Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Tech Update Summary from Blue Mountain Data Systems August 2017

2,460 views

Published on

August 2017: For CTOs, CIOs & CISOs Every business day, we publish a Daily Tech Update for Federal & State CTOs ,CIOs & CISOs on the Blue Mountain Data Systems Blog. We hope you will visit our blog for the latest information >> https://bluemt.com/blog/

Published in: Software
  • Be the first to comment

  • Be the first to like this

Tech Update Summary from Blue Mountain Data Systems August 2017

  1. 1. Blue Mountain Data Systems Tech Update Summary August 2017
  2. 2. For CTOs, CIOs & CISOs Visit Blue Mountain Data Systems https://www.bluemt.com
  3. 3. For CTOs, CIOs & CISOs Every business day, we publish a Daily Tech Update for Federal & State CTOs ,CIOs & CISOs on the Blue Mountain Data Systems Blog. We hope you will visit our blog for the latest information. You can also receive these updates via email. Click here to subscribe. Here’s the summary of the Daily Tech Updates for August 2017. Hope the information and ideas prove useful. Best, Paul Vesely President and Principal Architect Blue Mountain Data Systems Inc.
  4. 4. Network Security
  5. 5. Network Security FEDERAL GOVERNMENT: All the Ways US Government Cybersecurity Falls Flat. Data breaches and hacks of US government networks, once novel and shocking, have become a problematic fact of life over the past few years. So it makes sense that a cybersecurity analysis released today placed the government at 16 out of 18 in a ranking of industries, ahead of only telecommunications and education. Health care, transportation, financial services, retail, and pretty much everything else ranked above it. The report goes beyond the truism of government cybersecurity shortcomings, though, to outline its weakest areas, potentially offering a roadmap to change. Read more [WIRED.COM]
  6. 6. Network Security CYBERSECURITY: Washington, Not Silicon Valley, Leads the Way in Cybersecurity. It’s a common trope that government has a lot to learn from Silicon Valley when it comes to technology. But in cybersecurity, Washington is leading the way in many respects. Read the rest [NEXTGOV.COM] PODCAST: Improving Government Productivity by Reducing IT Friction. A recent FedScoop study shows the federal government workforce could see a meaningful boost in productivity by reducing friction with devices and applications and improving secure access to data and information via their mobile devices. Find out more [FEDSCOOP.COM]
  7. 7. Network Security SECURITYSCORECARD: Government Ranks #16 Out of 18 Industries in Cybersecurity. SecurityScorecard’s annual U.S. State and Federal Government Cybersecurity Report was released August 24, and it paints a very grim picture of the government’s cyber health status. Read more [SDTIMES.COM]
  8. 8. Encryption
  9. 9. Encyption COMPUTING: End-to-End Encryption Isn’t Enough Security for “Real People”. Government officials continue to seek technology companies’ help fighting terrorism and crime. But the most commonly proposed solution would severely limit regular people’s ability to communicate securely online. And it ignores the fact that governments have other ways to keep an electronic eye on targets of investigations. Read more [SCIENTIFICAMERICAN.COM] HOW TO: Use Data Encryption Tools and Techniques Effectively. Data protection does not have a one-size-fits-all solution. Understand which encryption tools and methods best fit different scenarios. Read the rest [SEARCHSECURITY.TECHTARGET.COM]
  10. 10. Encyption FYI: A Security Solution that’s Simple for Government, Tough for Attackers. Over the last few decades, the U.S. government created more than 100,000 custom digital applications. These apps continue to serve different purposes and live at different levels within the government — spanning teams, departments, organizations and even entire agencies. At a federal level, the government manages terabytes of both anonymized and personally identifiable information (PII). But with such a mammoth amount of information, how does the government keep its data safe? Find out more [FCW.COM]
  11. 11. Encyption FEDERAL GOVERNMENT: After Huge Hack, OPM Still Hasn’t Learned Its Lesson. The government’s personnel office still isn’t adequately protecting its computer networks two years after a massive data breach that compromised highly sensitive security clearance information of over 20 million current and former federal employees and their families, a congressional watchdog reported in early August. Read more [NEXTGOV.COM]
  12. 12. Encyption ENCRYPTION: Usage Grows Again, but Only at Snail’s Pace. Deployment pains and problems with finding data in the corporate maze are being blamed for business’ lack of interest in crypto. Read more [ZDNET.COM] ATTACKS/BREACHES: The Long Slog To Getting Encryption Right. Encryption practices have improved dramatically over the last 10 years, but most organizations still don’t have enterprise-wide crypto strategies. Read the rest [DARKREADING.COM]
  13. 13. Databases
  14. 14. Databases AMAZON: Wants Your Enterprise Database. Amazon’s awaited release of PostgreSQL on Aurora sharply raises the stakes in its competition with Oracle. Still in public preview, when will Aurora PostgreSQL go GA, and what can we look forward to in the roadmap? Here are some hints of what we expect. Read more [ZDNET.COM] MICROSOFT: Upgrading to SQL Server 2016. Here is a series of blog posts that, when taken as a whole, provide a guide for upgrading to Microsoft® SQL Server® 2016. Read the rest [SQLMAG.COM]
  15. 15. Databases ORACLE: What the Annual Oracle Database Release Cycle Means for DBAs. As Oracle changes its database release cycle to yearly updates with new version numbers, Oracle users will get faster access to new features — but also new upgrade questions to weigh. Find out more [SEARCHORACLE.TECHTARGET.COM] MySQL: Real-time MySQL Performance Monitoring. A key part of keeping your MySQL database running smoothly is the regular monitoring of performance metrics. In fact, there are literally hundreds of metrics that can be measured that can enable you to gain real-time insight into your database’s health and performance. Several MySQL monitoring tools have been developed to make performance monitoring easier. Here’s how to use Monyog to measure a few of the more important metrics. Read more [DATABASEJOURNAL.COM]
  16. 16. More About Blue Mountain BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S. Dept. of Labor, Employee Benefits Security Administration. Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support. Read more.
  17. 17. Federal Tech
  18. 18. Federal Tech FEDERAL GOVERNMENT: APIs, Shared Services Can Reshape, Modernize Government Technology. The size and scope of the federal government’s information technology landscape only continues to grow and in a way that makes it incredibly difficult to change. In the Federal Chief Information Officers Council’s latest study, the current state of government IT is described as monolithic. And, it is not meant as a compliment. Read more [FEDERALNEWSRADIO.COM]
  19. 19. Federal Tech OPINION: Government Efforts to Weaken Privacy are Bad for Business and National Security. The federal government’s efforts to require technology and social media companies to relax product security and consumer privacy standards – if successful – will ultimately make everyone less safe and secure. Read the rest [INFOSECURITY-MAGAZINE.COM] PUBLIC SAFETY: Rapid DNA Technology Gives Law Enforcement Access to Your DNA in 90 Minutes. Before recently-passed legislation, law enforcement agencies had to send DNA samples to government labs and wait for it to get tested, which could take days or even weeks. Find out more [GOVTECH.COM]
  20. 20. Federal Tech MODERNIZATION: Making Modernization Happen. Now more than ever before, comprehensive IT modernization for federal agencies is a real possibility. The question that remains is whether President Donald Trump’s words and actions during his first months in office will be sustained by the administration and Congress in the months and years ahead. Read more [FCW.COM]
  21. 21. State Tech
  22. 22. State Tech SURVEY: Cybersecurity Concerns May Keep One in Four Americans from Voting. Cybersecurity concerns may prevent one in four Americans from heading to the polls in November, according to a new survey by cybersecurity firm Carbon Black. The company recently conducted a nationwide survey of 5,000 eligible US voters to determine whether reports of cyberattacks targeting election-related systems are impacting their trust in the US electoral process. The results revealed that nearly half of voters believe the upcoming elections will be influenced by cyberattacks. Consequently, more than a quarter said they will consider not voting in future elections. Read more [HSTODAY.US.COM]
  23. 23. State Tech ALASKA: Unique Challenges in IT Consolidation. The Last Frontier is centralizing IT operations under Alaska’s newly created Office of Information Technology. But consolidating IT in a sprawling state like Alaska offers challenges not found in other environments, says the state’s new CIO Bill Vajda. Read the rest [GCN.COM] ALABAMA: Acting CIO Jim Purcell Is a Man on a Mission for Smarter State IT. Jim Purcell wasn’t expecting a call from Alabama’s new governor, Kay Ivey, and he certainly wasn’t expecting her to ask him to head up the Office of Information Technology (OIT) – but that’s exactly what happened last week. Find out more [GOVTECH.COM]
  24. 24. State Tech ILLINOIS: Inside a State Digital Transformation. Hardik Bhatt, CIO of the State of Illinois, sought to become the nation’s first Smart State – a process that required reorganizing its 38 IT departments into one, improving government services, and finding new sources of innovation to apply to its revenue model. Within 18 months, Illinois rose in national rankings from the bottom fourth of state governments to the top third. Read more [ENTERPRISERSPROJECT.COM]
  25. 25. Electronic Document Management
  26. 26. Electronic Document Management CFPB: Looks to Embrace Cloud for Email, Office Application Needs. The Consumer Financial Protection Bureau wants to move to a public cloud setup for some of its core enterprise apps. The financial watchdog agency recently sent out a Request for Information (RFI) on the process, technical requirements and costs of moving to cloud services in fiscal year 2017. CFPB wants to establish a more complete understanding on the costs associated with moving fully to a cloud solution for email and office applications (e.g., documents, spreadsheets, presentations, SharePoint and more).Read the rest [FEDTECHMAGAZINE.COM]
  27. 27. Electronic Document Management ROI: 4 Ways Business Document Management Software Can Save You Money. Lisa Croft, Group Product Marketing Manager at Adobe Document Cloud, talks about the many ways business document management can save your company time, space, and more importantly, loads of money. Here are the four most obvious ways these tools provide excellent return-on-investment. Read more [PCMAG.COM]
  28. 28. Security Patches
  29. 29. Security Patches GOOGLE: Patches 10 Critical Bugs in August Android Security Bulletin. Google patched 10 critical remote code execution bugs in its August Android Security Bulletin issued Monday. It warned the most severe RCE vulnerabilities could enable a remote attacker, using a specially crafted file, to execute arbitrary code within the context of a privileged process. Read more [THREATPOST.COM] MICROSOFT: Where We Stand with This Month’s Windows and Office Security Patches. August has seen a relatively normal number of bugs in Windows and Office patches, some acknowledged by Microsoft, some not. Read the rest [COMPUTERWORLD.COM]
  30. 30. Security Patches MALWARE: New Trojan Malware Campaign Sends Users to Fake Banking Site That Looks Just Like the Real Thing. Trickbot is now redirecting to a counterfeit site that displays the correct URL and the digital certificate of its genuine equivalent. Find out more [ZDNET.COM] ADOBE: Patches 69 Flaws in Reader, Acrobat. Security updates released by Adobe for its Flash Player, Reader, Acrobat, Digital Editions and Experience Manager products address more than 80 vulnerabilities discovered by external researchers. Read more [SECURITYWEEK.COM]
  31. 31. CIO, CTO & CISO
  32. 32. For the CIO, CTO & CISO CIO: The Federal Government Wants Developers’ Help with Quality Control. Ruby on Rails experts, the federal government wants to hear from you. A government technology team is looking for information about code reviewers: Outside groups that can scan source code and web applications for potential improvements or, sometimes, bugs. The Technology Transformation Services, part of the General Services Administration and home to digital consultancy 18F, posted the request for this week. Read more [NEXTGOV.COM] REDUX: Former Fed Govt CIO Returns to Public Sector as ACT CTO. A former federal government CIO who left the public sector for a stint as a government IT analyst has returned to Canberra to become the ACT government’s chief technology officer. Al Blake departed the public service in January 2015 after almost ten years in IT leadership positions at the federal Environment department. Read the rest [ITNEWS.COM]
  33. 33. CIO, CTO & CISO CISO: Disruptive Technology Trends and How to Prepare. How to choose the right test runner, test framework, assertion libraries, and add-on tools for your React project. Find out more [SEARCHSECURITY.TECHTARGET.COM] STATE: Oregon Advances CIO’s Office Toward Cybersecurity Unification with New Law, Advisory Council. Isolated offices around the state have left Oregon IT vulnerable, but the passage of a new law creates a policy framework for change. Read more [STATESCOOP.COM]
  34. 34. Penetration Testing
  35. 35. Penetration Testing RISK MANAGEMENT: Eight Myths Not to Believe About Penetration Testing. Penetration testing – the process of trying to break into one’s own system to find vulnerabilities before cybercriminals do – is an integral part of information security. The data gleaned from these evaluations can help companies remediate flaws in their security infrastructure before fraudsters have a chance to expose them. Penetration testing is critical for organizations across all verticals, especially those that are subject to data privacy laws and regulations. Before investing in the personnel and resources required to conduct penetration tests, however, it is important to dispel several myths about the practice. Read more [SECURITYINTELLIGENCE.COM]
  36. 36. Penetration Testing PEN TESTING: How Far Should You Let White Hat Hackers Go? Penetration tests can reveal holes in an organization’s security. But framing the scope of a penetration test can be challenging, and good results don’t necessarily mean 100 percent security, says attorney Kay Lam-MacLeod. Read the rest [BANKINFOSECURITY.COM] DESTRUCTION OF SERVICE: How Ransomware Attacks Have Changed. New ransomware variants have introduced another threat to enterprises. Rob Shapland explains what destruction of service attacks are and how organizations should prepare for them. Find out more [SEARCHSECURITY.TECHTARGET.COM]
  37. 37. Penetration Testing EMAIL: Why Everyone Still Falls for Fake Emails. What do nuclear submarines, top secret military bases and private businesses have in common? They are all vulnerable to a simple slice of cheddar. This was the clear result of a “pen testing” exercise, otherwise known as penetration testing, at the annual Cyber Security Summer School in Tallinn, Estonia, in July. Read more [GCN.COM]
  38. 38. Open Source
  39. 39. Open Source USA: To Protect Voting, Use Open-Source Software. The National Association of Voting Officials is leading a movement to encourage election officials to stop the purchase of insecure systems and begin to use software based on open-source systems that can guard our votes against manipulation. Read more [NYTIMES.COM] OPEN SOURCE: To Use Or Not To Use (And How To Choose). Knowing which open source projects you can rely on is an acquired skill. If you choose wrong, it will cost you. Consider the following criteria for evaluating a project. Read the rest [FORBES.COM]
  40. 40. Open Source MANAGEMENT: Active Management of Open Source Components Delivers Measurable Improvements Claims Sonatype Report. In July, Sonatype released their third annual State of the Software Supply Chain report concluding that when organisations actively manage the quality of open source components in software applications they see a 28% improvement in developer productivity (through reduction in manual governance), a 30% reduction in overall development costs, and a 48% increase in application quality (as application vulnerabilities are removed early reducing their incidence in production). Analysis also showed that applications built by teams utilising automated governance tools reduced the percentage of defective components by 63%. Read more [INFOQ.COM]
  41. 41. Open Source FLASH: A Foolish Petition to Open Source Adobe Flash. In 2020, Adobe promises us that Adobe Flash will finally be put in its grave. Thank God! But now developer Juha Lindsted wants to open-source Flash. Oh please! Not just no, but hell no! Find out more [ZDNET.COM]
  42. 42. Business Intelligence
  43. 43. Business Intelligence MANAGEMENT: How 3 Factors Will Drive Your Approach to Business Intelligence. Findings from a recent study by Gartner showed that the number of organizations embracing business intelligence (BI) platforms continues to grow, but more focus is being placed on business-led, agile analytics and self-service features rather than IT- led system-of-record reporting. Read more [SMALLBIZTRENDS.COM] SALES: KickFire’s Business Intelligence Gets Connected to Google Analytics. KickFire, a provider of IP address intelligence and company identification technology, has announced the release of its business intelligence connection into Google Analytics®. B2B marketers utilizing Google Analytics can identify the actual companies visiting their website from organic search or digital marketing efforts, including AdWords campaigns. Read the rest [MARTECHADVISOR.COM]
  44. 44. Business Intelligence FEDERAL GOVERNMENT: Lawmakers Rethink Federal Use of Kaspersky Lab Products. Congressional lawmakers and federal agencies are reevaluating the federal government’s relationship with Moscow-based cybersecurity firm Kaspersky Lab over concerns about the company’s ties with Russian intelligence services. Find out more [MORNINGCONSULT.COM] ENTERPRISE APPS: Microsoft PowerApps Gains Power BI Tile for In-App Insights. Users can now add Power BI visualizations to the web and mobile business applications they create in Microsoft PowerApps. Read more [EWEEK.COM]
  45. 45. Operating Systems
  46. 46. Operating Systems PERSONAL TECH: Preparing for the Jump to a New Operating System. Switching computer platforms is much easier than it used to be, thanks to programs that help you copy over your data, applications that have both Windows and Mac versions and file formats like .JPG photos that can be easily opened on most desktop and mobile systems. Read more [NYTIMES.COM] MICROSOFT: Reveals New Windows 10 Workstations Edition for Power Users. Microsoft officially unveiled Windows 10 Pro for Workstations August 10. While the operating system was originally rumored back in June, Microsoft has provided the full details on the special edition. As expected, Windows 10 Pro for Workstations is primarily designed for server grade PC hardware and true power users. Windows 10 Pro for Workstations scales up for machines with a high number of logical processors and large amounts of RAM. Read the rest [THEVERGE.COM]
  47. 47. Operating Systems CONTAINERS: Docker Enterprise Now Runs Windows and Linux in One Cluster. The new version of Docker’s professional version lets applications across multiple platforms — Windows, Linux, and IBM System Z — run side by side in the same cluster. Find out more [INFOWORLD.COM] OPEN SOURCE: Windows vs Ubuntu: A Look Before You Switch. If you’re considering switching from Windows to Ubuntu, here are some factors to consider as you explore the Linux operating system. Read more [DATAMATION.COM]
  48. 48. Incident Response
  49. 49. Incident Response INCIDENT RESPONSE & THREAT INTELLIGENCE: A Potent One-Two Punch to Fight Cybercrime. In a recent interview, Mike Oppenheim, global research lead for IBM X- Force Incident Response and Intelligence Services (IRIS), shares his thoughts on some of the major threats that have wreaked havoc so far in 2017. He also discusses the successes of X-Force IRIS and revealed why combining incident response and intelligence into a single team is so crucial to the fight against cybercrime. Read more [SECURITYINTELLIGENCE.COM] SECURITY & RISK STRATEGY: Does Your Breach Incident Response Plan Have Holes? The likelihood of a company suffering a breach is worse than most believe. Here’s a checklist for building out a plan to deal with a breach. Read the rest [INFORMATIONWEEK.COM]
  50. 50. Incident Response NETWORK SECURITY: The Importance of Effective Incident Response – the HBO Breach Expands. A recent Demisto survey of more than 200 security professionals found that over 40 percent of organizations aren’t prepared to measure incident response, and just 14.5 percent are measuring mean time to respond (MTTR). While 54 percent of respondents believe automating incident response would provide immediate benefits, just 10.9 percent have already done so. Find out more [ESECURITYPLANET.COM] CYBERSECURITY: Shifting the Paradigm from Prevention to Incident Response. Organisations must recognize that breeches are inevitable and shift their focus to risk reduction. Read more [ITPROPORTAL.COM]
  51. 51. Incident Response INSIDER THREATS: Just 18% Have Incident Response Plans. Global organizations finally understand that insider cyber threats are potentially the most damaging of all, but are doing little to quantify or respond to the threat, according to new SANS Institute research. The study, sponsored by Dtex, Rapid7 and Haystax, revealed that the largest plurality of respondents (40%) rate malicious insiders as the most damaging threat vector they face, followed by accidental or negligent staff (36%). Read more [INFOSECURITY-MAGAZINE.COM]
  52. 52. Cybersecurity
  53. 53. Cybersecurity CITIES: As Cities Get Smarter, Hackers Become More Dangerous. This Could Stop Them. As governments create smarter cities, they need cybersecurity measures built from the ground up – or they risk costly data breaches which could compromise the privacy of their citizens. Find out more [CNBC.COM] FEDERAL GOVERNMENT: Looking to the Feds for Help in Fighting Cybercriminals. Cybercriminals are unrelenting in their attacks on state and local government computer networks, which contain detailed personal and business information — such as birth certificates, driver’s licenses, Social Security numbers and even bank account or credit card numbers — on millions of people and companies. Now, state and local officials are hoping Congress will give them some help in fending off the constant threat. Find out more [GCN.COM]
  54. 54. Cybersecurity INSURANCE: How AIG’s Cyber Security Gamble Could Pay Off. American International Group (AIG) has recently begun offering personal cyber security insurance plans to individuals. The company appears to be riding a wave of individuals’ fears about losing online data or having their bank accounts emptied, and should find success with wealthier customers who have a lot to lose. But it remains to be seen whether ordinary consumers will come to regard cyber security insurance as a necessary expense. Find out more [FORTUNE.COM]
  55. 55. Cybersecurity NIST: Must Audit Federal Cybersecurity Because DHS Isn’t, Hill Staffer Says. A senior House science committee staffer Friday defended controversial legislation expanding the authorities of the government’s cybersecurity standards agency, saying it’s necessary because other agencies aren’t stepping up to the job. The bill, which passed the committee nearly entirely with Republican support earlier this month, would direct the National Institute of Standards and Technology to audit agencies’ cyber protections within two years, giving priority to the most at-risk agencies. Find out more [NEXTGOV.COM]
  56. 56. Cybersecurity STATES: Rhode Island Names First State Cybersecurity Officer. Mike Steinmetz brings a wealth of public- and private-sector experience to the Ocean State, where he will serve as the first cybersecurity officer. Read more [GOVTECH.COM] MANAGEMENT: NASCIO Midyear 2017 – Cybersecurity, Agile Take Center Stage. Mitigating hacking attacks, implementing more nimble procurement methods and more will be explored at this year’s National Association of State Chief Information Officer’s Midyear Conference. Read the rest [STATETECHMAGAZINE.COM]
  57. 57. Cybersecurity WHY: You Must Build Cybersecurity Into Your Applications. One of the largest changes underway in the way we create software is that cybersecurity is no longer an afterthought, but instead is being built into every application. The challenge many companies face is how to keep up and make sure the software they create is just as safe as the products they buy. Find out [FORBES.COM] NETWORKS: Trump’s Cybersecurity Mystery: 90 Days In, Where’s the Plan? An executive order was shelved without explanation, and a promised cybersecurity report hasn’t materialized. Read more [NETWORKWORLD.COM]
  58. 58. Cybersecurity SECURITY: Greg Touhill’s Cyber Advice – Think Like a Hacker. DHS aims to get ahead of cybersecurity adversaries via automation tools, but the former U.S. CISO recommends a change of mindset as well. Read more [FEDTECHMAGAZINE.COM] OPINION: Here’s Why Agencies Shouldn’t Give Up on Firewalls. There has been a lot of talk lately about the death of the security perimeter for computer networks, which is an especially sensitive topic for the federal government that helped to create the concept. Everyone seems to think it’s now impossible within cybersecurity to draw a line and keep bad guys on one side and authorized users on the other. Read the rest [NEXTGOV.COM]
  59. 59. Cybersecurity ENTERPRISE: Keeping the Enterprise Secure in the Age of Mass Encryption. How can businesses ensure enterprise security in a world with mass encryption, given Mozilla’s revelations recently that over half of webpages loaded by Firefox use HTTPS. Find out [INFORMATION-AGE.COM] COMMENT: Securing the Government Cloud. What many government network defenders have forgotten is that security in a cloud environment is a shared responsibility. The cloud provider secures the internet and physical infrastructure, but the cloud customer is responsible for protecting its own data. FedRAMP and third-party certifications assure that the cloud provider is doing its part. But it is ultimately up to customers to ensure they’re taking steps to prevent, detect and respond to cyber adversaries during the attack lifecycle. Read more [FCW.COM]
  60. 60. Project Management
  61. 61. Project Management GUIDE: Scrum Agile Project Management: The Smart Person’s Guide. Here’s a go-to guide on scrum, a popular agile project management framework. You’ll learn scrum terminology, how to use the methodology in software and product development projects, and more. Find out more [TECHREPUBLIC.COM] TOOLS: 7 Project Management Tools Any Business Can Afford. There’s no shortage of project management solutions for mid-size and large businesses. Startups, though, have limited budgets and simply can’t afford high-priced project management software. Here are seven affordable options. Find out more [CIO.COM]
  62. 62. Project Management RISK: Open Source Project Management Can Be Risky Business. Learn how open source code is a huge factor in mitigating risk. Find out more [OPENSOURCE.COM] FEDERAL GOVERNMENT: Get on the Same Platform, CIO Council Urges. Taking a government-as-a-platform approach to IT service delivery by leveraging cloud- supported solutions can help modernize and digitize federal agencies, according to a new report from the CIO Council. Find out more [GCN.COM]
  63. 63. Project Management FITNESS TRACKING: Weight Loss On Your Wrist? Fitness Trackers May Not Help. Fitness trackers remain wildly popular, but do they make us fit? Maybe not, according to a study that asked overweight or obese young adults to use the tiny tracking tools to lose weight. Read the rest [NPR.ORG]
  64. 64. Application Development
  65. 65. Application Development INDUSTRY INSIGHT: 4 Steps to Agile Success. There’s a noticeable shift toward agile development taking place within the federal government. Driven by a need for accelerated application development and meeting internal customers’ needs on the very first attempt, agencies like the General Services Administration and Department of Homeland Security have begun to move away from traditional waterfall project management frameworks and toward iterative, agile frameworks like scrum. Read more [GCN.COM]
  66. 66. Application Development IT MODERNIZATION: 3 Strategies for Building Successful Agile Teams. Is the federal government truly ready to embrace agile software development? Successful agile environments do not start with technology; they start with creating the right team. This can be harder than it may first appear, because agile challenges preconceived norms of how federal IT teams should be structured and the way they approach projects. Agile teams are typically a combination of individual contributors (particularly those from development and quality assurance backgrounds) who rarely work together but must now collaborate to achieve common goals. Read the rest [NEXTGOV.COM] ENTERPRISE: Air Force Intelligence Unit Goes Agile. The US Air Force is determined to get more agile to produce applications that can be useful in times of conflict. Find out more [INFORMATIONWEEK.COM]
  67. 67. Application Development PEOPLE & CAREERS: Sloughing Off the Government Stereotypes. What are CIOs doing to lure millennials into government IT? Government CIOs across the board are being forced to confront the retirement wave that’s about to decimate their ranks. But does the next generation of IT pros want the jobs their parents and grandparents are leaving behind? Read more [GOVTECH.COM]
  68. 68. Big Data
  69. 69. Big Data BUSINESS INTELLIGENCE: Fact or Fallacy: How State and Local Agencies Can Maximize Big Data. The potential advantages of Big Data read like a most-wanted list for any agency with aims to innovate: increased transparency, collaboration and citizen engagement. By analyzing Big Data, leaders lean less on subjective factors and instead measure the success of programs with objective evidence to prove value to the community. While Big Data opportunities are exciting, citizens, elected officials and regulatory bodies will scrutinize every dollar spent. As with any technology, government must ensure a business intelligence deployment is cost- effective. Read more [STATETECHMAGAZINE.COM]
  70. 70. Big Data ADVICE: How to Avoid Big Data Analytics Failures. Follow these six best practices to blow past the competition, generate new revenue sources, and better serve customers. Read the rest [INFOWORLD.COM] HEALTH CARE: The Real Limitations of Big Data. There is also no question that digital fuel is driving virtually every transformation in healthcare happening today. Speaking at the MedCity Converge conference in Philadelphia, John Quackenbush, a professor of biostatistics and computational biology at Dana-Farber Cancer Institute, noted that the average hospital is generating roughly 665 terabytes of data annually, with some four-fifths of it in the unstructured forms of images, video, and doctor’s notes. But the great limiting factor in harnessing all of this information-feedstock is not a “big data problem,” but rather a “messy data problem.” Find out more [FORTUNE.COM]
  71. 71. Big Data STORAGE: Tapping Big Data to Predict the Future. Franz Inc. adds future predictive analytics to its data visualization tool, Gruff 7.0, allowing users to create what-if scenarios and uncover hidden relationships. Read more [NETWORKWORLD.COM]
  72. 72. Personal Tech
  73. 73. Personal Tech EDUCATION: As Coding Boot Camps Close, the Field Faces a Reality Check. In the past five years, dozens of schools have popped up offering an unusual promise: Even humanities graduates can learn how to code in a few months and join the high-paying digital economy. Students and their hopeful parents shelled out as much as $26,000 seeking to jump-start a career. But the coding boot-camp field now faces a sobering moment, as two large schools have announced plans to shut down this year – despite backing by major for-profit education companies, Kaplan and the Apollo Education Group, the parent of the University of Phoenix. Read more [NYTIMES.COM]
  74. 74. Personal Tech MOVING: U-Haul Introduces Self-Service Using Your Smartphone Camera. In what it calls a first for the move-yourself industry, U-Haul International has unveiled a self-serve truck-rental option designed for people seeking to conduct the entire process online — day or night. Read the rest [USATODAY.COM] ECOMMERCE: Watch Out, Amazon: Google And Walmart Are Partnering To Enable Voice-Based Shopping. In a bid to compete with Amazon’s Alexa virtual assistant, which can be used as a way for customers to order from Amazon using Echo, Google has partnered with Walmart to offer a similar service to owners of its Home smart speaker. Find out more [TECHTIMES.COM]
  75. 75. Personal Tech TECH TIP: Finding Your iPad Backup Files. Prefer to keep your backups on the ground and out of the cloud? If so, where does your iPad backup file live on the computer when you back it up with iTunes? Find out [NYTIMES.COM]
  76. 76. Mobile Applications
  77. 77. Mobile TOOLS: How IT and End Users Can Build Mobile Apps with RMAD Tools. High- profile cybercrime such as data theft, ransomware and computer hacks seem to be occurring more frequently and with higher costs, but cloud computing may provide the security that companies are searching for, experts suggest. Read more [SEARCHMOBILECOMPUTING.TECHTARGET.COM] ONLINE BANKING: Hackers Target Your Mobile Bank App; You Can Fight Back. A veritable flood of consumers is heading for mobile, according to Juniper Research. It predicts over 3 billion people around the world will be banking on mobile by 2021 — quite a lure for hackers who target financial apps. That means more people are likely to fall prey, so bank customers will need to be ready to protect their devices and their bank accounts. Read the rest [NERDWALLET.COM]
  78. 78. Mobile SECURITY: How to Expose Flaws in Custom-Built Mobile Apps. A software bill of materials can help uncover known vulnerabilities and keep corporate apps more secure. Find out more [COMPUTERWORLD.COM] ENTERPRISE: Enterprise Mobile Apps Are Still Treated as Second-Class Citizens. Surveys document the rising importance of mobile apps to digital-crazed enterprises — yet, nobody is happy with how they’re being built and deployed. Read more [ZDNET.COM]
  79. 79. Programming & Scripting Development Client & Server-Side
  80. 80. Programming & Scripting Development Client & Server-Side NODE.js: New Node.js API Will Shield Modules from JavaScript Engine Changes. Help is on the way for developers building native modules for Node.js, as well for those who want to swap out the underlying JavaScript engine powering the platform. Currently, modules must be recompiled to work with new versions of Node.js and the JavaScript engine, which traditionally has been Google’s V8 engine. But N-API is about to make things easier by providing an API for linking in native add-ons. Independent of the underlying JavaScript runtime, N-API will be stable for the application binary interface (ABI) across Node versions, to insulate add-ons from changes in the underlying JavaScript engine. Modules compiled for one version of Node.js would then run on later versions with no need to recompile. Read more [INFOWORLD.COM]
  81. 81. Programming & Scripting Development Client & Server-Side JAVA: How to Convert Java Apps to JavaScript with CheerpJ. Cheerpj is a unique tool that will convert Java bytecodes into JavaScript, allowing developers to move their applications and software to the web with relative ease. The best part is it doesn’t require a plugin or Java installation to work. For good measure, this means you don’t have to go through the trouble of downloading, installing, and configuring a Java environment and IDE. Read the rest [JAXENTER.COM] JAVASCRIPT: The Best JavaScript Testing Tools for React. How to choose the right test runner, test framework, assertion libraries, and add-on tools for your React project. Find out more [INFOWORLD.COM]
  82. 82. Programming & Scripting Development Client & Server-Side POPULAR: Programming Languages: Python is Hottest, but Go and Swift are Rising. Python edges out C and Java to become the most popular programming language. Read more [ZDNET.COM] JAVASCRIPT: Get Started with React: The InfoWorld Tutorial. React, also known as ReactJS, is an open source JavaScript library for building user interfaces, often for single-page applications or to add interactive views to existing web applications built in a variety of architectures. React is not an end-to-end JavaScript application framework. It has no support for models or controllers, although there are projects related to React that cover these functions, along with routing. You can easily combine React with other architectures. NOTE: You must sign up for a free account in order to access this tutorial. Read more [INFOWORLD.COM]
  83. 83. Programming & Scripting Development Client & Server-Side JAVA: Microsoft Joins Java-oriented Cloud Foundry. What’s Microsoft doing joining an open-source Platform-as-a-Service (PaaS) cloud provider, which largely uses Java and Node.js to build applications instead of .NET Core? Easy. Corey Sanders, Microsoft’s director of Azure Compute, told me: “That’s where the customers are. Microsoft has been working with Cloud Foundry since 2015. It’s a natural progression for us and our customers love running on Cloud Foundry on Azure.” Read the rest [ZDNET.COM]
  84. 84. Programming & Scripting Development Client & Server-Side PYTHON: A Closer Look at Python-SQL Server 2017 Integration. Do you know everything you need to take advantage of SQL Server 2017’s support of Python? NOTE: Email address registration required to gain access. Find out more [ZDNET.COM] KOTLIN: The Programmers Guide To Kotlin – The Basics. There is renewed interest in Kotlin, the open source Java replacement language pioneered by JetBrains, now that Google has decided to support it as the third official Android development language. What better time could there be to find out what it is and how to use it. Read more [I-PROGRAMMER.INFO]
  85. 85. Cloud Computing
  86. 86. Cloud Computing CYBERCRIME: Ransomware Can Cost Firms over $700,000; Cloud Computing May Provide the Protection They Need. High-profile cybercrime such as data theft, ransomware and computer hacks seem to be occurring more frequently and with higher costs, but cloud computing may provide the security that companies are searching for, experts suggest. Read more [CNBC.COM] TUTORIAL: What is Cloud Computing? Everything You Need to Know Now. Cloud computing has evolved beyond basic SaaS, IaaS, and PaaS offerings, as the cloud matures to become the engine of enterprise technology innovation. Read the rest [INFOWORLD.COM]
  87. 87. Cloud Computing FUTURE: Edge Computing Could Push the Cloud to the Fringe. Peter Levine, a general partner at venture capital firm Andreessen Horowitz, has an interesting working theory. He believes that cloud computing is soon going to take a back seat to edge computing – and we will very quickly see the majority of processing taking place at the device level. As crazy as that sounds – and he fully recognizes that it does – Levine says it’s based on sound analysis of where he sees computing going – and he believes his job as an investor is to recognize where the industry is heading before it happens. Find out more [TECHCRUNCH.COM]
  88. 88. Cloud Computing CLOUD TECH: Cloud Computing’s Open Container Initiative Hits the 1.0 Release Milestone. Another light-touch cloud standards effort under the auspices of The Linux Foundation reached a milestone mid-July, with the release of the 1.0 version of the Open Container Initiative. The Open Container Initiative is a collection of cloud-computing companies working on a common specification for container runtimes. Read more [GEEKWIRE.COM] CLOUD CAREERS: How to Move into a Coud Career from Traditional IT. From architects to developers, there is a path from traditional IT to the gold-plated jobs in the cloud. Read the rest [INFOWORLD.COM]
  89. 89. Cloud Computing PROJECTION: The Next Phase Of The Cloud Computing Revolution Is Here. Few trends in information technology (IT) have had a greater impact than the rise of cloud computing. In 2016, Amazon Web Services (AWS), the leading public cloud provider, brought in $12.2 billion in net sales, a 55% increase over the previous year. Today’s startup companies are practically required to have a cloud strategy or risk losing funding. Not to mention, just about every enterprise CIO has cloud migration and security in their top strategic mandates, and about 70% of organizations have at least one application in the cloud. The cloud has won, and its momentum is only expected to increase. However, not every company is equally well-positioned to move to the cloud. Companies will need to adjust their strategies and approach to remain competitive over the next decade. Read more [FORBES.COM]
  90. 90. Cloud Computing STRATEGY: Assessing the Key Reasons Behind a Multi-Cloud Strategy. Everyone who follows cloud computing agrees that we are starting to see more businesses utilize a multi-cloud strategy. The question this raises is: why is a multi-cloud strategy important from a functional standpoint, and why are enterprises deploying this strategy? Find out more [CLOUDCOMPUTING-NEWS.NET] CLOUD COMPUTING: For Firms, Here is Why it is a Challenge to Harness its Potential. The storage of data on cloud-based servers is the latest iteration in the digital revolution in India and has enabled organizations not only lower risks of loss of data but has also increased remote accessibility of such data. Read more [FINANCIALEXPRESS.COM]
  91. 91. Cloud Computing STRATEGY: Assessing the Key Reasons Behind a Multi-Cloud Strategy. Everyone who follows cloud computing agrees that we are starting to see more businesses utilize a multi-cloud strategy. The question this raises is: why is a multi-cloud strategy important from a functional standpoint, and why are enterprises deploying this strategy? Find out more [CLOUDCOMPUTING-NEWS.NET] CLOUD COMPUTING: For Firms, Here is Why it is a Challenge to Harness its Potential. The storage of data on cloud-based servers is the latest iteration in the digital revolution in India and has enabled organizations not only lower risks of loss of data but has also increased remote accessibility of such data. Read more [FINANCIALEXPRESS.COM]
  92. 92. Cloud Computing STRATEGY: Assessing the Key Reasons Behind a Multi-Cloud Strategy. Everyone who follows cloud computing agrees that we are starting to see more businesses utilize a multi-cloud strategy. The question this raises is: why is a multi-cloud strategy important from a functional standpoint, and why are enterprises deploying this strategy? Find out more [CLOUDCOMPUTING-NEWS.NET] CLOUD COMPUTING: For Firms, Here is Why it is a Challenge to Harness its Potential. The storage of data on cloud-based servers is the latest iteration in the digital revolution in India and has enabled organizations not only lower risks of loss of data but has also increased remote accessibility of such data. Read more [FINANCIALEXPRESS.COM]
  93. 93. Announcement
  94. 94. Announcement Blue Mountain Data Systems DOL Contract Extended Another Six Months The Department of Labor has extended Blue Mountain Data Systems Inc. contract DOLOPS16C0017 for 6 months for network administration and application support. U.S. Dept. of Labor, Employee Benefits Security Administration 1994 to Present Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support.
  95. 95. IT Security | Cybersecurity
  96. 96. IT Security | Cybersecurity INSIGHT: Why State and Local Government Still Struggle with Cybersecurity. State and local governments are struggling to deal with a number of cybersecurity threats. Tight budgets, lack of talent in the workforce and the constantly evolving nature of threats are a few reasons why the challenge is mounting. But cybersecurity cannot go neglected. State and local agencies store massive amounts of sensitive constituent data such as Social Security numbers, health care records and driver license numbers. And without a secure infrastructure, the public transportation systems, electric grids and water plants powering our nation’s cities remain vulnerable. Read more [GCN.COM] FYI: New Framework Defines Cyber Security Workforce Needs. Both the federal government and its contractors are locked in a battle for talent with commercial providers, each vying for the best personnel in critical areas of cybersecurity, and each dealing with a shortage of available talent. Read the rest [GOVTECHWORKS.COM]
  97. 97. IT Security | Cybersecurity OPINION: We’re Thinking about Cybersecurity All Wrong. Obama’s former cyber advisor, Michael Daniel, on how we need to overhaul the way we manage the new “tool for statecraft.” Find out more [TECHNOLOGYREVIEW.COM] FEDERAL HIRING: One Easy Thing Your Agency Can Do to Attract More Cybersecurity Talent. Building a well-trained cyber workforce has been a challenge for the federal government, and the first step in that process is finding well-qualified candidates to fill the positions. Laura Bate, senior programming associate for New America’s Cybersecurity Initiative, said there are several factors that make that the case, but agencies do have options to overcome the obstacles. Read more [FEDERALNEWSRADIO.COM]
  98. 98. From the Blue Mountain Data Systems Blog Programming & Scripting https://www.bluemt.com/programming-scripting-daily-tech-update-august-31- 2017/ Cloud Computing https://www.bluemt.com/cloud-computing-daily-tech-update-august-30-2017/ Federal Technology https://www.bluemt.com/federal-technology-daily-tech-update-august-29-2017/ Network Security https://www.bluemt.com/network-security-daily-tech-update-august-28-2017/
  99. 99. From the Blue Mountain Data Systems Blog Personal Tech https://www.bluemt.com/personal-tech-daily-tech-update-august-25-2017/ Databases https://www.bluemt.com/databases-daily-tech-update-august-24-2017/ Penetration Testing https://www.bluemt.com/penetration-testing-daily-tech-update-august-23- 2017/ Incident Response https://www.bluemt.com/incident-response-daily-tech-update-august-22-2017/
  100. 100. From the Blue Mountain Data Systems Blog Security Patches https://www.bluemt.com/security-patches-daily-tech-update-august-21-2017/ Operating Systems https://www.bluemt.com/operating-systems-daily-tech-update-august-17-2017/ Encryption https://www.bluemt.com/encryption-daily-tech-update-august-16-2017/ Cloud Computing https://www.bluemt.com/cloud-computing-daily-tech-update-august-15-2017/
  101. 101. From the Blue Mountain Data Systems Blog Incident Response https://www.bluemt.com/incident-response-daily-tech-update-august-11-2017/ Cybersecurity https://www.bluemt.com/cybersecurity-daily-tech-update-august-10-2017/ Big Data https://www.bluemt.com/big-data-daily-tech-update-august-9-2017/ Mobile Applications https://www.bluemt.com/mobile-applications-daily-tech-update-august-8-2017/
  102. 102. From the Blue Mountain Data Systems Blog Open Source https://www.bluemt.com/open-source-daily-tech-update-october-5-2016/ CTO, CIO and CISO https://www.bluemt.com/cto-cio-ciso-daily-tech-update-october-4-2016/ Programming & Scripting https://www.bluemt.com/programming-scripting-daily-tech-update-october-3- 2016/
  103. 103. From the Blue Mountain Data Systems Blog Open Source https://www.bluemt.com/open-source-daily-tech-update-august-4-2017/ CIO, CTO & CISO https://www.bluemt.com/cio-cto-ciso-daily-tech-update-august-3-2017/ Business Intelligence https://www.bluemt.com/business-intelligence-daily-tech-update-august-1- 2017/
  104. 104. From the Blue Mountain Data Systems Blog Security Risks Most Prevalent in Younger Workers https://www.bluemt.com/security-risks-most-prevalent-in-younger-workers/ The Security World’s Maturation https://www.bluemt.com/the-security-worlds-maturation/ Data Breach Concerns Keep CISOs Up At Night https://www.bluemt.com/data-breach-concerns-keep-cisos-up-at-night/ Personalized Govt Equals Instant Gratification for Citizens https://www.bluemt.com/personalized-govt-equals-instant-gratification-for- citizens/
  105. 105. From the Blue Mountain Data Systems Blog People-Centric Security https://www.bluemt.com/people-centric-security/ Pentagon Tries BYOD To Strike Work/Life Balance https://www.bluemt.com/pentagon-tries-byod-to-strike-worklife-balance/ Open Source Model Considered for MS Windows https://www.bluemt.com/open-source-model-considered-for-ms-windows/ Open Internet: To Be or Not to Be? https://www.bluemt.com/open-internet-to-be-or-not-to-be/
  106. 106. From the Blue Mountain Data Systems Blog Malware Stays A Step Ahead Infecting One Third of Websites https://www.bluemt.com/malware-stays-a-step-ahead-infecting-one-third-of- websites/ Machine-Generated Data: Potential Goldmine for the CIO https://www.bluemt.com/machine-generated-data-potential-goldmine-for-the- cio/ Government Legacy Programs: Reuse vs. Replacement https://www.bluemt.com/government-legacy-programs-reuse-vs-replacement/ It Takes a Whole Village to Protect Networks and Systems https://www.bluemt.com/it-takes-a-whole-village-to-protect-networks-and- systems/
  107. 107. From the Blue Mountain Data Systems Blog Governance For the CIO https://www.bluemt.com/governance-for-the-cio/ Help Desk Consolidation – Lessons Learned https://www.bluemt.com/help-desk-consolidation-lessons-learned/ One Year Later, Companies Still Vulnerable to Heartbleed https://www.bluemt.com/one-year-later-companies-still-vulnerable-to- heartbleed/ Federal Projects Cultivate Worker Passion https://www.bluemt.com/federal-projects-cultivate-worker-passion-2/
  108. 108. ABOUT US Blue Mountain Data Systems Inc. Blue Mountain Data Systems Inc. is dedicated to application and systems development, electronic document management, IT security support, and the automation of workflow processes. Read more about our experience here: >> http://bluemt.com/experience
  109. 109. Recent Experience U.S. Dept. of Labor Employee Benefits Security Administration 1994 to Present Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support.
  110. 110. MANAGEMENT Paul T. Vesely Founder, President, CEO and Principal Architect Mr. Vesely is a recognized thought leader in systems architecture and delivery, having designed and delivered many enterprise wide information and document management solutions. Mr. Vesely’s history includes 33 years experience in the information systems industry, with Unisys, Grumman, PRC and a host of clients in both government and private sectors.
  111. 111. CONTACT US Contact Us Today to Discuss Your Next IT Project HEADQUARTERS 366 Victory Drive Herndon, VA 20170 PHONE 703-502-3416 FAX 703-745-9110 EMAIL paul@bluemt.com WEB https://www.bluemt.com

×