Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Upcoming SlideShare
What to Upload to SlideShare
Next
Download to read offline and view in fullscreen.

Share

Tech Update Summary from Blue Mountain Data Systems June 2017

Download to read offline

June 2017: For CTOs, CIOs & CISOs Every business day, we publish a Daily Tech Update for Federal & State CTOs ,CIOs & CISOs on the Blue Mountain Data Systems Blog. We hope you will visit our blog for the latest information >> https://bluemt.com/blog/

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all
  • Be the first to like this

Tech Update Summary from Blue Mountain Data Systems June 2017

  1. 1. Blue Mountain Data Systems Tech Update Summary June 2017
  2. 2. For CTOs, CIOs & CISOs Visit Blue Mountain Data Systems https://www.bluemt.com
  3. 3. For CTOs, CIOs & CISOs Every business day, we publish a Daily Tech Update for Federal & State CTOs ,CIOs & CISOs on the Blue Mountain Data Systems Blog. We hope you will visit our blog for the latest information. You can also receive these updates via email. Click here to subscribe. Here’s the summary of the Daily Tech Updates for June 2017. Hope the information and ideas prove useful. Best, Paul Vesely President and Principal Architect Blue Mountain Data Systems Inc.
  4. 4. Encryption
  5. 5. Encyption FEDERAL GOVERNMENT: Suing to See the Feds’ Encrypted Messages? Good Luck. The conservative group Judicial Watch is suing the Environmental Protection Agency under the Freedom of Information Act, seeking to compel the EPA to hand over any employee communications sent via Signal, the encrypted messaging and calling app. In its public statement about the lawsuit, Judicial Watch points to reports that EPA staffers have used Signal to communicate secretly, in the face of an adversarial Trump administration. But encryption and forensics experts say Judicial Watch may have picked a tough fight. Delete Signal’s texts, or the app itself, and virtually no trace of the conversation remains. “The messages are pretty much gone,” says Johns Hopkins crypotgrapher Matthew Green, who has closely followed the development of secure messaging tools. “You can’t prove something was there when there’s nothing there.” Find out more [WIRED.COM]
  6. 6. Encyption WHY: We Need to Encrypt Everything. Many major websites already encrypt by default. Here’s why encryption and multifactor authentication should be everywhere. Find out more [INFOWORLD.COM] NEWS: Make Encryption Ubiquitous, Says Internet Society. The Internet Society has urged the G20 not to undermine the positive role of encryption in the name of security, claiming it should provide the foundation of all online transactions. Find out more [INFOSECURITY-MAGAZINE.COM]
  7. 7. Encyption FBI: $61M to Fight Cybercrime, Encryption in Trump Budget Proposal. President Donald Trump’s budget blueprint for the federal government proposes a $61 million increase for the FBI and Justice Department in fiscal 2018 to better track terrorist communications and combat cybercriminals. Find out more [FEDSCOOP.COM]
  8. 8. Encyption ENCRYPTION: Usage Grows Again, but Only at Snail’s Pace. Deployment pains and problems with finding data in the corporate maze are being blamed for business’ lack of interest in crypto. Read more [ZDNET.COM] ATTACKS/BREACHES: The Long Slog To Getting Encryption Right. Encryption practices have improved dramatically over the last 10 years, but most organizations still don’t have enterprise-wide crypto strategies. Read the rest [DARKREADING.COM]
  9. 9. Encyption ENTERPRISE: Keeping the Enterprise Secure in the Age of Mass Encryption. How can businesses ensure enterprise security in a world with mass encryption, given Mozilla’s revelations recently that over half of webpages loaded by Firefox use HTTPS. Find out [INFORMATION-AGE.COM] READ: Encryption Won’t Stop Your Internet Provider From Spying on You. Data patterns alone can be enough to give away what video you’re watching on YouTube. A 2016 Upturn report sets out some of the sneaky ways that user activity can be decoded based only on the unencrypted metadata that accompanies encrypted web traffic—also known as “side channel” information. Read more [THE ATLANTIC.COM]
  10. 10. Databases
  11. 11. Databases FPGAs: Shaking Up Stodgy Relational Databases. So you are a system architect, and you want to make the databases behind your applications run a lot faster. There are a lot of different ways to accomplish this, and now, there is yet another – and perhaps more disruptive – one. Read more [NEXTPLATFORM.COM] DATA BREACHES: If You Want to Stop Big Data Breaches, Start With Databases. Over the past few years, large-scale data breaches have become so common that even tens of millions of records leaking feels unremarkable. One frequent culprit that gets buried beneath the headlines? Poorly secured databases that connect directly to the internet. Read the rest [WIRED.COM]
  12. 12. Databases TRENDS: Top Databases in 2017: Trends for SQL, NoSQL, Big Data, Fast Data. What are the most in demand tools for data storage and processing this year? Find out [JAXENTER.COM] IBM: Jumps on Bandwagon for Cloud Databases. Responding to what it says is growing demand for deploying SQL databases in the cloud, IBM this week rolled out a transactional database as a service on its SoftLayer cloud infrastructure. The move reflects the steady advance of cloud-native data platforms along with a growing number of analytics and transaction databases provisioned in the cloud. Read more [ENTERPRISETECH.COM]
  13. 13. More About Blue Mountain BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S. Dept. of Labor, Employee Benefits Security Administration. Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support. Read more.
  14. 14. Electronic Document Management
  15. 15. Electronic Document Management SECURE DOCUMENTS: 18 Ways to Secure Your Electronic Documents. Electronic Document Management Systems (EDMS) are electronic repositories designed to provide organized, readily retrievable, collections of information for the life cycle of the documents. How can you keep these electronic files secure during the entire chain of custody? Here are 18 security suggestions. Read more [BLUEMT.COM] LEGAL DEPT DOCUMENT MANAGEMENT: Investing in New Technologies: How Corporate Legal Departments Are Leading the Way. Many departments are looking to technology to assist with automation of processes, resource and budgetary management, and tracking. Connie Brenton, co-founder of Corporate Legal Operations Consortium (CLOC), a non-profit association of legal operations executives, explains, “Corporate executives expect the GC’s office to be a business counselor to the firm, and to discuss numbers, data and analytics. Efficiency is now essential for legal departments, and this has advanced software’s role and accelerated technology adoption.” Find out more [INSIDECOUNSEL.COM]
  16. 16. Electronic Document Management CFPB: Looks to Embrace Cloud for Email, Office Application Needs. The Consumer Financial Protection Bureau wants to move to a public cloud setup for some of its core enterprise apps. The financial watchdog agency recently sent out a Request for Information (RFI) on the process, technical requirements and costs of moving to cloud services in fiscal year 2017. CFPB wants to establish a more complete understanding on the costs associated with moving fully to a cloud solution for email and office applications (e.g., documents, spreadsheets, presentations, SharePoint and more).Read the rest [FEDTECHMAGAZINE.COM]
  17. 17. Electronic Document Management ROI: 4 Ways Business Document Management Software Can Save You Money. Lisa Croft, Group Product Marketing Manager at Adobe Document Cloud, talks about the many ways business document management can save your company time, space, and more importantly, loads of money. Here are the four most obvious ways these tools provide excellent return-on-investment. Read more [PCMAG.COM]
  18. 18. Security Patches
  19. 19. Security Patches MOBILE: March Android Security Update Breaks SafetyNet, Android Pay. An issue with the March Android over-the-air security update has been resolved after Nexus 6 users complained that Android Pay no longer worked after installation of the update. The update in fact broke Android’s SafetyNet API which provides a constant check on device integrity, blocking access to certain features – such as Android Pay – if it believes a device has been rooted. A Google representative confirmed to Threatpost that the issue was resolved and the OTA update re-issued, even for devices that had already installed the bad update. Find out more [THREATPOST.COM]
  20. 20. Security Patches ADOBE: Flash Player New Security Update. On March 14, Adobe Flash Player users should receive a new security update instead of the February patches. This is because Microsoft has engaged to its earlier plan to defer and deliver the updates at a later date even if the security patches are now available. On February 2017, Adobe has addressed the issue and found a solution in which a patch was able to deal with the security problem. For this reason, users are given access to both MS17-005 Security Update for the Adobe Flash Player. This is due to the update from Adobe and the provision by Microsoft. This vulnerability has been considered a critical issue due to the permission that it can grant the attackers. In a report by security specialists, such a vulnerability indicates that attackers are granted control of the machine that was infected. This is in the sense that they are allowed to send remote commands.. Find out more [TNHONLINE.COM]
  21. 21. Security Patches SECURITY: After CIA Leaks, Tech Giants Scramble to Patch Security Flaws. Apple, Microsoft, and Google are analyzing leaked CIA documents to see if their products are affected, but security researchers say that most of the flaws have long been fixed. Find out more [ZDNET.COM] CMS: WordPress Finally Patches 6 Glaring Security Issues. WordPress is the most popular CMS in the world – and the most hacked. Just last month, hackers engaged in a “feeding frenzy” at the expense of WordPress sites across the web, exploiting a vulnerability found in the WP REST API plugin. After patching that security issue, Automattic, the company behind WordPress, rolled out yet another security patch this week in the form of WordPress 4.7.3. Find out more [CMSWIRE.COM]
  22. 22. Security Patches ORACLE: Oracle Releases Nearly 300 Security Patches. Apache Struts fixes take the lead in the patch-Tuesday, which also includes fixes for various Shadow Brokers leaks. Read more [SCMAGAZINE.COM] MICROSOFT: Patch Tuesday New Security Update Guide Gets Mixed Reviews. Microsoft’s April Patch Tuesday finally revealed the company’s new approach in rolling out and informing the industry on the security updates for the month and at best has received mixed reviews from several industry insiders. Read the rest [SCMAGAZINE.COM]
  23. 23. Security Patches ANDROID: Pixel XL Devices Accidentally Receive ‘Googlers-only OTA’ of Next Android Security Update. Google frequently uses their employees to dogfood updates before they are released to the public. Earlier this evening, a “confidential Googlers-only OTA” appears to have inadvertently been pushed to some Pixel XL devices. Find out [9TO5GOOGLE.COM] READ: Shadow Brokers Lessons…First, Don’t Panic. If you’re worried about zero- days and hacking tools but not outdated software and obsolete systems in your network, then you’re doing security wrong. Read more [INFOWORLD.COM]
  24. 24. CIO, CTO & CISO
  25. 25. For the CIO, CTO & CISO CIO: USCIS CIO Schwartz to Leave Government. Mark Schwartz, the groundbreaking chief information officer at the U.S. Citizenship and Immigration Service in the Homeland Security Department is leaving government. Schwartz’s decision to leave government is the second major change in the CIO ranks in the last few weeks. David Bray, the Federal Communications Commission CIO, another CIO who has been on the leading edge announced he’s moving to a new position at the National Geospatial-Intelligence Agency. Read more [FEDERALNEWSRADIO.COM]
  26. 26. CIO, CTO & CISO CTO: Former VA CTO John Hays Named Merlin Federal Healthcare Solutions Director. John Hays, a former chief technology officer at the Department of Veterans Affairs, has joined Merlin International as director of federal healthcare solutions business at the Englewood, Colorado-based information technology and cybersecurity services contractor. Read the rest [GOVCONWIRE.COM]
  27. 27. CIO, CTO & CISO CISO: 3 Lessons Agencies Need to Learn from WannaCry. Federal government systems escaped the global outbreak of the WannaCry ransomware, but agencies can glean lessons to fend off whatever comes next. Find out more [NEXTGOV.COM] CIO AGAIN: DHS CIO Leads with a Hands-on Style. The Department of Homeland Security isn’t looking for one-size-fits-all IT, said its CIO, Richard Staropoli, but rather technology that can address common and specific needs across its sprawling family of component agencies. Read more [FCW.COM]
  28. 28. Penetration Testing
  29. 29. Penetration Testing APPS: 6 Ways Your Apps May Be Attacked: How Crowdsourced Penetration Testing Improves Software Development. In the modern world of security, there is stuff you worry about and stuff you don’t. Most companies have SaaS and third-party applications, cloud infrastructure, and other systems. For much of this footprint, there is only a limited amount you can do to ensure protection. The fundamental security of the systems is the responsibility of the provider. Read more [FORBES.COM] DEVOPS: Framework Speeds Software Delivery. A new DevOps framework can help agile developers securely upgrade government IT systems and move to the cloud. After about almost a year of testing at several agencies, including the Department of Health and Human Services and the Federal Emergency Management Agency, eGlobalTech has made its DevOps Factory broadly available. Read the rest [GCN.COM]
  30. 30. Penetration Testing CITIES: A 10-Step Cybersecurity Checklist for Smart Cities. In order to guide smart city developers, Trend Micro has come up with a quick 10-step cybersecurity checklist they can refer to when implementing smart technologies. Find out more [ENTERPRISEINNOVATION.NET] VULNERABILITIES: Hacking The Penetration Test. Penetration testers rarely get spotted, according to a Rapid7 report analyzing its real-world engagements. Read more [DARKREADING.COM]
  31. 31. Open Source
  32. 32. Open Source OPEN19: The Vendor-Friendly Open Source Data Center Project. In case you missed it, LinkedIn last month teamed up with GE, Hewlett Packard Enterprise, and a host of other companies serving the data center market to launch a foundation to govern its open source data center technology effort. The Open19 Foundation now administers the Open19 Project, which in many ways is similar to the Open Compute Project, started by Facebook, but also stands distinctly apart thanks to several key differences. Read more [DATACENTERKNOWLEDGE.COM]
  33. 33. Open Source CLOUD: Google Open Sources More Machine Learning Computer Vision Technology. Google has made more of its extensive research around machine learning and computer vision available to the open source community. The company has publicly released an API that developers and researchers can use to explore a Google computer vision system for automatically detecting and correctly identifying multiple objects in a single image. Read the rest [EWEEK.COM]
  34. 34. Open Source NSA: Sharing 32 Open Source Projects on GitHub. The US National Security Agency (NSA) has launched an official GitHub page. GitHub is an online service used to share code amongst programmers. So, what is the NSA sharing? So far, it lists 32 different projects, although several, like SELinux, are years old. Find out more [THEINQUIRER.NET] GSA: Looks to Bring AI to Proposal Reviews. The General Services Administration wants to streamline the FASlane review process for new proposals by using distributed ledger technology, automated machine learning and/or artificial intelligence to review and exchange information. Read more [GCN.COM]
  35. 35. Business Intelligence
  36. 36. Business Intelligence DISCOVER: 7 Forces Driving Modern Business Intelligence Growth. The number of organizations embracing business intelligence platforms continues to grow, but more focus is being placed on business-led, agile analytics and self-service features rather than IT-led system-of-record reporting. That is the finding of a recent study by Gartner, which looked at market trends in business intelligence and analytics overall, and differences between traditional BI investments and modern BI. Find out more [INFORMATION-MANAGEMENT.COM] GOOGLE: The AI Talent Race Leads Straight to Canada. America’s biggest tech companies are remaking the internet through artificial intelligence. And more than ever, these companies are looking north to Canada for the ideas that will advance AI itself. Find out more [WIRED.COM]
  37. 37. Business Intelligence READ: The Unmistakable Conviction of Visual Business Intelligence. Visual business intelligence represents the summation of BI’s time-honored journey from the backrooms of IT departments to the front offices of business analysts and C level executives alike. It seamlessly merges the self-service movement’s empowerment of the business via user-friendly technology with the striking data visualizations servicing everything from data preparation to analytics results. Find out more [KMWORLD.COM] NGA: Looks to “Reinvent security’ with Fast-Churn Cloud Architecture. To better protect the nation’s intelligence networks, the National Geospatial-Intelligence Agency is moving most of its IT operations to the cloud and looking to “reinvent security” in the process. Jason Hess, the NGA’s chief of cloud security, wants to take advantage of cloud’s flexibility to tear down the agency’s IT architecture and rebuild it every day so that would-be attackers will confront a confusing operating environment and enjoy limited time-on-target. Find out more [GCN.COM]
  38. 38. Operating Systems
  39. 39. Operating Systems WINDOWS 10: Is Windows 10 an Operating System or an Advertising Platform? Windows 10 has certainly gotten its share of lumps since it was released. Some users really liked it, while other detested the changes made by Microsoft. Windows 10 has proven to be a great example of beauty being in the eye of the beholder. One writer at BetaNews recently wondered if Windows 10 was an operating system or an advertising platform. Find out more [INFOWORLD.COM]
  40. 40. Operating Systems MOBILE: Android is Set to Overtake Windows as Most Used Operating System. After more than eight years in the hands of consumers, Android is poised to overtake Windows as the most used operating system in the world. This measurement comes by way of web analytics firm StatCounter, which follows trends in worldwide web traffic. Microsoft Windows holds the slimmest of margins over Android, and they could trade positions very soon if current trends continue. Find out more [EXTREMETECH.COM]
  41. 41. Operating Systems PERSONAL TECH: Just What Was in That iOS System Update? When you get the notice of a software update for iOS, there’s usually a link to read about the security content of the update. But where does Apple officially tell you about all other things that change in these upgrades? Find out more [NYTIMES.COM] LEARN: The Best Alternatives Operating Systems. For most people, the only operating systems they know of are Windows, macOS, Android and iOS. However, there are other operating systems you can consider. Here’s a list of six alternative operating systems for your review. Find out more [HACKREAD.COM]
  42. 42. Incident Response
  43. 43. Incident Response ENERGY DEPT: Exercise Reveals ‘Gaps’ in Major Cyber Incident Response. Department of Energy exercise last year found shortcomings in the way that federal, state and local governments would work with industry to respond to a major cyber incident affecting energy infrastructure on the East Coast. Read more [THEHILL.COM] OPINION: Complete Security Deception Includes Detection and Incident Response. Finding a threat solves only part of the problem. A complete deception solution will also enable better incident response. Read the rest [NETWORKWORLD.COM]
  44. 44. Incident Response BRIEFS: Threats, Violent Incidents at Federal Facilities Assessed. Read a recent CRS report examining violent incidents at federal facilities, including a tally of nearly 1,000 incidents in recent years that it says probably represents only a small portion of such incidents. Find out [FEDWEEK.COM] READ: Will Congress Help Fund New State and Local Cyber Programs? Back in early March, a bipartisan group introduced the State Cyber Resiliency Act. If passed and funded, the legislation would provide grants for state and local governments to improve cybersecurity protections and incident response. Here’s what you need to know. Read more [GOVTECH.COM]
  45. 45. Cybersecurity
  46. 46. Cybersecurity CITIES: As Cities Get Smarter, Hackers Become More Dangerous. This Could Stop Them. As governments create smarter cities, they need cybersecurity measures built from the ground up – or they risk costly data breaches which could compromise the privacy of their citizens. Find out more [CNBC.COM] FEDERAL GOVERNMENT: Looking to the Feds for Help in Fighting Cybercriminals. Cybercriminals are unrelenting in their attacks on state and local government computer networks, which contain detailed personal and business information — such as birth certificates, driver’s licenses, Social Security numbers and even bank account or credit card numbers — on millions of people and companies. Now, state and local officials are hoping Congress will give them some help in fending off the constant threat. Find out more [GCN.COM]
  47. 47. Cybersecurity INSURANCE: How AIG’s Cyber Security Gamble Could Pay Off. American International Group (AIG) has recently begun offering personal cyber security insurance plans to individuals. The company appears to be riding a wave of individuals’ fears about losing online data or having their bank accounts emptied, and should find success with wealthier customers who have a lot to lose. But it remains to be seen whether ordinary consumers will come to regard cyber security insurance as a necessary expense. Find out more [FORTUNE.COM]
  48. 48. Cybersecurity NIST: Must Audit Federal Cybersecurity Because DHS Isn’t, Hill Staffer Says. A senior House science committee staffer Friday defended controversial legislation expanding the authorities of the government’s cybersecurity standards agency, saying it’s necessary because other agencies aren’t stepping up to the job. The bill, which passed the committee nearly entirely with Republican support earlier this month, would direct the National Institute of Standards and Technology to audit agencies’ cyber protections within two years, giving priority to the most at-risk agencies. Find out more [NEXTGOV.COM]
  49. 49. Cybersecurity STATES: Rhode Island Names First State Cybersecurity Officer. Mike Steinmetz brings a wealth of public- and private-sector experience to the Ocean State, where he will serve as the first cybersecurity officer. Read more [GOVTECH.COM] MANAGEMENT: NASCIO Midyear 2017 – Cybersecurity, Agile Take Center Stage. Mitigating hacking attacks, implementing more nimble procurement methods and more will be explored at this year’s National Association of State Chief Information Officer’s Midyear Conference. Read the rest [STATETECHMAGAZINE.COM]
  50. 50. Cybersecurity WHY: You Must Build Cybersecurity Into Your Applications. One of the largest changes underway in the way we create software is that cybersecurity is no longer an afterthought, but instead is being built into every application. The challenge many companies face is how to keep up and make sure the software they create is just as safe as the products they buy. Find out [FORBES.COM] NETWORKS: Trump’s Cybersecurity Mystery: 90 Days In, Where’s the Plan? An executive order was shelved without explanation, and a promised cybersecurity report hasn’t materialized. Read more [NETWORKWORLD.COM]
  51. 51. Cybersecurity SECURITY: Greg Touhill’s Cyber Advice – Think Like a Hacker. DHS aims to get ahead of cybersecurity adversaries via automation tools, but the former U.S. CISO recommends a change of mindset as well. Read more [FEDTECHMAGAZINE.COM] OPINION: Here’s Why Agencies Shouldn’t Give Up on Firewalls. There has been a lot of talk lately about the death of the security perimeter for computer networks, which is an especially sensitive topic for the federal government that helped to create the concept. Everyone seems to think it’s now impossible within cybersecurity to draw a line and keep bad guys on one side and authorized users on the other. Read the rest [NEXTGOV.COM]
  52. 52. Cybersecurity ENTERPRISE: Keeping the Enterprise Secure in the Age of Mass Encryption. How can businesses ensure enterprise security in a world with mass encryption, given Mozilla’s revelations recently that over half of webpages loaded by Firefox use HTTPS. Find out [INFORMATION-AGE.COM] COMMENT: Securing the Government Cloud. What many government network defenders have forgotten is that security in a cloud environment is a shared responsibility. The cloud provider secures the internet and physical infrastructure, but the cloud customer is responsible for protecting its own data. FedRAMP and third-party certifications assure that the cloud provider is doing its part. But it is ultimately up to customers to ensure they’re taking steps to prevent, detect and respond to cyber adversaries during the attack lifecycle. Read more [FCW.COM]
  53. 53. Project Management
  54. 54. Project Management GUIDE: Scrum Agile Project Management: The Smart Person’s Guide. Here’s a go-to guide on scrum, a popular agile project management framework. You’ll learn scrum terminology, how to use the methodology in software and product development projects, and more. Find out more [TECHREPUBLIC.COM] TOOLS: 7 Project Management Tools Any Business Can Afford. There’s no shortage of project management solutions for mid-size and large businesses. Startups, though, have limited budgets and simply can’t afford high-priced project management software. Here are seven affordable options. Find out more [CIO.COM]
  55. 55. Project Management RISK: Open Source Project Management Can Be Risky Business. Learn how open source code is a huge factor in mitigating risk. Find out more [OPENSOURCE.COM] FEDERAL GOVERNMENT: Get on the Same Platform, CIO Council Urges. Taking a government-as-a-platform approach to IT service delivery by leveraging cloud- supported solutions can help modernize and digitize federal agencies, according to a new report from the CIO Council. Find out more [GCN.COM]
  56. 56. Project Management FITNESS TRACKING: Weight Loss On Your Wrist? Fitness Trackers May Not Help. Fitness trackers remain wildly popular, but do they make us fit? Maybe not, according to a study that asked overweight or obese young adults to use the tiny tracking tools to lose weight. Read the rest [NPR.ORG]
  57. 57. Application Development
  58. 58. Application Development FEDERAL GOVERNMENT: New Platform Tries to Bring Some Normalcy to the Agile Craze. New data from Bloomberg Government shows spending on agile services increased to $368 million in fiscal 2016 from $242 million in 2015 among the 40 biggest contract vehicles. The MITRE Corp. developed a free online platform called Acquisition in the Digital Age (AiDA) to provide tools, references and best practices for agencies to use agile methodologies. Read more [FEDERALNEWSRADIO.COM] CLOUD: Can an Agile Cloud Plug the ‘Brain Drain’ in Public Service? Do stacks of paperwork detailing security and compliance regulations keep talented innovators out of government agencies that badly need them? Read the rest [SILICONANGLE.COM]
  59. 59. Application Development STATE & LOCAL GOVERNMENT: 5 Tech Projects That Show Major Benefits Can Come from Modest Investments. In these days of agile development, with Silicon Valley preaching the virtues of failing fast and moving on, it’s hard to see a place for the traditional great big IT procurement in government. Find out more [GOVTECH.COM] LEARN: How to Build an Agile Marketing Team Across Time Zones. Agile marketing is focused around core teams that are always innovating, testing, analyzing and revising, an approach that’s made even more challenging these days by two fast-growing organizational trends: freelance employees and remote teams. One result of these trends is that companies – even small ones – must find ways to collaborate across time zones to deliver competitive marketing services to their clients and customers. Here are four techniques for staying agile. Read more [CMSWIRE.COM]
  60. 60. Big Data
  61. 61. Big Data TRENDS: 5 Trends Driving Big Data in 2017. The ways companies are using data is changing, marking the advancement of tools and the investment from executive leadership of forecasting more parts of the business. To touch on the changing Big Data market, here are five major trends: Read more [CIODIVE.COM] INVESTING: Warren Buffett’s Disarmingly Simple Investment Strategy, Explained by Big Data. In a fascinating new book, a former Google data scientist offers a whole chapter about his brief misadventures in trying to apply big data – what we know from massive amounts of Internet searches – to investing. There is also an interesting analysis as to why Warren Buffett seems to always win big at investing. Essentially, the data say, it’s because he’s a positive guy. Read the rest [MARKETWATCH.COM]
  62. 62. Big Data TECH: Big Oil Turns to Big Data to Save Big Money on Drilling. In today’s U.S. shale fields, tiny sensors attached to production gear harvest data on everything from pumping pressure to the heat and rotational speed of drill bits boring into the rocky earth. The sensors are leading Big Oil’s mining of so-called big data, with some firms envisioning billions of dollars in savings over time by avoiding outages, managing supplies and identifying safety hazards. Find out more [REUTERS.COM]
  63. 63. Big Data LEARN: 3 Massive Big Data Problems Everyone Should Know About. Today, Big Data gives us unprecedented insights and opportunities across all industries from healthcare to financial to manufacturing and more. But, it also raises concerns and questions that must be addressed. The relentless changes to technology and Big Data are keeping everyone on their toes, and the reality is that organizations and tech departments, government agencies, consumer protection groups and consumers are struggling to keep up. For me, there are 3 Big Data concerns that should keep people up at night: Data Privacy, Data Security and Data Discrimination. Read more [FORBES.COM]
  64. 64. Mobile Applications
  65. 65. Mobile JOBS: How RMAD Tools Affect IT and Mobile Developer Jobs. Professionals who use rapid mobile app development tools don’t need to know how to code, but these products don’t take job opportunities away from mobile app developers. Read more [SEARCHMOBILECOMPUTING.TECHTARGET.COM] ENTERPRISE: A New Generation of Enterprise Mobile App Development – Welcome to RMAD 3.0. With the mass-market availability of these more ‘comprehensive’ RMAD 3.0 solutions, enterprises are beginning to adopt technology that for many years they were skeptical of or adverse to. For those that haven’t embraced RMAD 3.0 yet, a recent study found that more than a third of companies are considering doing so. With momentum at its back, RMAD 3.0 seems poised to become the enterprise mobile app development solution that even the most skeptical organisations can trust. Here’s what you need to know. Read the rest [APPSTECHNEWS.COM]
  66. 66. Mobile MOBILE WEB: FCC, FEMA and SSA Retool Their Digital Services To Meet Rising Expectations. How is federal IT changing to appease citizens who demand more responsive and consumer-grade tech services? Find out more [FEDTECHMAGAZINE.COM] MOBILE SECURITY: How to Secure Your Agency’s Increasingly Mobile Workforce. Millennials expect increasingly remote working opportunities, but governments need to ensure that smart home tech isn’t making government networks vulnerable to attack. Read more [STATETECHMAGAZINE.COM]
  67. 67. Programming & Scripting Development Client & Server-Side
  68. 68. Programming & Scripting Development Client & Server-Side JAVASCRIPT: 10 JavaScript Concepts Every Node.js Programmer Must Master. JavaScript can be a boon if used with care – or a bane if you are reckless. Following structured rules, design patterns, key concepts, and basic rules of thumb will help you choose the optimal approach to a problem. Which key concepts should Node.js programmers understand? Here are 10 JavaScript concepts that are most essential to writing efficient and scalable Node.js code. Read more [INFOWORLD.COM] JAVA: 7 Reasons Java Is Not Heading to Retirement. Three billion devices currently run on Java, according to Oracle, the billion-dollar computer tech corporation that champions the platform. But even with its worldwide popularity, skeptics challenge the ability for Java to retain its predominance. However, arguments for modernization don’t always translate into “out with the old and in with the new.” Read the rest [FEDERALNEWSRADIO.COM]
  69. 69. Programming & Scripting Development Client & Server-Side PYTHON: The Python Programming Language Grows in Popularity. Stack Overflow’s recently released Trends solution shows Python has grown 14.3% from 2015 and 2016. According to the Python Software Foundation (PSF), “Python is being used in a variety of ways. Many computer programming languages have a niche area that they serve. For example, Bash scripts focus on operating system tasks, while Ruby focuses more on web development. It seems like Python is used in every domain – system operations, web development, deployment, scientific modeling, etc etc. There is no other language that is so versatile.” Find out more [SDTIMES.COM] SWIFT: Apple Launches a Curriculum for Schools Teaching Swift. Apple has launched a curriculum for schools teaching app development using the company’s beloved Swift programming language. Now available on the iBooks store, the ‘App Development with Swift’ curriculum is a full-year course designed by Apple’s engineers and educators which aims to help students get started with various elements of app design. Read more [DEVELOPER-TECH.COM]
  70. 70. Programming & Scripting Development Client & Server-Side FYI: 10 Up-and-Coming Programming Languages Developers Should Get to Know. There are currently huge numbers of different programming languages in use by software developers, with most jobs requiring the more familiar skills such as Java, JavaScript, PHP and C#. However, as software demands evolve and grow, new and less widely-accepted languages are gaining in prominence, offering developers the right tool for certain jobs. Find out more [TECHWORLD.COM] OPEN SOURCE: Introduction to Functional Programming. Here’s an explanation of what functional programming is, how to explore its benefits, and a list of resources for learning functional programming. Find out more [OPENSOURCE.COM]
  71. 71. Programming & Scripting Development Client & Server-Side JAVASCRIPT: WIRED Had a Potential Infosecurity Problem. Here’s What We Did About It. On February 26th, WIRED’s security reporter Andy Greenberg received an email from Sophia Tupolev, the head of communications at the security firm Beame.io, saying she’d found a security issue on WIRED.com. Tupolev’s company had discovered sensitive data in the source code on many pages on our site, including obfuscated, “hashed” passwords and email addresses for current and former WIRED writers. Here’s what WIRED did to solve the problem. Find out more [WIRED.COM]
  72. 72. Programming & Scripting Development Client & Server-Side JAVA: Managing Both Acute and Chronic Web Application Security Issues. A new, high-severity vulnerability emerged in the Apache Struts 2 open-source framework used to build Java web applications. The flaw allows hackers to inject commands into remote web servers. Within hours, organizations around the world reported attacks exploiting CVE-2017-5638 while Struts 2 users scrambled to apply a patch from the Apache Foundation. What are the practical effects of these events, and what should government InfoSec leaders and practitioners do now? Find out more [GCN.COM]
  73. 73. Cloud Computing
  74. 74. Cloud Computing CLOUD WARS: Amazon Accuses Walmart of Bullying in Cloud Computing Clash. Walmart, the US’s biggest retail chain, has been accused of trying to coerce its technology suppliers into shunning Amazon’s cloud computing service. Amazon has accused its rival of attempting to “bully” the IT companies into picking a rival platform. The row follows a report by the Wall Street Journal, which said other unnamed large retailers had also asked vendors to shun Amazon Web Services. Read more [BBC.CO.UK]
  75. 75. Cloud Computing CLOUD SPEND: Report Affirms Continued Cloud Spend for US Businesses in 2017. More than two thirds of businesses plan to increase their cloud computing spending in 2017, according to a new report from B2B research provider Clutch. The report, which polled 283 IT professionals at businesses across the United States, also found that for almost half (47%) of organisations, increased cost is a key challenge with their cloud provider. Read the rest [CLOUDCOMPUTING-NEWS.NET]
  76. 76. Cloud Computing TRENDS: 3 Things You Should Know About Cloud Computing Right Now. It is no understatement to say that public cloud computing is revolutionizing how technology is used. Executives from the top three public cloud providers – Amazon Web Services, Microsoft Azure, and Google Cloud Platform – spoke at the GeekWire Cloud Tech Summit in Bellevue, Wash in early June. Here are three lessons you need to learn now. Find out more [FORTUNE.COM] NEW CLOUD REGION: Amazon.com to Open Second Government Cloud-Computing Region. The cloud-computing unit of Amazon.com said the new AWS GovCloud Region – which can include one or more data centers – is expected to open in 2018. It will be located on the East Coast. Read more [SEATTLETIMES.COM]
  77. 77. Announcement
  78. 78. Announcement Blue Mountain Data Systems DOL Contract Extended Another Six Months The Department of Labor has extended Blue Mountain Data Systems Inc. contract DOLOPS16C0017 for 6 months for network administration and application support. U.S. Dept. of Labor, Employee Benefits Security Administration 1994 to Present Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support.
  79. 79. IT Security | Cybersecurity
  80. 80. IT Security | Cybersecurity PETYA: Cyber-attack was About Data and Not Money, Say Experts. The Petya malware variant that hit businesses around the world may not have been an attempt to make money, suspect security experts. The malicious program demanded a payment to unlock files it scrambled on infected machines. However, a growing number of researchers now believe the program was launched just to destroy data. Experts point to “aggressive” features of the malware that make it impossible to retrieve key files. Read more [BBC.COM] OPINION: Why Cybersecurity Should Be The Biggest Concern Of 2017. Professional hacker Cesar Cerrudo believes most technology is vulnerable and can be hacked. Some experts predict that by 2020 there will be 200 billion connected things. Cars, planes, homes, cities, and even animals are being connected. As technology becomes more and more deeply integrated into our lives, Cerrudo believes our dependence on technology makes us vulnerable if technology fails. Read more [FORBES.COM]
  81. 81. IT Security | Cybersecurity SECURITY THINK TANK: Patching is Vital and Essentially a Risk Management Exercise. How should organisations address the need to keep software up to date with security patches without it costing too much or being too labour intensive? Find out more [COMPUTERWEEKLY.COM] MICROSOFT: Windows 10 Fall Creators Update – What’s Coming on the Security Front. Microsoft will be adding a number of new security features to Windows 10 Fall Creators Update, but for Enterprise and Windows Server users only. Read more [ZDNET.COM]
  82. 82. From the Blue Mountain Data Systems Blog Personal Tech https://www.bluemt.com/personal-tech-daily-tech-update-october-28-2016 IT Management https://www.bluemt.com/it-management-daily-tech-update-october-27-2016 Business Intelligence https://www.bluemt.com/business-intelligence-daily-tech-update-october-26- 2016 Incident Response https://www.bluemt.com/incident-response-daily-tech-update-october-25-2016
  83. 83. From the Blue Mountain Data Systems Blog Security Patches https://www.bluemt.com/security-patches-daily-tech-update-october-24-2016/ BYOD https://www.bluemt.com/byod-daily-tech-update-october-21-2016/ Databases https://www.bluemt.com/databases-daily-tech-update-october-20-2016/ Operating Systems https://www.bluemt.com/operating-systems-daily-tech-update-october-19- 2016/
  84. 84. From the Blue Mountain Data Systems Blog Encryption https://www.bluemt.com/encryption-daily-tech-update-october-18-2016/ Cloud Computing https://www.bluemt.com/cloud-computing-daily-tech-update-october-17-2016/ Programming & Scripting https://www.bluemt.com/programming-scripting-daily-tech-update-october-14- 2016/ Incident Response https://www.bluemt.com/incident-response-daily-tech-update-october-13- 2016/
  85. 85. From the Blue Mountain Data Systems Blog Cybersecurity https://www.bluemt.com/cybersecurity-daily-tech-update-october-12-2016/ Big Data https://www.bluemt.com/big-data-daily-tech-update-october-11-2016/ Mobile Applications https://www.bluemt.com/mobile-applications-daily-tech-update-october-7- 2016/ Cloud Computing https://www.bluemt.com/cloud-computing-daily-tech-update-october-6-2016/
  86. 86. From the Blue Mountain Data Systems Blog Open Source https://www.bluemt.com/open-source-daily-tech-update-october-5-2016/ CTO, CIO and CISO https://www.bluemt.com/cto-cio-ciso-daily-tech-update-october-4-2016/ Programming & Scripting https://www.bluemt.com/programming-scripting-daily-tech-update-october-3- 2016/
  87. 87. From the Blue Mountain Data Systems Blog Feds Report Mixed Responses to Shared Services https://www.bluemt.com/feds-report-mixed-responses-to-shared-services Federal Employees Are Not Security Experts https://www.bluemt.com/federal-employees-are-not-security-experts Survival Guide for Network Administrators https://www.bluemt.com/survival-guide-for-network-administrators DBaaS: OpenStack Trove Changes DB Management https://www.bluemt.com/dbaas-openstack-trove-changes-db-management
  88. 88. From the Blue Mountain Data Systems Blog Help Wanted: Certified Cybersecurity Professionals https://www.bluemt.com/help-wanted-certified-cybersecurity-professionals Cyber Threat Intelligence Integration Center Preview https://www.bluemt.com/cyber-threat-intelligence-integration-center-preview/ Cloud Moves in 1-2-3 https://www.bluemt.com/cloud-moves-in-1-2-3/ Change Management for Disaster Recovery https://www.bluemt.com/change-management-for-disaster-recovery/
  89. 89. From the Blue Mountain Data Systems Blog Jeffersonian Advice For C-Suite Career Advancement https://www.bluemt.com/jeffersonian-advice-for-c-suite-career-advancement/ Ways To Survive The “Mobile-Pocalypse” https://www.bluemt.com/ways-to-survive-the-mobile-pocalypse/ Microsoft Cloud Services Receive FedRAMP Authority to Operate https://www.bluemt.com/microsoft-cloud-services-receive-fedramp-authority- to-operate/ Hiring Pentesters? Here Are 10 Things You Need to Know https://www.bluemt.com/hiring-pentesters-here-are-10-things-you-need-to- know/
  90. 90. From the Blue Mountain Data Systems Blog Home Router Malware Alert https://www.bluemt.com/home-router-malware-alert/ Threat Model Deconstruction https://www.bluemt.com/threat-model-deconstruction/ Business Email Scam Nets $214 Million https://www.bluemt.com/business-email-scam-nets-214-million/ How to Prevent Unauthorized Software from Taking Over Your Organization https://www.bluemt.com/the-cios-guide-to-happy-end-users-2/
  91. 91. From the Blue Mountain Data Systems Blog Digital Marketing Predictions for 2015 https://www.bluemt.com/digital-marketing-predictions-for-2015/ SDN: Network Administrator’s Friend or Foe? https://www.bluemt.com/sdn-network-administrators-friend-or-foe/ Mobile Payments: A Must for Federal Agencies https://www.bluemt.com/mobile-payments-a-must-for-federal-agencies/ Soft Skills Are A Must-Have For Careers In IT https://www.bluemt.com/soft-skills-are-a-must-have-for-careers-in-it/
  92. 92. From the Blue Mountain Data Systems Blog Security Risks Most Prevalent in Younger Workers https://www.bluemt.com/security-risks-most-prevalent-in-younger-workers/ The Security World’s Maturation https://www.bluemt.com/the-security-worlds-maturation/ Data Breach Concerns Keep CISOs Up At Night https://www.bluemt.com/data-breach-concerns-keep-cisos-up-at-night/ Personalized Govt Equals Instant Gratification for Citizens https://www.bluemt.com/personalized-govt-equals-instant-gratification-for- citizens/
  93. 93. From the Blue Mountain Data Systems Blog People-Centric Security https://www.bluemt.com/people-centric-security/ Pentagon Tries BYOD To Strike Work/Life Balance https://www.bluemt.com/pentagon-tries-byod-to-strike-worklife-balance/ Open Source Model Considered for MS Windows https://www.bluemt.com/open-source-model-considered-for-ms-windows/ Open Internet: To Be or Not to Be? https://www.bluemt.com/open-internet-to-be-or-not-to-be/
  94. 94. From the Blue Mountain Data Systems Blog Malware Stays A Step Ahead Infecting One Third of Websites https://www.bluemt.com/malware-stays-a-step-ahead-infecting-one-third-of- websites/ Machine-Generated Data: Potential Goldmine for the CIO https://www.bluemt.com/machine-generated-data-potential-goldmine-for-the- cio/ Government Legacy Programs: Reuse vs. Replacement https://www.bluemt.com/government-legacy-programs-reuse-vs-replacement/ It Takes a Whole Village to Protect Networks and Systems https://www.bluemt.com/it-takes-a-whole-village-to-protect-networks-and- systems/
  95. 95. From the Blue Mountain Data Systems Blog Governance For the CIO https://www.bluemt.com/governance-for-the-cio/ Help Desk Consolidation – Lessons Learned https://www.bluemt.com/help-desk-consolidation-lessons-learned/ One Year Later, Companies Still Vulnerable to Heartbleed https://www.bluemt.com/one-year-later-companies-still-vulnerable-to- heartbleed/ Federal Projects Cultivate Worker Passion https://www.bluemt.com/federal-projects-cultivate-worker-passion-2/
  96. 96. ABOUT US Blue Mountain Data Systems Inc. Blue Mountain Data Systems Inc. is dedicated to application and systems development, electronic document management, IT security support, and the automation of workflow processes. Read more about our experience here: >> http://bluemt.com/experience
  97. 97. Recent Experience U.S. Dept. of Labor Employee Benefits Security Administration 1994 to Present Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support.
  98. 98. MANAGEMENT Paul T. Vesely Founder, President, CEO and Principal Architect Mr. Vesely is a recognized thought leader in systems architecture and delivery, having designed and delivered many enterprise wide information and document management solutions. Mr. Vesely’s history includes 33 years experience in the information systems industry, with Unisys, Grumman, PRC and a host of clients in both government and private sectors.
  99. 99. CONTACT US Contact Us Today to Discuss Your Next IT Project HEADQUARTERS 366 Victory Drive Herndon, VA 20170 PHONE 703-502-3416 FAX 703-745-9110 EMAIL paul@bluemt.com WEB https://www.bluemt.com

June 2017: For CTOs, CIOs & CISOs Every business day, we publish a Daily Tech Update for Federal & State CTOs ,CIOs & CISOs on the Blue Mountain Data Systems Blog. We hope you will visit our blog for the latest information >> https://bluemt.com/blog/

Views

Total views

1,656

On Slideshare

0

From embeds

0

Number of embeds

1

Actions

Downloads

1

Shares

0

Comments

0

Likes

0

×