Tech Update SummarySeptember 2016

Blue Mountain Data Systems

For CTOs, CIOs & CISOs

Visit Blue Mountain Data Systems https://www.bluemt.com

For CTOs, CIOs & CISOs

Every business day, we publish a Daily Tech Update for Federal & State CTOs ,CIOs & CISOs on the

Blue Mountain Data Systems Blog. We hope you will visit our blog for the latest information.

You can also receive these updates via email. Click here to subscribe.

Here’s the summary of the Daily Tech Updates for September 2016. Hope the information and ideas

prove useful.

Best,Paul VeselyPresident and Principal ArchitectBlue Mountain Data Systems Inc.

Federal, State & Local IT

Federal, State & Local ITFEDERAL: 3 Ways Governments Are Working to Make Broadband Universally Accessible. Broadband is commonly described as a critical piece of modern infrastructure. Here’s how a city, a state and a school district are working to make sure everyone has access. Read more[GOVTECH.COM]

STATE: Texas Makes Major Progress on IT Consolidation. Like many states, Texas is battling against an aging IT infrastructure in an age where agility, reduced complexity and transparency are king. That’s why as part of its consolidation efforts, the state has also implemented a hardware refresh policy. The Lone Star State is already three-quarters of the way through its IT consolidation efforts, which other states can derive lessons from. Find out more[STATETECHMAGAZINE.COM]

Federal, State & Local ITLOCAL: A Blueprint for Crisis Communications in Local Government. Does your team have contingency plans for how the chain of command and the flow of information will work, including if certain members are unavailable? Advance visioning is crucial to making sure you’re prepared to help when the unthinkable takes place. Read more[GOVTECH.COM]

Federal, State & Local ITCOLLABORATION: Technology Gives Police and Public Safety Agencies the Upper Hand. Cities put common IT infrastructure to work in the ongoing effort to prevent and reduce criminal activity. When a suspicious person or activity happens at Newburgh, N.Y.’s City Hall, police are notified directly. City employees can push a button to silently page the nearby police department in an emergency, one of many new features available since the city upgraded its communications infrastructure, adding new IP phones, paging and emergency notification software on top of a new Cisco Systems phone system. Find out more[STATETECHMAGAZINE.COM]

Encryption

Encyption

OPINION: The Long War on Encryption. Should the FBI be able to access any communication? And will quantum cryptography break all of security? Read more[PCMAG.COM]

CLOUDFLARE: Launches a Three-Pronged Attack to Encrypt the Entire Web. The push for web encryption, or HTTPS, is a crucial, attainable step in improving the Internet’s privacy and security. And ideally, we’d encrypt the entire web, as some organizations are trying to do. But upgrading the whole Internet is complicated, and adding encryption isn’t just an on-or-off switch. Some encrypted sites are faster and more efficient than others. Some are only partially encrypted. So Cloudflare – a company that touches an enormous fraction of the web – is working in that messy gray area to encrypt as much errant web traffic as possible. Find out more[WIRED.COM]

Encyption

SECURITY: Scientists Demonstrate Long Distance Quantum Communication. Scientists have shown that some subatomic particles exhibit quantum entanglement, which potentially enables unhackable communications that may be able to travel faster than the speed of light. Find out more[EWEEK.COM]

CHROME: Chrome Cracks Down on Sites that Don’t Use Encryption. A special warning will alert users when sites aren’t using HTTPS beginning in Chrome 56, the version to be released in January 2017. Read the rest[ENGADGET.COM]

Databases

Databases

GRAPH: IBM Releases Graph, a Service That Can Outperform SQL Databases. IBM has announced the general availability of Graph, a service for the Bluemix cloud offering that the company said helps set up a relatively new, high-performing type of database. Graph databases differ from traditional SQL databases in that they store both data and the relationships among the data. The relationships among data points are as important as the data points themselves. Unlike SQL databases, which can require complex queries to extract conclusions from data, graph databases execute queries more efficiently, and their advantage over SQL databases increases with the complexity of the query. Graph databases, which have become more popular in the last decade, are often used in apps that make recommendations about music or restaurants. Read the rest[GEEKWIRE.COM]

Databases

ADMINS: It’s the Data, Stupid – Why Database Admins Are More Important Than Ever. It may not be all about the tables anymore, but the DBA role is still essential – even if the person doing it doesn’t have the title. Specialized databases, cloud, and DevOps expand, not eliminate, the role of the DBA. Find out more[ARSTECHNICA.COM]

NoSQL: Three NoSQL Databases You’ve Never Heard Of. There’s a certain class of data problem that is elegantly addressed by NoSQL databases, which is why the market for NoSQL databases is growing faster than the overall market. The market is led by the Big Four, including Couchbase, Datastax, MarkLogic, and MongoDB, but there’s a long tail of other players in the NoSQL market, including some older products that are still going strong. Read more[DATANAMI.COM]

Databases

OPEN SOURCE: Why Open Source Graph Databases Are Catching On. Graph databases, which use graph structures for semantic queries, came into prominence through social networks like Facebook and Twitter. But they’re used for far more now than just linking connections between friends and relatives. Read more[ENTERPRISEAPPSTODAY.COM]

Databases

GOOGLE: Cloud Databases Reach General Availability. Emerging from beta, Google’s cloud databases are ready for business workloads. Cloud SQL, Cloud Bigtable, and Cloud Datastore — databases offered through the Google Cloud Platform (GCP) — are set to shed their beta designation, a scarlet letter among enterprises, and enter general availability. In so doing, they will qualify for SLAs like other production-ready GCP services. Read more[INFORMATIONWEEK.COM]

Databases

GRAPH: 5 Factors Driving the Graph Database Explosion. There’s no denying it: Graph databases are hot. Graph databases have outgrown every other type of database in popularity since 2013, and not by a small margin either. It’s clear that developers, data scientists, and IT pros are just beginning to explore the potential of graph databases to solve new classes of big data analytic and transaction challenges. Find out more[DATANAMI.COM]

NoSQL: Current State of NoSQL Databases. With the emergence of time series data being generated from Internet of Things (IoT) devices and sensors, it’s important to take a look at the current state of NoSQL databases and learn about what’s happening now and what’s coming up in the future for these databases. Read more[INFOQ.COM]

DatabasesNoSQL: NoSQL Databases – An Enterprise Necessity. Relational databases have long been a staple in enterprise IT. But demand for different kinds of databases has grown in recent years. And, according to a new Forrester Wave report, “NoSQL is not an option — it has become a necessity to support next-generation applications.” Read more[INFORMATIONWEEK.COM]

CLOUD: Google Says Its Databases Are Enterprise Ready. Google is continuing its campaign to entice enterprises to its public cloud platform by rolling out database services stable enough to serve businesses’ production workloads. The company announced the general availability of three database-focused products: the second generation of Cloud SQL, its managed database service; Cloud Datastore, its NoSQL document database; and Cloud Bigtable, its NoSQL database service that powers products like Gmail. Each of those products has a service level agreement associated with it, guaranteeing a certain amount of availability. Find out more [COMPUTERWORLD.COM]

Databases

MICROSOFT: Introduction to SQL Server Containers. In the Fall of 2014, Microsoft announced plans to add Docker container support to Windows Server 2016. The announcement added emphasis to Microsoft’s growing focus on Linux and open source tooling. In the months that followed, .NET core was open sourced, Microsoft and Red Hat formed an alliance, and plans to port SQL Server to Linux were announced. Containers are just around the corner for the Windows community, so let’s take a closer look at the use of SQL Server containers. Read more[INFOQ.COM]

VIDEO: Using JSON in SQL Server 2016 and Azure SQL Database. Find out why JSON support was added to SQL Server 2016 and the Azure SQL Database as well as best practices on how to work with JSON data. Find out more[CHANNEL9.MSDN.COM]

More About Blue Mountain

BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S. Dept. of Labor, Employee Benefits Security Administration. Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support. Read more.

Electronic Document Management

Electronic Document ManagementSECURE DOCUMENTS: 18 Ways to Secure Your Electronic Documents. Electronic Document Management Systems (EDMS) are electronic repositories designed to provide organized, readily retrievable, collections of information for the life cycle of the documents. How can you keep these electronic files secure during the entire chain of custody? Here are 18 security suggestions. Read more[BLUEMT.COM]

LEGAL DEPT DOCUMENT MANAGEMENT: Investing in New Technologies: How Corporate Legal Departments Are Leading the Way. Many departments are looking to technology to assist with automation of processes, resource and budgetary management, and tracking. Connie Brenton, co-founder of Corporate Legal Operations Consortium (CLOC), a non-profit association of legal operations executives, explains, “Corporate executives expect the GC’s office to be a business counselor to the firm, and to discuss numbers, data and analytics. Efficiency is now essential for legal departments, and this has advanced software’s role and accelerated technology adoption.” Find out more[INSIDECOUNSEL.COM]

Electronic Document Management

CFPB: Looks to Embrace Cloud for Email, Office Application Needs. The Consumer Financial Protection Bureau wants to move to a public cloud setup for some of its core enterprise apps. The financial watchdog agency recently sent out a Request for Information (RFI) on the process, technical requirements and costs of moving to cloud services in fiscal year 2017. CFPB wants to establish a more complete understanding on the costs associated with moving fully to a cloud solution for email and office applications (e.g., documents, spreadsheets, presentations, SharePoint and more).Read the rest[FEDTECHMAGAZINE.COM]

Electronic Document Management

ROI: 4 Ways Business Document Management Software Can Save You Money. Lisa Croft, Group Product Marketing Manager at Adobe Document Cloud, talks about the many ways business document management can save your company time, space, and more importantly, loads of money. Here are the four most obvious ways these tools provide excellent return-on-investment. Read more[PCMAG.COM]

Security Patches

Security PatchesANDROID: Google Fixes Final ‘Quadrooter’ Flaws with New Security Patch. In the latest round of Android security fixes, the company fixed two remaining flaws that were part of the so-called “Quadrooter” set of vulnerabilities announced last month. Quadrooter was particularly troublesome because the set of four flaws (hence the name “quad”) affected at least 900 million Android devices. These high-risk vulnerabilities would allow a dedicated and well-trained attacker to gain complete access to an affected phone and its data. Read more[ZDNET.COM]

OS X: New OS X Security Updates Patch Same Zero-Days as iOS 9.3.5. Apple released iOS 9.3.5 to patch three zero-day bugs that could be used to access personal data on an infected phone. Dubbed “Trident,” the bugs were used to create spyware called Pegasus that was used to target at least one political dissident in the United Arab Emirates. Find out more[ARSTECHNICA.COM]

Security PatchesMICROSOFT: Microsoft to End Decades-old Pick-a-Patch Practice in Windows 7. Microsoft announced that beginning in October it will offer only cumulative security updates for Windows 7 and 8.1, ending the decades-old practice of letting customers choose which patches they apply. Read more[COMPUTERWORLD.COM]

WORDPRESS: Critical Security Holes Affecting Thousands of Websites. WordPress 4.6.1 is now available and it patches two security flaws that put thousands of websites at risk. The first flaw, a cross-site scripting vulnerability, was discovered in June by security researcher Cengiz Han. This flaw allows an attacker to upload a specially crafted image to a WordPress site then inject malicious JavaScript code to steal login credentials, session tokens or to remotely execute more malicious code. The second flaw is a path traversal vulnerability in the upgrade package uploader discovered by Dominik Schilling of WordPress’ own security team. Find out more [KOMANDO.COM]

CIO, CTO & CISO

For the CIO, CTO & CISO

CIO: What Does Innovation Look Like? Everyone talks about innovation, but quantifying it can be a bit, well, fuzzy. Here three CIOs put innovation into more concrete terms. Read more[CIO.COM]

CTO: Microsoft Azure’s CTO Wants Blockchain to Connect Every Industry. Microsoft Azure CTO Mark Russinovich envisions a world where every industry is involved in a blockchain consortium. In fact, since the network effect of a blockchain is only amplified by the number of participants, he thinks this future will prove inevitable as companies seek efficiency in numbers. And there’s evidence so far to suggest that Russinovich is right. Find out more[COINDESK.COM]

CIO, CTO & CISO

CISO: OMB Taps Current Fed to Fill Federal CISO Role. Seven months after President Barack Obama announced he would be appointing a federal chief information security officer to act as the point person on agency cybersecurity, the administration named Gregory Touhill as the first to occupy the post. Touhill is currently the deputy assistant secretary for cybersecurity and communications in Homeland Security’s Office of Cybersecurity and Communications. Read more[FEDERALTIMES.COM]

CTO: Use Ransomware to Get Security Buy-in, says Trend Micro CTO. Ransomware is one of the top cyber threats to business, but organisations should use that to engage stakeholders and review processes and defences, says Trend Micro CTO Raimund Genes. Find out more[COMPUTERWEEKLY.COM]

Penetration Testing

Penetration Testing

ANALYTICS: The New Security Mindset: Embrace Analytics To Mitigate Risk. Merely conducting a penetration test may find a weakness. But conducting a creative analysis of the network and carefully analyzing the results will truly identify key areas of risk. Security professionals who can sniff out abnormalities in their IT network and applications can foil intruders’ plans before they escalate. This is a far different approach than simply finding a single weakness and then declaring “mission accomplished.” Read more[DARKREADING.COM]

Penetration Testing

HOW TO: Respond to Social Engineering Incidents: An Expert Interview. Steven Fox is a top government cybersecurity expert, Distinguished Fellow with the Ponemon Institute and frequent speaker at top security events all over America. In this exclusive interview, Steven shares several low-tech but sophisticated social engineering techniques that hackers use to gain (unauthorized) privileged access into government systems and large and small company networks. Most important, what can we do to prevent fraud and respond to incidents that do occur? Find out more[GOVTECH.COM]

TOOL: Where’s the BeEF? BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser. Read more[GITHUB.COM]

Penetration Testing

RISK MANAGEMENT: The Truth About Penetration Testing Vs. Vulnerability Assessments. Vulnerability assessments are often confused with penetration tests. In fact, the two terms are often used interchangeably, but they are worlds apart. To strengthen an organization’s cyber risk posture, it is essential to not only test for vulnerabilities, but also assess whether vulnerabilities are actually exploitable and what risks they represent. To increase an organization’s resilience against cyber-attacks, it is essential to understand the inter-relationships between vulnerability assessment, penetration test, and a cyber risk analysis. Find out more[SECURITYWEEK.COM]

Open Source

Open Source

GOOGLE: How Google Uses and Contributes to Open Source. Engineer Marc Merlin has been working at Google since 2001 but has been involved with Linux since 1993. Since then, open source adoption has dramatically increased, but a new challenge is emerging: Not many companies care about the license side of open source, Merlin stated in his talk “How Google Uses and Contributes to Open Source” at LinuxCon and ContainerCon North America. Read more[LINUX.COM]

DOS: Keeping DOS Alive and Kicking with Open Source. DOS is still alive and well in the form of FreeDOS, an open source operating system maintained by Jim Hall and a team of dedicated developers who are keeping the DOS legacy alive well into the twenty-first century. And more than simply an existing code base, FreeDOS is still being actively developed and is approaching a new release in the near future. Find out more [OPENSOURCE.COM]

Open Source

MICROSOFT: Microsoft Open-Sources Bing Components for Fast Code Compilation. Engineers at Microsoft have started to provide code and details about the BitFunnel full-text search system used to power Bing. The pieces available so far are minimal, but one of them — an open source just-in-time compiler — hints at applications beyond search systems. Read more[INFOWORLD.COM]

DOCUMENTS: The Rise of the Shareable Document. Higher education is increasingly embracing different concepts of openness, from open access to open education resources (OER). But where does that other open concept – open source – fit into this model? Open source represents the best way to ensure these materials can be easily modified, without risk of material suddenly becoming unchangeable or inaccessible. Find out more[OPENSOURCE.COM]

Business Intelligence

Business Intelligence

APPS: Business Intelligence Apps Are Moving Beyond IT To Reach Business Users Directly. Senior executives have long had access to BI through dashboards, along with data scientists to interpret it for them. Increasingly, BI is moving out to provide direct access to users throughout the organization. Read more[FORBES.COM]

APPS ECONOMY: Microsoft And Adobe Combine Clouds To Provide Sales And Marketing Intelligence. Two of the world’s biggest marketing and sales platforms are getting together. Earlier this week, at Microsoft Ignite in Atlanta, Microsoft said that it will enter into a strategic partnership with Adobe. Adobe will make the Microsoft Azure cloud platform its preferred cloud provider while Microsoft will make the Adobe Marketing Cloud its preferred marketing service for Dynamics 365 Enterprise edition. Find out more[ARC.APPLAUSE.COM]

Business Intelligence

ORACLE: Bolsters Cloud Gambit With Expanded Analytics. As it looks to challenge public cloud leader Amazon Web Services, Oracle Corp. is rolling out an analytics package spanning data services, applications and infrastructure. Oracle unveiled its analytics cloud during a company event used by company cofounder and CTO Larry Ellison to declare the database giant was taking on AWS with an upgraded cloud infrastructure. One goal is to enticing developers to run applications such as data analytics in its datacenters. Find out more[DATANAMI.COM]

FEDERAL GOVT: 12 Ways to Empower Government Users With the Microsoft Business Intelligence (MBI) Stack. Your agency’s use of Microsoft Business Intelligence (MBI) tools and reporting services help advance your organization’s ROI & autonomy for your users. Read the rest[BLUEMT.COM]

Operating Systems

Operating SystemsLINUX: 10 Best Password Managers For Linux Operating Systems. With so many online accounts on the internet, it can be tediously difficult to remember all your passwords. Many people write them down or store them in a document, but that’s plain insecure. There are many password managers for Windows and OS X, but here is a look at some of the best password managers for Linux. Read more[FOSSBYTES.COM]

APPLE: Apple’s iOS 10 Adoption Rate Nears 20% In Just Two Days. Apple’s new mobile operating system iOS 10 has only been available for a couple of days, but it’s already catching on among iPhone and iPad owners. Apple’s iOS 10 is now running on 19.9% of all iOS devices, according to Mixpanel, an analytics company that claims to have generated the findings from more than 183 billion “records” on devices around the world. Meanwhile, iOS 9, the operating system that Apple launched last year that had been running on more than 90% of iOS devices, is now on 75% of Apple products currently in use. Read the rest [FORTUNE.COM]

Operating SystemsANDROID: Android 7.0 Nougat Could Support Dual Boot Platforms. One of the more exciting – and yet not so much talked about – features of Android 7.0 Nougat is seamless updating. This concept was originally taken from Google’s own Chrome OS. It’s a way of streamlining how quickly the latest version of the Android OS, either a security patch, an quarterly interim update or a whole new version of the operating system is applied. Current devices perform system updates onto the /system partition, but need exclusive file access to this part of the device; this is why we see the little green Android on his back for several minutes during the update process. Seamless updates removes this delay because the Android device maintains two operating system partitions and applies operating system updates to the unused partition. Then, when it has completed, it asks the user to reboot and as a part of the boot process. Chrome OS’ seamless updating technology works by swapping partitions out during the reboot process. The result is that a version update takes at most twelve seconds of the user’s time. Find out more [ANDROIDHEADLINES.COM]

Operating SystemsCOMPUTER SECURITY: Hacker-Proof Code Confirmed. Computer scientists can prove certain programs to be error-free with the same certainty that mathematicians prove theorems. The advances are being used to secure everything from unmanned drones to the internet. Read the rest[QUANTAMAGAZINE.ORG]

Incident Response

Incident ResponseOPINION: Keeping Up with Incident Response. Enterprise organizations are forced to ignore security alerts, live with excess risk, and deal with data breaches reactively when they happen. On any given day, enterprises face a cacophony of security alerts that need further investigation, but they tend to lack the skills and resources to look into each one. Read more[NETWORKWORLD.COM]

GOVERNMENT CLOUD: Protecting Government Cloud Information with Incident Response. The cloud offers a variety of innovative ways to improve productivity, engage users and enhance a government agency’s effectiveness. However, for IT departments, moving government information to the cloud brings many new challenges, including dependence on a cloud service provider to fix critical problems. Find out more[GCN.COM]

Incident Response

WEBINAR: How to Do More with Less for a Better Incident Response. A shortage of skilled security staff, and criminals finding new ways to infiltrate corporate networks, is causing security alert fatigue at many organizations. Too many alerts and too few staff members to give all of these potential infiltrations the attention they deserve is resulting in staff cutting corners – at times processing only 5% to 10% of security alerts – in an attempt to keep up. In this webinar on September 28th, Duane Kuroda will shine a light on this problem and provide best practices to help you take charge. Results of a just-completed survey of your peers about the state of the problem will be shared, as well as actionable tips and tricks, to help you begin to gain control of your incident response process and keep you secured against advanced threats. Find out more[WEBINAR.DARKREADING.COM]

Incident Response

RESEARCH REPORT: Universities, not Health Care Systems, Facing Highest Number of Ransomware Attacks. The prevalence of and damage caused by ransomware-style cyberattacks is greater in the education sector than any other industry, according to a newly released research report by security ratings firm BitSight. Read the rest[FEDSCOOP.COM]

Incident Response

SOLUTION: Orchestrating Security Intelligence for Faster and More Effective Incident Response. Today’s sophisticated, targeted attacks, coupled with increasing network complexity, mobility and the phenomenal growth of non-traditional devices can present incredibly difficult challenges. Nobody can afford to have an incident response system that isn’t using all of its intelligence and powers of communication. A new type of cyber security solution is required - one that goes well beyond traditional network access control (NAC) capabilities. Find out more[ITPROPORTAL.COM]

Tech Research News

Tech Research NewsMIT: Cache Management Improved Once Again. New version of breakthrough memory management scheme better accommodates commercial chips. A year ago, researchers from MIT’s Computer Science and Artificial Intelligence Laboratory unveiled a fundamentally new way of managing memory on computer chips, one that would use circuit space much more efficiently as chips continue to comprise more and more cores, or processing units. In chips with hundreds of cores, the researchers’ scheme could free up somewhere between 15 and 25 percent of on-chip memory, enabling much more efficient computation. Their scheme, however, assumed a certain type of computational behavior that most modern chips do not, in fact, enforce. Last week, at the International Conference on Parallel Architectures and Compilation Techniques – the same conference where they first reported their scheme – the researchers presented an updated version that’s more consistent with existing chip designs and has a few additional improvements. Read more [NEWS.MIT.EDU]

Tech Research News

REPORT: Digital Readiness Gaps. According to Pew Research Center, Americans fall along a spectrum of preparedness when it comes to using tech tools to pursue learning online, and many are not eager or ready to take the plunge. Find out more[PEWINTERNET.ORG]

DOD: Ashton Carter – Cyber Tech, Automation, Biological Research Essential for DoD Missions. Defense Secretary Ashton Carter has said automated systems, cyber technology and biological research efforts are necessary to keep the Defense Department moving forward. Find out more[EXECUTIVEGOV.COM]

Tech Research News

FITNESS TRACKING: Weight Loss On Your Wrist? Fitness Trackers May Not Help. Fitness trackers remain wildly popular, but do they make us fit? Maybe not, according to a study that asked overweight or obese young adults to use the tiny tracking tools to lose weight. Read the rest[NPR.ORG]

Search Technology

Search Technology

SOLR: Not Just For Text Anymore. When Solr came out, it was supposed to be an OpenSource text search engine. Now it has a big place in Big Data. Read what Ness's CTO, Moshe Kranc has to say about how it has evolved. Read more[DZONE.COM]

INGALLS: Spring Data 'Ingalls' Release Train Leaves Station. The Spring Data team has announced the first milestone release of the Ingalls Release Train. This coordinated release of subprojects under the Spring Data umbrella ships with 230 fixes and a number of new features. Find out more[ADTMAG.COM]

Search TechnologyGOOGLE: Announces New Cloud Natural Language API While Cloud Search API Goes Beta. Google says that the Cloud Natural Language API gives developers access to three Google-powered engines– sentiment analysis, entity recognition, and syntax analysis. The service is currently available in open beta and is based on the company’s natural language understanding research. It will initially support three languages– English, Spanish and Japanese and will help developers reveal the structure and meaning of your text in the given language. Read more[THETECHPORTAL.COM]

AMAZON: Amazon EC2 Container Service Now Supports Networking Modes and Memory Reservation. Docker networks provide isolation for your containers. It is important to have control over the networks your applications run on. With Amazon ECS, you can now specify an optional networking mode for your containers that cater towards different use cases. Find out more[DABCC.COM]

Application Development

Application DevelopmentIoT: Why App Development Is The Key To Unlocking The IoT Vault. Solution providers are positioning themselves for success in the lucrative Internet of Things market by bolstering their application development teams. Companies bringing IoT solutions to market face several hurdles, including interoperability, security and data management challenges – and staffing up with IoT application developers is critical for tackling these issues. Read more[CRN.COM]

SDKS: How Imaging SDKs Can Solve Today’s Application Development Challenges. In a mobile-first world, developers understand the importance of creating a next-generation app that fits in with client or user expectations. Developers should consider the myriad of SDK options if they want to improve functionality for the user, especially imaging SDKs. Although they are a niche market, these SDKs can add better imaging capabilities and target industry-related problems that companies are trying to tackle. Find out more [SDTIMES.COM]

Application Development

SECURITY: Application Security Requires More Talk Than Tech. If you think application security only involves installing a tool, or scanning a few apps and moving on, you’re wrong. Application security is a unique security initiative, and its success hinges on people as much as technology. Read more[INFOWORLD.COM]

SPEED: How to Speed Enterprise App Development and Meet Digital Transformation Demands. Low-code platforms are key in accelerating digital transformation with rapid application development. Find out more[INFORMATION-AGE.COM]

BYOD

BYOD

WORKPLACE: The Pros & Cons of BYOD. For a modern-day workplace, a bring-your-own-device (BYOD) policy is becoming commonplace. Since many organizations are now assigning corporate devices, such as company-issued smartphones and tablets, in order to help employees keep up with work and email, it’s natural that some people may want to use their own device instead. Given that some levels of work can be readily accessed through any device, it should be an easy step – except that there are security concerns. Once your employees are granted access to company servers on their personal devices, sensitive information is at an even greater risk of being leaked – especially if employees are lax on keeping their device’s security measures up to date. Read more[TECH.CO]

BYOD

BEST PRACTICES: For Managing the Security of BYOD Smartphones and Tablets. The practice of employees using personal phones and tablets at work is already widespread, with the number of such devices forecast to hit one billion by 2018. The challenge posed to enterprises by the Bring Your Own Device (BYOD) trend is that it forces them to keep corporate data safe on a plethora of different mobile computers that are not directly under IT’s control. Worse, each device can potentially be running a different OS, with different apps installed and different vulnerabilities. How should organisations approach the security of these devices in a way that doesn’t interfere with employees’ ability to work? Read more[ZDNET.COM]

BYOD

ENTERPRISE: Enterprise Mobile Security Tools May Not Protect BYOD. For employees, bring-your-own-device workplace policies can increase efficiency and improve remote work capabilities. For the organization, BYOD can reduce equipment costs, but it can also open the enterprise up to all sorts of new exploits and breaches. Find out more[GCN.COM]

POLICY: Malware and ‘Connection Hijacking’ Remain Biggest BYOD Risks. A new report from data centre provider CyrusOne outlines malware, device theft and phishing as among the key risks for organisations looking to implement a bring your own device (BYOD) policy. Find out more[APPSTECHNEWS.COM]

Big Data

Big DataCASE STUDIES: The Most Practical Big Data Use Cases Of 2016. Bernard Marr, author of Big Data in Practice, outlines 45 different practical use cases in which companies have successfully used analytics to deliver extraordinary results. Here are some of his favorites. Read more[FORBES.COM]

PODCAST: The State Of Enterprise Big Data. Bill Schmarzo, EMC’s CTO of big data services spends much of his time helping enterprises with their big data challenges. Listen to what Bill has to say about the trends and struggles enterprises are facing. Find out more[INFORMATIONWEEK.COM]

Big DataBEST PRACTICES: Got Big Data? Check Out These 100 Best Practices For Keeping It Secure. Big data is best known for its volume, variety, and velocity — collectively referred to as the “3 Vs” — and all three of those traits make security an elusive goal. Targeting companies grappling with that challenge, the Cloud Security Alliance has released a new report offering 100 best practices. Read more[CSOONLINE.COM]

INDUSTRY INSIGHT: How Big Data Can Drive Cost Containment. Many federal hospitals and health systems look toward the savings they expect from implementing big data models for health care analytics. However, cost containment without reducing quality of care is often both a central goal and a lead concern. By approaching the task properly, federal health care providers can leverage data analytics to control costs across care delivery and simultaneously account for the cost of implementation itself. The best place to start is identifying the type of problem where data analytics will have greatest return on investment. Find out more [GCN.COM]

Mobile Applications

Mobile Applications

FDA: Agency Launches Competition to Spur Innovative Technologies to Help Reduce Opioid Overdose Deaths. The FDA, with support from the National Institute on Drug Abuse (NIDA) and the Substance Abuse and Mental Health Services Administration (SAMHSA), is inviting computer programmers, public health advocates, clinical researchers, entrepreneurs and innovators from all disciplines to create a mobile phone application that can connect opioid users experiencing an overdose with nearby carriers of the prescription drug naloxone – the antidote for an opioid overdose – thereby increasing the likelihood of timely administration and overdose reversal. Read more[FDA.GOV]

Mobile Applications

MANAGEMENT: Organizations Need to Balance Value and Security When Adopting New Mobile Devices. As new products hit the market, enterprises must decide whether to introduce the device or wait. Unfortunately, enterprises don’t have the luxury of constantly equipping their workforce with the latest and greatest new products. Doing so is not only financially irresponsible, but presents a security risk if the new technology lacks robust security like multi-factor authentication. That doesn’t mean new devices cannot be of value. The question is simply when to incorporate them into the enterprise. Read the rest[STATETECHMAGAZINE.COM]

Mobile ApplicationsDHS: Agency Explores Ways to Make Federal Employees’ Mobile Devices Safer. Congress has tasked the Department of Homeland Security with studying how to best safeguard smartphones, tablets, mobile applications and wireless networks used by federal workers. Find out more[FEDTECHMAGAZINE.COM]

CROSS-PLATFORM DEVELOPMENT: Pros and Cons of Cross-Platform Mobile App Development. Though creating cross-platform native applications is possible today, the current state of implementation is far from complete. Most of the mobile apps are heavy on the GUI (Graphical User Interface) implementation side. Almost all the critical business application logic resides on the server which is accessed by the mobile via web services. Since the User Interface (UI) and User Experience Design (UXD) of iOS and Android are quite different from each other, it’s not an easy task to create a uniform GUI wrapper on top of it. Read the rest [INFOQ.ORG]

Personnel Management

Personnel Management

STAFF RETENTION: 16 Ways to Retain Technical Staff. A recent study indicates that companies in the IT industry (amongst the Fortune 500) experience the highest turnover rate. Good employees quit because they feel undervalued, underwhelmed, underpaid, or overworked. As a result, employee turnover is costing your organization more time and money than you think. Believing that technical employees are “replaceable” may appear to be satisfactory to some firms. In the long term, however, you may sacrifice more than money; customer satisfaction, business knowledge, and team morale. Read more[BLUEMT.COM]

Personnel Management

BEST PRACTICES: Managing a Software-as-a-Service Vendor Relationship. Here are eight tips to make sure your company gets the most out of a SaaS vendor, from the beginning to the end of the relationship. Find out more[ZDNET.COM]

LEADERSHIP: How Minimizing Management Supervision Can Maximize Employee Performance. What if, instead of stretch goals, employees were given goals that only specify the minimum level of performance outcomes required, and leave everything else loose or undefined? Sounds impractical, even crazy? Not really if you consider what’ s changing in today’s workforce. Read more[FORBES.COM]

Personnel Management

REMOTE TEAMS: 13 Tips for Successfully Managing Remote Teams. The advantages to working remotely are plentiful for telecommuting workers, which include increased productivity, greater work-life balance, more efficient time management, fewer out-of-pocket costs, and less stress. Implementing a remote workforce doesn’t come without its challenges, however. There are four key areas to consider when building and successfully managing your remote team. Find out more[REMOTE.CO]

Programming & Scripting Development Client & Server-Side

Programming & Scripting Development Client & Server-Side

JAVASCRIPT: Mozilla Relaunches JavaScript Debugger as Part of Tools Transition Plan. Debugger.html does away with XUL in favor of the React JavaScript library for easier changes. Built as a web application using React and the Redux state container for JavaScript apps, debugger.html ships within Firefox and offers “a completely new take on the debugger,” said Mozilla’s Bryan Clark, Firefox developer tools product manager. “Debugger.html rethinks how to write, maintain and access the debugger yourself.” Still in development, debugger.html will replace the current debugger in Firefox Developer Tools. Read more[INFOWORLD.COM]

Programming & Scripting Development Client & Server-Side

SWIFT: Apple’s Swift 3.0 Revitalizes the Language but Breaks Backward Compatibility. Last week Apple, Inc. announced the 3.0 version of its Swift programming language, which makes for the first major release of the language since it was open sourced. This release brings major improvements to the core language, functionality, and major changes to the Linux port of Swift libraries. All this is nice for programmers working with Swift, however version 3.0 is also not backward compatible with the previous version 2.3. Read the rest[SILICONANGLE.COM]

MILK: MIT’s New Programming Language That Makes Code Run 4 Time Faster. When a program deals with big data, which act on tons of data items spread here and there, this principle of locality acts as a performance killer that can lead to the slower execution of a program. To counter this issue, MIT’s Computer Science and Artificial Intelligence Laboratory (CSAIL) researchers have developed a new programming language named Milk. Find out more [FOSSBYTES.COM]

Programming & Scripting Development Client & Server-Side

JAVA: Oracle Plans Two Major Java EE Upgrades for the Cloud. Version 8, due in late 2017, focuses on services configuration and health; Version 9, due a year later, focuses on smaller services and consistency. Although Java EE already in use in cloud deployments, Oracle sees a need to better equip it for this paradigm, said Anil Gaur, Oracle’s group vice president of engineering, at the JavaOne conference in San Francisco. To this end Java EE 8, which had already been mapped out, will receive two additional sets of capabilities: one for configuration of services, and the other for health checking to monitor and manage services communications. Read the rest[INFOWORLD.COM]

Cloud Computing

Cloud Computing

FEDERAL GOVT: Why the U.S. Government Finally Loves Cloud Computing. U.S. government agencies are moving to cloud computing and away from their own data centers faster than private corporations, according to several integrators and tech companies in both sectors. Apparently, the Obama Administration’s “Cloud First Initiative” announced five years ago is finally kicking in. Read more[FORTUNE.COM]

CHARTS: The Cloud Computing Industry is Getting Huge, Decimating Sales of On-Premise Servers. According to research firm Forrester, public-cloud services will grow at a compounded annual rate of 22 percent between 2015 and 2020, reaching $236 billion. Find out more[GEEKWIRE.COM]

Cloud Computing

EMPLOYMENT: Cloud Computing Brings Big Centers But Few Jobs to Small Towns. A giant Microsoft facility just outside Boydton, VA hides behind a quarter-mile berm and a guard house, across the highway from the rubble of a demolished prison. Behind the berm, six unmarked hangars each hold tens of thousands of computer servers. Microsoft has cleared enough scrub trees and vines for at least 15 of these buildings, and six more are under construction. One thing there isn’t much of at this Microsoft complex, one single computer data center, is long-term work. Microsoft says it might have “several dozen” employees in a place like this. They are mostly elite computer workers who tend not to come from Boydton, which lost a lot of good jobs when nearby factories closed and the prison shut down. Read more[SFGATE.COM]

Cloud Computing

PREDICTION: 60% of Workloads Running in Cloud by 2018 – and the Rise of Cloud-First. According to the latest forecast from 451 Research, three in five enterprise workloads will run in the cloud by mid-2018, up from two in five (41%) today. The analyst firm argues there will be strong growth in particular enterprise workload categories, including data and analytics and business applications. In the same timeframe, almost a quarter (23%) of enterprise workloads will be software as a service (SaaS), compared to 12% for IaaS. 451 argues that IaaS will be the highest growing segment, and despite the ‘hype and attention’ associated with it comprises only 6% of workloads today. Find out more[CLOUDCOMPUTING-NEWS.COM]

Personal Tech

Personal Tech

GOOGLE: Personalized Traffic Alerts From Google. Google pulls in traffic data from multiple sources for its Maps app, including information from police and local transportation departments. Many reports concerning real-time events – like cars stopped on the highway shoulder, debris on the road, construction, congestion and accidents – come from the users of its Waze service. Read more[NYTIMES.COM]

MOBILE PHONES: Give Old iPhones and iPads a New Lease on Life. Save money and spare landfills by putting old smartphones and tablets to work as home security systems, picture frames, alarm clocks and more. Read more[WSJ.COM]

Personal Tech

OFF TO COLLEGE: Maybe These Devices Should Go Along. Back-to-school shopping for technology gadgets has become increasingly complex for parents. In the past, the dilemma for most students was whether to get a Windows PC or a Mac. Now, because of a proliferation of different computing forms with the rise of mobile devices, the debate has shifted toward whether to buy a computer or a tablet – and which operating system on top of that. Here’s a guide to some of the best back-to-school products, including computers, mobile devices, audio accessories and food gadgets. Find out more[NYTIMES.COM]

Personal Tech

PRESENTATIONS: The Best Apps for Improving Your Public Speaking. Americans supposedly fear it more than death: public speaking. Does your smartphone hold the cure? Now there are apps that can help shore up the delivery: settle your nerves a bit, keep you within your time limit, help you to not get lost. You can also download a teleprompter onto your phone. Find out more[TOPTECHNEWS.COM]

IT Security | Cybersecurity

IT Security | Cybersecurity

CLOUD: How Cloud, Mobile Are Changing IT, Security Management. The evolution of technology is changing the role of IT and security pros as more employees use cloud apps and connect personal devices to corporate networks. Read more[DARKREADING.COM]

QUESTIONS: Time to Kill Security Questions – or Answer Them With Lies. The notion of using robust, random passwords has become all but mainstream—by now anyone with an inkling of security sense knows that “password1” and “1234567” aren’t doing them any favors. But even as password security improves, there’s something even more problematic that underlies them: security questions.. Find out more[WIRED.COM]

IT Security | Cybersecurity

NETWORKS: Federal Cyber Incidents Grew an Astounding 1,300% Between 2006 and 2015. GAO report says Federal networks are highly complex and dynamic, technologically diverse, and geographically dispersed making them hard to protect. Find out more[NETWORKWORLD.COM]

COMPLIANCE MONITORING: 10 Best Practices for Security, Compliance Monitoring. One of biggest challenges big data providers face as they migrate to the cloud is ensuring real-time security and compliance monitoring. Here are some best practices to consider. Read the rest[CHANNELINSIDER.COM]

IT Security | Cybersecurity

ANALYTICS: Introducing Deep Learning: Boosting Cybersecurity With An Artificial Brain. With nearly the same speed and precision that the human eye can identify a water bottle, the technology of deep learning is enabling the detection of malicious activity at the point of entry in real-time. Read more[DARKREADING.COM]

ANDROID: New Malware Targets Android Banking Apps, Cybersecurity Group Says. According to Kaspersky Lab the malicious software sidesteps security features on version 6 of the Android mobile-phone operating system. Find out more[WSJ.COM]

IT Security | Cybersecurity

VIDEO: John McAfee: U.S. Is Not No. 1 in Cybersecurity. John McAfee, McAfee Associates founder and MGT Capital chief executive officer, comments on cybersecurity risks during an interview with Bloomberg’s Kathleen Hays on “Bloomberg Markets.” Read more[BLOOMBERG.COM]

BEST PRACTICES: How Municipal Utilities Can Implement Cybersecurity Best Practices. Critical municipal utility infrastructure remains a prime target for criminal hackers. Arm yourself with these best practices. Find out more[STATETECHMAGAZINE.COM]

From the Blue Mountain Data Systems Blog

Three-Dimensional Governance for the CIOhttps://www.bluemt.com/three-dimensional-governance-for-the-cio

7 Reasons to Take Control of IT Incidentshttps://www.bluemt.com/7-reasons-to-take-control-of-it-incidents/

Breach Mitigation Response Time Too Long, Survey Sayshttps://www.bluemt.com/breach-mitigation-response-time-too-long-survey-says/

Six Tactics for Cyberdefensehttps://www.bluemt.com/six-tactics-for-cyberdefense/

From the Blue Mountain Data Systems Blog

Feds Report Mixed Responses to Shared Serviceshttps://www.bluemt.com/feds-report-mixed-responses-to-shared-services

Federal Employees Are Not Security Expertshttps://www.bluemt.com/federal-employees-are-not-security-experts

Survival Guide for Network Administratorshttps://www.bluemt.com/survival-guide-for-network-administrators

DBaaS: OpenStack Trove Changes DB Managementhttps://www.bluemt.com/dbaas-openstack-trove-changes-db-management

From the Blue Mountain Data Systems Blog

Help Wanted: Certified Cybersecurity Professionalshttps://www.bluemt.com/help-wanted-certified-cybersecurity-professionals

Cyber Threat Intelligence Integration Center Previewhttps://www.bluemt.com/cyber-threat-intelligence-integration-center-preview/

Cloud Moves in 1-2-3https://www.bluemt.com/cloud-moves-in-1-2-3/

Change Management for Disaster Recoveryhttps://www.bluemt.com/change-management-for-disaster-recovery/

From the Blue Mountain Data Systems Blog

Jeffersonian Advice For C-Suite Career Advancementhttps://www.bluemt.com/jeffersonian-advice-for-c-suite-career-advancement/

Ways To Survive The “Mobile-Pocalypse”https://www.bluemt.com/ways-to-survive-the-mobile-pocalypse/

Microsoft Cloud Services Receive FedRAMP Authority to Operatehttps://www.bluemt.com/microsoft-cloud-services-receive-fedramp-authority-to-operate/

Hiring Pentesters? Here Are 10 Things You Need to Knowhttps://www.bluemt.com/hiring-pentesters-here-are-10-things-you-need-to-know/

From the Blue Mountain Data Systems Blog

Home Router Malware Alerthttps://www.bluemt.com/home-router-malware-alert/

Threat Model Deconstructionhttps://www.bluemt.com/threat-model-deconstruction/

Business Email Scam Nets $214 Millionhttps://www.bluemt.com/business-email-scam-nets-214-million/

How to Prevent Unauthorized Software from Taking Over Your Organizationhttps://www.bluemt.com/the-cios-guide-to-happy-end-users-2/

From the Blue Mountain Data Systems Blog

Digital Marketing Predictions for 2015https://www.bluemt.com/digital-marketing-predictions-for-2015/

SDN: Network Administrator’s Friend or Foe?https://www.bluemt.com/sdn-network-administrators-friend-or-foe/

Mobile Payments: A Must for Federal Agencieshttps://www.bluemt.com/mobile-payments-a-must-for-federal-agencies/

Soft Skills Are A Must-Have For Careers In IThttps://www.bluemt.com/soft-skills-are-a-must-have-for-careers-in-it/

From the Blue Mountain Data Systems Blog

Security Risks Most Prevalent in Younger Workershttps://www.bluemt.com/security-risks-most-prevalent-in-younger-workers/

The Security World’s Maturationhttps://www.bluemt.com/the-security-worlds-maturation/

Data Breach Concerns Keep CISOs Up At Nighthttps://www.bluemt.com/data-breach-concerns-keep-cisos-up-at-night/

Personalized Govt Equals Instant Gratification for Citizenshttps://www.bluemt.com/personalized-govt-equals-instant-gratification-for-citizens/

From the Blue Mountain Data Systems Blog

People-Centric Securityhttps://www.bluemt.com/people-centric-security/

Pentagon Tries BYOD To Strike Work/Life Balancehttps://www.bluemt.com/pentagon-tries-byod-to-strike-worklife-balance/

Open Source Model Considered for MS Windowshttps://www.bluemt.com/open-source-model-considered-for-ms-windows/

Open Internet: To Be or Not to Be?https://www.bluemt.com/open-internet-to-be-or-not-to-be/

From the Blue Mountain Data Systems BlogMalware Stays A Step Ahead Infecting One Third of Websiteshttps://www.bluemt.com/malware-stays-a-step-ahead-infecting-one-third-of-websites/

Machine-Generated Data: Potential Goldmine for the CIOhttps://www.bluemt.com/machine-generated-data-potential-goldmine-for-the-cio/

Government Legacy Programs: Reuse vs. Replacementhttps://www.bluemt.com/government-legacy-programs-reuse-vs-replacement/

It Takes a Whole Village to Protect Networks and Systemshttps://www.bluemt.com/it-takes-a-whole-village-to-protect-networks-and-systems/

From the Blue Mountain Data Systems Blog

Governance For the CIOhttps://www.bluemt.com/governance-for-the-cio/

Help Desk Consolidation – Lessons Learnedhttps://www.bluemt.com/help-desk-consolidation-lessons-learned/

One Year Later, Companies Still Vulnerable to Heartbleedhttps://www.bluemt.com/one-year-later-companies-still-vulnerable-to-heartbleed/

Federal Projects Cultivate Worker Passionhttps://www.bluemt.com/federal-projects-cultivate-worker-passion-2/

ABOUT US

Blue Mountain Data Systems Inc.

Blue Mountain Data Systems Inc. is dedicated to application and systems development, electronic document management, IT security support, and the automation of workflow processes.

Read more about our experience here:>> http://bluemt.com/experience

Recent Experience

U.S. Dept. of Labor Employee Benefits Security Administration

1994 to Present

Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support.

MANAGEMENT

Paul T. Vesely Founder, President, CEO and Principal Architect

Mr. Vesely is a recognized thought leader in systems architecture and delivery, having designed and delivered many enterprise wide information and document management solutions. Mr. Vesely’s history includes 33 years experience in the information systems industry, with Unisys, Grumman, PRC and a host of clients in both government and private sectors.

CONTACT US

Contact Us Today to Discuss Your Next IT Project

HEADQUARTERS366 Victory DriveHerndon, VA 20170

PHONE 703-502-3416

FAX 703-745-9110

EMAILpaul@bluemt.com

WEBhttps://www.bluemt.com