Here’s a handy list of open source tools for admins, highlighting well-known – and not-so-well-known – tools that have released new versions in 2016. Find out more[OPENSOURCE.COM]

OPINION: Open Source Has Won, and Microsoft Has Surrendered. Many Linux users are ticked off and anxious about Microsoft joining the Linux Foundation. They are missing the real significance of that move. Read the rest[COMPUTERWORLD.COM]

Business Intelligence

Business Intelligence

AMAZON: AWS Launches Enterprise Tier of its QuickSight Business Intelligence Tool. Public cloud infrastructure provider Amazon Web Services (AWS) today announced the availability of an enterprise tier of its Amazon QuickSight cloud software for business intelligence (BI). AWS launched QuickSight out of preview last month after introducing it a year ago. The new Enterprise Edition stands out from the Standard Edition in a few important ways. First, organizations can connect it with Microsoft’s Active Directory identity management software, whether it’s running on AWS or in an on-premises data center.. Find out more[VENTUREBEAT.COM]

Business IntelligenceLEADERSHIP: In Business Intelligence, Sound Governance Drives Adoption And Success Via Enablement. How are best-of-breed BI programs able to balance self-service against the need for data governance? In Forbes' October 2016 report "Breakthrough Business Intelligence," those companies achieving the greatest value from their BI programs were doing so through a nuanced and sophisticated blend of governance and distributed BI. Find out more[FORBES.COM]

CHANGE MANAGEMENT: Health Care Leaders About Their Industry, and They’re Worried. However the Trump administration and the Republican U.S. Congress replace or revamp the Affordable Care Act, it is unlikely to halt America’s ongoing move from the rightfully maligned fee-for-service payment system to one that pays for "value" - the quality of outcomes relative to the price. Despite the progress that’s been made, there is still a long way to go. What new investments will be required? What legacy costs will be incurred as providers strive to optimize their business processes to deliver comprehensive value-based health care? How will leadership teams and boards of directors orchestrate the strategic transformations of their currently successful businesses? Find out more [HBR.ORG]

Business Intelligence

READ: 12 Ways to Empower Government Users With the Microsoft Business Intelligence (MBI) Stack. Are your organization’s Federal IT resources under constant pressure, with no end in sight? Your agency is not alone. With limited access to dedicated information technology resources, non-technical end users often play the waiting game, relying on IT staff to do simple tasks like generating custom queries and embedding them within applications. Here are ways to empower your end users with the Microsoft Business Intelligence (MBI) Stack. Find out more[BLUEMT.COM]

Operating Systems

Operating Systems

GOOGLE: Just Launched A Totally New Operating System. Android Things, Google’s new operating system to power your toasters, routers, refrigerators and just about everything. Find out more[TECHWORM.COM]

OPEN SOURCE: Why the Operating System Matters Even More in 2017. The computing technology landscape has changed considerably over the past couple of years. This has had the effect of shifting how we think about operating systems and what they do, even as they remain as central as ever. Consider changes in how applications are packaged, the rapid growth of computing infrastructures, and the threat and vulnerability landscape. Find out more[OPENSOURCE.COM]

Operating Systems

SERVERS: Future of the Server Operating System. Microsoft’s new Windows Server 2016 operating system (OS) is just being launched. Linux is celebrating its 25th birthday. IBM has its mainframe operating system and its Power operating system, Oracle has Solaris – and that is just a few of the OSs that still abound in the market. But what is the role of an OS in the modern world? Here’s a look at the evolution of the server operating system, and how the next generation is moving into the cloud. Find out more[COMPUTERWEEKLY.COM]

Operating Systems

NIST: Enterprise Linux 7.1 meets NIST Crypto Standards. Red Hat’s Enterprise Linux 7.1 has been awarded a critical security certification for nine modules, including its OpenSSL component. According to company officials, the certifications establish the platform as a secure operating system for mission-critical systems and national security data. The National Institute of Standards and Technology sets standards for federal cryptographic-based security systems, including those in open-source software libraries. The Federal Information Processing Standard 140-2 was established in 2001 for native systems that process sensitive information, secure communications and encrypt data. Read the rest[GCN.COM]

Incident Response

Incident ResponseCYBERSECURITY: Distributed Denial of Service Attacks - Four Best Practices for Prevention and Response. In November 2016, Internet users across the eastern seaboard of the United States had trouble accessing popular websites, such as Reddit, Netflix, and the New York Times. As reported in Wired Magazine, the disruption was the result of multiple distributed denial of service (DDoS) attacks against a single organization: Dyn, a New Hampshire-based Internet infrastructure company. DDoS attacks can be extremely disruptive, and they are on the rise. The Verisign Distributed Denial of Service Trends Report states that DDoS attack activity increased 85 percent in each of the last two years with 32 percent of those attacks in the fourth quarter of 2015 targeting IT services, cloud computing, and software-as-a-service companies. Find out more[INSIGHTS.SEI.CMU.EDU]

Incident ResponseSTATE GOVERNMENT: How Government Can Become More like Amazon. Colorado CIO Suma Nallapati wants to transform IT systems so that people look forward to interacting with government. Find out more[GOVTECH.COM]

SLIDESHOW: 6 Security Best Practices You Need to Have In Place. Information security firm ID Experts recently engaged a number of thought leaders that included attorneys, insurance executives and security professionals to share six best practices on preparing for and responding to a data breach. Here is what they want you to know. Find out more[INFOMATION-MANAGEMENT.COM]

Incident Response

GOVERNMENT: Hackers Expect Replies, Not Rewards, for Finding Bugs. More than 9 in 10 cybersecurity researchers who find software vulnerabilities generally let the makers know and coordinate their disclosure, according to a survey from a Commerce Department working group. Find out more[CYBERSCOOP.COM]

Incident Response

NEWS: Positioning Security Intelligence in Front of Incident Response. With recent announcement of IBM’s $200 million commitment to expanding its security leadership position in the incident response (IR) market, IBM is working to help clients address the challenges in adopting a more proactive approach to IR. As part of the initiative, IBM established a new global incident response team. The mandate for IBM X-Force Incident Response and Intelligence Services (IRIS) is to deliver the next evolution in incident response management. Read more[SECURITYINTELLIGENCE.COM]

US-CERT: Updates Cybersecurity Incident Notification Guidelines. New cybersecurity incident reporting guidelines will go into effect on April 1, 2017, designed to help federal, state, and local organizations. Find out more[HEALTHITSECURITY.COM]

Incident Response

DHS: Georgia Incident Was Legitimate Work, Not a Hack. The Department of Homeland Security told Georgia’s Office of Secretary of State that the IP address associated with an attempted breach of the state agency’s firewall was tracked to an office in U.S. Customs and Border Protection, a revelation that has DHS “deeply concerned.” According to DHS, someone on the federal department’s security network was conducting legitimate business on the state office’s website, verifying a professional license administered by the state. The state office manages information about corporate licenses and certificates on its website. Find out more[FEDSCOOP.COM]

Incident Response

LEARN: 10 Tips for Planning, Leading and Learning From a Cybersecurity Tabletop Exercise. The National Institute of Standards and Technology (NIST) recommends that organizations not only develop incident response plans, but also maintain them in a “state of readiness” and engage in exercises to “validate their content.” The potential vehicles for such tests can take many forms, but one of the most common and easy to implement is a “tabletop exercise.” Read the rest[CORPCOUNSEL.COM]

Tech Research News

Tech Research NewsMIT: Cache Management Improved Once Again. New version of breakthrough memory management scheme better accommodates commercial chips. A year ago, researchers from MIT’s Computer Science and Artificial Intelligence Laboratory unveiled a fundamentally new way of managing memory on computer chips, one that would use circuit space much more efficiently as chips continue to comprise more and more cores, or processing units. In chips with hundreds of cores, the researchers’ scheme could free up somewhere between 15 and 25 percent of on-chip memory, enabling much more efficient computation. Their scheme, however, assumed a certain type of computational behavior that most modern chips do not, in fact, enforce. Last week, at the International Conference on Parallel Architectures and Compilation Techniques – the same conference where they first reported their scheme – the researchers presented an updated version that’s more consistent with existing chip designs and has a few additional improvements. Read more [NEWS.MIT.EDU]

Tech Research News

REPORT: Digital Readiness Gaps. According to Pew Research Center, Americans fall along a spectrum of preparedness when it comes to using tech tools to pursue learning online, and many are not eager or ready to take the plunge. Find out more[PEWINTERNET.ORG]

DOD: Ashton Carter – Cyber Tech, Automation, Biological Research Essential for DoD Missions. Defense Secretary Ashton Carter has said automated systems, cyber technology and biological research efforts are necessary to keep the Defense Department moving forward. Find out more[EXECUTIVEGOV.COM]

Tech Research News

FITNESS TRACKING: Weight Loss On Your Wrist? Fitness Trackers May Not Help. Fitness trackers remain wildly popular, but do they make us fit? Maybe not, according to a study that asked overweight or obese young adults to use the tiny tracking tools to lose weight. Read the rest[NPR.ORG]

Search Technology

Search Technology

SOLR: Not Just For Text Anymore. When Solr came out, it was supposed to be an OpenSource text search engine. Now it has a big place in Big Data. Read what Ness's CTO, Moshe Kranc has to say about how it has evolved. Read more[DZONE.COM]

INGALLS: Spring Data 'Ingalls' Release Train Leaves Station. The Spring Data team has announced the first milestone release of the Ingalls Release Train. This coordinated release of subprojects under the Spring Data umbrella ships with 230 fixes and a number of new features. Find out more[ADTMAG.COM]

Search TechnologyGOOGLE: Announces New Cloud Natural Language API While Cloud Search API Goes Beta. Google says that the Cloud Natural Language API gives developers access to three Google-powered engines– sentiment analysis, entity recognition, and syntax analysis. The service is currently available in open beta and is based on the company’s natural language understanding research. It will initially support three languages– English, Spanish and Japanese and will help developers reveal the structure and meaning of your text in the given language. Read more[THETECHPORTAL.COM]

AMAZON: Amazon EC2 Container Service Now Supports Networking Modes and Memory Reservation. Docker networks provide isolation for your containers. It is important to have control over the networks your applications run on. With Amazon ECS, you can now specify an optional networking mode for your containers that cater towards different use cases. Find out more[DABCC.COM]

Application Development

Application DevelopmentIoT: Why App Development Is The Key To Unlocking The IoT Vault. Solution providers are positioning themselves for success in the lucrative Internet of Things market by bolstering their application development teams. Companies bringing IoT solutions to market face several hurdles, including interoperability, security and data management challenges – and staffing up with IoT application developers is critical for tackling these issues. Read more[CRN.COM]

SDKS: How Imaging SDKs Can Solve Today’s Application Development Challenges. In a mobile-first world, developers understand the importance of creating a next-generation app that fits in with client or user expectations. Developers should consider the myriad of SDK options if they want to improve functionality for the user, especially imaging SDKs. Although they are a niche market, these SDKs can add better imaging capabilities and target industry-related problems that companies are trying to tackle. Find out more [SDTIMES.COM]

Application Development

SECURITY: Application Security Requires More Talk Than Tech. If you think application security only involves installing a tool, or scanning a few apps and moving on, you’re wrong. Application security is a unique security initiative, and its success hinges on people as much as technology. Read more[INFOWORLD.COM]

SPEED: How to Speed Enterprise App Development and Meet Digital Transformation Demands. Low-code platforms are key in accelerating digital transformation with rapid application development. Find out more[INFORMATION-AGE.COM]

BYOD

BYODSLIDESHOW: 6 Best Practices for Managing BYOD Technology. The mobile workforce population is expected to surpass 105 million by 2020, according to IDC. Keeping all those workers and devices from causing security risks is becoming increasingly hard. Here are 6 tips on how to best manage it all. Find out more[INFORMATION-MANAGEMENT.COM]

POLICY: 10 Best Practices For BYOD Policy. Bring-your-own device doesn't have to mean bring your own security problems. Many enterprises now allow users to access corporate resources via their personal mobile devices. According to a global survey of CIOs by Gartner, nearly 40 percent of companies by 2016 will require employees to provide their own mobile products. Find out more[DARKREADING.COM]

BYOD

CIO: Shadow BYOD Runs Rampant in Federal Government. A new survey highlights the extent to which government employees insist on bringing their own devices to work, despite rules to the contrary. Find out more[CIO.COM]

NIST: Gives Agencies Guidance on Boosting Cybersecurity for BYOD, Telework. Security concerns increase as more federal offices offer workers greater flexibility through telework options and the ability to use their own devices. Read the rest[FEDTECHMAGAZINE.COM]

Big Data

Big DataWHY: Cultural Change Is Necessary For Big Data Adoption. Love it or hate it, big data is here to stay. As data volumes and sources of data proliferate at ever increasing rates, leading companies will be forced to plan for a data-driven future. Data is pervasive. Businesses operate in an Age of Data. Rapid access to the latest data can accelerate innovation and disrupt traditional markets. Businesses are finding new ways to do business that serve their customers more effectively and responsively. Businesses can adapt or risk burying their heads in the sand. Should there be any doubt about the prevalence of data, consider these few “data points”. Read more[FORBES.COM]

Big Data

PODCAST: Hadoop, Kafka Creators Big on Big Data Streaming Analytics. In this edition of the Talking Data podcast, big data streaming analytics comes into focus. The technology formed a strong undercurrent at Strata + Hadoop World 2016. Find out more[SEARCHDATAMANAGEMENT.TECHTARGET.COM]

REAL TIME ECONOMICS: How Big Data Is Creating a Detailed Picture of U.S. Earnings. A new monthly report from Glassdoor uses millions of employees’ reviews of their employers to estimate U.S. wage growth. Find out more[BLOGS.WSJ.COM]

Mobile Applications

Mobile ApplicationsINTERVIEW: Why Developers Benefit When Implementing a Cloud Backend into Apps. Here’s an interview with Ashruti Singh, Product Marketing Manager for SAP HANA Cloud Platform at SAP, who discusses how app developers stand to benefit from implementing mobile cloud back ends into their programs and where she sees the future of mobile app development heading in 2017. Read more[APPDEVELOPERMAGAZINE.COM]

FED TECH: Why Citizen Input is Crucial to the Government Design Process. As digital technology practices such as modular procurement and DevOps become widely adopted across government, the gap between IT and operations is closing and benefits from the new approach are becoming clearer each day. Now, government must take the next step: close the gap between citizen-specific needs and the process for designing, developing and deploying digital government. Find out more[NEXTGOV.COM]

Mobile Applications

MANAGEMENT: Organizations Need to Balance Value and Security When Adopting New Mobile Devices. As new products hit the market, enterprises must decide whether to introduce the device or wait. Find out more[FEDTECHMAGAZINE.COM]

CLOUD: Will Digital Economy Create A Developer Shortage? As more companies seek to transform themselves digitally and effectively become software companies, some are going to have trouble filling “the developer gap,” according to a Cloud Foundry report. Read the rest[INFORMATIONWEEK.COM]

IT Management

IT ManagementTECH MANAGEMENT: Decentralized IT Management Raises Concerns. IT isn't happy about the shift to decentralized IT management, so VMware tries to provide the best of both worlds: developer flexibility and centralized IT. Find out more[NETWORKWORLD.COM]

DOD: Congress Creates New DoD Chief Management Officer, Punts on Role of CIO. The annual Defense authorization bill Congress sent to the President last week includes several provisions to redraw the Defense Department's organizational chart, including one that creates a powerful new Chief Management Officer whose primary job will be overseeing and reforming DoD headquarters functions. While the department already has a full-time position - the deputy chief management officer - to handle functions like business process reengineering and other management concerns, the new position will carry more stature in the Defense bureaucracy. Find out more[FEDERALNEWSRADIO.COM]

IT ManagementVETERANS AFFAIRS: VA CIO Creating IT Demand Management Office. The Department of Veterans Affairs will launch a new tech office in 2017 to help meet the needs of the department's health care, benefits and cemetery lines of business. Ron Thompson, who was the principal deputy assistant secretary and deputy CIO for VA's Office of Information and Technology, will lead the creation of a new Demand Management Office. Find out more[FEDSCOOP.COM]

LEARN: What Great Managers Do Daily. So much depends upon managers. For example, a Gallup study found that at least 70% of the variance in employee engagement scores is driven by who the boss is. This is disconcerting because the same research found that about 70% of people in management roles are not well equipped for the job. This state of affairs is hurting not just employee engagement and quality of life, but also corporate performance. What makes managers of highly engaged employees different than the rest on a day-to-day basis? Read the results of a recent survey. Find out more [HBR.ORG]

Programming & Scripting Development Client & Server-Side

Programming & Scripting Development Client & Server-Side

HISTORY: Top 10 Programming Languages and Their Inventors. Behind every great product, there is a great man or woman. Ditto for the programming languages. Each programming language was developed by a man/woman who sought to think different. Some made it to the top of the charts while other fell by wayside. Here are the top 10 programming languages and their inventors. Read more[TECHWORM.NET]

JAVA: Oracle Cuts Management, Messaging Specs in Java EE 8. Oracle is making good on plans to cut management and messaging improvements from the next version of enterprise Java. The company is axing Management 2.0 and Java Message Service (JMS) 2.1 from the Java EE 8 road map. Also, Oracle is investigating a possible transfer of the MVC functionality planned EE 8 to another community member or organization. Find out more[INFOWORLD.COM]

Programming & Scripting Development Client & Server-Side

JAVASCRIPT: 15 JavaScript Frameworks and Libraries. JavaScript’s open source stance is also one of the best. Contrary to popular belief, JavaScript is not a project, but a specification with an open standard where the language is evolved and maintained by its core team. ECMAScript, another fancy name of JavaScript, is not open source, but it too has an open standard. Find out more[OPENSOURCE.COM]

HTML5: HTML 5.1 Is Here, Replaces HTML5 As The New “W3C Recommendation”. The World Wide Web Consortium (W3C) has released the official HTML 5.1 specification. In an announcement, W3C said that the specification defines “the 5th major version, first minor revision” of the core language of the World Wide Web: the HTML. This way, 5.1 has become a “W3C Recommendation”, replacing HTML 5. Read the rest[FOSSBYTES.COM]

Programming & Scripting Development Client & Server-Side

BEST PRACTICES: More Guidelines and Best Practices on Asynchronous Programming. Follow the recommended practices when working with asynchronous programming to achieve scalability and performance benefits. Read more[INFOWORLD.COM]

JAVA: Latest Java 9 Schedule Appears to Be at Risk from the Outset. After reaching approval of the feature extension process, Oracle has confirmed July 2017 as the new target for the Java 9 release. The date is very similar to that previously predicted by InfoQ, although for various reasons this might indicate risk: while our estimation was based on a feature extension period of three months, the actual period will last seven months, with cuts in testing effort to make up the difference. Early, informal testing might be in place to compensate. Find out more[INFOQ.COM]

Programming & Scripting Development Client & Server-Side

PHP: New PHP Release Brings Another Speed Boost. The PHP 7 line, which debuted a year ago, has received its first point release upgrade, improving performance and featuring nullable types. Version 7.1.0 also offers capabilities like a void return type and class constant visibility modifiers. But a key PHP advocate stressed performance. The upgrade “[provides] up to 35 percent better performance in CPU-intensive workloads,” said Zeev Suraski, CTO at PHP tools producer Zend. Find out more[INFOWORLD.COM]

C#: Amazon Cloud Adds C# Support to Lambda Service. Amazon Web Services Inc. (AWS) announced that its AWS Lambda tool — providing serverless functionality for projects such as app back-end services — now supports Microsoft’s C# programming language. AWS said developers using the Lambda service can run their code without having to worry about provisioning or managing servers, using a pay-as-you-go pricing model. Read the rest [ADTMAG.COM]

Cloud Computing

Cloud Computing

GOOGLE CLOUD: Have Cloud Your Way: Step-by-Step Best Practices for Secure Migration. Get insights about Google’s security technology underpinnings within GCP that protect your data and your customers. Learn about Google’s views on threats, end-to-end security, and solutions at each point of potential compromise. Read more[YOUTUBE.COM]

HOW: Will Amazon’s Cloud-Computing Price Cuts Impact Investors? The growth of Amazon’s cloud-computing platform, known as AWS, has been a major factor in the company’s recent spurt of profit growth. But in typical Amazon fashion, the company is prepared to completely backpedal on AWS’ profits in order to beat out the competition and grab an even bigger piece of the market down the road. Find out more[FOOL.COM]

Cloud Computing

PUBLIC VS. PRIVATE CLOUD: 5 Trends to Watch. Security tops the concerns of federal information technology managers as they look to move data and applications into the cloud – and that’s consistent with other public sector IT executives. But federal managers are substantially more likely to settle on private cloud solutions when compared to those managing state and local or higher education IT services. Here are five trends that define the differences between how IT chiefs in each sector are approaching cloud migration. Find out more[GOVTECHWORKS.COM]

FEDS: Rest Their Digital Transformation Hopes on the Cloud. Like most businesses, the U.S. federal government is being forced to evolve their IT operations to accommodate today’s mobile- and cloud-enabled workstyles (and lifestyles). A recent survey from Dell EMC, conducted by Penn Schoen Berland (PSB), reveals that most agencies are rising to the occasion. Read the rest[DATAMATION.COM]

Cloud Computing

TRENDS: 6 Trends That Will Shape Cloud Computing in 2017. Public, private and hybrid cloud implementations will accelerate in 2017 as CIOs seek to take advantage of the cloud’s economies of scale to build core applications. Read more[CIO.COM]

AMAZON: Cloud Computing Remains Secure. Amazon.com Inc.’s top cloud computing executive said that even with last week’s massive internet outages, the web remains the most secure place for companies to run their computing. Amazon Web Services CEO Andy Jassy said that for most companies, security is “priority zero.” Find out more[WSJ.COM]

Cloud Computing

NETWORKS: Your Network, IoT, Cloud Computing and the Future. Anyone in charge of a network has to think about how that network will evolve. Find out more[NETWORKWORLD.COM]

READ: Cloud Investments & the Future of Cloud Computing. The cloud industry is evolving – a point that is made abundantly clear by the scope of industry investments being made today. In the early days of cloud, investments went toward companies that were working to create acceptable usable cloud experiences for users. These companies were focused on fundamentals, such as cloud security and cloud maintenance. Read the rest[ENTERPRISETECH.COM]

Cloud Computing

SLIDESHOW: 10 Examples of the AWS Path of Disruption. $13 billion later…Amazon Web Services is not only a serious contender in the enterprise, it has changed the business strategy of some of the biggest names in tech. Read more[CIO.COM]

LOCAL: Seattle’s Cloud-Computing Boom is New Force Helping to Drive Washington Economy. Companies like Amazon and Microsoft are now experts in the cloud, generating thousands of jobs and opportunities for those in the tech industry. Find out more[SEATTLETIMES.COM]

Cloud Computing

AMAZON: Amazon Cloud Computing Division Unveils New Cyber Security Service. AWS Shield will help customers defend against so-called distributed denial-of-service attacks that can knock websites offline. Find out more[WSJ.COM]

NETWORKS: Serverless – The Next Step in Cloud Computing’s Evolution. Expectations are high and steadily growing for how this new architecture can revolutionize the way organizations approach development and innovation. Read the rest[NETWORKWORLD.COM]

Personal Tech

Personal Tech

ONLINE QUIZ: How Many Times Has Your Personal Information Been Exposed to Hackers? At least one billion Yahoo users had their information stolen in 2013, the company said last week, months after it disclosed a different attack in 2014 that affected 500 million users. Several other major companies have been attacked since. Answer a few questions to learn which parts of your identity may have been stolen in some of the major hacking attacks in the last three years and what you can do about it. Find out more[NYTIMES.COM]

Personal TechTRAVEL: 6 Ways To Keep Phone Charges Low During International Travel. t's a sure-fire way to dampen the holiday cheers: Spend a week on a dream vacation abroad, then come back to find an additional several hundred dollars on your cellphone bill. Although some U.S. phone plans cover international travel, especially to Canada and Mexico, many don't. Leaving your phone off isn't practical these days. But you don't have to pay a fortune if you follow these tips. Find out more[TOPTECHNEWS.COM]

PRIVACY: Worried About the Privacy of Your Messages? Download Signal. you would be foolish not to download the messaging app Signal onto your smartphone and computer. The free encrypted messaging service has won the acclaim of security researchers and privacy advocates, including Edward J. Snowden. All have said that Signal goes above and beyond other chat tools in keeping electronic communications private. Find out more[NYTIMES.COM]

Personal Tech

2017: The 7 Unmissable Tech Predictions That Will Define 2017. Big Data. Internet of Things. Virtual Reality. Industry 4.0. These were all prime fields of growth and innovation in 2016. These trends are predicted to continue into next year and probably far beyond. Find out more[FORBES.COM]

IT Security | Cybersecurity

IT Security | Cybersecurity

PLANNING: Obama Has a Plan to Fix Cybersecurity, But Its Success Depends on Trump. The White House’s Commission on Enhancing National Cybersecurity released the results of a nine-month study of America’s cybersecurity problems. Its recommendations, in a hundred-page report, cover a lot of ground. It proposes fixing the shambolic security of internet-of-things consumer devices like routers and webcams, re-organizing responsibility for the cybersecurity of federal agencies, and fostering a new generation of skilled American cybersecurity experts, among other actionable steps. Read more[WIRED.COM]

IT Security | Cybersecurity

VIDEO: NIST Cybersecurity Framework 2016 Cybersecurity professionals talk about what the Cybersecurity Framework means to their organizations. The Framework, which was created through collaboration between industry and government, consists of standards, guidelines, and practices to promote the protection of critical infrastructure. The prioritized, flexible, repeatable, and cost-effective approach of the Framework helps owners and operators of critical infrastructure to manage cybersecurity-related risk. Find out more[NIST.GOV]

FUTURE: The Trump Effect on Cybersecurity: Tough to Tell. Donald Trump’s effect on cybersecurity after he’s sworn in as president next month will likely be toward military uses of cyber weapons and stronger tools for law enforcement to crack encryption, but the impact is hard to predict due to the vagueness of his proposals so far. The most detailed Trump cyber plan is just 175 words long and includes some initiatives that sound like what’s already in place. Find out more [NETWORKWORLD.COM]

IT Security | Cybersecurity

DATA BRIEFING: Cybersecurity Culture Shift is More Than People, Official Says. The government is still constantly inundated with cyber attacks and the weakest link is not the computers, but the humans using them. Rod Turk, the acting deputy chief information officer for the Commerce Department, recognizes that, but getting government employees to abide by the cybersecurity rules set out for them is a tough job. That’s why IT managers need a multi-layered approach to cybersecurity and cybersecurity training. Read the rest[FEDERALNEWSRADIO.COM]

From the Blue Mountain Data Systems Blog

Personal Techhttps://www.bluemt.com/personal-tech-daily-tech-update-october-28-2016

IT Managementhttps://www.bluemt.com/it-management-daily-tech-update-october-27-2016

Business Intelligencehttps://www.bluemt.com/business-intelligence-daily-tech-update-october-26-2016

Incident Responsehttps://www.bluemt.com/incident-response-daily-tech-update-october-25-2016

From the Blue Mountain Data Systems Blog

Security Patcheshttps://www.bluemt.com/security-patches-daily-tech-update-october-24-2016/

BYODhttps://www.bluemt.com/byod-daily-tech-update-october-21-2016/

Databaseshttps://www.bluemt.com/databases-daily-tech-update-october-20-2016/

Operating Systemshttps://www.bluemt.com/operating-systems-daily-tech-update-october-19-2016/

From the Blue Mountain Data Systems Blog

Encryptionhttps://www.bluemt.com/encryption-daily-tech-update-october-18-2016/

Cloud Computinghttps://www.bluemt.com/cloud-computing-daily-tech-update-october-17-2016/

Programming & Scriptinghttps://www.bluemt.com/programming-scripting-daily-tech-update-october-14-2016/

Incident Responsehttps://www.bluemt.com/incident-response-daily-tech-update-october-13-2016/

From the Blue Mountain Data Systems Blog

Cybersecurityhttps://www.bluemt.com/cybersecurity-daily-tech-update-october-12-2016/

Big Datahttps://www.bluemt.com/big-data-daily-tech-update-october-11-2016/

Mobile Applicationshttps://www.bluemt.com/mobile-applications-daily-tech-update-october-7-2016/

Cloud Computinghttps://www.bluemt.com/cloud-computing-daily-tech-update-october-6-2016/

From the Blue Mountain Data Systems Blog

Open Sourcehttps://www.bluemt.com/open-source-daily-tech-update-october-5-2016/

CTO, CIO and CISOhttps://www.bluemt.com/cto-cio-ciso-daily-tech-update-october-4-2016/

Programming & Scriptinghttps://www.bluemt.com/programming-scripting-daily-tech-update-october-3-2016/

From the Blue Mountain Data Systems Blog

Feds Report Mixed Responses to Shared Serviceshttps://www.bluemt.com/feds-report-mixed-responses-to-shared-services

Federal Employees Are Not Security Expertshttps://www.bluemt.com/federal-employees-are-not-security-experts

Survival Guide for Network Administratorshttps://www.bluemt.com/survival-guide-for-network-administrators

DBaaS: OpenStack Trove Changes DB Managementhttps://www.bluemt.com/dbaas-openstack-trove-changes-db-management

From the Blue Mountain Data Systems Blog

Help Wanted: Certified Cybersecurity Professionalshttps://www.bluemt.com/help-wanted-certified-cybersecurity-professionals

Cyber Threat Intelligence Integration Center Previewhttps://www.bluemt.com/cyber-threat-intelligence-integration-center-preview/

Cloud Moves in 1-2-3https://www.bluemt.com/cloud-moves-in-1-2-3/

Change Management for Disaster Recoveryhttps://www.bluemt.com/change-management-for-disaster-recovery/

From the Blue Mountain Data Systems Blog

Jeffersonian Advice For C-Suite Career Advancementhttps://www.bluemt.com/jeffersonian-advice-for-c-suite-career-advancement/

Ways To Survive The “Mobile-Pocalypse”https://www.bluemt.com/ways-to-survive-the-mobile-pocalypse/

Microsoft Cloud Services Receive FedRAMP Authority to Operatehttps://www.bluemt.com/microsoft-cloud-services-receive-fedramp-authority-to-operate/

Hiring Pentesters? Here Are 10 Things You Need to Knowhttps://www.bluemt.com/hiring-pentesters-here-are-10-things-you-need-to-know/

From the Blue Mountain Data Systems Blog

Home Router Malware Alerthttps://www.bluemt.com/home-router-malware-alert/

Threat Model Deconstructionhttps://www.bluemt.com/threat-model-deconstruction/

Business Email Scam Nets $214 Millionhttps://www.bluemt.com/business-email-scam-nets-214-million/

How to Prevent Unauthorized Software from Taking Over Your Organizationhttps://www.bluemt.com/the-cios-guide-to-happy-end-users-2/

From the Blue Mountain Data Systems Blog

Digital Marketing Predictions for 2015https://www.bluemt.com/digital-marketing-predictions-for-2015/

SDN: Network Administrator’s Friend or Foe?https://www.bluemt.com/sdn-network-administrators-friend-or-foe/

Mobile Payments: A Must for Federal Agencieshttps://www.bluemt.com/mobile-payments-a-must-for-federal-agencies/

Soft Skills Are A Must-Have For Careers In IThttps://www.bluemt.com/soft-skills-are-a-must-have-for-careers-in-it/

From the Blue Mountain Data Systems Blog

Security Risks Most Prevalent in Younger Workershttps://www.bluemt.com/security-risks-most-prevalent-in-younger-workers/

The Security World’s Maturationhttps://www.bluemt.com/the-security-worlds-maturation/

Data Breach Concerns Keep CISOs Up At Nighthttps://www.bluemt.com/data-breach-concerns-keep-cisos-up-at-night/

Personalized Govt Equals Instant Gratification for Citizenshttps://www.bluemt.com/personalized-govt-equals-instant-gratification-for-citizens/

From the Blue Mountain Data Systems Blog

People-Centric Securityhttps://www.bluemt.com/people-centric-security/

Pentagon Tries BYOD To Strike Work/Life Balancehttps://www.bluemt.com/pentagon-tries-byod-to-strike-worklife-balance/

Open Source Model Considered for MS Windowshttps://www.bluemt.com/open-source-model-considered-for-ms-windows/

Open Internet: To Be or Not to Be?https://www.bluemt.com/open-internet-to-be-or-not-to-be/

From the Blue Mountain Data Systems BlogMalware Stays A Step Ahead Infecting One Third of Websiteshttps://www.bluemt.com/malware-stays-a-step-ahead-infecting-one-third-of-websites/

Machine-Generated Data: Potential Goldmine for the CIOhttps://www.bluemt.com/machine-generated-data-potential-goldmine-for-the-cio/

Government Legacy Programs: Reuse vs. Replacementhttps://www.bluemt.com/government-legacy-programs-reuse-vs-replacement/

It Takes a Whole Village to Protect Networks and Systemshttps://www.bluemt.com/it-takes-a-whole-village-to-protect-networks-and-systems/

From the Blue Mountain Data Systems Blog

Governance For the CIOhttps://www.bluemt.com/governance-for-the-cio/

Help Desk Consolidation – Lessons Learnedhttps://www.bluemt.com/help-desk-consolidation-lessons-learned/

One Year Later, Companies Still Vulnerable to Heartbleedhttps://www.bluemt.com/one-year-later-companies-still-vulnerable-to-heartbleed/

Federal Projects Cultivate Worker Passionhttps://www.bluemt.com/federal-projects-cultivate-worker-passion-2/

ABOUT US

Blue Mountain Data Systems Inc.

Blue Mountain Data Systems Inc. is dedicated to application and systems development, electronic document management, IT security support, and the automation of workflow processes.

Read more about our experience here:>> http://bluemt.com/experience

Recent Experience

U.S. Dept. of Labor Employee Benefits Security Administration

1994 to Present

Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support.

MANAGEMENT

Paul T. Vesely Founder, President, CEO and Principal Architect

Mr. Vesely is a recognized thought leader in systems architecture and delivery, having designed and delivered many enterprise wide information and document management solutions. Mr. Vesely’s history includes 33 years experience in the information systems industry, with Unisys, Grumman, PRC and a host of clients in both government and private sectors.

CONTACT US

Contact Us Today to Discuss Your Next IT Project

HEADQUARTERS366 Victory DriveHerndon, VA 20170

PHONE 703-502-3416

FAX 703-745-9110

EMAILpaul@bluemt.com

WEBhttps://www.bluemt.com