Blue Mountain Data Systems Tech Update SummaryJanuary 2017

For CTOs, CIOs & CISOs

Visit Blue Mountain Data Systems https://www.bluemt.com

For CTOs, CIOs & CISOs

Every business day, we publish a Daily Tech Update for Federal & State CTOs ,CIOs & CISOs on the

Blue Mountain Data Systems Blog. We hope you will visit our blog for the latest information.

You can also receive these updates via email. Click here to subscribe.

Here’s the summary of the Daily Tech Updates for January 2017. Hope the information and ideas prove

useful.

Best,Paul VeselyPresident and Principal ArchitectBlue Mountain Data Systems Inc.

Encryption

Encyption

GOOGLE: Ventures Into Public Key Encryption. Google's Key Transparency project offers a model of a public lookup service for encryption keys. Google announced an early prototype of Key Transparency, its latest open source effort to ensure simpler, safer, and secure communications for everyone. The project’s goal is to make it easier for applications services to share and discover public keys for users, but it will be a while before it's ready for prime time. Read more[INFOWORLD.COM]

SECURITY: The Year Encryption Won. Between the revelations of mega-hacks of Yahoo and others, Russia’s meddling in the US electoral system, and the recent spike in ransomware, it’s easy to look at 2016 as a bleak year for security. It wasn’t all so, though. In fact, the last 12 months have seen significant strides in one of the most important aspects of personal security of all: encryption. Read more[WIRED.COM]

Encyption

FED GOVT DOMAINS: Domain Encryption Deadline? Nah, Say 345 Government Sites. More than a third of government websites failed to meet the end-of-year deadline to set up secure domains, according to a report on Government Technology (GT). All existing federal websites were mandated – under a June 2015 memo from Tony Scott, the U.S. chief information officer – to switch over to HTTPS by Dec. 31, 2016. Read more[SCMAGAZINES.COM]

Encyption

WHATSAPP SECURITY FLAW: Researcher Claims Bug Allows Snooping on Encrypted Messages, but Tech Firm Denies It's a 'Backdoor'. Facebook-owned WhatsApp encrypts messages that its 1 billion users send to one another, but a UC Berkeley cryptography and security researcher claims the app has a bug that can be exploited to read these messages. Read the rest[SILICONBEAT.COM]

Federal, State & Local IT

Federal, State & Local ITREPORT: Cloud Enters Mainstream in Federal IT Investment Plans. United States government agencies will continue to invest hefty sums in cloud computing technology over the next five years. After that period, spending on cloud is likely to moderate, but the amount of investing will remain at impressive levels. Find out more[ECOMMERCETIMES.COM]

READ: Debt Myths, Debunked. Sometime in early December, the federal government’s official debt will likely cross the $20 trillion mark – an amount no country has ever owed. As we approach this milestone, there are a few myths regarding the debt that should be debunked. Find out more[USNEWS.COM]

Federal, State & Local IT

CHIEF INNOVATION OFFICERS: An Unclear Role in the Federal Government. Federal obsession with innovation is rampant. The government appears intent upon emulating a Silicon Valley-style startup culture that can keep up with the evolution of commercial technology – or at least shake up how agencies approach problems. Its efforts include the Presidential Innovation Fellows program, a one-year tour of duty lawmakers are attempting to make permanent; the digital consultancy 18F, which aims to help other agencies buy agile software development; and a rash of incubator-style hubs where employees can build out their own ideas. Find out more[NEXTGOV.COM]

Federal, State & Local ITCOLLEGES: Federal Government Shuts Down Controversial College Watchdog. An organization that was supposed to oversee the embattled for-profit college industry and protect students from fraud lost its recognition Monday, potentially putting hundreds of thousands of students in limbo. The Secretary of Education ruled Monday to terminate his agency’s recognition of the Accrediting Council for Independent Colleges and Schools (ACICS), which critics say allowed billions of dollars in federal financial aid funds to flow to bad actors. Find out more[MARKETWATCH.COM]

Databases

Databases

SLIDESHOW: Gartner's 19 In-Memory Databases for Big Data Analytics. Amid the big data boom, the in-memory database market will enjoy a 43 percent compound annual growth rate (CAGR) – leaping from $2.21 billion in 2013 to $13.23 billion in 2018, predicts Markets and Markets, a global research firm. What’s driving that demand? Simply put, in-memory databases allow real-time analytics and situation awareness on "live" transaction data – rather than after-the-fact analysis on "stale data,” notes a recent Gartner market guide. Here are 19 in-memory database options mentioned in that Gartner market guide. Find out more[ENTERPRISETECH.COM]

Databases

CrateDB: Tackles Machine Analytics with Scale-Out SQL Database. Developers who want to analyze big, fast-moving machine data without the complexity of a NoSQL database have another option in CrateDB, an open source, scale-out SQL database that just became generally available today. The CrateDB project began two years ago when a group of German programmers felt dissatisfied with the database options available to them for storing and analyzing fast-moving machine data, including security log files and sensor data from the Internet of Things. Find out more[DATANAMI.COM]

Databases

VIDEO: But I Need a Database that _Scales_. Aaron Spiegel reviews common scaling techniques for both relational and NoSQL databases, discussing trade-offs of these techniques and their effect on query flexibility, transactions and consistency. Find out more[INFOQ.COM]

GRAPH DATABASES: How Neo4j is Taking Graph Databases into the Mainstream. Q&A with Neo4j CEO Emil Eifrem on the development of the graph database, his biggest competition, and taking on the enterprise. Read the rest[ZDNET.COM]

More About Blue Mountain

BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S. Dept. of Labor, Employee Benefits Security Administration. Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support. Read more.

Electronic Document Management

Electronic Document ManagementSECURE DOCUMENTS: 18 Ways to Secure Your Electronic Documents. Electronic Document Management Systems (EDMS) are electronic repositories designed to provide organized, readily retrievable, collections of information for the life cycle of the documents. How can you keep these electronic files secure during the entire chain of custody? Here are 18 security suggestions. Read more[BLUEMT.COM]

LEGAL DEPT DOCUMENT MANAGEMENT: Investing in New Technologies: How Corporate Legal Departments Are Leading the Way. Many departments are looking to technology to assist with automation of processes, resource and budgetary management, and tracking. Connie Brenton, co-founder of Corporate Legal Operations Consortium (CLOC), a non-profit association of legal operations executives, explains, “Corporate executives expect the GC’s office to be a business counselor to the firm, and to discuss numbers, data and analytics. Efficiency is now essential for legal departments, and this has advanced software’s role and accelerated technology adoption.” Find out more[INSIDECOUNSEL.COM]

Electronic Document Management

CFPB: Looks to Embrace Cloud for Email, Office Application Needs. The Consumer Financial Protection Bureau wants to move to a public cloud setup for some of its core enterprise apps. The financial watchdog agency recently sent out a Request for Information (RFI) on the process, technical requirements and costs of moving to cloud services in fiscal year 2017. CFPB wants to establish a more complete understanding on the costs associated with moving fully to a cloud solution for email and office applications (e.g., documents, spreadsheets, presentations, SharePoint and more).Read the rest[FEDTECHMAGAZINE.COM]

Electronic Document Management

ROI: 4 Ways Business Document Management Software Can Save You Money. Lisa Croft, Group Product Marketing Manager at Adobe Document Cloud, talks about the many ways business document management can save your company time, space, and more importantly, loads of money. Here are the four most obvious ways these tools provide excellent return-on-investment. Read more[PCMAG.COM]

Security Patches

Security Patches

MICROSOFT: Modifies November Patches to Bypass Lenovo Server Conflicts. Microsoft released patches for Server 2016, 2012R2, and 2012 on Nov. 8 that freeze specific Lenovo servers on reboot. The servers don’t finish the POST process and hang at the Lenovo splash screen. After many complaints, Lenovo issued six new UEFI firmware patches on Nov. 22. The next day, Microsoft altered six of its security patches, including the latest Win10 version 1607 cumulative update, KB 3200970, to add logic bypassing automatic installation of those patches on the affected servers. Read more[INFOWORLD.COM]

Security PatchesTOR: Patched Against Zero Day Under Attack. The Tor Project has provided a browser update that patches a zero-day vulnerability being exploited in the wild to de-anonymize Tor users. “The security flaw responsible for this urgent release is already actively exploited on Windows systems. Even though there is currently, to the best of our knowledge, no similar exploit for OS X or Linux users available, the underlying bug affects those platforms as well,” the Tor Project said in its announcement. “We strongly recommend that all users apply the update to their Tor Browser immediately. A restart is required for it to take effect.” Find out more[THREATPOST.COM]

XXS: Flaw on Wix Leaves the Door Open to Worms. A researcher found a cross-site scripting flaw in Wix templates that a worm could have used to infect all Wix-hosted sites, but couldn’t find a way to report the vulnerability. Find out more[INFOWORLD.COM]

Security Patches

FIREFOX: Updated for Security Bugs. Mozilla has released a number of security fixes affecting two of its Firefox browsers: the widely used consumer edition, v50, and ESR 45.5, intended for enterprises which manage client desktops. Read the rest[SCMAGAZINE.COM]

CIO, CTO & CISO

For the CIO, CTO & CISO

CTO: Retaining and Sustaining Tech Talent Post-Trump. Organizations dedicated to civic technology that formed under President Barack Obama, such as 18F or the U.S. Digital Service, have been magnets for tech talent. With the uncertainty surrounding the policies of the incoming Trump administration, however, it is far from clear whether the federal government’s digital professionals will leave, stay or shift to working in state or local government. Read more[GCN.COM]

CIO: More Than 300 Federal Gov Websites Fail to Meet Domain Encryption Deadline. The U.S. Chief Information Officer's push to encrypt all federal government domains will take a little longer. Find out more[GOVTECH.COM]

CIO, CTO & CISOCISO: Why the Federal CISO Can't Sleep. The new federal chief information security officer says he's off to a good start, but much work remains. "We're not anywhere close to where I feel comfortable," said Greg Touhill, the retired Air Force general tapped by President Barack Obama to lead federal civilian agency cybersecurity. "I don't sleep well at night because I know there's a lot of opportunities out there.“ Find out more[FCW.COM]

STATE: Ohio Lays Out Plans for Data Analytics. On the cusp of an RFP release intended to shake up traditional procurement methods, the state of Ohio is outlining specific problems it intends to tackle across all of its agencies and departments. Read the rest[GOVTECH.COM]

Penetration Testing

Penetration Testing

ANALYTICS: The New Security Mindset: Embrace Analytics To Mitigate Risk. Merely conducting a penetration test may find a weakness. But conducting a creative analysis of the network and carefully analyzing the results will truly identify key areas of risk. Security professionals who can sniff out abnormalities in their IT network and applications can foil intruders’ plans before they escalate. This is a far different approach than simply finding a single weakness and then declaring “mission accomplished.” Read more[DARKREADING.COM]

Penetration Testing

HOW TO: Respond to Social Engineering Incidents: An Expert Interview. Steven Fox is a top government cybersecurity expert, Distinguished Fellow with the Ponemon Institute and frequent speaker at top security events all over America. In this exclusive interview, Steven shares several low-tech but sophisticated social engineering techniques that hackers use to gain (unauthorized) privileged access into government systems and large and small company networks. Most important, what can we do to prevent fraud and respond to incidents that do occur? Find out more[GOVTECH.COM]

TOOL: Where’s the BeEF? BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser. Read more[GITHUB.COM]

Penetration Testing

RISK MANAGEMENT: The Truth About Penetration Testing Vs. Vulnerability Assessments. Vulnerability assessments are often confused with penetration tests. In fact, the two terms are often used interchangeably, but they are worlds apart. To strengthen an organization’s cyber risk posture, it is essential to not only test for vulnerabilities, but also assess whether vulnerabilities are actually exploitable and what risks they represent. To increase an organization’s resilience against cyber-attacks, it is essential to understand the inter-relationships between vulnerability assessment, penetration test, and a cyber risk analysis. Find out more[SECURITYWEEK.COM]

Open Source

Open SourceFEDERAL GOVERNMENT: Code.gov is the US Government’s Open-Source Software Hub. Back in August, the Obama Administration announced a new policy that requires 20 percent of the federal government’s software projects be open source. To make all of that material easily accessible, there’s now a place for you to view all of the code. Code.gov is the web-based hub for the initiative and it features around 50 projects from 10 different agencies. Those projects include the White House Facebook chat bot, Data.gov and the “We the People” petitions API. Read more[ENGADGET.COM]

Open Source

VIDEO: Technical Writing as Public Service: Working on Open Source in Government. What if U.S. federal agencies decided to reuse and contribute to open source software projects built by other agencies, since agencies often have similar technology problems to solve? And what if they hired technical writers with open source community experience to write documentation for these projects? Britta Gustafson explains surprising and rewarding aspects of working on documentation in government, through the lens of the cross-agency eRegulations project. Find out more[YOUTUBE.COM]

Open Source

TOOLS: 10 Open Source Tools for Your Sysadmin Toolbox. Here’s a handy list of open source tools for admins, highlighting well-known – and not-so-well-known – tools that have released new versions in 2016. Find out more[OPENSOURCE.COM]

OPINION: Open Source Has Won, and Microsoft Has Surrendered. Many Linux users are ticked off and anxious about Microsoft joining the Linux Foundation. They are missing the real significance of that move. Read the rest[COMPUTERWORLD.COM]

Business Intelligence

Business Intelligence

AMAZON: AWS Launches Enterprise Tier of its QuickSight Business Intelligence Tool. Public cloud infrastructure provider Amazon Web Services (AWS) today announced the availability of an enterprise tier of its Amazon QuickSight cloud software for business intelligence (BI). AWS launched QuickSight out of preview last month after introducing it a year ago. The new Enterprise Edition stands out from the Standard Edition in a few important ways. First, organizations can connect it with Microsoft’s Active Directory identity management software, whether it’s running on AWS or in an on-premises data center.. Find out more[VENTUREBEAT.COM]

Business IntelligenceLEADERSHIP: In Business Intelligence, Sound Governance Drives Adoption And Success Via Enablement. How are best-of-breed BI programs able to balance self-service against the need for data governance? In Forbes' October 2016 report "Breakthrough Business Intelligence," those companies achieving the greatest value from their BI programs were doing so through a nuanced and sophisticated blend of governance and distributed BI. Find out more[FORBES.COM]

CHANGE MANAGEMENT: Health Care Leaders About Their Industry, and They’re Worried. However the Trump administration and the Republican U.S. Congress replace or revamp the Affordable Care Act, it is unlikely to halt America’s ongoing move from the rightfully maligned fee-for-service payment system to one that pays for "value" - the quality of outcomes relative to the price. Despite the progress that’s been made, there is still a long way to go. What new investments will be required? What legacy costs will be incurred as providers strive to optimize their business processes to deliver comprehensive value-based health care? How will leadership teams and boards of directors orchestrate the strategic transformations of their currently successful businesses? Find out more [HBR.ORG]

Business Intelligence

READ: 12 Ways to Empower Government Users With the Microsoft Business Intelligence (MBI) Stack. Are your organization’s Federal IT resources under constant pressure, with no end in sight? Your agency is not alone. With limited access to dedicated information technology resources, non-technical end users often play the waiting game, relying on IT staff to do simple tasks like generating custom queries and embedding them within applications. Here are ways to empower your end users with the Microsoft Business Intelligence (MBI) Stack. Find out more[BLUEMT.COM]

Operating Systems

Operating Systems

GOOGLE: Just Launched A Totally New Operating System. Android Things, Google’s new operating system to power your toasters, routers, refrigerators and just about everything. Find out more[TECHWORM.COM]

OPEN SOURCE: Why the Operating System Matters Even More in 2017. The computing technology landscape has changed considerably over the past couple of years. This has had the effect of shifting how we think about operating systems and what they do, even as they remain as central as ever. Consider changes in how applications are packaged, the rapid growth of computing infrastructures, and the threat and vulnerability landscape. Find out more[OPENSOURCE.COM]

Operating Systems

SERVERS: Future of the Server Operating System. Microsoft’s new Windows Server 2016 operating system (OS) is just being launched. Linux is celebrating its 25th birthday. IBM has its mainframe operating system and its Power operating system, Oracle has Solaris – and that is just a few of the OSs that still abound in the market. But what is the role of an OS in the modern world? Here’s a look at the evolution of the server operating system, and how the next generation is moving into the cloud. Find out more[COMPUTERWEEKLY.COM]

Operating Systems

NIST: Enterprise Linux 7.1 meets NIST Crypto Standards. Red Hat’s Enterprise Linux 7.1 has been awarded a critical security certification for nine modules, including its OpenSSL component. According to company officials, the certifications establish the platform as a secure operating system for mission-critical systems and national security data. The National Institute of Standards and Technology sets standards for federal cryptographic-based security systems, including those in open-source software libraries. The Federal Information Processing Standard 140-2 was established in 2001 for native systems that process sensitive information, secure communications and encrypt data. Read the rest[GCN.COM]

Incident Response

Incident ResponseOPINION: Thoughts on Incident Response Automation and Orchestration. Projects are well underway and evolving, while commercial IR tools continue to gain momentum. Find out more[NETWORKWORLD.COM]

DATA SECURITY: U.S. Promotes Risk-Based Data Breach Response Model. The exiting Obama administration has embraced a risk-based approach to data breach preparation and mitigation for federal agencies in an Office of Management and Budget memorandum, cybersecurity professionals told Bloomberg BNA. Find out more[BNA.COM]

Incident ResponseNIST: Updates Cybersecurity Framework, Seeks Comment. The National Institute of Standards and Technology (NIST) issued a draft update on Tuesday to its Framework for Improving Critical Infrastructure Cybersecurity, aka the Cybersecurity Framework, aimed at forging stronger cybersecurity measures. To assist organizations in reducing cybersecurity risk, NIST, a branch of the U.S. Department of Commerce which provides measurement standards, offered up a new draft to evolve its voluntary guidance on "managing cyber supply chain risks, clarifying key terms, and introducing measurement methods for cybersecurity.“ Find out more[SCMAGAZINE.COM]

Incident Response

NEW YORK: Cuomo Makes Cybersecurity Proposals. Gov. Andrew Cuomo on Friday unveiled a package of proposals meant to protect citizens as well as government entities from the growing threat of cybercrime and the related peril of identity theft - including the creation of a new "Cyber Incident Response Team" to support state and local government bodies, critical infrastructure and schools. Find out more[TIMESUNION.COM]

Incident Response

NEWS: Positioning Security Intelligence in Front of Incident Response. With recent announcement of IBM’s $200 million commitment to expanding its security leadership position in the incident response (IR) market, IBM is working to help clients address the challenges in adopting a more proactive approach to IR. As part of the initiative, IBM established a new global incident response team. The mandate for IBM X-Force Incident Response and Intelligence Services (IRIS) is to deliver the next evolution in incident response management. Read more[SECURITYINTELLIGENCE.COM]

US-CERT: Updates Cybersecurity Incident Notification Guidelines. New cybersecurity incident reporting guidelines will go into effect on April 1, 2017, designed to help federal, state, and local organizations. Find out more[HEALTHITSECURITY.COM]

Incident Response

DHS: Georgia Incident Was Legitimate Work, Not a Hack. The Department of Homeland Security told Georgia’s Office of Secretary of State that the IP address associated with an attempted breach of the state agency’s firewall was tracked to an office in U.S. Customs and Border Protection, a revelation that has DHS “deeply concerned.” According to DHS, someone on the federal department’s security network was conducting legitimate business on the state office’s website, verifying a professional license administered by the state. The state office manages information about corporate licenses and certificates on its website. Find out more[FEDSCOOP.COM]

Incident Response

LEARN: 10 Tips for Planning, Leading and Learning From a Cybersecurity Tabletop Exercise. The National Institute of Standards and Technology (NIST) recommends that organizations not only develop incident response plans, but also maintain them in a “state of readiness” and engage in exercises to “validate their content.” The potential vehicles for such tests can take many forms, but one of the most common and easy to implement is a “tabletop exercise.” Read the rest[CORPCOUNSEL.COM]

Tech Research News

Tech Research NewsMIT: Cache Management Improved Once Again. New version of breakthrough memory management scheme better accommodates commercial chips. A year ago, researchers from MIT’s Computer Science and Artificial Intelligence Laboratory unveiled a fundamentally new way of managing memory on computer chips, one that would use circuit space much more efficiently as chips continue to comprise more and more cores, or processing units. In chips with hundreds of cores, the researchers’ scheme could free up somewhere between 15 and 25 percent of on-chip memory, enabling much more efficient computation. Their scheme, however, assumed a certain type of computational behavior that most modern chips do not, in fact, enforce. Last week, at the International Conference on Parallel Architectures and Compilation Techniques – the same conference where they first reported their scheme – the researchers presented an updated version that’s more consistent with existing chip designs and has a few additional improvements. Read more [NEWS.MIT.EDU]

Tech Research News

REPORT: Digital Readiness Gaps. According to Pew Research Center, Americans fall along a spectrum of preparedness when it comes to using tech tools to pursue learning online, and many are not eager or ready to take the plunge. Find out more[PEWINTERNET.ORG]

DOD: Ashton Carter – Cyber Tech, Automation, Biological Research Essential for DoD Missions. Defense Secretary Ashton Carter has said automated systems, cyber technology and biological research efforts are necessary to keep the Defense Department moving forward. Find out more[EXECUTIVEGOV.COM]

Tech Research News

FITNESS TRACKING: Weight Loss On Your Wrist? Fitness Trackers May Not Help. Fitness trackers remain wildly popular, but do they make us fit? Maybe not, according to a study that asked overweight or obese young adults to use the tiny tracking tools to lose weight. Read the rest[NPR.ORG]

Search Technology

Search Technology

SOLR: Not Just For Text Anymore. When Solr came out, it was supposed to be an OpenSource text search engine. Now it has a big place in Big Data. Read what Ness's CTO, Moshe Kranc has to say about how it has evolved. Read more[DZONE.COM]

INGALLS: Spring Data 'Ingalls' Release Train Leaves Station. The Spring Data team has announced the first milestone release of the Ingalls Release Train. This coordinated release of subprojects under the Spring Data umbrella ships with 230 fixes and a number of new features. Find out more[ADTMAG.COM]

Search TechnologyGOOGLE: Announces New Cloud Natural Language API While Cloud Search API Goes Beta. Google says that the Cloud Natural Language API gives developers access to three Google-powered engines– sentiment analysis, entity recognition, and syntax analysis. The service is currently available in open beta and is based on the company’s natural language understanding research. It will initially support three languages– English, Spanish and Japanese and will help developers reveal the structure and meaning of your text in the given language. Read more[THETECHPORTAL.COM]

AMAZON: Amazon EC2 Container Service Now Supports Networking Modes and Memory Reservation. Docker networks provide isolation for your containers. It is important to have control over the networks your applications run on. With Amazon ECS, you can now specify an optional networking mode for your containers that cater towards different use cases. Find out more[DABCC.COM]

Application Development

Application DevelopmentIoT: Why App Development Is The Key To Unlocking The IoT Vault. Solution providers are positioning themselves for success in the lucrative Internet of Things market by bolstering their application development teams. Companies bringing IoT solutions to market face several hurdles, including interoperability, security and data management challenges – and staffing up with IoT application developers is critical for tackling these issues. Read more[CRN.COM]

SDKS: How Imaging SDKs Can Solve Today’s Application Development Challenges. In a mobile-first world, developers understand the importance of creating a next-generation app that fits in with client or user expectations. Developers should consider the myriad of SDK options if they want to improve functionality for the user, especially imaging SDKs. Although they are a niche market, these SDKs can add better imaging capabilities and target industry-related problems that companies are trying to tackle. Find out more [SDTIMES.COM]

Application Development

SECURITY: Application Security Requires More Talk Than Tech. If you think application security only involves installing a tool, or scanning a few apps and moving on, you’re wrong. Application security is a unique security initiative, and its success hinges on people as much as technology. Read more[INFOWORLD.COM]

SPEED: How to Speed Enterprise App Development and Meet Digital Transformation Demands. Low-code platforms are key in accelerating digital transformation with rapid application development. Find out more[INFORMATION-AGE.COM]

BYOD

BYODSLIDESHOW: 6 Best Practices for Managing BYOD Technology. The mobile workforce population is expected to surpass 105 million by 2020, according to IDC. Keeping all those workers and devices from causing security risks is becoming increasingly hard. Here are 6 tips on how to best manage it all. Find out more[INFORMATION-MANAGEMENT.COM]

POLICY: 10 Best Practices For BYOD Policy. Bring-your-own device doesn't have to mean bring your own security problems. Many enterprises now allow users to access corporate resources via their personal mobile devices. According to a global survey of CIOs by Gartner, nearly 40 percent of companies by 2016 will require employees to provide their own mobile products. Find out more[DARKREADING.COM]

BYOD

CIO: Shadow BYOD Runs Rampant in Federal Government. A new survey highlights the extent to which government employees insist on bringing their own devices to work, despite rules to the contrary. Find out more[CIO.COM]

NIST: Gives Agencies Guidance on Boosting Cybersecurity for BYOD, Telework. Security concerns increase as more federal offices offer workers greater flexibility through telework options and the ability to use their own devices. Read the rest[FEDTECHMAGAZINE.COM]

Big Data

Big Data2017: Big Data - The Future is Cloudy. While machine learning and IoT grab the headlines, in 2017, cloud adoption will become the sleeper story of Big Data. Read more[ZDNET.COM]

CES 2017: As with Big Data, Human Factor Plays a Part in IoT. CES 2017 panelists agreed that like their business counterparts, agencies must de-silo, collaborate to make the most of the Internet of Things. Read more[GOVTECH.COM]

Big Data

PREDICTIONS: What 2017 Will Bring...10 More Big Data Predictions. 2017 is finally here. But what will the New Year bring? We start out with everybody’s favorite big data platform: Hadoop. The distributed computing system has had a rough go of it lately, as people question whether the complexity of implementing Hadoop outweighs the big data benefits it brings. That question will quietly go away in 2017 as companies begin using it as a platform for their own software, predicts Andrew Brust, a Senior Director at Datameer. Find out more[DATANAMI.COM]

BUSINESS INTELLIGENCE: How Federal Agencies Can Simplify Big Data Complexities. Before federal agencies can draw insights from Big Data, they must find a way to process and store all of this new information. Find out more[FEDTECHMAGAZINE.COM]

Mobile Applications

Mobile ApplicationsMOBILE: How to Block the Ultrasonic Signals You Didn’t Know Were Tracking You. Dystopian corporate surveillance threats today come at us from all directions. Companies offer “always-on” devices that listen for our voice commands, and marketers follow us around the web to create personalized user profiles so they can (maybe) show us ads we’ll actually click. Now marketers have been experimenting with combining those web-based and audio approaches to track consumers in another disturbingly science fictional way: with audio signals your phone can hear, but you can't. And though you probably have no idea that dog whistle marketing is going on, researchers are already offering ways to protect yourself. Read more[WIRED.COM]

FEDERAL GOVERNMENT: White House Launches Mobile App for Reginfo.gov. The Obama administration has introduced a new way to access information on the federal regulatory system with the recent launch of RegInfo Mobile. The application, available for both iOS and Android devices, promotes the transparency of federal regulations and information collection requests by providing a convenient mobile interface for Reginfo.gov. Find out more[FEDERALTIMES.COM]

Mobile ApplicationsTRENDS: 10 Trends Shaping Mobile Development in 2017. The mobile app development landscape in 2017 promises to see the continuing emergence of new, cutting-edge techniques and tools, along with growth in traditional technologies and approaches. New developments will take shape in both the "mobile first" enterprise space and the consumer arena, with the continuing hype around enterprise mobility and increasingly cumbersome app stores promising significant changes. Here's a look at 10 trends that will affect mobile app developers in the coming year. Find out more[ADTMAG.COM]

Mobile ApplicationsPOLITICAL MOBILE: An App That Makes It Easy to Pester Your Congress Member. Joe Trippi pioneered the use of social media as a fundraising tool. As campaign manager for Democratic presidential candidate Howard Dean in 2004, he started a trend that has reinvented that way politicians run for office. But he believes that many politicians are still missing out on the power of the internet once they’re elected. Trippi is now working with an internet startup called Countable, which seeks to give citizens a greater voice in national politics. The company’s online service gives you a simple and concise overview of the bills your national representatives are debating, and it lets you instantly send emails to these representatives, telling them how you would like them to vote. Find out more[WIRED.COM]

IT Management

IT ManagementTECH MANAGEMENT: Decentralized IT Management Raises Concerns. IT isn't happy about the shift to decentralized IT management, so VMware tries to provide the best of both worlds: developer flexibility and centralized IT. Find out more[NETWORKWORLD.COM]

DOD: Congress Creates New DoD Chief Management Officer, Punts on Role of CIO. The annual Defense authorization bill Congress sent to the President last week includes several provisions to redraw the Defense Department's organizational chart, including one that creates a powerful new Chief Management Officer whose primary job will be overseeing and reforming DoD headquarters functions. While the department already has a full-time position - the deputy chief management officer - to handle functions like business process reengineering and other management concerns, the new position will carry more stature in the Defense bureaucracy. Find out more[FEDERALNEWSRADIO.COM]

IT ManagementVETERANS AFFAIRS: VA CIO Creating IT Demand Management Office. The Department of Veterans Affairs will launch a new tech office in 2017 to help meet the needs of the department's health care, benefits and cemetery lines of business. Ron Thompson, who was the principal deputy assistant secretary and deputy CIO for VA's Office of Information and Technology, will lead the creation of a new Demand Management Office. Find out more[FEDSCOOP.COM]

LEARN: What Great Managers Do Daily. So much depends upon managers. For example, a Gallup study found that at least 70% of the variance in employee engagement scores is driven by who the boss is. This is disconcerting because the same research found that about 70% of people in management roles are not well equipped for the job. This state of affairs is hurting not just employee engagement and quality of life, but also corporate performance. What makes managers of highly engaged employees different than the rest on a day-to-day basis? Read the results of a recent survey. Find out more [HBR.ORG]

Programming & Scripting Development Client & Server-Side

Programming & Scripting Development Client & Server-Side

JAVASCRIPT: 3 JavaScript Libraries to Keep an Eye on in 2017. 2016 was the year of JavaScript fatigue. Many developers are experiencing fatigue over JavaScript's ecosystem, as a lot of tooling and configuring is required to set up a "modern" JavaScript project. Here is a list of three promising generic libraries/frameworks for front-end development: Vue.js, Svelte and Conditioner.js. Read more[SITEPOINT.COM]

TYPESCRIPT: TypeScript 2.1 Ups Ease of Use, Adds Expressive Code. The latest version of Microsoft's typed JavaScript superset picks up down-level async functions and mapped types. Find out more[INFOWORLD.COM]

Programming & Scripting Development Client & Server-Side

HTML5: Heavily Favored By Microsoft Instead Of Adobe Flash Player. Microsoft's Edge is set to receive an all important update that bears some great additions but also some losses. Such losses include their choice of not offering any Adobe Flash support for websites in favor of the ever growing HTML5. Find out more[NEUROGADGET.NET]

C++: Microsoft Toolkit Eases the Agony of WinRT C++ Development. C++/WinRT also makes Windows C++ app development a little less Microsoft-centric. Microsoft’s drift from the proprietary and toward the universal is making its mark on all aspects of Windows software development, including writing C++ software that uses the Windows Runtime (WinRT), now Universal Windows Platform (UWP). Read the rest[INFOWORLD.COM]

Programming & Scripting Development Client & Server-Side

JAVA: An Agile Java Standard - Wishful Thinking or Not? Simon Ritter, Deputy CTO at Azul Systems and alternate representative on the JCP EC wrote in a blog post after JCP executive committee’s first face-to-face meeting that "the JCP will require some substantial changes to the processes it uses" to ensure that an agile Java standard is possible. Find out more[JAXENTER.COM]

MICROSOFT: Releases HoloJS, Allowing JavaScript Developers to Make HoloLens Apps. Most people are probably familiar with Microsoft’s HoloLens as strictly a piece of futuristic augmented reality hardware. They may not be aware that a key component of Microsoft’s augmented reality is an underlying application development platform called Windows Holographic. Read the rest[DIGITALTRENDS.COM]

Programming & Scripting Development Client & Server-Side

JAVASCRIPT: Facebook's React JavaScript Library Faces a New Challenger. Microsoft's Edge is set to receive an all important update that bears some great additions but also some losses. Such losses include their choice of not offering any Adobe Flash support for websites in favor of the ever growing HTML5. Find out more[NEUROGADGET.NET]

C++: Microsoft Toolkit Eases the Agony of WinRT C++ Development. The small, lightweight Inferno library offers a major speed boost as well as server-side render streams, better real-world performance, and lower memory consumption. Read the rest[INFOWORLD.COM]

Programming & Scripting Development Client & Server-Side

C# 7: New Features in C# 7. C# 7 focuses on better developer productivity and enhanced performance. C# 7 adds a lot of new features with special focus on simplicity in coding and enhanced performance. It provides a lot of focus on data consumption, code simplification, and performance, and it's designed to eliminate the pain of having to write extra code in more ways than one. Find out more[INFOWORLD.COM]

Cloud Computing

Cloud Computing

2017: The Cloud Needs to Get a Whole Lot Greener in 2017. There’s a hidden cost to online streaming: the coal needed to power the computer data centers that deliver all that content. Last year, Greenpeace estimated that within two years, information technology will take up between seven and 12 percent of all electrical use. About 21 percent of that will come from data centers. The good news is that this year, the biggest tech players inched closer to creating a green internet. But there's still an enormous amount of work to be done. Read more[WIRED.COM]

VIDEO: Have Cloud Your Way: Step-by-Step Best Practices for Secure Migration. Get insights about Google’s security technology underpinnings within GCP that protect your data and your customers. Learn about Google’s views on threats, end-to-end security, and solutions at each point of potential compromise. Recorded on Mar 24 2016 at GCP NEXT 2016 in San Francisco. Find out more[YOUTUBE.COM]

Cloud Computing

TRENDS: As Cloud Computing Grows, the Market for Commercial Servers, Switches and Routers Declines. As cloud computing grows and swells the coffers of companies including Amazon, Microsoft, Google and IBM, it’s instructive to also note which firms the cloud’s growth is hurting. For example, revenue from sales of data-center servers declined nearly 5 percent year-over-year in 2016, affecting market leaders HPE, Dell EMC, Lenovo, IBM and Cisco, respectively, according to new data from Synergy Research Group. Find out more[GEEKWIRE.COM]

Cloud Computing

FEDERAL GOVERNMENT: Security Still Key Concern for Agencies Moving to the Cloud. Cloud computing has been a hot topic among federal CIOs and their teams in recent years. In response to the Obama administration’s cloud-first initiative announced in 2011 -- which requires agencies to move some of their services (e.g., email) to the cloud and ensure security and proper management of data stored in the cloud -- federal agencies have significantly reduced the number of applications hosted in government-owned data centers. Even as organizations worldwide move more of their sensitive information into the cloud, hackers are adapting, finding new ways to compromise cloud environments. This threat is particularly acute for government agencies, because hacking of their highly sensitive data could imperil national security as well as citizens’ trust -- something that's been borne out by headline-making breaches at the Office of Personnel Management, the National Security Agency, the U.S. Navy and other agencies in the last few years. However, the benefits of cloud computing for federal and local governments continue to push this initiative forward. Read the rest [GCN.COM]

Cloud Computing

TRENDS: 4 Predictions for Cloud Computing and Machine Learning In 2017. Frustrated with the impact of technology advances on infrastructure upgrades and IT budgets, a growing number of organizations are opting for cloud computing investments instead. That is the view of Bluelock Chief Technology Officer Pat O’Day, who shared his predictions for cloud computing and machine learning with Information Management. O'Day sees four key trends driving cloud computing in 2017. Read more[INFORMATION-MANAGEMENT.COM]

CLOUD VENDORS: Want You To Embrace The Third Wave Of Computing - Are You Ready? The IT industry is experiencing the third wave of computing. The first wave was driven by the PC and x86 server revolution where inexpensive, commodity hardware started replacing the large, monolithic mainframes. The second revolution was ushered in the form of virtualization in which the virtual machine became the unit of deployment and management. Find out more [FORBES.COM]

Cloud Computing

FEDERAL GOVERNMENT: Cybersecurity in the Age of IoT: 5 Best Practices for Government. The proliferation of internet of things (IoT) connected devices is on a steady rise. Analysts predict that from now through 2020, the number of connected “things” will grow from 13.5 billion units to 38.5 billion units, a growth of over 285 percent. Read more[FEDERALTIMES.COM]

PaaS: Too Late, PaaS, You Missed Your Shot in the Cloud. As PaaS providers split into narrow slices, IaaS clouds have absorbed the critical capabilities that PaaS originally promised. Find out more[INFOWORLD.COM]

Personal Tech

Personal Tech

ONLINE QUIZ: How Many Times Has Your Personal Information Been Exposed to Hackers? At least one billion Yahoo users had their information stolen in 2013, the company said last week, months after it disclosed a different attack in 2014 that affected 500 million users. Several other major companies have been attacked since. Answer a few questions to learn which parts of your identity may have been stolen in some of the major hacking attacks in the last three years and what you can do about it. Find out more[NYTIMES.COM]

Personal TechTRAVEL: 6 Ways To Keep Phone Charges Low During International Travel. t's a sure-fire way to dampen the holiday cheers: Spend a week on a dream vacation abroad, then come back to find an additional several hundred dollars on your cellphone bill. Although some U.S. phone plans cover international travel, especially to Canada and Mexico, many don't. Leaving your phone off isn't practical these days. But you don't have to pay a fortune if you follow these tips. Find out more[TOPTECHNEWS.COM]

PRIVACY: Worried About the Privacy of Your Messages? Download Signal. you would be foolish not to download the messaging app Signal onto your smartphone and computer. The free encrypted messaging service has won the acclaim of security researchers and privacy advocates, including Edward J. Snowden. All have said that Signal goes above and beyond other chat tools in keeping electronic communications private. Find out more[NYTIMES.COM]

Personal Tech

2017: The 7 Unmissable Tech Predictions That Will Define 2017. Big Data. Internet of Things. Virtual Reality. Industry 4.0. These were all prime fields of growth and innovation in 2016. These trends are predicted to continue into next year and probably far beyond. Find out more[FORBES.COM]

IT Security | Cybersecurity

IT Security | Cybersecurity

INTERVIEW: Cybersecurity in the Federal Government. Alex Grohmann, founder and resident of Sicher Consulting, John Dyson from Deloitte, and Brian Gay, president, Think Forward Consulting talk about the concept of a cybersecurity framework for the federal government. Read more[FEDERALNEWSRADIO.COM]

TECH INSIDER: Priorities for Enhancing National Cybersecurity. Presidential transitions are a time of considerable change in government, including new agency leaders and evolving policy priorities. But many issues persist, and this is certainly the case with cybersecurity. Advancing the nation's cybersecurity posture must be a key priority for the Trump administration, especially if we are to maximize the benefits of digital transformation. Read more[NEXTGOV.COM]

IT Security | CybersecurityNEWS: National Guard Expects Expanded Role in Cybersecurity. The National Guard’s role in cybersecurity began in 1999 thanks to the uncertainty created by Y2K. With concerns of potential computer chaos looming when dates on systems turned over to 2000, the National Guard was given a new force structure called a computer network defense team. Renamed Defensive Cyber Operations Elements, the eight-to 10-person teams are organized on the state level, while support for the 10 Federal Emergency Management Agency regions is handled by Cyber Protection Teams, Lt. Col. Brad Rhodes, the commander of the Colorado National Guard's Cyber Protection Team 178, said in a recent interview. Find out more[GCN.COM]

PEOPLE: U.S. Rep. Bob Latta Named Chairman of Panel that Oversees Data, Cybersecurity. The House Subcommittee on Digital Commerce and Consumer Protection has a great range of jurisdiction -- everything from IoT policies to overseeing the Federal Trade Commission. Find out more [GOVTECH.COM]

From the Blue Mountain Data Systems Blog

Personal Techhttps://www.bluemt.com/personal-tech-daily-tech-update-october-28-2016

IT Managementhttps://www.bluemt.com/it-management-daily-tech-update-october-27-2016

Business Intelligencehttps://www.bluemt.com/business-intelligence-daily-tech-update-october-26-2016

Incident Responsehttps://www.bluemt.com/incident-response-daily-tech-update-october-25-2016

From the Blue Mountain Data Systems Blog

Security Patcheshttps://www.bluemt.com/security-patches-daily-tech-update-october-24-2016/

BYODhttps://www.bluemt.com/byod-daily-tech-update-october-21-2016/

Databaseshttps://www.bluemt.com/databases-daily-tech-update-october-20-2016/

Operating Systemshttps://www.bluemt.com/operating-systems-daily-tech-update-october-19-2016/

From the Blue Mountain Data Systems Blog

Encryptionhttps://www.bluemt.com/encryption-daily-tech-update-october-18-2016/

Cloud Computinghttps://www.bluemt.com/cloud-computing-daily-tech-update-october-17-2016/

Programming & Scriptinghttps://www.bluemt.com/programming-scripting-daily-tech-update-october-14-2016/

Incident Responsehttps://www.bluemt.com/incident-response-daily-tech-update-october-13-2016/

From the Blue Mountain Data Systems Blog

Cybersecurityhttps://www.bluemt.com/cybersecurity-daily-tech-update-october-12-2016/

Big Datahttps://www.bluemt.com/big-data-daily-tech-update-october-11-2016/

Mobile Applicationshttps://www.bluemt.com/mobile-applications-daily-tech-update-october-7-2016/

Cloud Computinghttps://www.bluemt.com/cloud-computing-daily-tech-update-october-6-2016/

From the Blue Mountain Data Systems Blog

Open Sourcehttps://www.bluemt.com/open-source-daily-tech-update-october-5-2016/

CTO, CIO and CISOhttps://www.bluemt.com/cto-cio-ciso-daily-tech-update-october-4-2016/

Programming & Scriptinghttps://www.bluemt.com/programming-scripting-daily-tech-update-october-3-2016/

From the Blue Mountain Data Systems Blog

Feds Report Mixed Responses to Shared Serviceshttps://www.bluemt.com/feds-report-mixed-responses-to-shared-services

Federal Employees Are Not Security Expertshttps://www.bluemt.com/federal-employees-are-not-security-experts

Survival Guide for Network Administratorshttps://www.bluemt.com/survival-guide-for-network-administrators

DBaaS: OpenStack Trove Changes DB Managementhttps://www.bluemt.com/dbaas-openstack-trove-changes-db-management

From the Blue Mountain Data Systems Blog

Help Wanted: Certified Cybersecurity Professionalshttps://www.bluemt.com/help-wanted-certified-cybersecurity-professionals

Cyber Threat Intelligence Integration Center Previewhttps://www.bluemt.com/cyber-threat-intelligence-integration-center-preview/

Cloud Moves in 1-2-3https://www.bluemt.com/cloud-moves-in-1-2-3/

Change Management for Disaster Recoveryhttps://www.bluemt.com/change-management-for-disaster-recovery/

From the Blue Mountain Data Systems Blog

Jeffersonian Advice For C-Suite Career Advancementhttps://www.bluemt.com/jeffersonian-advice-for-c-suite-career-advancement/

Ways To Survive The “Mobile-Pocalypse”https://www.bluemt.com/ways-to-survive-the-mobile-pocalypse/

Microsoft Cloud Services Receive FedRAMP Authority to Operatehttps://www.bluemt.com/microsoft-cloud-services-receive-fedramp-authority-to-operate/

Hiring Pentesters? Here Are 10 Things You Need to Knowhttps://www.bluemt.com/hiring-pentesters-here-are-10-things-you-need-to-know/

From the Blue Mountain Data Systems Blog

Home Router Malware Alerthttps://www.bluemt.com/home-router-malware-alert/

Threat Model Deconstructionhttps://www.bluemt.com/threat-model-deconstruction/

Business Email Scam Nets $214 Millionhttps://www.bluemt.com/business-email-scam-nets-214-million/

How to Prevent Unauthorized Software from Taking Over Your Organizationhttps://www.bluemt.com/the-cios-guide-to-happy-end-users-2/

From the Blue Mountain Data Systems Blog

Digital Marketing Predictions for 2015https://www.bluemt.com/digital-marketing-predictions-for-2015/

SDN: Network Administrator’s Friend or Foe?https://www.bluemt.com/sdn-network-administrators-friend-or-foe/

Mobile Payments: A Must for Federal Agencieshttps://www.bluemt.com/mobile-payments-a-must-for-federal-agencies/

Soft Skills Are A Must-Have For Careers In IThttps://www.bluemt.com/soft-skills-are-a-must-have-for-careers-in-it/

From the Blue Mountain Data Systems Blog

Security Risks Most Prevalent in Younger Workershttps://www.bluemt.com/security-risks-most-prevalent-in-younger-workers/

The Security World’s Maturationhttps://www.bluemt.com/the-security-worlds-maturation/

Data Breach Concerns Keep CISOs Up At Nighthttps://www.bluemt.com/data-breach-concerns-keep-cisos-up-at-night/

Personalized Govt Equals Instant Gratification for Citizenshttps://www.bluemt.com/personalized-govt-equals-instant-gratification-for-citizens/

From the Blue Mountain Data Systems Blog

People-Centric Securityhttps://www.bluemt.com/people-centric-security/

Pentagon Tries BYOD To Strike Work/Life Balancehttps://www.bluemt.com/pentagon-tries-byod-to-strike-worklife-balance/

Open Source Model Considered for MS Windowshttps://www.bluemt.com/open-source-model-considered-for-ms-windows/

Open Internet: To Be or Not to Be?https://www.bluemt.com/open-internet-to-be-or-not-to-be/

From the Blue Mountain Data Systems BlogMalware Stays A Step Ahead Infecting One Third of Websiteshttps://www.bluemt.com/malware-stays-a-step-ahead-infecting-one-third-of-websites/

Machine-Generated Data: Potential Goldmine for the CIOhttps://www.bluemt.com/machine-generated-data-potential-goldmine-for-the-cio/

Government Legacy Programs: Reuse vs. Replacementhttps://www.bluemt.com/government-legacy-programs-reuse-vs-replacement/

It Takes a Whole Village to Protect Networks and Systemshttps://www.bluemt.com/it-takes-a-whole-village-to-protect-networks-and-systems/

From the Blue Mountain Data Systems Blog

Governance For the CIOhttps://www.bluemt.com/governance-for-the-cio/

Help Desk Consolidation – Lessons Learnedhttps://www.bluemt.com/help-desk-consolidation-lessons-learned/

One Year Later, Companies Still Vulnerable to Heartbleedhttps://www.bluemt.com/one-year-later-companies-still-vulnerable-to-heartbleed/

Federal Projects Cultivate Worker Passionhttps://www.bluemt.com/federal-projects-cultivate-worker-passion-2/

ABOUT US

Blue Mountain Data Systems Inc.

Blue Mountain Data Systems Inc. is dedicated to application and systems development, electronic document management, IT security support, and the automation of workflow processes.

Read more about our experience here:>> http://bluemt.com/experience

Recent Experience

U.S. Dept. of Labor Employee Benefits Security Administration

1994 to Present

Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support.

MANAGEMENT

Paul T. Vesely Founder, President, CEO and Principal Architect

Mr. Vesely is a recognized thought leader in systems architecture and delivery, having designed and delivered many enterprise wide information and document management solutions. Mr. Vesely’s history includes 33 years experience in the information systems industry, with Unisys, Grumman, PRC and a host of clients in both government and private sectors.

CONTACT US

Contact Us Today to Discuss Your Next IT Project

HEADQUARTERS366 Victory DriveHerndon, VA 20170

PHONE 703-502-3416

FAX 703-745-9110

EMAILpaul@bluemt.com

WEBhttps://www.bluemt.com