Tech Update SummaryAugust 2016

Blue Mountain Data Systems

For CTOs, CIOs & CISOs

Visit Blue Mountain Data Systems https://www.bluemt.com

For CTOs, CIOs & CISOs

Every business day, we publish a Daily Tech Update for Federal & State CTOs ,CIOs & CISOs on the

Blue Mountain Data Systems Blog. We hope you will visit our blog for the latest information.

You can also receive these updates via email. Click here to subscribe.

Here’s the summary of the Daily Tech Updates for August 2016. Hope the information and ideas prove

useful.

Best,Paul VeselyPresident and Principal ArchitectBlue Mountain Data Systems Inc.

Federal, State & Local IT

Federal, State & Local ITFEDERAL: The White House Releases Policy to Help Government Agencies Go Open Source. The White House (led by United States Chief Information Officer Tony Scott) has been pretty vocal about using technology to improve how government operates. They want to make sure code helps, not hurts, government agencies, and that the U.S. government can use technology just as effectively as a private company can. Read the rest[TECHCRUNCH.COM]

MISSOURI: Missouri CISO Michael Roling on the Front Lines of Cybersecurity. Roling shares how he makes sure his staff — and the state workforce in general — is prepared for today’s threats. Find out more[GOVTECH.COM]

Federal, State & Local ITWEST VIRGINIA: Inside The Government Centers Where The FBI Shares Intel With Police. In a drab room in a drab office block in West Virginia, a bank of screens display news and law enforcement agency insignias. On an average day, there might be seven staffers around the tables, and while it’s nothing much to look at, its director believes a group like this in a room like this could probably have stopped 9/11, had they been meeting at the time. Read more[VOCATIV.COM]

CITY: Homeland Security to Silicon Valley: We Need Drones. The Department of Homeland Security is hiring in Silicon Valley — for drones. Last week, technology entrepreneurs filled a Menlo Park conference room, where officials spelled out their needs — drones small and light enough to launch easily and fly over vast stretches of desert. The machines would look for questionable activity, scan faces of suspects and compare them against a database for prior criminal history. Read more [SFCHRONICLE.COM]

Encryption

Encyption

NSA: Shadow Brokers Leak Just Revealed How The NSA Broke American-Made Encryption. If the Shadow Brokers’ leak of NSA files is legit, as is now all but confirmed, they have offered a glimpse into how the intelligence agency exploited security systems created by American tech vendors. And one of the vulnerabilities has offered proof of just how the US’ finest digital spies were able to snoop on encrypted communications, in particular those provided by Virtual Private Networks (VPNs). Read more[FORBES.COM]

Encyption

APPLE: Researchers Find Another Flaw in Apple’s iMessage Encryption. Cryptography researchers at John Hopkins University have found another flaw in the encryption used by Apple’s iMessage. The good news? The flaw has already been patched; you just need to update iOS. Find out more[GIZMODO.COM]

HOSPITALITY TECH: Ensuring Privacy Through Security Best Practices. Increasingly, hotels are collecting, analyzing, using, and storing guest data, including personally identifiable data (PII), to facilitate guest engagement and great service. Personal data is being harnessed in conjunction with loyalty, CRM, PMS, and other technology—and the more it is leveraged, the more vulnerable it becomes. Here are six keys to not sacrificing security while leveraging customer data for improved service and operations. Find out more [HOSPITALTECHNOLOGY.EDGL.COM]

Encyption

DoD: Pentagon Relying on a Different Kind of FBI to Fight Cyber Attacks. The Defense Department’s big data approach to cybersecurity is paying big dividends. Through better analytics, DoD’s cyber experts have seen a 500 percent increase in the number of counter measures they can apply to thwart hackers. What’s different for DoD isn’t the data, but the tools on top of the information, and the military’s cyber experts’ ability to use them in near real-time. According to Dave Mihelcic, the chief technology officer at the Defense Information Systems Agency, “One of the biggest applications today is called Fight by Indicator (FBI). FBI gives our analysts the ability to not only take the data about that attack and compare it against all known data and then be able to pick the best cybersecurity mitigation mechanism and actually directly task that mechanism. It has improved our effectiveness in being able to detect, diagnose and mitigate attacks by 500 percent.” Read more [FEDERALNEWSRADIO.COM]

Databases

Databases

GRAPH: IBM Releases Graph, a Service That Can Outperform SQL Databases. IBM has announced the general availability of Graph, a service for the Bluemix cloud offering that the company said helps set up a relatively new, high-performing type of database. Graph databases differ from traditional SQL databases in that they store both data and the relationships among the data. The relationships among data points are as important as the data points themselves. Unlike SQL databases, which can require complex queries to extract conclusions from data, graph databases execute queries more efficiently, and their advantage over SQL databases increases with the complexity of the query. Graph databases, which have become more popular in the last decade, are often used in apps that make recommendations about music or restaurants. Read the rest[GEEKWIRE.COM]

Databases

ADMINS: It’s the Data, Stupid – Why Database Admins Are More Important Than Ever. It may not be all about the tables anymore, but the DBA role is still essential – even if the person doing it doesn’t have the title. Specialized databases, cloud, and DevOps expand, not eliminate, the role of the DBA. Find out more[ARSTECHNICA.COM]

NoSQL: Three NoSQL Databases You’ve Never Heard Of. There’s a certain class of data problem that is elegantly addressed by NoSQL databases, which is why the market for NoSQL databases is growing faster than the overall market. The market is led by the Big Four, including Couchbase, Datastax, MarkLogic, and MongoDB, but there’s a long tail of other players in the NoSQL market, including some older products that are still going strong. Read more[DATANAMI.COM]

Databases

OPEN SOURCE: Why Open Source Graph Databases Are Catching On. Graph databases, which use graph structures for semantic queries, came into prominence through social networks like Facebook and Twitter. But they’re used for far more now than just linking connections between friends and relatives. Read more[ENTERPRISEAPPSTODAY.COM]

MongoDB: Atlas Best Practices. MongoDB announced Atlas, its DBaaS platform, earlier this year. Take a look at the best ways to use it. Find out more[DZONE.COM]

Databases

GOOGLE: Cloud Databases Reach General Availability. Emerging from beta, Google’s cloud databases are ready for business workloads. Cloud SQL, Cloud Bigtable, and Cloud Datastore — databases offered through the Google Cloud Platform (GCP) — are set to shed their beta designation, a scarlet letter among enterprises, and enter general availability. In so doing, they will qualify for SLAs like other production-ready GCP services. Read more[INFORMATIONWEEK.COM]

Databases

GRAPH: 5 Factors Driving the Graph Database Explosion. There’s no denying it: Graph databases are hot. Graph databases have outgrown every other type of database in popularity since 2013, and not by a small margin either. It’s clear that developers, data scientists, and IT pros are just beginning to explore the potential of graph databases to solve new classes of big data analytic and transaction challenges. Find out more[DATANAMI.COM]

NoSQL: Current State of NoSQL Databases. With the emergence of time series data being generated from Internet of Things (IoT) devices and sensors, it’s important to take a look at the current state of NoSQL databases and learn about what’s happening now and what’s coming up in the future for these databases. Read more[INFOQ.COM]

More About Blue Mountain

BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S. Dept. of Labor, Employee Benefits Security Administration. Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support. Read more.

Electronic Document Management

Electronic Document Management

CFPB: Looks to Embrace Cloud for Email, Office Application Needs. The Consumer Financial Protection Bureau wants to move to a public cloud setup for some of its core enterprise apps. The financial watchdog agency recently sent out a Request for Information (RFI) on the process, technical requirements and costs of moving to cloud services in fiscal year 2017. CFPB wants to establish a more complete understanding on the costs associated with moving fully to a cloud solution for email and office applications (e.g., documents, spreadsheets, presentations, SharePoint and more).Read the rest[FEDTECHMAGAZINE.COM]

Electronic Document Management

SECURE DOCUMENTS: 18 Ways to Secure Your Electronic Documents. Electronic Document Management Systems (EDMS) are electronic repositories designed to provide organized, readily retrievable, collections of information for the life cycle of the documents. How can you keep these electronic files secure during the entire chain of custody? Here are 18 security suggestions. Read more[BLUEMT.COM]

ROI: 4 Ways Business Document Management Software Can Save You Money. Lisa Croft, Group Product Marketing Manager at Adobe Document Cloud, talks about the many ways business document management can save your company time, space, and more importantly, loads of money. Here are the four most obvious ways these tools provide excellent return-on-investment. Read more[PCMAG.COM]

Electronic Document Management

LEGAL DEPT DOCUMENT MANAGEMENT: Investing in New Technologies: How Corporate Legal Departments Are Leading the Way. Many departments are looking to technology to assist with automation of processes, resource and budgetary management, and tracking. Connie Brenton, co-founder of Corporate Legal Operations Consortium (CLOC), a non-profit association of legal operations executives, explains, “Corporate executives expect the GC’s office to be a business counselor to the firm, and to discuss numbers, data and analytics. Efficiency is now essential for legal departments, and this has advanced software’s role and accelerated technology adoption.” Find out more[INSIDECOUNSEL.COM]

Security Patches

Security Patches

MICROSOFT: Microsoft patches 27 flaws in Windows, Office, IE, and Edge. Many of the flaws could allow for remote code execution attacks through websites and malicious documents. Read the rest[PCWORLD.COM]

ANDROID: AOSP Changelogs Posted for August Security Patches. The odds are pretty good that if you’re using a still-supported Nexus device, it’s probably running August’s security update by now. The factory images became available on August 1 and OTAs have been intermittently rolling out since then. The push to AOSP took a little longer and finally included a couple of other tags that were behind schedule. All of the changes have been compiled into their respective lists and the changelogs are ready for perusal. Find out more[ANDROIDPOLICE.COM]

Security PatchesMORE ANDROID: ‘Quadrooter’ Flaws Affect Over 900 Million Android Phones. All versions of Android are vulnerable to these flaws, which won’t be fully patched until the September security release next month. Four previously undisclosed security vulnerabilities found in Android phones and tablets that ship with Qualcomm chips could let a hacker take full control of an affected device. Almost a billion Android devices are affected by the “high” risk privilege escalation vulnerabilities, dubbed “Quadrooter,” say researchers at security firm Check Point. Read more[ZDNET.COM]

APPLE: Apple Security Bug Lets Hackers Nab Your Mac and iPhone Passwords With 1 Text. Apple software contains flaws that could allow hackers to steal people’s passwords by doing nothing more than sending a single nefarious message. Apple patched the vulnerabilities in its July 20 batch of software updates. Still, it is incumbent upon people to download the updates. Read more [FORTUNE.COM]

CIO, CTO & CISO

For the CIO, CTO & CISO

CIO OPINION: CIOs Must Undertake Digital Initiatives, Even the Hard Parts. As businesses today face ever-increasingly competitive markets, many react by trying to leverage the new opportunities from digital technologies. In fact, the world is awash in digital technology offerings. But many businesses don’t reap the anticipated ROI of their digital investments. Read the rest[CIO.COM]

CISO: Hired Guns: The Rise of the Virtual CISO. When is the right time to rent yourself a CISO? The enterprise is facing a dangerous combination of mounting cybersecurity threats of increasing subtlety—and a widening gap in the skills required to identify and combat them. Read more[NETWORKWORLD.COM]

CIO, CTO & CISO

NASA CTO: Deborah Diaz to Retire in September. A three-time Federal 100 winner, Diaz has held a wide range of IT leadership posts across the government, including stints at the U.S. Patent and Trademark Office, the Department of Homeland Security, the General Services Administration and the U.S. Agency for International Development. At NASA, where Diaz has served since 2009, she managed a massive IT infrastructure consolidation program and helped create the International Space Apps Challenge hackathon and NASA’s Datanauts program, among many other initiatives. Diaz’ final day at NASA will be Sept. 30. She said she was still weighing options for “the next technology innovation opportunity” she would pursue. Find out more[FCW.COM]

CIO, CTO & CISO

CSO: A Gentler Way to Hack Back. A father-son team argues that hacking back doesn’t have to lead to the cyber equivalent of World War III – if it’s done by professionals and doesn’t attempt to corrupt or destroy anyone’s networks. Read more[CSOONLINE.COM]

Penetration Testing

Penetration Testing

IBM: Unleashes X-Force Red. IBM Security has formed an elite team of security professionals and ethical hackers, dubbed IBM X-Force Red. The group is tasked to uncover vulnerabilities in computer networks, hardware and software applications, in a block-and-tackle move to get ahead of cybercriminals. The team also examines human security vulnerabilities in daily processes and procedures – social engineering opportunities or privileged access routes that attackers often use to circumvent security controls. Read the rest[INFOSECURITY-MAGAZINE.COM]

SECURITY STRATEGY: The Evolution Of The Penetration Test. Toby Scott-Jackson, senior security consultant at SureCloud explores how penetration testing has changed – and how it must continue changing in the future. Find out more[INFORMATIONSECURITYBUZZ.COM]

Penetration Testing

TOOL: Open Source Penetration Testing Toolkit. Sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections. Full support for MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, Sybase, SAP MaxDB and HSQLDB database management systems. Read more[SQLMAP.ORG]

Penetration Testing

Q&A: Tom Eston, Manager of Penetration Testing, Veracode. Tom Eston leads a team of highly skilled penetration testers. For the last several years, he’s co-hosted what is now known as the Shared Security Podcast – a usually monthly podcast that explores how technology affects the security and privacy of our personal lives and businesses. Eston talks about how companies can keep their data safe even if they can’t afford a big security budget. It turns out the best advice he could give is to stay vigilant. Read more[CRAINSCLEVELAND.COM]

Open Source

Open Source

DHS: Explores Wearable Tech for First Responders. A FitBit for first responders? Google Glass for firemen? That’s what the Homeland Security Department’s Science and Technology Directorate is looking for. DHS S&T kicked off EMERGE 2016: Wearable Technology. It’s seeking state of the art wearable technologies on the commercial market that can be modified for first responders. The goal is to find these commercial devices that can help first responders create a comprehensive dataset more easily. DHS S&T is asking for vendors to submit applications to be one of two dozen firms to participate in the accelerator and receive help in early market validation, test and evaluation opportunities and paths to introduce their technology to a variety of markets. Find out more[FEDERALNEWSRADIO.COM]

Open Source

THE PEOPLE’S CODE: Federal Source Code Policy to Support Improved Access to Custom-Developed Federal Source Code Released. The White House’s Chief Information Officer, Tony Scott, has released the Federal Source Code policy to support improved access to custom software code developed by or for the Federal Government. Read the rest[WHITEHOUSE.GOV]

FCC: Forces TP-Link to Support Open Source Firmware on Routers. Networking hardware vendor TP-Link admitted violating US radio frequency rules by selling routers that could operate at power levels higher than their approved limits. In a settlement with the Federal Communications Commission, TP-Link agreed to pay a $200,000 fine, comply with the rules going forward, and to let customers install open source firmware on routers. Read more[ARSTECHNICA.COM]

Open Source

BUG FIXES: How to Fix a Bug in Open Source Software. How open source software is supported is just as important as how well it works. Given the choice between building awesome new features or carefully reading and responding to 10 bug reports, which would you choose? Which is more important? Read more[OPENSOURCE.COM]

Operating Systems

Operating Systems

FUCHSIA: Meet Fuchsia, a New Operating System in the Works at Google. Nobody quite knows what it’s for (yet), but according to Android Police, Fuchsia can run on just about any kind of device. Read more[PCWORLD.COM]

UNTANGLE: Announces Revolutionary Wi-Fi Router Operating System. New OS for Home Wi-Fi Routers Includes Full NGFW Features. Find out more[DARKREADING.COM]

Operating SystemsTAILS: Getting Started with Tails (The Amnesic Incognito Live System), the Encrypted, Leave-No-Trace Operating System. A step-by-step guide on how to download, install, and start using Tails, the world’s most secure platform. Read more[TECHREPUBLIC.COM]

MICROSOFT: Confirms Freezing Issues After Upgrading to Windows 10 Anniversary Update. Microsoft launched the Windows 10 Anniversary Update earlier this month. The company is still rolling out the update to users worldwide, but a good amount of users already have the Anniversary Update. Now, a lot of users have been reporting about freezing issues after installing the Windows 10 Anniversary Update on their PCs. Thankfully though, Microsoft is aware of the issue and are working on addressing it. Find out more[MSPOWERUSER.COM]

Incident Response

Incident Response

CYBER PAIN POINTS: Failure to Get Buy-In for Incident Response Plan (IRP) in the Top 10! A recent report indicated that IRPs "are frequently developed from within departmental silos, for example, within the organization's IT security function, and do not address the considerations of business units or cross functional areas needed to coordinate and operate together during a response." Read the Top 10 Incident Pain Points in Delta Risk's April 2016 report. Read more[LEXOLOGY.COM]

Incident Response

FEDERAL GOVERNMENT: U.S. Government Announces Framework for Responding to Critical Infrastructure Cyber Incidents. On July 26, 2016, the White House issued the United States Cyber Incident Coordination Directive (Presidential Policy Directive PPD-41, including an Annex). The Directive sets forth the principles governing the Federal Government’s response to cyber incidents, including incidents affecting private entities that are part of U.S. critical infrastructure. The Directive is designed to improve coordination between government agencies and to clarify inter-departmental involvement in response to a cyber incident. Find out more[DATAPROTECTIONREPORT.COM]

Incident Response

MANAGEMENT: Why Cybersecurity Is a Management Problem for Campaigns. Republicans have made hay out of the Democrats’ recent hacking woes, but the GOP isn't immune from cybersecurity breaches. Last week there were reports of Russian hackers dumping emails from Republican campaigns and operatives. The campaign community should follow that lead and demand that cybersecurity receive real consideration by the candidates, mangers and chairmen and chairwomen, and top aids and advisors. Read more[CAMPAIGNSANDELECTIONS.COM]

Incident Response

SOLUTION: Orchestrating Security Intelligence for Faster and More Effective Incident Response. Today’s sophisticated, targeted attacks, coupled with increasing network complexity, mobility and the phenomenal growth of non-traditional devices can present incredibly difficult challenges. Nobody can afford to have an incident response system that isn’t using all of its intelligence and powers of communication. A new type of cyber security solution is required - one that goes well beyond traditional network access control (NAC) capabilities. Find out more[ITPROPORTAL.COM]

Program Management

Program Management

MICROSOFT: Microsoft Launches Planner, a Project-Management Tool Part of Office 365. Microsoft has launched Office 365 Planner, a new project-management tool for teams. The company will be rolling out Planner worldwide to Office 365 users, including Office 365 Enterprise E1–E5, Business Essentials, Premium, and Education subscription plans. The Planner tile will appear in your Office 365 app launcher, meaning Office 365 admins don’t need to take any action. Read more[VENTUREBEAT.COM]

Program ManagementNASA: When Project Management Really is Rocket Science: A Lesson from NASA. A recent GAO assessment of major NASA projects shows that 18 of the organization’s biggest projects received very positive reviews – with project management receiving credit for some of that success. What has proven to be extremely effective for NASA is utilizing standards and adapting tools and processes to the needs of the agency, while satisfying considerations of such leading practices as EVM, project costing, baseline establishment and blending of engineering disciplines into projects. Read the rest[FEDERALTIMES.COM]

Program Management

ADVICE: 6 Ways to Be a Better Project Manager. Project management is a complex — and critical — function. Here are six pieces of advice to help project managers improve their craft. Find out more[CIO.COM]

IT CAREERS: What’s Going On with IT Hiring? Analysts have been generally cautious this year about IT hiring trends. Although the unemployment rate for IT professionals is about half the national average of 4.7%, said CompTIA, some analysts use terms ranging from “modest” to “pre-recession” to describe IT hiring. Read more[COMPUTERWORLD.COM]

Search Technology

Search Technology

SOLR: Not Just For Text Anymore. When Solr came out, it was supposed to be an OpenSource text search engine. Now it has a big place in Big Data. Read what Ness's CTO, Moshe Kranc has to say about how it has evolved. Read more[DZONE.COM]

INGALLS: Spring Data 'Ingalls' Release Train Leaves Station. The Spring Data team has announced the first milestone release of the Ingalls Release Train. This coordinated release of subprojects under the Spring Data umbrella ships with 230 fixes and a number of new features. Find out more[ADTMAG.COM]

Search TechnologyGOOGLE: Announces New Cloud Natural Language API While Cloud Search API Goes Beta. Google says that the Cloud Natural Language API gives developers access to three Google-powered engines– sentiment analysis, entity recognition, and syntax analysis. The service is currently available in open beta and is based on the company’s natural language understanding research. It will initially support three languages– English, Spanish and Japanese and will help developers reveal the structure and meaning of your text in the given language. Read more[THETECHPORTAL.COM]

AMAZON: Amazon EC2 Container Service Now Supports Networking Modes and Memory Reservation. Docker networks provide isolation for your containers. It is important to have control over the networks your applications run on. With Amazon ECS, you can now specify an optional networking mode for your containers that cater towards different use cases. Find out more[DABCC.COM]

Application Development

Application DevelopmentIoT: Why App Development Is The Key To Unlocking The IoT Vault. Solution providers are positioning themselves for success in the lucrative Internet of Things market by bolstering their application development teams. Companies bringing IoT solutions to market face several hurdles, including interoperability, security and data management challenges – and staffing up with IoT application developers is critical for tackling these issues. Read more[CRN.COM]

SDKS: How Imaging SDKs Can Solve Today’s Application Development Challenges. In a mobile-first world, developers understand the importance of creating a next-generation app that fits in with client or user expectations. Developers should consider the myriad of SDK options if they want to improve functionality for the user, especially imaging SDKs. Although they are a niche market, these SDKs can add better imaging capabilities and target industry-related problems that companies are trying to tackle. Find out more [SDTIMES.COM]

Application Development

SECURITY: Application Security Requires More Talk Than Tech. If you think application security only involves installing a tool, or scanning a few apps and moving on, you’re wrong. Application security is a unique security initiative, and its success hinges on people as much as technology. Read more[INFOWORLD.COM]

SPEED: How to Speed Enterprise App Development and Meet Digital Transformation Demands. Low-code platforms are key in accelerating digital transformation with rapid application development. Find out more[INFORMATION-AGE.COM]

BYOD

BYOD

EMC/DELL MERGER: BYOD May Be Coming to an End at EMC as Dell Merger Looms. As Dell and EMC prepare to complete their merger, EMC purportedly issued a statement insisting that customers of the two companies only see Dell laptops during meetings and consulting engagements. EMC workers that use Apple products as part of that company’s existing BYOD policy will need to leave them at the office, according to the report. Read the rest[CIODIVE.COM]

FEDERAL GOVERNMENT: Federal Government Exec Gives Advice on Enterprise BYOD Implementations. Josh Moulin, a chief information security officer (CISO) for a federal US national security agency, has detailed in a post the process of a proposal to move an agency to BYOD – and why it was eventually disallowed. Find out more[APPSTECHNEWS.COM]

BYOD

MARINE CORPS: Marines Work to Join Enterprise Network to JIE. The Marine Corps expeditionary mission set continues to challenge efforts to join the Corps with the Department of Defense’s Joint Information Environment (JIE). In a further effort to align its present networking policies with those of JIE, the Corps is taking a hard look at Bring Your Own Device, or BYOD. The service is moving forward on a pilot project which will use drive certificates as a means to create secure software containers on some 250 test mobile devices by the end of the fiscal year. Read more[GOVTECHWORKS.COM]

BYOD

ENTERPRISE: Enterprise Mobility: BYOD, EMM, and New Security Approaches. Today’s enterprise employees increasingly expect to be productive wherever they may be, on whatever device they choose, which raises multiple management and security issues for IT departments. The Ponemon Institute’s 2016 survey report reveals some telling insights about enterprise mobile security — many of them clearly driven by the BYOD trend of recent years. Read more[ZDNET.COM]

Big Data

Big DataSPARK: Big Data Brawlers: 4 Challengers to Spark. Spark isn’t the only option for handling big data at scale and in memory. Here are four projects…Apache Apex, Heron, Apache Flink & Onyx…emerging as possible competition for Spark, with new approaches to handling the conventional in-memory batch processing Spark is famous for and the streaming Spark continues to work on. Read the rest[INFOWORLD.COM]

LATEST NEWS: Big Data Roundup. Microsoft has infused Office 365 with machine learning. Tableau is putting data visualization control back in IT hands. GE is supplying an IoT developer kit for its Predix offering. Snowflake Computing has updated its cloud-based data warehouse, and Teradata has acquired Big Data Partnership. Find out more[INFORMATIONWEEK.COM]

Big Data

FEDERAL AGENCIES: Ransomware Moves to the Big Time For a Long Time. As ransomware exploits and their perpetrators become more sophisticated, ransomware is climbing up the ladder – moving beyond targeting local agencies for a few hundred dollars and into the federal ranks and beyond. Read more[GCN.COM]

CUSTOMER SERVICE: Can We Stop Talking About Big Data And Start Talking About Business And Customer Outcomes? Recently, the business world has been awash with stories about the possibilities and applications of big data, analytics, automation and artificial intelligence technologies. However, when reading many of these stories, reports, case studies and pieces of research, you may find yourself slightly conflicted by it all. Here are a few examples that illustrate the growing sophistication, application and potential of these technologies. Read more[FORBES.COM]

Mobile Applications

Mobile Applications

INDUSTRY INSIGHT: Federal BYOD: The Mobile Security Conundrum. While the private sector has been quick to establish Bring-your-own-device policies, the public sector has lagged behind because of security and privacy concerns. Despite several initiatives — including a White House-issued BYOD toolkit and two National Institute of Standards and Technology documents (800-124 and 800-164) giving guidance on securing devices that connect with government networks — many federal agencies are still reluctant to establish BYOD policies. This is largely due to a number of common threats linked to mobile devices. Read more[GCN.COM]

LOCAL MOBILE: Naperville, Illinois Integrates Life-Saving Mobile App Into Its Services. Tapping into the proximity and talents of nearby CPR-certified volunteers, the city’s PulsePoint app is Uber-ifying emergency services. Find out more[STATETECHMAGAZINE.COM]

Mobile Applications

NIST: First to Ask: ‘What is Internet of Things Anyway?’ When computer scientist Jeffrey Voas set out to determine the security implications of the Internet of Things for the National Institute of Standards and Technology, he ran into an unusual complication. Read more[FEDERALNEWSRADIO.COM]

CHECKLIST: Defining Your Mobile Application Architecture. Many mobile projects are agile, and application development begins without having an architecture strategy in place. Given the wide range of technology available in the mobile space and the rapidly evolving nature of a mobile enterprise, it is important to go through a process to define the application architecture blueprint. Find out more[MOBILEBUSINESSINSIGHTS.COM]

Personnel Management

Personnel Management

STAFF RETENTION: 16 Ways to Retain Technical Staff. A recent study indicates that companies in the IT industry (amongst the Fortune 500) experience the highest turnover rate. Good employees quit because they feel undervalued, underwhelmed, underpaid, or overworked. As a result, employee turnover is costing your organization more time and money than you think. Believing that technical employees are “replaceable” may appear to be satisfactory to some firms. In the long term, however, you may sacrifice more than money; customer satisfaction, business knowledge, and team morale. Read more[BLUEMT.COM]

Personnel Management

BEST PRACTICES: Managing a Software-as-a-Service Vendor Relationship. Here are eight tips to make sure your company gets the most out of a SaaS vendor, from the beginning to the end of the relationship. Find out more[ZDNET.COM]

LEADERSHIP: How Minimizing Management Supervision Can Maximize Employee Performance. What if, instead of stretch goals, employees were given goals that only specify the minimum level of performance outcomes required, and leave everything else loose or undefined? Sounds impractical, even crazy? Not really if you consider what’ s changing in today’s workforce. Read more[FORBES.COM]

Personnel Management

REMOTE TEAMS: 13 Tips for Successfully Managing Remote Teams. The advantages to working remotely are plentiful for telecommuting workers, which include increased productivity, greater work-life balance, more efficient time management, fewer out-of-pocket costs, and less stress. Implementing a remote workforce doesn’t come without its challenges, however. There are four key areas to consider when building and successfully managing your remote team. Find out more[REMOTE.CO]

Programming & Scripting Development Client & Server-Side

Programming & Scripting Development Client & Server-Side

JAVASCRIPT: HyperLoop Lets You Access All Native Mobile API’s Using Javascript. With Hyperloop, the need for OS-specific modules disappears. What happens as the platform vendors release new versions and APIs? Those too are instantly available via Hyperloop. Read more[APPDEVELOPERMAGAZINE.COM]

JAVA: Microservices, Java-on-Java Top Oracle’s JVM Design Goals. Oracle’s plans for the Java Virtual Machine include greater language support, as well as accommodations for microservices and a heavier reliance on Java programming itself. Read the rest[INFOWORLD.COM]

Programming & Scripting Development Client & Server-Side

VIDEO: C# Today and Tomorrow. In this video, Mads Torgersen discusses how C# is evolving, how the teams work in the open source space, and some of the future features and changes to the language (C# 7). Read more[INFOQ.COM]

HTML5: Google Nixes Flash, Embraces HTML5 in Chrome Browser. Adobe’s Flash Player, a stalwart technology for rich Internet media applications for years, continues to lose its prominence, with Google set to designate HTML5 as the preferred option in its Chrome browser. In December, Chrome 55 will make HTML5 the browser’s default experience, except with sites that only support Flash. Google says that HTML5, often seen as the industry-standard replacement for proprietary technology like Flash, will give performance benefits. Find out more[INFOWORLD.COM]

Programming & Scripting Development Client & Server-Side

JAVA: HTTP/2 Client - Java 9. The web has changed a lot since the 90s. With Java 9, the developers have updated the HTTP-API in the JDK and come up with an entirely new API for HTTP/2 and Websocket. This new API will replace the old HTTPURLConnection API, which is as old as HTTP/1.1 itself. Read more[BLOG.OIO.DE]

HTML5 & SEO: HTML5 Is Not a Google Ranking Factor. SEOs are always looking for that extra edge to help their Google rankings, and there have been a few who claimed that switching to HTML5 led to increased rankings in Google. Google had said as far back as 2010 that HTML5 was not any kind of ranking signal, so it is likely other reasons that led to the increased rankings in those cases. Along those same lines, having valid HTML is not a ranking factor either. Find out more[THESEMPOST.COM]

Programming & Scripting Development Client & Server-Side

JAVASCRIPT: Nginx Web Server Upgrade Focuses on Web Security, JavaScript Configuration. Nginx Plus Release 10 adds a web app firewall, IP transparency, and support for the nginScript configuration and control language. Nginx Plus Release 10 also introduces JavaScript-based scripting for configuration, IP transparency, and DSR (Direct Server Return) load-balancing. Read more[INFOWORLD.COM]

VISUAL STUDIO: Version 15 Preview 4 Adds TypeScript, C++ Improvements. Microsoft's fourth preview of its Visual Studio IDE is anchored by a smaller, faster installation as well as improvements in TypeScript and C++ development. Also offered are a revamped Start Page and bug fixes. Find out more[INFOWORLD.COM]

Cloud Computing

Cloud Computing

AMAZON: Amazon Enjoys Comfortable Lead in the Cloud Infrastructure Services Market. Amazon’s competition is growing at a rapid clip. Yet, despite their progress, it may be a long while before the company’s rivals unseat the cloud-computing giant. Read the rest[DATAMATION.COM]

PRICING: Cloud Computing Pricing – Beware the Bill Shock. Do you really know what you’re paying for when it comes to your cloud package? Cloud services have many advantages, and can save your organization money — but there are also potential pitfalls and additional costs to watch out for. Find out more[ZDNET.COM]

Cloud Computing

GOOGLE: Races to Catch Up in Cloud Computing. When it comes to cloud computing, Google is in a very unfamiliar position: seriously behind. Google is chasing Amazon and Microsoft for control of the next generation of business technology, in enormous cloud-computing data centers. Cloud systems are cheap and flexible, and companies are quickly shifting their technologies for that environment. According to analysts at Gartner, the global cloud-computing business will be worth $67 billion by 2020, compared with $23 billion at the end of this year. Read more[NYTIMES.COM]

Cloud Computing

GROWTH: Cloud Growth is Amazing, But Still A Small Part of Overall IT Spending. The financial results that the big cloud leaders reported over the past couple of weeks show that cloud computing is growing at an amazing clip. While that makes complete sense, it still seems clear that cloud computing has a long way to go. Read more[FORWARDTHINKING.PCMAG.COM]

Personal Tech

Personal Tech

GOOGLE: Personalized Traffic Alerts From Google. Google pulls in traffic data from multiple sources for its Maps app, including information from police and local transportation departments. Many reports concerning real-time events – like cars stopped on the highway shoulder, debris on the road, construction, congestion and accidents – come from the users of its Waze service. Read more[NYTIMES.COM]

MOBILE PHONES: Give Old iPhones and iPads a New Lease on Life. Save money and spare landfills by putting old smartphones and tablets to work as home security systems, picture frames, alarm clocks and more. Read more[WSJ.COM]

Personal Tech

OFF TO COLLEGE: Maybe These Devices Should Go Along. Back-to-school shopping for technology gadgets has become increasingly complex for parents. In the past, the dilemma for most students was whether to get a Windows PC or a Mac. Now, because of a proliferation of different computing forms with the rise of mobile devices, the debate has shifted toward whether to buy a computer or a tablet – and which operating system on top of that. Here’s a guide to some of the best back-to-school products, including computers, mobile devices, audio accessories and food gadgets. Find out more[NYTIMES.COM]

Personal Tech

PRESENTATIONS: The Best Apps for Improving Your Public Speaking. Americans supposedly fear it more than death: public speaking. Does your smartphone hold the cure? Now there are apps that can help shore up the delivery: settle your nerves a bit, keep you within your time limit, help you to not get lost. You can also download a teleprompter onto your phone. Find out more[TOPTECHNEWS.COM]

IT Security | Cybersecurity

IT Security | Cybersecurity

CYBER GRAND CHALLENGE: Supercomputers Give a Glimpse of Cybersecurity’s Automated Future. Giant refrigerator-sized supercomputers battled each other in a virtual contest to show that machines can find software vulnerabilities. The result: the supercomputers time and time again detected simulated flaws in software. It represents a technological achievement in vulnerability detection, at a time when it can take human researchers on average a year to find software flaws. The hope is that computers can do a better job and perhaps detect and patch the flaws within months, weeks, or even days. Read the rest[INFOWORLD.COM]

IT Security | Cybersecurity

FEDERAL GOVERNMENT: OPM Lays Out Timeline for ID’ing Cybersecurity Workforce. The Office of Personnel Management laid out new requirements for agencies to comply with the Federal Cybersecurity Workforce Assessment Act. The law, which was packaged in December’s budget bill, calls on OPM to help agencies identify IT and cybersecurity positions throughout the federal government, classifying them to keep better track of vacancies and required certifications for those employees. Find out more[FEDERALTIMES.COM]

IT Security | Cybersecurity

ADVISER: Cybersecurity Tips for Every Business. Every business faces its own information security risks. Here are 13 common principles at the heart of any enterprise’s information security profile. The order is not necessarily important, but a comprehensive approach is. Read more[CRAINSCLEVELAND.COM]

ELECTRONIC VOTING: US Cyber Pros Say Hackers Could Hit Electronic Voting Machines Next. U.S. cyber security professionals say suspected foreign hackers who recently attacked computer systems of the Democratic Party could do something even more sinister in the future. The cyber pros said U.S. electronic voting systems are likely to be among the next targets. Read more[VOANEWS.COM]

From the Blue Mountain Data Systems Blog

Three-Dimensional Governance for the CIOhttps://www.bluemt.com/three-dimensional-governance-for-the-cio

7 Reasons to Take Control of IT Incidentshttps://www.bluemt.com/7-reasons-to-take-control-of-it-incidents/

Breach Mitigation Response Time Too Long, Survey Sayshttps://www.bluemt.com/breach-mitigation-response-time-too-long-survey-says/

Six Tactics for Cyberdefensehttps://www.bluemt.com/six-tactics-for-cyberdefense/

From the Blue Mountain Data Systems Blog

Feds Report Mixed Responses to Shared Serviceshttps://www.bluemt.com/feds-report-mixed-responses-to-shared-services

Federal Employees Are Not Security Expertshttps://www.bluemt.com/federal-employees-are-not-security-experts

Survival Guide for Network Administratorshttps://www.bluemt.com/survival-guide-for-network-administrators

DBaaS: OpenStack Trove Changes DB Managementhttps://www.bluemt.com/dbaas-openstack-trove-changes-db-management

From the Blue Mountain Data Systems Blog

Help Wanted: Certified Cybersecurity Professionalshttps://www.bluemt.com/help-wanted-certified-cybersecurity-professionals

Cyber Threat Intelligence Integration Center Previewhttps://www.bluemt.com/cyber-threat-intelligence-integration-center-preview/

Cloud Moves in 1-2-3https://www.bluemt.com/cloud-moves-in-1-2-3/

Change Management for Disaster Recoveryhttps://www.bluemt.com/change-management-for-disaster-recovery/

From the Blue Mountain Data Systems Blog

Jeffersonian Advice For C-Suite Career Advancementhttps://www.bluemt.com/jeffersonian-advice-for-c-suite-career-advancement/

Ways To Survive The “Mobile-Pocalypse”https://www.bluemt.com/ways-to-survive-the-mobile-pocalypse/

Microsoft Cloud Services Receive FedRAMP Authority to Operatehttps://www.bluemt.com/microsoft-cloud-services-receive-fedramp-authority-to-operate/

Hiring Pentesters? Here Are 10 Things You Need to Knowhttps://www.bluemt.com/hiring-pentesters-here-are-10-things-you-need-to-know/

From the Blue Mountain Data Systems Blog

Home Router Malware Alerthttps://www.bluemt.com/home-router-malware-alert/

Threat Model Deconstructionhttps://www.bluemt.com/threat-model-deconstruction/

Business Email Scam Nets $214 Millionhttps://www.bluemt.com/business-email-scam-nets-214-million/

How to Prevent Unauthorized Software from Taking Over Your Organizationhttps://www.bluemt.com/the-cios-guide-to-happy-end-users-2/

From the Blue Mountain Data Systems Blog

Digital Marketing Predictions for 2015https://www.bluemt.com/digital-marketing-predictions-for-2015/

SDN: Network Administrator’s Friend or Foe?https://www.bluemt.com/sdn-network-administrators-friend-or-foe/

Mobile Payments: A Must for Federal Agencieshttps://www.bluemt.com/mobile-payments-a-must-for-federal-agencies/

Soft Skills Are A Must-Have For Careers In IThttps://www.bluemt.com/soft-skills-are-a-must-have-for-careers-in-it/

From the Blue Mountain Data Systems Blog

Security Risks Most Prevalent in Younger Workershttps://www.bluemt.com/security-risks-most-prevalent-in-younger-workers/

The Security World’s Maturationhttps://www.bluemt.com/the-security-worlds-maturation/

Data Breach Concerns Keep CISOs Up At Nighthttps://www.bluemt.com/data-breach-concerns-keep-cisos-up-at-night/

Personalized Govt Equals Instant Gratification for Citizenshttps://www.bluemt.com/personalized-govt-equals-instant-gratification-for-citizens/

From the Blue Mountain Data Systems Blog

People-Centric Securityhttps://www.bluemt.com/people-centric-security/

Pentagon Tries BYOD To Strike Work/Life Balancehttps://www.bluemt.com/pentagon-tries-byod-to-strike-worklife-balance/

Open Source Model Considered for MS Windowshttps://www.bluemt.com/open-source-model-considered-for-ms-windows/

Open Internet: To Be or Not to Be?https://www.bluemt.com/open-internet-to-be-or-not-to-be/

From the Blue Mountain Data Systems BlogMalware Stays A Step Ahead Infecting One Third of Websiteshttps://www.bluemt.com/malware-stays-a-step-ahead-infecting-one-third-of-websites/

Machine-Generated Data: Potential Goldmine for the CIOhttps://www.bluemt.com/machine-generated-data-potential-goldmine-for-the-cio/

Government Legacy Programs: Reuse vs. Replacementhttps://www.bluemt.com/government-legacy-programs-reuse-vs-replacement/

It Takes a Whole Village to Protect Networks and Systemshttps://www.bluemt.com/it-takes-a-whole-village-to-protect-networks-and-systems/

From the Blue Mountain Data Systems Blog

Governance For the CIOhttps://www.bluemt.com/governance-for-the-cio/

Help Desk Consolidation – Lessons Learnedhttps://www.bluemt.com/help-desk-consolidation-lessons-learned/

One Year Later, Companies Still Vulnerable to Heartbleedhttps://www.bluemt.com/one-year-later-companies-still-vulnerable-to-heartbleed/

Federal Projects Cultivate Worker Passionhttps://www.bluemt.com/federal-projects-cultivate-worker-passion-2/

ABOUT US

Blue Mountain Data Systems Inc.

Blue Mountain Data Systems Inc. is dedicated to application and systems development, electronic document management, IT security support, and the automation of workflow processes.

Read more about our experience here:>> http://bluemt.com/experience

Recent Experience

U.S. Dept. of Labor Employee Benefits Security Administration

1994 to Present

Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support.

MANAGEMENT

Paul T. Vesely Founder, President, CEO and Principal Architect

Mr. Vesely is a recognized thought leader in systems architecture and delivery, having designed and delivered many enterprise wide information and document management solutions. Mr. Vesely’s history includes 33 years experience in the information systems industry, with Unisys, Grumman, PRC and a host of clients in both government and private sectors.

CONTACT US

Contact Us Today to Discuss Your Next IT Project

HEADQUARTERS366 Victory DriveHerndon, VA 20170

PHONE 703-502-3416

FAX 703-745-9110

EMAILpaul@bluemt.com

WEBhttps://www.bluemt.com