Tech Update SummaryMay 2016

Blue Mountain Data Systems

For CTOs, CIOs & CISOs

Visit Blue Mountain Data Systems https://www.bluemt.com

For CTOs, CIOs & CISOs

Every business day, we publish a Daily Tech Update for Federal & State CTOs ,CIOs & CISOs on the

Blue Mountain Data Systems Blog. We hope you will visit our blog for the latest information.

You can also receive these updates via email. Click here to subscribe.

Here’s the summary of the Daily Tech Updates for May 2016. Hope the information and ideas prove

useful.

Best,Paul VeselyPresident and Principal ArchitectBlue Mountain Data Systems Inc.

Document Management

Document Management

ROI: Spend Green to Save Green: the ROI of Document Management. Metafile’s Alyssa Putzer explains the benefits of transitioning to a paperless office with a document management or accounts payable automation solution. If your office is still using paper-based processes, you may be incurring unnecessary costs that could be eliminated by going paperless with a document management or accounts payable (AP) automation solution. Read more[ONWINDOWS.COM]

CIO: Why You Need DRM for Your Documents. From protecting merger discussions to everyday document management, enterprise DRM is a mature, mainstream enterprise technology. So why aren’t more companies using it? Read the rest[CIO.COM]

Document Management

GOOGLE: Google Search Appliance’s Dwindling Timeline. Google Search Appliance (GSA) users have an approaching deadline. And missing that deadline will be painful. Find out more[CMSWIRE.COM]

2016: The Best Document Management Systems of 2016. Document management software can help your business manage its files, from sharing and collaboration to archiving inactive files. Compare 10 document management software offerings so you can decide which is best for your business. Read more[PCMAG.COM]

Encryption

Encyption

THE CHALLENGE: The Encryption Challenge. IT managers know the movies get it wrong. A teenager with a laptop cannot crack multiple layers of encryption — unless that laptop is connected to a supercomputer somewhere and the teenager can afford to wait a few billion years. Encryption works. It works so well that even the government gets stymied, as demonstrated by the lengths to which the FBI went to access an iPhone used by one of the San Bernardino, Calif., shooters. Read more[GCN.COM]

Encyption

POLITICAL TECH: Tech Groups Call on Presidential Candidates to Support Encryption, Embrace Other IT Issues. U.S. presidential candidates should embrace encryption and narrow government access to Internet users’ data as part of a comprehensive technology agenda, IT trade groups say. While the FBI and some lawmakers have pushed in recent months for encryption workarounds in criminal investigations, presidential candidates should “recognize encryption as a critical security tool,” 13 tech trade organizations said in a set of tech policy recommendations released late Wednesday. Read the rest[CIO.COM]

Encyption

BIG BROTHER: Encryption and Lack of Trust in Big Brother. The FBI wanted data that Apple didn’t have access to and attempted to force Apple to construct a backdoor. Find out more[WSJ.COM]

FEDERAL GOVERNMENT: Draft Encryption Bill Puts Rule of Law Above Privacy Concerns. A discussion draft leaked online of the first legislation to tackle the heated encryption debate that has pit law enforcement agencies seeking access against privacy and consumer advocates lobbying to maintain strong security. Read more[FEDERALTIMES.COM]

Databases

Databases & Storage

MICROSERVICES: Blow That Data Monolith to Smithereens with Microservices and Database Swarms. The world of apps is in constant flux and, with it, so are the demands on data. APIs are constantly changing to meet those demands (a social media connection here, a new mobile platform there). But throughout all this, core business can’t be bogged down; it has to move fast. And that’s where microservices—the dissection of the data monolith into agile little services—come in. Find out more about loosely coupled microservices and the specialized databases that power them. Read more[ARSTECHNICA.COM]

Databases & Storage

NoSQL: Using NoSQL Databases to Handle Fast Data. NoSQL databases can help enterprises handle so-called Fast Data. MongoDB, DataStax and Redis are three NoSQL databases worth checking out. Read the rest[ENTERPRISEAPPSTODAY.COM]

GRAPH DATABASES: Graph Database Technology Starts to Come of Age Beyond Social Media. Graph databases, based on mathematics known for three centuries, are starting to yield value for businesses beyond Facebook and Twitter. Used for tasks as diverse as dating sites and fraud detection, graph technology works by looking at relationships, not just data. Find out more[COMPUTERWEEKLY.COM]

Databases & StorageHADOOP: Hadoop 3 Poised to Boost Storage Capacity, Resilience with Erasure Coding. The next major version of Apache Hadoop could effectively double storage capacity while increasing data resiliency by 50 percent through the addition of erasure coding, according to the Apache Hadoop team at the Apache Software Foundation. Read more[DATANAMI.COM]

More About Blue Mountain

BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S. Dept. of Labor, Employee Benefits Security Administration. Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support. Read more.

Security Patches

Security Patches

GOOGLE: Google Patches 9 Security Flaws in New Chrome Browser Build. Google updated its browser Thursday patching nine security bugs, labeling four as “high” and two as a “medium” risk to computer users. The update was tied to a new Chrome browser build (50.0.2661.94) that fixes the flaws. Google also shelled out $14,000 tied to bug bounty payouts addressed in this security updates, according to a Google Chrome Team security bulletin. Read more[THREATPOST.COM]

MICROSOFT: Is Microsoft Using Security Patch KB 3146706 to Break Pirate Copies of Windows 7? It’s not clear whether it’s intentional, but the patch is throwing blue screen error 0x0000006B on Ghost pirate copies of Windows 7. Read the rest[INFOWORLD.COM]

Security Patches

MOZILLA: Patches Firefox Flaw Discovered by GCHQ’s Information Security Arm. Mozilla has fixed a security flaw having high vulnerability impact on its Firefox web browser. The flaw was first discovered by the Communications-Electronics Security Group (CESG), the information security arm of the UK Government Communications Headquarters (GCHQ). In Firefox version 46 that was released on 26 April across desktop and Android devices, Mozilla patched as many as 10 vulnerabilities, of which some are rated either critical or of high severity. Find out more[IBTIMES.CO.UK]

Security Patches

OFFICE 365: Microsoft Patches Serious Office 365 Security Flaw. Microsoft has patched a vulnerability in Office 365 that could have allowed an attacker to gain access to any account at a business with a federated domain. Researchers Yiannis Kakavas and Klemen Bratec discovered the flaw and say Microsoft “mitigated” the threat within seven hours of notification. However, the group of companies that use federated domains includes some of the biggest names in technology, such as IBM, Cisco, BT, Vodafone and Microsoft itself, and high profile firms like British Airways, PwC and KPMG. Read more[CHANNELBIZ.CO.UK]

Penetration Testing

Penetration TestingREGULAR CHECKUPS: Pentesting-as-a-Service. Ten years ago, penetration testing was viewed as a luxury service, typically aimed at ensuring that companies’ network perimeters were secured against malicious external attacks. More recently, we have seen the emergence of vulnerability scanning software, an automated way to perform more frequent vulnerability testing, but not to the level of rigour the company would receive from a penetration test performed by a security expert. Read more[INFOSECURITY-MAGAZINE.COM]

THINK TANK: Penetration Testing Still Relevant, but Approach Needs to Change. How can an organization ensure it gets value from penetration and security testing services? Security managers need permission from their respective companies to test live networks, and they need the right pen testing tools for the job. Read more[COMPUTERWEEKLY.COM]

Penetration Testing

HOW: A White Hat Hacker Breaks Into a Business. A pen tester talks through how to break into a company. Read more[NEWSWEEK.COM]

PENTAGON: Sees White Hat Hackers as Low-Cost Penetration Testers. The Defense Department announced it would be launching the federal government’s first-ever "bug bounty," banking on the idea that there’s a nascent community of white hat hackers that’s been itching to help the Pentagon with its cybersecurity challenges but hasn’t been able to until now. Read more[FEDERALNEWSRADIO.COM]

Mergers & Modernization

Mergers & Modernization

MERGER: HP Enterprise to Spin Off, Merge Services Business. Deal with Computer Sciences creates IT-services provider with $26 billion in annual revenue. Hewlett Packard Enterprise Co. said it would spin off most of its technology services operations and merge them with those of Computer Sciences Corp., the company’s latest adjustment to a shifting landscape that is roiling the market for corporate technology. HP Enterprise will shed a business that accounts about 100,000 employees, or close to half of the Silicon Valley giant’s workforce. Read more[WSJ.COM]

Mergers & ModernizationMODERNIZATION: CIO Scott Pushes $3.1B IT Fund as Congress Probes Legacy Tech. Obama administration officials want Congress to back a revolving fund to modernize legacy IT systems. The goal is to kick-start projects with money agencies will pay back into a fund administered by the General Services Administration. In this way, $3.1 billion in initial funding would support upwards of $12 billion in modernization spending over a decade. Read the rest[FCW.COM]

HEALTH CARE: When Mergers Fail Because of Clashing Work Culture. The Wall Street Journal got a hold of correspondence Monday that suggests there may be some tension between insurance giants Anthem and Cigna, two companies that have proposed a $48 billion merger. Read more[MARKETPLACE.ORG]

Mergers & Modernization

FEDERAL GOVERNMENT TECH: ‘Ticking Time Bomb?’ The Department of Defense still uses a 1970’s IBM Series/1 computing system – including 8-inch floppy disk drives – to coordinate operations of the United States nuclear forces. Two of the Treasury Department’s tax systems, which retain tax data for more than 100 million Americans, assess refunds and update taxpayer accounts, are running on “low-level computer code” that was written 56 years ago. Those are just a few of the most egregious examples of outdated technology still in use by the government highlighted in an audit by the Government Accountability Office that will be presented to Congress May 25. The congressional watchdog for years has been touting the need to modernize IT systems or risk excess billions in spending and untold security risks. Find out more[NEXTGOV.COM]

For the CIO, CTO & CISO

For the CIO, CTO & CISO

CIO: Focus Needs to Shift from Cutting IT Costs. Put your own house in order before you start giving advice to others is a popular idiom. And CIOs have been doing that for years, incrementally cutting costs in IT functions. But what if the mandate from your CEO is for IT to help improve the performance of another department such as finance and accounting (F&A), for instance, but at the same time cut F&A costs by 60 percent? How can IT help that department? Read more[CIO.COM]

CTO: US CTO Megan Smith Highlights Heritage of Women in Tech. The former Googler and current chief technology officer of the United States also talks about encryption and bringing more techies to government. Read the rest[CNET.COM]

For the CIO, CTO & CISO

FEDERAL CIO: Hire Faster, from Every Discipline. The government needs to hire skilled cybersecurity professionals fast, starting with the federal chief information security officer, according to Federal CIO Tony Scott. “There’s no area combined with cybersecurity that I would say we’re full up on,” Scott said, adding that agencies need to broaden their reach. They should consider hiring people from a variety of disciplines — such as cultural anthropology, economics, biology and foreign languages — who also have cybersecurity knowledge. “Cyber is a global problem, and we need people who speak every language on the planet,” he said. Read more[FCW.COM]

For the CIO, CTO & CISO

CISO: House Bill Would Elevate HHS CISO from CIO’s Purview. The HHS Data Protection Act would create a CISO’s office to alleviate concerns that the current organizational structure sacrifices security for operational efficiencies. Find out more[FEDSCOOP.COM]

Application Development

Application Development

STRATEGY: Choosing Your Application Development Strategy. Which is more effective: the top-down or bottom-up application strategy? Discover why choosing one requires an in-depth understanding of application requirements. Read the rest[SEARCHSOA.TECHTARGET.COM]

CLOUD: Why Amazon and OpenStack Continue to Thrive in a Complex Cloud World. Amazon announcing AWS hitting a $10B annual run rate and OpenStack’s 13th release—lead some to wonder who is winning. Both are. Read more[EWEEK.COM]

Application Development

MICROSOFT: Power BI Hits 5M Subscribers, Adds Deeper Excel Integration. Microsoft has a ton of new features planned for its cloud-based BI service. Microsoft’s cloud-based business intelligence service is celebrating a major user growth milestone with a handful of new features, including the ability to import data from an Excel spreadsheet and turn it into live-updating charts and graphs. Power BI now has more than 5 million subscribers, who are using the service to take in business data and create dashboards they can use to better understand their businesses. Subscribers will be able to use an Excel connector to easily “pin” live-updating data from the Excel desktop app to a Power BI dashboard. Both that feature, and one that allows users to analyze data from Power BI in Excel, were previously available for beta testing and are now generally available. Read more[PCWORLD.COM]

Application Development

NODE.js: Top Reasons to Use Node.js for Web Application Development. There are many reasons why developers (regardless of experience level) should use Node.js for web application development, starting with its speed and ending with its proficiency at multi-user, real-time web applications. Not to mention that three years ago Nodejitsu reached out to the npm community for help running the public npm servers and raised over $300,000 for the project, proving that the community is both active and generous. Read more[JAXENTER.COM]

BYOD

BYODWINDOWS 10: IT Department Finds BYOD Policy Pits It in Eternal War with Windows 10. It seemed like such a good idea at the time: Implement a BYOD policy that puts the responsibility of laptop maintenance in the hands of the users, offload maintenance and have happier users. And then Windows 10 happened. Read more[WINDOWSITPROS.COM]

ENTERPRISE SECURITY: BYOD vs. Enterprise Security: Is It Possible to Have Both? Weighing the advantages of a BYOD policy against the potential security risks can prove challenging. BYOD can be a challenge for IT and security departments, because it essentially puts corporate security into the hands of employees. Any decisions an employee makes about that device – from failing to keep the software up-to-date to using unsecured Wi-Fi networks – ultimately puts the enterprise and its data at risk. Read the rest[CIODIVE.COM]

BYOD

FUTURE: Will a Smartphone Replace Your PC? Will you buy another desktop computer or laptop? Or, can your smartphone meet your technology needs? Should your business continue buying PCs? The IT infrastructure industry is divided, but the answer affects more than you think. Here’s why. Find out more[GOVTECH.COM]

MOBILITY: Why Oak Ridge and Other Agencies Have Opened Their Own App Stores. Employees want apps. Agencies want control. With iTunes-like stores, the two can find a happy medium. Read more[FEDTECHMAGAZINE.COM]

Big Data

Big Data

EDUCATION: ‘Big Data’ was Supposed to Fix Education. It Didn’t. It’s Time for ‘Small Data.’ For over a decade, “big data” and “analytics” have increasingly become a part of the education world. (Big data is a term used to describe data sets so large that they can only be analyzed by computers, and analytics is used to describe how the data is collected, analyzed and used.) Big data lovers believe the information can help policy-makers make systemic improvements in student outcomes — but, so far, that hasn’t happened. Here is a post about the problems with big data in education and about something new that could actually make a real difference: “small data.” What is it? Read the post by Pasi Sahlberg and Jonathan Hasak. Read more[WASHINGTONPOST.COM]

Big Data

ANALYTICS: How the Skills Shortage is Transforming Big Data. According to this Silicon Valley dean, “The profession is subdividing.” In the early days of computing, developers were often jacks of all trades, handling virtually any task needed for software to get made. As the field matured, jobs grew more specialized. Now we’re seeing a similar pattern in a brand-new domain: big data. That’s according to P.K. Agarwal, regional dean and CEO of Northeastern University’s recently formed Silicon Valley campus, who says big-data professionals so far have commonly handled everything from data cleaning to analytics, and from Hadoop to Apache Spark. Read the rest[PCWORLD.COM]

Big Data

DATABASES: HBase…The Database Big Data Left Behind. As the default database for Hadoop, you’d expect HBase to be more popular than it is, but its time may already have passed. Find out more[INFOWORLD.COM]

MORE ANALYTICS: 12 Inspiring Women In Data Science, Big Data. Women make up half the population, yet it’s been well documented that they don’t come close to parity in STEM fields. Could the rise of big data and data science offer women a clearer path to success in technology? Here’s a list of 12 inspiring women who work in big data and data science. Read more[INFORMATIONWEEK.COM]

Mobile Applications

Mobile Applications

DHS: Playbook Strives for Consistency of Mobile Apps. The Homeland Security Department has a new playbook for developing mobile applications and it’s willing to share to ease the burden and ensure consistency across the government. This how-to guide is for everyone from the technology experts to the business owners to the app developers. Rob Palmer, the DHS deputy chief technology officer in the Enterprise System Development Office, said the playbook is to help stem the tide of inconsistent mobile app development. He said this led to an increased workload for the chief information officer’s office to test, field and approve. Read more[FEDERALNEWSRADIO.COM]

Mobile ApplicationsSTATE GOVERNMENT: Build a Mobile Strategy That Truly Moves Government Forward. Security and mobile device management play a starring role in workplace transformation. Outfitting staff with smartphones and tablets undoubtedly helps to mobilize the workforce, but it takes more than hardware alone to transform operations. The VMware “State of Business Mobility Report” identifies a significant gap between organizations’ mobility goals and their ability to achieve them. Read the rest[STATETECHMAGAZINE.COM]

FIDO & NIST: How US Government Can Go Mobile with FIDO. The proliferation of mobile devices leaves U.S. government agencies with a tough balancing act between security, usability and effectively performing their missions. How can they accommodate an increasingly mobile workforce that wants to use all of their devices to access online services, while adhering to a plethora of security policies and directives? Find out more [PLANETBIOMETRICS.COM]

Mobile Applications

CRITICAL READ: Why Agencies Should Adopt a “Mobile First” Strategy. What: “Using Mobile Apps in Government,” a report from the IBM Center for the Business of Government on the state of mobile apps and access in the federal government. Why: Most Americans own cell phones and many also own tablets, so it should come as no surprise that more than one-third of the traffic on U.S. government websites comes from mobile devices and 40 percent of smartphone owners use those devices to look up government services or information. Read more[FCW.COM]

Accessible Web

Accessible Web

WINDOWS: Using UI Automation Support in Edge to Build More Accessible Web Apps. Microsoft is at it again, making an effort to live up to their mission statement: to empower everybody to do great things. In a recent blog post, Microsoft spoke about the effort it’s putting into Microsoft Edge, and how they want it to better serve the needs of people who have trouble surfing the web. Using UI Automation, a process which allows Windows 10 applications to “provide programmatic information about their user interface,” Microsoft Edge is creating a much more accessible browser. Read more[WINBETA.ORG]

Accessible Web

DOJ: Refreshes Its Efforts to Promulgate Title II Website Accessibility Regulations and Other Accessible Technology Updates – What Does It All Suggest for Businesses? On April 28, 2016, the U.S. Department of Justice, Civil Rights Division, withdrew its Notice of Proposed Rulemaking (NPRM) titled Nondiscrimination on the Basis of Disability; Accessibility of Web Information and Services of State and Local Government Entities. Citing “the growing confusion around web site accessibility,” on April 29, 2016, the National Association of Realtors wrote a letter to DOJ’s Civil Rights Division imploring DOJ to take actions to regulate the issue of website accessibility for Title III entities as soon as possible. Read the rest[NATLAWREVIEW.COM]

Accessible WebWEB DESIGN & CONTENT: Accessible Best Practice: Don’t Use Color As Part of Your Instructional Content. Are you using color as a way of instructing visitors about the next action to take on your Web site? Think again. WCAG 2.0 Guideline 1.4.1 warns Web designers, developers and content creators about depending solely on color when conveying instructions. Find out more[ACCESSIBLEWEBSITESERVICES.COM]

COLOR CONTRAST: How to Measure Color Contrast, for Web Accessibility. The essence of accessible color contrast is simple. Given a foreground color and a background color, the contrast between those two must be distinguishable in a wide variety of environments, by individuals with different color perception abilities. Using the Web Content Accessibility Guidelines — WCAG — version 2.0, these contrasts are measured using an algorithm that compares the relative luminosity of the two colors and returns a ratio, which is to exceed WCAG’s recommended minimum. Read more [PRACTICALECOMMERCE.COM]

Programming & Scripting Development Client & Server-Side

Programming & Scripting Development Client & Server-Side

ANGULAR: 3 Development Patterns of Angular Universal. While Angular is a powerful way to build web apps, developers have long known its limitations with SEO and accessibility. Sure, Google’s crawler can execute JavaScript, but it’s not the only crawler in the game. For example, after posting a link to Slack, its crawler will pull down a preview, but it doesn’t execute JavaScript, so the raw Angular HTML templates show up in the preview. To eliminate the trouble this causes, Jeff Whelpley and Patrick Stapleton have worked on Angular Universal that allows the rendering to happen on the server. Read more[INFOQ.COM]

Programming & Scripting Development Client & Server-Side

JAVASCRIPT: What JavaScript Means for Ecommerce Merchants. Web developers use three core tools when building ecommerce sites: HTML for content and organization, CSS for the design and presentation, and JavaScript for the interaction with backend servers. Using JavaScript, merchants can engage their visitors. Read the rest[PRACTICALECOMMERCE.COM]

VISUAL STUDIO: C#/XAML for HTML5 Beta 8 Released. The free Visual Studio extension that allows developers to build HTML5 applications using C# or XAML has hit beta version 8 on its way to general availability. Find out more[SDTIMES.COM]

Programming & Scripting Development Client & Server-Side

JAVA: A Warning About Overloading Methods in Java. Autoboxing and method overloading can be useful when building a Java app. But sometimes these features can cause confusion, improper outputs, or errors, if not handled carefully. Read more[DZONE.COM]

Cloud Computing

Cloud Computing

CLOUD SECURITY: Is Single Sign-on the Answer to Your Cloud Computing Security Worries? The downside of the cloud is a password and username overload — but there are technologies available to help. The cloud provides a raft of business benefits to organisations that want to access applications in a flexible and cost-conscious manner. But to really take advantage, businesses must be sure that information is easily and safely accessible. Read more[ZDNET.COM]

ORACLE: Dives Further in Cloud Computing, Acquires Opower. Oracle has acquired Opower, an Arlington-based data analytics company, in a $532 million cash deal. Oracle will pay $10.30 per share for Opower — with a 30% premium on the closing share price of the company. Read the rest[TECHNEWSTODAY.COM]

Cloud Computing

TRENDS: Amazon, Microsoft Invest Billions as Computing Shifts to Cloud. As cloud computing proliferates, its leading providers — Amazon and Microsoft among them — have unleashed a torrent of capital spending to build the infrastructure that handles the technology. That, in turn, has significant economic effects globally and locally. Find out more[SEATTLETIMES.COM]

EMCS: Latest VCE Nodes Aim to Make Clouds Easy. Neutrino Nodes let different software stacks run anywhere in a VxRack system. Read more[INFOWORLD.COM]

Business Intelligence

Business IntelligenceOPINION: The ‘Business’ in Business Intelligence: There’s NOT An App for That. Identifying and prioritizing business needs is the most important step to take before making an investment in a technology tool or platform. Ours is a society of technophiles. We readily adopt – and rely heavily upon – the software that powers our digital devices to entertain us, to make us more productive, to monitor our health, or to get us safely from Point A to Point B, and back again. With this passionate (some might say “frantic”) adoption of consumer technology, it is understandable that we are encouraged to believe that a compelling, easy-to-install, easy-to-configure software solution already exists to address our most pressing personal and business challenges. “There’s an app for that” has become as axiomatic as “Nothing is certain but death and taxes.” Read more[CIO.COM]

Business Intelligence

ANALYTICS: 3 Tips for Adopting Business Intelligence. Business Intelligence (BI) – the ability to garner actionable, data-driven insights into the working of an enterprise – is revolutionizing how companies make decisions. It is not only making companies more efficient, it is enhancing the bottom line. In fact, business intelligence is such a major initiative for enterprises across the world that Gartner predicts the worldwide BI market will reach nearly $17 billion in 2016. Read the rest[INFORMATION-MANAGEMENT.COM]

MANAGEMENT: EMC World 2016: Smart Cities Are a Platform for Innovation. Technology can enable local governments to build and operate integrated and highly efficient cities. Find out more[STATETECHMAGAZINE.COM]

Business Intelligence

NETWORKING: Fog Computing Brings Connectivity, Analytics to Agencies’ Network Edge. The Defense Department and TSA are already using fog computing, but agencies must be cautious about security risks. The Internet of Things holds a world of possibility for federal agencies, but in order to leverage that potential, they’ll need a more agile computing platform. Enter fog computing, which could offer users greater functionality from distributed endpoints and environments. Read more[FEDTECHMAGAZINE.COM]

IT Security | Cybersecurity

IT Security | Cybersecurity

FEDERAL GOVERNMENT: New Rule Puts Onus on Contractors to Tighten IT Security. It is official: The government requires minimum cybersecurity standards for contractors that store sensitive information in their IT systems. A new rule aimed at systems that store controlled unclassified information and classified information is one result of the White House’s 2010 executive order aimed at bolstering CUI protections. “Systems that contain classified information, or CUI such as personally identifiable information, require more than the basic level of protection,” a May 16 Federal Register notice states. The regulation was issued by the Defense Department, the General Services Administration and NASA. Read more[FCW.COM]

IT Security | CybersecurityHOW TO: Defend Macs and iOS Devices Against Malware Attacks. With attacks on the rise, raise your guard against malware infecting iOS and OS X devices. IT professionals have long maintained that Apple devices don’t get malware, and that was generally true for many years. But times have changed, and iOS mobile devices and OS X Macintosh computers are now the source of frequent security vulnerabilities and a popular target of hackers and malware authors. Read the rest[STATETECHMAGAZINE.COM]

OPERATIONS: Security By The Numbers Launches IT Security Measurement Index and Collaborative Group. Online resource behind benchmark survey promises to help companies measure the effectiveness of cybersecurity and share best practices. Find out more[DARKREADING.COM]

IT Security | Cybersecurity

TSA: DHS Inspector General Lambasts TSA’s IT Security Flaws. TSA typically has not managed security equipment in compliance with departmental guidelines regarding sensitive IT systems, according to OIG report. Read more[NETWORKWORLD.COM]

EDUCATION: Computer Science Teachers Need Cybersecurity Education, Says CSTA Industry Group. The Computer Science Teachers Association (CTSA) is working on a cybersecurity certification program for computer science educators, so they can better teach students about computer security. Read more[TECHREPUBLIC.COM]

IT Security | CybersecuritySHORTAGE: High-Demand Cybersecurity Skill Sets. Specialized cybersecurity skills around cloud computing represent the biggest gap. According to ESG research, 46 percent of organizations say they have a “problematic shortage” of cybersecurity skills in 2016. By comparison, 28 percent of organizations claimed to have a “problematic shortage” of cybersecurity skills in 2015. That means there has been an 18 percent year-over-year increase. Read the rest[NETWORKWORLD.COM]

DEFENSE: DISA Unveils New Cybersecurity Review. The Defense Information Systems Agency unveiled a cybersecurity review process on May 9 that takes an agile, “outside-in” assessment of the resources and technologies the Department of Defense Information Network (DODIN) needs to defend itself against attack. Find out more[FCW.COM]

IT Security | CybersecurityFDIC: Reports Five ‘Major Incidents’ of Cybersecurity Breaches Since Fall. The Federal Deposit Insurance Corp. (FDIC) on Monday retroactively reported to Congress that five additional “major incidents” of data breaches have occurred since Oct. 30. FDIC also is launching “a new initiative to enhance security.” The incidents involved the breach of taxpayers’ personally identifiable information. In each case, employees with legitimate access to the information were leaving the agency when they inadvertently downloaded the data along with personal files. The individuals involved provided affidavits saying the data was not shared. Read more[WASHINGTONPOST.COM]

From the Blue Mountain Data Systems Blog

Three-Dimensional Governance for the CIOhttps://www.bluemt.com/three-dimensional-governance-for-the-cio

7 Reasons to Take Control of IT Incidentshttps://www.bluemt.com/7-reasons-to-take-control-of-it-incidents/

Breach Mitigation Response Time Too Long, Survey Sayshttps://www.bluemt.com/breach-mitigation-response-time-too-long-survey-says/

Six Tactics for Cyberdefensehttps://www.bluemt.com/six-tactics-for-cyberdefense/

From the Blue Mountain Data Systems Blog

Feds Report Mixed Responses to Shared Serviceshttps://www.bluemt.com/feds-report-mixed-responses-to-shared-services

Federal Employees Are Not Security Expertshttps://www.bluemt.com/federal-employees-are-not-security-experts

Survival Guide for Network Administratorshttps://www.bluemt.com/survival-guide-for-network-administrators

DBaaS: OpenStack Trove Changes DB Managementhttps://www.bluemt.com/dbaas-openstack-trove-changes-db-management

From the Blue Mountain Data Systems Blog

Help Wanted: Certified Cybersecurity Professionalshttps://www.bluemt.com/help-wanted-certified-cybersecurity-professionals

Cyber Threat Intelligence Integration Center Previewhttps://www.bluemt.com/cyber-threat-intelligence-integration-center-preview/

Cloud Moves in 1-2-3https://www.bluemt.com/cloud-moves-in-1-2-3/

Change Management for Disaster Recoveryhttps://www.bluemt.com/change-management-for-disaster-recovery/

From the Blue Mountain Data Systems Blog

Jeffersonian Advice For C-Suite Career Advancementhttps://www.bluemt.com/jeffersonian-advice-for-c-suite-career-advancement/

Ways To Survive The “Mobile-Pocalypse”https://www.bluemt.com/ways-to-survive-the-mobile-pocalypse/

Microsoft Cloud Services Receive FedRAMP Authority to Operatehttps://www.bluemt.com/microsoft-cloud-services-receive-fedramp-authority-to-operate/

Hiring Pentesters? Here Are 10 Things You Need to Knowhttps://www.bluemt.com/hiring-pentesters-here-are-10-things-you-need-to-know/

From the Blue Mountain Data Systems Blog

Home Router Malware Alerthttps://www.bluemt.com/home-router-malware-alert/

Threat Model Deconstructionhttps://www.bluemt.com/threat-model-deconstruction/

Business Email Scam Nets $214 Millionhttps://www.bluemt.com/business-email-scam-nets-214-million/

How to Prevent Unauthorized Software from Taking Over Your Organizationhttps://www.bluemt.com/the-cios-guide-to-happy-end-users-2/

From the Blue Mountain Data Systems Blog

Digital Marketing Predictions for 2015https://www.bluemt.com/digital-marketing-predictions-for-2015/

SDN: Network Administrator’s Friend or Foe?https://www.bluemt.com/sdn-network-administrators-friend-or-foe/

Mobile Payments: A Must for Federal Agencieshttps://www.bluemt.com/mobile-payments-a-must-for-federal-agencies/

Soft Skills Are A Must-Have For Careers In IThttps://www.bluemt.com/soft-skills-are-a-must-have-for-careers-in-it/

From the Blue Mountain Data Systems Blog

Security Risks Most Prevalent in Younger Workershttps://www.bluemt.com/security-risks-most-prevalent-in-younger-workers/

The Security World’s Maturationhttps://www.bluemt.com/the-security-worlds-maturation/

Data Breach Concerns Keep CISOs Up At Nighthttps://www.bluemt.com/data-breach-concerns-keep-cisos-up-at-night/

Personalized Govt Equals Instant Gratification for Citizenshttps://www.bluemt.com/personalized-govt-equals-instant-gratification-for-citizens/

From the Blue Mountain Data Systems Blog

People-Centric Securityhttps://www.bluemt.com/people-centric-security/

Pentagon Tries BYOD To Strike Work/Life Balancehttps://www.bluemt.com/pentagon-tries-byod-to-strike-worklife-balance/

Open Source Model Considered for MS Windowshttps://www.bluemt.com/open-source-model-considered-for-ms-windows/

Open Internet: To Be or Not to Be?https://www.bluemt.com/open-internet-to-be-or-not-to-be/

From the Blue Mountain Data Systems BlogMalware Stays A Step Ahead Infecting One Third of Websiteshttps://www.bluemt.com/malware-stays-a-step-ahead-infecting-one-third-of-websites/

Machine-Generated Data: Potential Goldmine for the CIOhttps://www.bluemt.com/machine-generated-data-potential-goldmine-for-the-cio/

Government Legacy Programs: Reuse vs. Replacementhttps://www.bluemt.com/government-legacy-programs-reuse-vs-replacement/

It Takes a Whole Village to Protect Networks and Systemshttps://www.bluemt.com/it-takes-a-whole-village-to-protect-networks-and-systems/

From the Blue Mountain Data Systems Blog

Governance For the CIOhttps://www.bluemt.com/governance-for-the-cio/

Help Desk Consolidation – Lessons Learnedhttps://www.bluemt.com/help-desk-consolidation-lessons-learned/

One Year Later, Companies Still Vulnerable to Heartbleedhttps://www.bluemt.com/one-year-later-companies-still-vulnerable-to-heartbleed/

Federal Projects Cultivate Worker Passionhttps://www.bluemt.com/federal-projects-cultivate-worker-passion-2/

ABOUT US

Blue Mountain Data Systems Inc.

Blue Mountain Data Systems Inc. is dedicated to application and systems development, electronic document management, IT security support, and the automation of workflow processes.

Read more about our experience here:>> http://bluemt.com/experience

Recent Experience

U.S. Dept. of Labor Employee Benefits Security Administration

1994 to Present

Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support.

MANAGEMENT

Paul T. Vesely Founder, President, CEO and Principal Architect

Mr. Vesely is a recognized thought leader in systems architecture and delivery, having designed and delivered many enterprise wide information and document management solutions. Mr. Vesely’s history includes 33 years experience in the information systems industry, with Unisys, Grumman, PRC and a host of clients in both government and private sectors.

CONTACT US

Contact Us Today to Discuss Your Next IT Project

HEADQUARTERS366 Victory DriveHerndon, VA 20170

PHONE 703-502-3416

FAX 703-745-9110

EMAILpaul@bluemt.com

WEBhttps://www.bluemt.com