Blue Mountain Data Systems Tech Update Summary
March 2017

For CTOs, CIOs & CISOs
Visit Blue Mountain Data Systems
https://www.bluemt.com

For CTOs, CIOs & CISOs
Every business day, we publish a Daily Tech Update for Federal & State CTOs ,CIOs & CISOs on the Blue
Mountain Data Systems Blog. We hope you will visit our blog for the latest information.
You can also receive these updates via email. Click here to subscribe.
Here’s the summary of the Daily Tech Updates for March 2017. Hope the information and ideas prove
useful.
Best,
Paul Vesely
President and Principal Architect
Blue Mountain Data Systems Inc.

Encryption

Encyption
GOOGLE: Ventures Into Public Key Encryption. Google's Key Transparency project
offers a model of a public lookup service for encryption keys. Google announced an
early prototype of Key Transparency, its latest open source effort to ensure simpler,
safer, and secure communications for everyone. The project’s goal is to make it
easier for applications services to share and discover public keys for users, but it
will be a while before it's ready for prime time. Read more
[INFOWORLD.COM]
SECURITY: The Year Encryption Won. Between the revelations of mega-hacks of
Yahoo and others, Russia’s meddling in the US electoral system, and the recent
spike in ransomware, it’s easy to look at 2016 as a bleak year for security. It wasn’t
all so, though. In fact, the last 12 months have seen significant strides in one of the
most important aspects of personal security of all: encryption. Read more
[WIRED.COM]

Encyption
FED GOVT DOMAINS: Domain Encryption Deadline? Nah, Say 345 Government
Sites. More than a third of government websites failed to meet the end-of-year
deadline to set up secure domains, according to a report on Government
Technology (GT). All existing federal websites were mandated – under a June 2015
memo from Tony Scott, the U.S. chief information officer – to switch over to HTTPS
by Dec. 31, 2016. Read more
[SCMAGAZINES.COM]

Encyption
WHATSAPP SECURITY FLAW: Researcher Claims Bug Allows Snooping on
Encrypted Messages, but Tech Firm Denies It's a 'Backdoor'. Facebook-owned
WhatsApp encrypts messages that its 1 billion users send to one another, but a UC
Berkeley cryptography and security researcher claims the app has a bug that can
be exploited to read these messages. Read the rest
[SILICONBEAT.COM]

Federal, State & Local IT

Federal, State & Local IT
REPORT: Cloud Enters Mainstream in Federal IT Investment Plans. United States
government agencies will continue to invest hefty sums in cloud computing
technology over the next five years. After that period, spending on cloud is likely to
moderate, but the amount of investing will remain at impressive levels. Find out
more
[ECOMMERCETIMES.COM]
READ: Debt Myths, Debunked. Sometime in early December, the federal
government’s official debt will likely cross the $20 trillion mark – an amount no
country has ever owed. As we approach this milestone, there are a few myths
regarding the debt that should be debunked. Find out more
[USNEWS.COM]

Federal, State & Local IT
CHIEF INNOVATION OFFICERS: An Unclear Role in the Federal Government.
Federal obsession with innovation is rampant. The government appears intent
upon emulating a Silicon Valley-style startup culture that can keep up with the
evolution of commercial technology – or at least shake up how agencies approach
problems. Its efforts include the Presidential Innovation Fellows program, a one-
year tour of duty lawmakers are attempting to make permanent; the digital
consultancy 18F, which aims to help other agencies buy agile software
development; and a rash of incubator-style hubs where employees can build out
their own ideas. Find out more
[NEXTGOV.COM]

Federal, State & Local IT
COLLEGES: Federal Government Shuts Down Controversial College Watchdog. An
organization that was supposed to oversee the embattled for-profit college
industry and protect students from fraud lost its recognition Monday, potentially
putting hundreds of thousands of students in limbo. The Secretary of Education
ruled Monday to terminate his agency’s recognition of the Accrediting Council for
Independent Colleges and Schools (ACICS), which critics say allowed billions of
dollars in federal financial aid funds to flow to bad actors. Find out more
[MARKETWATCH.COM]

Databases

Databases
ORACLE: Still Sees Databases as the Cloud’s Mother Lode. Oracle has built a
massive enterprise applications business over the decades: It bought PeopleSoft
for $10 billion in 2004, Siebel Systems for nearly $6 billion the following year, and
closed a $9.3 billion purchase of NetSuite a few months ago. Despite that, the
company clearly still sees databases as Oracle’s bedrock, which is why it’s critical
that, moving forward, those databases run on Oracle’s nascent cloud
infrastructure. Find out more
[FORTUNE.COM]

Databases
MICROSOFT: Adds New Service Tier to Azure SQL Database, Increases Storage
Limits on Existing Databases. Microsoft is making a series of enhancements to its
Azure SQL Database, including a new “Premium RS” tier, as the big public cloud
providers roll out new database products and features to attract the growing
number of businesses and developers making the shift to the cloud. Find out more
[GEEKWIRE.COM]
MySQL: Ransomware Attacks Targeted Hundreds of MySQL Databases. In the new
attacks, targeted MySQL databases are erased and replaced with a ransom
demand for 0.2 bitcoin, which is equal to about $234. Find out more
[NETWORKWORLD.COM]

Databases
MS-SQL SERVER: An Introduction to Docker and Containers for SQL Server
Developers and DBAs. Containers define a new method of application packaging
combined with user and process isolation, for application multi-tenancy. Varied
Linux and Windows container implementations have existed for years, but
Microsoft’s release of Windows Server 2016 established Docker’s design as the
defacto container standard. The Docker API and container format is now supported
on AWS, Azure, Google Cloud, every Linux distro, and Windows. Docker’s design is
elegant and delivers compelling benefits. Find out more
[SQLMAG.COM]

More About Blue Mountain
BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S.
Dept. of Labor, Employee Benefits Security Administration. Responsible to the
Office of Technology and Information Systems for information systems
architecture, planning, applications development, networking, administration and
IT security, supporting the enforcement of Title I of the Employee Retirement
Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for
design, development and support for its various enforcement database
management systems, as well as all case tracking and customer service inquiry
systems. Blue Mountain also provides IT security services to the EBSA, in the form
of FISMA Assessment and Authorization, System Security Plans, Risk and
vulnerability assessments, monitoring and investigation support. Read more.

Electronic Document Management

Electronic Document Management
SECURE DOCUMENTS: 18 Ways to Secure Your Electronic Documents. Electronic
Document Management Systems (EDMS) are electronic repositories designed to
provide organized, readily retrievable, collections of information for the life cycle of
the documents. How can you keep these electronic files secure during the entire
chain of custody? Here are 18 security suggestions. Read more
[BLUEMT.COM]
LEGAL DEPT DOCUMENT MANAGEMENT: Investing in New Technologies: How
Corporate Legal Departments Are Leading the Way. Many departments are looking
to technology to assist with automation of processes, resource and budgetary
management, and tracking. Connie Brenton, co-founder of Corporate Legal
Operations Consortium (CLOC), a non-profit association of legal operations
executives, explains, “Corporate executives expect the GC’s office to be a business
counselor to the firm, and to discuss numbers, data and analytics. Efficiency is now
essential for legal departments, and this has advanced software’s role and
accelerated technology adoption.” Find out more
[INSIDECOUNSEL.COM]

Electronic Document Management
CFPB: Looks to Embrace Cloud for Email, Office Application Needs. The Consumer
Financial Protection Bureau wants to move to a public cloud setup for some of its
core enterprise apps. The financial watchdog agency recently sent out a Request
for Information (RFI) on the process, technical requirements and costs of moving to
cloud services in fiscal year 2017. CFPB wants to establish a more complete
understanding on the costs associated with moving fully to a cloud solution for
email and office applications (e.g., documents, spreadsheets, presentations,
SharePoint and more).Read the rest
[FEDTECHMAGAZINE.COM]

Electronic Document Management
ROI: 4 Ways Business Document Management Software Can Save You Money. Lisa
Croft, Group Product Marketing Manager at Adobe Document Cloud, talks about
the many ways business document management can save your company time,
space, and more importantly, loads of money. Here are the four most obvious ways
these tools provide excellent return-on-investment. Read more
[PCMAG.COM]

Security Patches

Security Patches
MOBILE: March Android Security Update Breaks SafetyNet, Android Pay. An issue
with the March Android over-the-air security update has been resolved after
Nexus 6 users complained that Android Pay no longer worked after installation of
the update. The update in fact broke Android’s SafetyNet API which provides a
constant check on device integrity, blocking access to certain features – such as
Android Pay – if it believes a device has been rooted. A Google representative
confirmed to Threatpost that the issue was resolved and the OTA update re-issued,
even for devices that had already installed the bad update. Find out more
[THREATPOST.COM]

Security Patches
ADOBE: Flash Player New Security Update. On March 14, Adobe Flash Player
users should receive a new security update instead of the February patches. This
is because Microsoft has engaged to its earlier plan to defer and deliver the
updates at a later date even if the security patches are now available. On February
2017, Adobe has addressed the issue and found a solution in which a patch was
able to deal with the security problem. For this reason, users are given access to
both MS17-005 Security Update for the Adobe Flash Player. This is due to the
update from Adobe and the provision by Microsoft. This vulnerability has been
considered a critical issue due to the permission that it can grant the attackers. In
a report by security specialists, such a vulnerability indicates that attackers are
granted control of the machine that was infected. This is in the sense that they are
allowed to send remote commands.. Find out more
[TNHONLINE.COM]

Security Patches
SECURITY: After CIA Leaks, Tech Giants Scramble to Patch Security Flaws. Apple,
Microsoft, and Google are analyzing leaked CIA documents to see if their products
are affected, but security researchers say that most of the flaws have long been
fixed. Find out more
[ZDNET.COM]
CMS: WordPress Finally Patches 6 Glaring Security Issues. WordPress is the most
popular CMS in the world – and the most hacked. Just last month, hackers
engaged in a “feeding frenzy” at the expense of WordPress sites across the web,
exploiting a vulnerability found in the WP REST API plugin. After patching that
security issue, Automattic, the company behind WordPress, rolled out yet another
security patch this week in the form of WordPress 4.7.3. Find out more
[CMSWIRE.COM]

CIO, CTO & CISO

For the CIO, CTO & CISO
CIO: Free Decryption Tools Now Available for Dharma Ransomware. A user named
gektar published a link to a Pastebin post on the BleepingComputer.com technical
support forum. The post, he claimed, contained the decryption keys for all Dharma
variants. The good news is that the leaked keys are real, and researchers from
Kaspersky Lab and ESET verified they work. The two companies have updated their
Crysis decryption tools — downloads at Kaspersky RakhniDecryptor and ESET
CrysisDecryptor — to work for Dharma affected files, too. Find out more
[CIO.COM]
CTO: ServiceNow’s CTO on Future-Proofing Tech Priorities and Moving Faster in IT.
Knowing where to put your resources is a challenge for companies both big and
small. Allan Leinwand, CTO of the cloud-service provider ServiceNow, shares his
formula for deciding where his team should focus. Find out more
[ENTERPRISERPROJECT.COM]

CIO, CTO & CISO
CISO: VA Seeks Permanent CISO. The Department of Veterans Affairs is looking
to hire a permanent chief information security officer. Earlier in February, VA
tapped Dominic Cussatt to serve as acting CISO, replacing Roopangi Kadakia,
who was reassigned to lead VA’s cloud transformation. Find out more
[FCW.COM]
FEDERAL GOVERNMENT: Cybersecurity Regulations Get Demanding. As more
government agencies get involved with creating cybersecurity regulations,
security professionals will need to monitor new laws and understand which
apply to their industry and whether some overlap or conflict. Increased
enforcement from different agencies can mean significant consequences even if
breaches are avoided. As the new administration adjusts regulations, chief
information security officers (CISOs) will need to add governmental cyber
regulations to their daily watchlists. Consider the following key areas that impact
enterprise security in multiple ways. Find out more
[SECURITYINTELLIGENCE.COM]

Penetration Testing

Penetration Testing
BEWARE: Penetration Tests Are Being Ignored by Enterprises Living
Dangerously. Organizations are ignoring the recommendations of penetration
testers, even when they find serious vulnerabilities in their clients’ systems,
according to the Black Report from Nuix. Find out more
[SCMAGAZINEUK.COM]
SECURITY: Apache Struts Vulnerability Under Attack. An easy-to-exploit remote
code execution flaw discovered in the widely used open-source Apache Struts 2
framework has been patched, but that’s not stopping attackers from attempting
to exploit vulnerable systems. Find out more
[EWEEK.COM]

Penetration Testing
FINANCIAL: Testing Finds ‘100 Percent’ of Mobile Banking Apps Hackable.
Mobile banking applications produced by 50 of the world’s largest 100 banks
were all vulnerable to hacking attacks which could allow password capture or
surveillance of users, according to new research from a European mobile
security outfit. Find out more
[CYBERSCOOP.COM]

Penetration Testing
LEARN: The Top 5 Security Functions To Outsource. There is a cybersecurity
talent shortage. According to some sources, there are currently up to 200,000
unfilled security positions in the United States, and an estimated one million
open positions globally. By 2019, experts say there could be 1.5 million unfilled
cybersecurity jobs. Given this scarcity in the cybersecurity market, combined
with the daunting task of staffing a diversely skilled security team, a prudent
question is which security functions can be effectively outsourced for the short-,
medium-, or long-term. Here are five of the most logical security areas to
outsource. Find out more
[FORBES.COM]

Open Source

Open Source
GOOGLE: Invites Open Source Devs to Give E2EMail Encryption a Go. Google
last week released its E2EMail encryption code to open source as a way of
pushing development of the technology. “Google has been criticized over the
amount of time and seeming lack of progress it has made in E2EMail encryption,
so open sourcing the code could help the project proceed more quickly,” said
Charles King, principal analyst at Pund-IT. Find out more
[LINUXINSIDER.COM]
FILE SHARING: 4 Open Source Tools for Sharing Files. Here are four open source
tools that can meet all of your file sharing needs. Find out more
[OPENSOURCE.COM]

Open Source
DOD: New DOD Software Coding Will Increase Private-Sector Involvement. The
Department of Defense (DOD) has unveiled a software coding initiative that could
transform the creation and quality of DOD software projects, and the interactions
between federal, private sector, and individual software developers. The initiative,
known as Code.mil, is headed by the Defense Digital Service (DDS), a team
representing DOD’s effort to increase public-private collaboration in the software
industry. Code.mil represents the next step in this endeavor with its objective of
connecting the vast amount of individual coding talent and skill with DOD software
projects open to improvements. Find out more
[DEFENSESYSTEMS.COM]

Open Source
DEVELOPMENT: Using Proprietary Services to Develop Open Source Software.
A lot of open source software is developed on (and with the help of) proprietary
services running closed-source code. Countless open source projects are
developed on GitHub, or with the help of JIRA for bug tracking, Slack for
communications, Google Docs for document authoring and sharing, Trello for
status boards. That sounds a bit paradoxical and hypocritical—a bit too much
“do what I say, not what I do.” Why is that? Find out more
[OPENSOURCE.COM]

Business Intelligence

Business Intelligence
TOOLS: The 20 Most Popular Business Intelligence Tools. Given the enormous
amount of Business Intelligence software solutions available, narrowing down the
right one for your business can be a tedious process. How does a business start
implementing this software? One way to start is by looking at systems that are
popular among peers, because those products are the ones that are most likely to
stay constantly maintained and upgraded. Find out more
[DATACONOMY.COM]
RESEARCH: Successful Data Science Process Not Simple to Set Up, Sustain. Data
science teams face a mix of process and cultural challenges in organizations,
according to experienced analytics managers who offer advice on how to overcome
the hurdles. Find out more
[SEARCHBUSINESSANALYTICS.TECHTARGET.COM]

Business Intelligence
DATA ANALYTICS: What is Data Analytics? Data is just data. With analytics, it
becomes information. Find out more
[ITPRO.CO.UK]
EDUCATION: Will You Graduate? Ask Big Data. Georgia State is one of a growing
number of colleges and universities using what is known as predictive analytics to
spot students in danger of dropping out. Crunching hundreds of thousands and
sometimes millions of student academic and personal records, past and present,
they are coming up with courses that signal a need for intervention. Find out more
[NYTIMES.COM]

Operating Systems

Operating Systems
WINDOWS 10: Is Windows 10 an Operating System or an Advertising Platform?
Windows 10 has certainly gotten its share of lumps since it was released. Some
users really liked it, while other detested the changes made by Microsoft. Windows
10 has proven to be a great example of beauty being in the eye of the beholder.
One writer at BetaNews recently wondered if Windows 10 was an operating system
or an advertising platform. Find out more
[INFOWORLD.COM]

Operating Systems
MOBILE: Android is Set to Overtake Windows as Most Used Operating System.
After more than eight years in the hands of consumers, Android is poised to
overtake Windows as the most used operating system in the world. This
measurement comes by way of web analytics firm StatCounter, which follows
trends in worldwide web traffic. Microsoft Windows holds the slimmest of margins
over Android, and they could trade positions very soon if current trends continue.
Find out more
[EXTREMETECH.COM]

Operating Systems
PERSONAL TECH: Just What Was in That iOS System Update? When you get the
notice of a software update for iOS, there’s usually a link to read about the security
content of the update. But where does Apple officially tell you about all other things
that change in these upgrades? Find out more
[NYTIMES.COM]
LEARN: The Best Alternatives Operating Systems. For most people, the only
operating systems they know of are Windows, macOS, Android and iOS. However,
there are other operating systems you can consider. Here’s a list of six alternative
operating systems for your review. Find out more
[HACKREAD.COM]

Incident Response

Incident Response
DHS: New National Cyber Incident Response Plan. DHS recently released the
refreshed National Cyber Incident Response Plan (NCIRP). Since the last version of
the NCIRP was released in 2010, the nation has increasingly faced more complex
cyber incidents. Every day, incidents across the United States necessitate that
jurisdictions and organizations work together to share resources, integrate tactics
and take actions to meet the needs of communities before, during, and after cyber
incidents. The NCIRP provides a consistent and common approach and vocabulary
to enable the whole community to work together to manage cyber incidents
seamlessly. Find out more
[CSOONLINE.COM]

Incident Response
SECURITY: Maturing Incident Response Through a Knowledge-based Approach.
What’s missing from the current discussion around incident response is the
acknowledgment that security professionals still have to make decisions based on
incomplete information. This is not due to a lack of data. On the contrary, there is so
much data created in a typical enterprise that there are no simple ways to make
sense of the mountains of it. Find out more
[INFORMATION-AGE.COM]

Incident Response
READ: Detect, Protect and Survive. Incident response has become one of those
areas of cybersecurity that people think they could do better, but how often do they
test it and how well could they actually act in the event of an incident occurring?
According to the Global Information Security Survey, released this week by EY,
which used responses from 1735 C-suite leaders and IT executives and managers,
57% of respondents rate business continuity and disaster recovery as a high priority,
42% do not have an agreed communications strategy or plan in place in the event of
a significant attack and 39% are planning to invest more in it in the coming year.
Find out more
[INFOSECURITY-MAGAZINE.COM]

Incident Response
CLOUD PLATFORM: Breach Analytics Platform Speeds Up Incident Response. Some
experts say that data breaches are now a matter of when rather than if. Being able
to respond quickly is therefore vital for companies to minimize damage and
disruption. Cybersecurity solutions and breach analytics cloud platform Eastwind
Networks is launching an enhanced Breach Analytics Cloud platform to provide
complete visibility across the entire attack surface. Find out more
[BETANEWS.COM]

Incident Response
DHS: Georgia Incident Was Legitimate Work, Not a Hack. The Department of
Homeland Security told Georgia’s Office of Secretary of State that the IP address
associated with an attempted breach of the state agency’s firewall was tracked to
an office in U.S. Customs and Border Protection, a revelation that has DHS “deeply
concerned.” According to DHS, someone on the federal department’s security
network was conducting legitimate business on the state office’s website, verifying
a professional license administered by the state. The state office manages
information about corporate licenses and certificates on its website. Find out more
[FEDSCOOP.COM]

Incident Response
LEARN: 10 Tips for Planning, Leading and Learning From a Cybersecurity Tabletop
Exercise. The National Institute of Standards and Technology (NIST) recommends
that organizations not only develop incident response plans, but also maintain them
in a “state of readiness” and engage in exercises to “validate their content.” The
potential vehicles for such tests can take many forms, but one of the most common
and easy to implement is a “tabletop exercise.” Read the rest
[CORPCOUNSEL.COM]

Incident Response
NETWORKS: Why is Incident Response Automation and Orchestration So Hot?
Incident response is dominated by manual processes that limit efficiency and
effectiveness. This is one of the drivers for IR automation and orchestration. Find
out more
[NETWORKWORLD.COM]
SECURITY: Maturing Incident Response Through a Knowledge-Based Approach. In
an increasingly vulnerable cyber landscape, incident response tends to be high on
the list of priorities for any security leader. Find out more
[INFORMATION-AGE.COM]

Incident Response
READ: Detect, Protect and Survive. Incident response has become one of those
areas of cybersecurity that people think they could do better, but how often do they
test it and how well could they actually act in the event of an incident occurring?
Find out more
[INFO-SECURITY-MAGAZINE.COM]
HOW TO: Building a Better Bug Bounty. When Microsoft temporarily doubled its
maximum bug bounty prize to $30,000 earlier this month, it was hard to not to
notice the timing. After all, the software giant had just been burned twice by
Google Project Zero researchers who publicly disclosed Windows vulnerabilities
before they could be patched. Find out more
[SCMAGAZINE.COM]

Cybersecurity

Cybersecurity
MANAGEMENT: Cyber Experts Consider Agency Leaders’ Responsibility Ahead of
Trump’s Cyber EO. President Donald Trump’s cybersecurity executive order is
moving along, according to private sector advisers, and could be signed by the
middle of March — or not. Sam Palmisano, former IBM CEO and vice chairman of
the Commission on Enhancing National Cybersecurity, told an audience gathered for
a March 6 event at the Center for Strategic and International Studies (CSIS) that his
sense was maybe “within a week or so we could see something.” “But I would have
said that two or three weeks ago as well, so I don’t want to set a bar for them,”
Palmisano said when asked about the EO’s publication. “They’re working through
the process.” Find out more
[FEDERALNEWSRADIO.COM]

Cybersecurity
EMPLOYMENT: Cybersecurity Skills Shortage Holding Steady. In 2017, 45 percent
of organizations say they have a “problematic shortage” of cybersecurity skills. This
is right in line with 2016 (46 percent), but these last two years represented a big
increase. In 2015, 28 percent of organizations said they had a “problematic
shortage” of cybersecurity skills, 25 percent in 2014, 23 percent in 2013, and 24
percent in 2012. Find out why this increase over the past two years is concerning.
Find out more
[NETWORKWORLD.COM]

Cybersecurity
IoT: Consumer Reports to Grade Products on Cybersecurity. The non-profit
consumer ratings group Consumer Reports plans to evaluate cybersecurity and
privacy when ranking products, Reuters says. It is currently working with
organizations to create methodologies for doing this. This decision was made
following a recent increase in cyberattacks on IoT devices, many of which contain
vulnerabilities easily exploited by hackers. Researchers believe these attacks are
unlikely to cease because manufacturers do not want to spend on securing
connected products. Find out more
[DARKREADING.COM]

Cybersecurity
CISO: Building a Cybersecurity Culture Around Layer 8. The term “layer 8” is often
used pejoratively by IT professionals to refer to employees’ lack of awareness and a
weak overall cybersecurity culture. While organizations continue to purchase and
deploy technical controls, not much has been done to focus on the human side of
cybersecurity. Today, it is just as important to secure human assets – layer 8 – as it
to secure layers 1 through 7. Find out more
[SECURITYINTELLIGENCE.COM]

Project Management

Project Management
GUIDE: Scrum Agile Project Management: The Smart Person’s Guide. Here’s a
go-to guide on scrum, a popular agile project management framework. You’ll
learn scrum terminology, how to use the methodology in software and product
development projects, and more. Find out more
[TECHREPUBLIC.COM]
TOOLS: 7 Project Management Tools Any Business Can Afford. There’s no
shortage of project management solutions for mid-size and large businesses.
Startups, though, have limited budgets and simply can’t afford high-priced
project management software. Here are seven affordable options. Find out more
[CIO.COM]

Project Management
RISK: Open Source Project Management Can Be Risky Business. Learn how
open source code is a huge factor in mitigating risk. Find out more
[OPENSOURCE.COM]
FEDERAL GOVERNMENT: Get on the Same Platform, CIO Council Urges. Taking a
government-as-a-platform approach to IT service delivery by leveraging cloud-
supported solutions can help modernize and digitize federal agencies, according
to a new report from the CIO Council. Find out more
[GCN.COM]

Project Management
FITNESS TRACKING: Weight Loss On Your Wrist? Fitness Trackers May Not Help.
Fitness trackers remain wildly popular, but do they make us fit? Maybe not,
according to a study that asked overweight or obese young adults to use the tiny
tracking tools to lose weight. Read the rest
[NPR.ORG]

Search Technology

Search Technology
SOLR: Not Just For Text Anymore. When Solr came out, it was supposed to be an
OpenSource text search engine. Now it has a big place in Big Data. Read what
Ness's CTO, Moshe Kranc has to say about how it has evolved. Read more
[DZONE.COM]
INGALLS: Spring Data 'Ingalls' Release Train Leaves Station. The Spring Data team
has announced the first milestone release of the Ingalls Release Train. This
coordinated release of subprojects under the Spring Data umbrella ships with 230
fixes and a number of new features. Find out more
[ADTMAG.COM]

Search Technology
GOOGLE: Announces New Cloud Natural Language API While Cloud Search API Goes
Beta. Google says that the Cloud Natural Language API gives developers access to
three Google-powered engines– sentiment analysis, entity recognition, and syntax
analysis. The service is currently available in open beta and is based on the
company’s natural language understanding research. It will initially support three
languages– English, Spanish and Japanese and will help developers reveal the
structure and meaning of your text in the given language. Read more
[THETECHPORTAL.COM]
AMAZON: Amazon EC2 Container Service Now Supports Networking Modes and
Memory Reservation. Docker networks provide isolation for your containers. It is
important to have control over the networks your applications run on. With
Amazon ECS, you can now specify an optional networking mode for your containers
that cater towards different use cases. Find out more
[DABCC.COM]

Application Development

Application Development
IoT: Why App Development Is The Key To Unlocking The IoT Vault. Solution
providers are positioning themselves for success in the lucrative Internet of Things
market by bolstering their application development teams. Companies bringing IoT
solutions to market face several hurdles, including interoperability, security and
data management challenges – and staffing up with IoT application developers is
critical for tackling these issues. Read more
[CRN.COM]
SDKS: How Imaging SDKs Can Solve Today’s Application Development Challenges. In
a mobile-first world, developers understand the importance of creating a next-
generation app that fits in with client or user expectations. Developers should
consider the myriad of SDK options if they want to improve functionality for the
user, especially imaging SDKs. Although they are a niche market, these SDKs can
add better imaging capabilities and target industry-related problems that
companies are trying to tackle. Find out more
[SDTIMES.COM]

Application Development
SECURITY: Application Security Requires More Talk Than Tech. If you think
application security only involves installing a tool, or scanning a few apps and
moving on, you’re wrong. Application security is a unique security initiative, and its
success hinges on people as much as technology. Read more
[INFOWORLD.COM]
SPEED: How to Speed Enterprise App Development and Meet Digital
Transformation Demands. Low-code platforms are key in accelerating digital
transformation with rapid application development. Find out more
[INFORMATION-AGE.COM]

Personal Tech

Personal Tech
DIGITAL SUBSCRIPTIONS: How the Internet Is Saving Culture, Not Killing It. In just
about every cultural medium, whether movies or music or books or the visual arts,
digital technology is letting in new voices, creating new formats for exploration, and
allowing fans and other creators to participate in a glorious remixing of the work.
This isn’t new; from blogs to podcasts to YouTube, the last 20 years have been
marked by a succession of formats that have led to ever-lower barriers for new and
off-the-wall creators. Find out more
[TECHWORM.NET]
PROTECT YOUR DEVICES: With C.I.A. Hacking Revelations, How to Protect Your
Devices. Want to protect against surveillance through your iPhones, Android devices,
Wi-Fi routers and Samsung televisions? Update, update, update. Find out more
[NYTIMES.COM]

Personal Tech
HOW TO: Enable Flash in Chrome for Specific Websites. If you’re a Chrome user,
which you should be, you probably have noticed that Flash is blocked by default in
the browser. Google does not like Flash because of the major security flaws inherent
in Flash and therefore does everything in its power to force you not to use Flash.
Here’s how to enable Flash when you need it. Find out more
[ONLINE-TECH-TIPS.COM]
TUTORIAL: Get The Windows Notepad App On Android. The Windows Notepad app
is a simple text editor. It’s been part of Windows for years. The app is great if you
want to edit a script, an HTML file, or take a quick note. The app has remained
unchanged for the most part but it is still a great app. Here’s how to use it on an
Android device. Find out more
[ADDICTIVETIPS.COM]

Big Data

Big Data
DATA: State and Local Govs Need to Improve Data Sharing, Big Data Use. Like their
federal counterparts, state and local agencies have made great strides in acquiring
and using big data – but they still have a long way to go, according to a source in the
industry. Find out more
[GOVTECH.COM]
NAVY: How Navy’s Warship Shop Uses Data to Do More with Less. The U.S. Navy’s
shipbuilding office has a new weapon in its effort to efficiently allocate personnel,
resources and budgetary dollars: software. Find out more
[NEXTGOV.COM]

Big Data
NONPROFITS: How Nonprofits Use Big Data to Change the World. Foundation
Center has the world’s largest database of grant and fundraising information. Learn
how the organization uses big data to create apps that encourage transparency and
innovation. Find out more
[TECHREPUBLIC.COM]
CARS: Autodata Turns to Big Data to Predict Vehicle Failures. Vehicle data company
sees 30% jump in revenue after moving to open source software and opening its
data to garages, insurers and parts companies. Find out more
[COMPUTERWEEKLY.COM]

Mobile Applications

Mobile
FEDERAL GOVERNMENT: Top 10 Tech Trends for Feds to Watch. Across
government, career executives are assessing priorities for the year, with an eye to
both the known challenges that must be addressed and the new priorities Trump
administration officials want to champion. The administration’s newly released
budget proposal will dominate the headlines, but there are IT and management
issues that will be key regardless of the policies. Here are the tech issues that will
be the focus of government time and attention in the months ahead. Find out more
[FCW.COM]
VIDEO: Is Snapchat Building the iPhone Killer? Snapchat’s parent company has
hired mobile engineering and design talent away from Apple, HTC, and Google.
Could a Snapchat phone be in the works? Find out more
[INFOWORLD.COM]

Mobile
DISA: Explores Solution to Mobile CAC Challenge. The Defense Department is
having a particularly tough time integrating mobile technology into its mission,
largely because every attempt to link it to the Common Access Card has been too
cumbersome. But the Defense Information Systems Agency’s Purebred program
may have found a way to bypass the physical CAC altogether. Find out more
[FEDERALNEWSRADIO.COM]
TRACKING TOOL: From Disaster Planning to Conservation: Mobile Phones as a
New Tracking Tool. Mobile phones have almost totally infiltrated human society,
with the number estimated at more than 7 billion in 2014. Ownership of mobile
phones continues to grow, even in some of the poorest countries.
Many of those phones are geolocated, continuously providing the geographic
location of the user, effectively acting as tracking devices for human populations.
Find out more
[GCN.COM]

IT Management

IT Management
TECH MANAGEMENT: Decentralized IT Management Raises Concerns. IT isn't happy
about the shift to decentralized IT management, so VMware tries to provide the best
of both worlds: developer flexibility and centralized IT. Find out more
[NETWORKWORLD.COM]
DOD: Congress Creates New DoD Chief Management Officer, Punts on Role of CIO.
The annual Defense authorization bill Congress sent to the President last week
includes several provisions to redraw the Defense Department's organizational chart,
including one that creates a powerful new Chief Management Officer whose primary
job will be overseeing and reforming DoD headquarters functions. While the
department already has a full-time position - the deputy chief management officer -
to handle functions like business process reengineering and other management
concerns, the new position will carry more stature in the Defense bureaucracy. Find
out more
[FEDERALNEWSRADIO.COM]

IT Management
VETERANS AFFAIRS: VA CIO Creating IT Demand Management Office. The
Department of Veterans Affairs will launch a new tech office in 2017 to help meet the
needs of the department's health care, benefits and cemetery lines of business. Ron
Thompson, who was the principal deputy assistant secretary and deputy CIO for VA's
Office of Information and Technology, will lead the creation of a new Demand
Management Office. Find out more
[FEDSCOOP.COM]
LEARN: What Great Managers Do Daily. So much depends upon managers. For
example, a Gallup study found that at least 70% of the variance in employee
engagement scores is driven by who the boss is. This is disconcerting because the
same research found that about 70% of people in management roles are not well
equipped for the job. This state of affairs is hurting not just employee engagement
and quality of life, but also corporate performance. What makes managers of highly
engaged employees different than the rest on a day-to-day basis? Read the results of
a recent survey. Find out more
[HBR.ORG]

Programming & Scripting Development
Client & Server-Side

Programming & Scripting Development
Client & Server-Side
CODING: Dojo Highlights the Top 9 Programming Languages of 2017. Folks at the
programming boot camp Coding Dojo did their own analysis of the most in-
demand programming languages of the year by poring through data from the job
search engine Indeed.com. The boot camp’s research found Perl, Python and SQL
are among the languages that are consistently showing up in job postings. Find out
more
[SDTIMES.COM]
TYPESCRIPT: Continues Embrace of React Native. TypeScript 2.2 is out in a release
candidate that continues its embrace of React Native, another JavaScript variant
that’s used to create native iOS and Android apps. Find out more
[ADTMAG.COM]

Programming & Scripting Development
Client & Server-Side
SWIFT: The Creator of Swift, Apple’s New Programming Language, is Leaving for
Tesla. The head of Apple’s Swift programming language is leaving the company.
Chris Lattner said that he was stepping aside as project lead for Swift as he
prepares to leave the company for Tesla, where he will head its autopilot software
efforts. Find out more
[RECODE.NET]
PHP: Becomes First Programming Language to Add Modern Cryptography Library
in Its Core. The PHP team has unanimously voted to integrate the Libsodium library
in the PHP core, and by doing so, becoming the first programming language to
support a modern cryptography library by default. Find out more
[BLEEPINGCOMPUTER.COM]

Programming & Scripting Development
Client & Server-Side
JAVASCRIPT: Will WebAssembly Overtake JavaScript in Web Application Coding
Needs? Firefox 52 is the first browser to support WebAssembly, a new standard “to
enable near-native performance for web applications” without a plug-in by pre-
compiling code into low-level, machine-ready instructions. Find out more
[TECHWORM.NET]
RUBY ON RAILS: What’s New in Rails 5.1: Better JavaScript, for One. Ruby on
Rails, the veteran server-side web framework, is playing nice with JavaScript in an
upgrade that has recently moved to a first beta release. Rails 5.1 offers multiple
improvements, including encryption, system tests, and managing JavaScript
dependencies from NPM via Facebook’s new Yarn package manager. Find out more
[INFOWORLD.COM]

Programming & Scripting Development
Client & Server-Side
APP SECURITY: Managing Both Acute and Chronic Web Application Security
Issues. With WikiLeaks’ March 7 posting of what was purported to be some of the
CIA’s cyber surveillance exploits, agencies are looking at the possibility of attackers
turning intelligence gathering tools against government systems, devices and
websites. Even more recently, a new, high-severity vulnerability emerged in the
Apache Struts 2 open-source framework used to build Java web applications. The
flaw allows hackers to inject commands into remote web servers. Within hours,
organizations around the world reported attacks exploiting CVE-2017-5638 while
Struts 2 users scrambled to apply a patch from the Apache Foundation.
What are the practical effects of these events, and what should government
InfoSec leaders and practitioners do now? Find out more
[GCN.COM]

Programming & Scripting Development
Client & Server-Side
C#: Version 7.0 Comes with New Features. Visual Studio 2017 was released earlier
this month with new programming language features for C# 7.0. C# is a type-safe,
object-oriented programming language designed for building applications that run
on the .NET framework. The Visual Studio team has been working on C# 7.0 for
over a year. “C# 7.0 adds a number of new features and brings a focus on data
consumption, code simplification and performance. Perhaps the biggest features
are tuples, which make it easy to have multiple results, and pattern matching,
which simplifies code that is conditional on the shape of data. But there are many
other features big and small. We hope that they all combine to make your code
more efficient and clear, and you more happy and productive,” said Mads
Torgersen, program manager at Microsoft. Find out more
[SDTIMES.COM]

Cloud Computing

Cloud Computing
GOOGLE: With Spanner Database Service, Google Raises the Stakes in Cloud
Computing. Google Inc. has issued a big challenge to its rivals in cloud computing by
opening up access to what has been described as the world’s largest database. The
company is launching Cloud Spanner Beta, providing software developers with a
database service available through Google Cloud that the search giant already uses
to run its massive AdWords advertising system and Google Play app and media store.
Find out more
[SILICONANGLE.COM]

Cloud Computing
CYBERSECURITY: Trust and Risks Both Growing in Government Clouds. A new Intel
Security cloud report reveals that cloud computing adoption is growing rapidly in
government and elsewhere all over the world. At the same time, CIOs are struggling
to keep enterprise data safe in the cloud. Here is what you need to know. Find out
more
[GOVTECH.COM]
CIO: Security in the Cloud. As a former CIO, Richard Spires has implemented and
seen the significant benefits of cloud computing — both the leverage of compute on
demand and the use of software-as-a-service applications. In particular, SaaS-based
applications increasingly are becoming the way organizations can quickly and easily
leverage new capabilities. This is driving tremendous growth and innovation –
AngelList has more than 11,000 SaaS start-ups listed in the U.S., and IDC predicts the
SaaS-based market will surpass $112 billion by 2019. Find out more
[FCW.COM]

Cloud Computing
READ: Relieving Cloud Migration Headaches. One look at the exponential increase
in Amazon Web Services revenue, which has grown by an order of magnitude over
the past five years, makes clear that we are on the cusp of a generational
transformation in how IT organizations provide application infrastructure. Indeed,
Gartner, which estimates that infrastructure-as-a-service revenue grew by nearly 43
percent in 2016, said organizations saved “14 percent of their budgets as an
outcome of public cloud adoption,” a ratio that is sure to rise in the coming years.
And many government IT organizations are at the forefront of the cloud conversion
due to executive-level mandates, tight IT budgets and demand for increased access
to information and online services. Find out more
[GCN.COM]

Cloud Computing
IBM: Why IBM Believes Quantum Computing is the Next Big Cloud Hit after AI and
Blockchain. IBM has released a new API for its Quantum Experience program, which
will enable developers to build interfaces between its cloud-based quantum
computers and its classical equivalents. Find out more
[CLOUDCOMPUTING.COM]
AMAZON: Flexible Cloud Computing Services Key to Federal Innovation, Says
Amazon Web Service’s Teresa Carlson. Just how innovative will the federal
government’s future cloud computing efforts be? The answer depends on the
government’s ability to try out new offerings with minimal risk or procurement
costs. Also imperative will be agencies’ ability to pay for services on an “on-demand”
basis. Six years into her role as vice president of Amazon Web Services’ Worldwide
Public Sector, Teresa Carlson is ensuring government customers can embrace cloud
offerings with that nimble approach in mind. Find out more
[WASHINGTONEXEC.COM]

Cloud Computing
NASA: Cloud Computing Security Concerns Hover. In the rush to embrace cloud
computing, enterprises of all sizes can face serious stumbling blocks, including
concerns about how to implement the technology and best practices to follow,
which ultimately affects security. The same goes for government agencies, including
NASA. Find out more
[LIGHTREADING.COM]

Cloud Computing
OPINION: The Digital Government Americans Deserve. Americans are turning to
digital solutions for everything from banking services to healthcare to travel. Yet
despite large investments by the U.S. government in digital technologies,
government continues to lag behind. As a result, U.S. citizens have very low levels of
satisfaction and confidence in the government’s ability to deliver services that meet
their needs and expectations, according to a 2014 Accenture study. If the new
administration wants to make the U.S. government a leader in information
technology and innovation, here are five strategies that can help build a digital
government that Americans deserve. Find out more
[FCW.COM]

Announcement

Announcement
Blue Mountain Data Systems DOL Contract Extended Another Six Months
The Department of Labor has extended Blue Mountain Data Systems Inc. contract
DOLOPS16C0017 for 6 months for network administration and application
support.
U.S. Dept. of Labor, Employee Benefits Security Administration
1994 to Present Responsible to the Office of Technology and Information Systems
for information systems architecture, planning, applications development,
networking, administration and IT security, supporting the enforcement of Title I
of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue
Mountain is responsible for design, development and support for its various
enforcement database management systems, as well as all case tracking and
customer service inquiry systems. Blue Mountain also provides IT security services
to the EBSA, in the form of FISMA Assessment and Authorization, System Security
Plans, Risk and vulnerability assessments, monitoring and investigation support.

IT Security | Cybersecurity

IT Security | Cybersecurity
INTERVIEW: Cybersecurity in the Federal Government. Alex Grohmann, founder
and resident of Sicher Consulting, John Dyson from Deloitte, and Brian Gay,
president, Think Forward Consulting talk about the concept of a cybersecurity
framework for the federal government. Read more
[FEDERALNEWSRADIO.COM]
TECH INSIDER: Priorities for Enhancing National Cybersecurity. Presidential
transitions are a time of considerable change in government, including new agency
leaders and evolving policy priorities. But many issues persist, and this is certainly
the case with cybersecurity. Advancing the nation's cybersecurity posture must be a
key priority for the Trump administration, especially if we are to maximize the
benefits of digital transformation. Read more
[NEXTGOV.COM]

IT Security | Cybersecurity
NEWS: National Guard Expects Expanded Role in Cybersecurity. The National
Guard’s role in cybersecurity began in 1999 thanks to the uncertainty created by
Y2K. With concerns of potential computer chaos looming when dates on systems
turned over to 2000, the National Guard was given a new force structure called a
computer network defense team. Renamed Defensive Cyber Operations Elements,
the eight-to 10-person teams are organized on the state level, while support for the
10 Federal Emergency Management Agency regions is handled by Cyber Protection
Teams, Lt. Col. Brad Rhodes, the commander of the Colorado National Guard's Cyber
Protection Team 178, said in a recent interview. Find out more
[GCN.COM]
PEOPLE: U.S. Rep. Bob Latta Named Chairman of Panel that Oversees Data,
Cybersecurity. The House Subcommittee on Digital Commerce and Consumer
Protection has a great range of jurisdiction -- everything from IoT policies to
overseeing the Federal Trade Commission. Find out more
[GOVTECH.COM]

From the Blue Mountain Data Systems Blog
Personal Tech
https://www.bluemt.com/personal-tech-daily-tech-update-october-28-2016
IT Management
https://www.bluemt.com/it-management-daily-tech-update-october-27-2016
Business Intelligence
https://www.bluemt.com/business-intelligence-daily-tech-update-october-26-
2016
Incident Response
https://www.bluemt.com/incident-response-daily-tech-update-october-25-2016

From the Blue Mountain Data Systems Blog
Security Patches
https://www.bluemt.com/security-patches-daily-tech-update-october-24-2016/
BYOD
https://www.bluemt.com/byod-daily-tech-update-october-21-2016/
Databases
https://www.bluemt.com/databases-daily-tech-update-october-20-2016/
Operating Systems
https://www.bluemt.com/operating-systems-daily-tech-update-october-19-
2016/

From the Blue Mountain Data Systems Blog
Encryption
https://www.bluemt.com/encryption-daily-tech-update-october-18-2016/
Cloud Computing
https://www.bluemt.com/cloud-computing-daily-tech-update-october-17-2016/
Programming & Scripting
https://www.bluemt.com/programming-scripting-daily-tech-update-october-14-
2016/
Incident Response
https://www.bluemt.com/incident-response-daily-tech-update-october-13-
2016/

From the Blue Mountain Data Systems Blog
Cybersecurity
https://www.bluemt.com/cybersecurity-daily-tech-update-october-12-2016/
Big Data
https://www.bluemt.com/big-data-daily-tech-update-october-11-2016/
Mobile Applications
https://www.bluemt.com/mobile-applications-daily-tech-update-october-7-
2016/
Cloud Computing
https://www.bluemt.com/cloud-computing-daily-tech-update-october-6-2016/

From the Blue Mountain Data Systems Blog
Open Source
https://www.bluemt.com/open-source-daily-tech-update-october-5-2016/
CTO, CIO and CISO
https://www.bluemt.com/cto-cio-ciso-daily-tech-update-october-4-2016/
Programming & Scripting
https://www.bluemt.com/programming-scripting-daily-tech-update-october-3-
2016/

From the Blue Mountain Data Systems Blog
Feds Report Mixed Responses to Shared Services
https://www.bluemt.com/feds-report-mixed-responses-to-shared-services
Federal Employees Are Not Security Experts
https://www.bluemt.com/federal-employees-are-not-security-experts
Survival Guide for Network Administrators
https://www.bluemt.com/survival-guide-for-network-administrators
DBaaS: OpenStack Trove Changes DB Management
https://www.bluemt.com/dbaas-openstack-trove-changes-db-management

From the Blue Mountain Data Systems Blog
Help Wanted: Certified Cybersecurity Professionals
https://www.bluemt.com/help-wanted-certified-cybersecurity-professionals
Cyber Threat Intelligence Integration Center Preview
https://www.bluemt.com/cyber-threat-intelligence-integration-center-preview/
Cloud Moves in 1-2-3
https://www.bluemt.com/cloud-moves-in-1-2-3/
Change Management for Disaster Recovery
https://www.bluemt.com/change-management-for-disaster-recovery/

From the Blue Mountain Data Systems Blog
Jeffersonian Advice For C-Suite Career Advancement
https://www.bluemt.com/jeffersonian-advice-for-c-suite-career-advancement/
Ways To Survive The “Mobile-Pocalypse”
https://www.bluemt.com/ways-to-survive-the-mobile-pocalypse/
Microsoft Cloud Services Receive FedRAMP Authority to Operate
https://www.bluemt.com/microsoft-cloud-services-receive-fedramp-authority-
to-operate/
Hiring Pentesters? Here Are 10 Things You Need to Know
https://www.bluemt.com/hiring-pentesters-here-are-10-things-you-need-to-
know/

From the Blue Mountain Data Systems Blog
Home Router Malware Alert
https://www.bluemt.com/home-router-malware-alert/
Threat Model Deconstruction
https://www.bluemt.com/threat-model-deconstruction/
Business Email Scam Nets $214 Million
https://www.bluemt.com/business-email-scam-nets-214-million/
How to Prevent Unauthorized Software from Taking Over Your Organization
https://www.bluemt.com/the-cios-guide-to-happy-end-users-2/

From the Blue Mountain Data Systems Blog
Digital Marketing Predictions for 2015
https://www.bluemt.com/digital-marketing-predictions-for-2015/
SDN: Network Administrator’s Friend or Foe?
https://www.bluemt.com/sdn-network-administrators-friend-or-foe/
Mobile Payments: A Must for Federal Agencies
https://www.bluemt.com/mobile-payments-a-must-for-federal-agencies/
Soft Skills Are A Must-Have For Careers In IT
https://www.bluemt.com/soft-skills-are-a-must-have-for-careers-in-it/

From the Blue Mountain Data Systems Blog
Security Risks Most Prevalent in Younger Workers
https://www.bluemt.com/security-risks-most-prevalent-in-younger-workers/
The Security World’s Maturation
https://www.bluemt.com/the-security-worlds-maturation/
Data Breach Concerns Keep CISOs Up At Night
https://www.bluemt.com/data-breach-concerns-keep-cisos-up-at-night/
Personalized Govt Equals Instant Gratification for Citizens
https://www.bluemt.com/personalized-govt-equals-instant-gratification-for-
citizens/

From the Blue Mountain Data Systems Blog
People-Centric Security
https://www.bluemt.com/people-centric-security/
Pentagon Tries BYOD To Strike Work/Life Balance
https://www.bluemt.com/pentagon-tries-byod-to-strike-worklife-balance/
Open Source Model Considered for MS Windows
https://www.bluemt.com/open-source-model-considered-for-ms-windows/
Open Internet: To Be or Not to Be?
https://www.bluemt.com/open-internet-to-be-or-not-to-be/

From the Blue Mountain Data Systems Blog
Malware Stays A Step Ahead Infecting One Third of Websites
https://www.bluemt.com/malware-stays-a-step-ahead-infecting-one-third-of-
websites/
Machine-Generated Data: Potential Goldmine for the CIO
https://www.bluemt.com/machine-generated-data-potential-goldmine-for-the-
cio/
Government Legacy Programs: Reuse vs. Replacement
https://www.bluemt.com/government-legacy-programs-reuse-vs-replacement/
It Takes a Whole Village to Protect Networks and Systems
https://www.bluemt.com/it-takes-a-whole-village-to-protect-networks-and-
systems/

From the Blue Mountain Data Systems Blog
Governance For the CIO
https://www.bluemt.com/governance-for-the-cio/
Help Desk Consolidation – Lessons Learned
https://www.bluemt.com/help-desk-consolidation-lessons-learned/
One Year Later, Companies Still Vulnerable to Heartbleed
https://www.bluemt.com/one-year-later-companies-still-vulnerable-to-
heartbleed/
Federal Projects Cultivate Worker Passion
https://www.bluemt.com/federal-projects-cultivate-worker-passion-2/

ABOUT US
Blue Mountain Data Systems Inc.
Blue Mountain Data Systems Inc. is dedicated to application
and systems development, electronic document management,
IT security support, and the automation of workflow processes.
Read more about our experience here:
>> http://bluemt.com/experience

Recent Experience
U.S. Dept. of Labor
Employee Benefits Security Administration
1994 to Present
Responsible to the Office of Technology and Information Systems for information
systems architecture, planning, applications development, networking,
administration and IT security, supporting the enforcement of Title I of the
Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue
Mountain is responsible for design, development and support for its various
enforcement database management systems, as well as all case tracking and
customer service inquiry systems. Blue Mountain also provides IT security services
to the EBSA, in the form of FISMA Assessment and Authorization, System Security
Plans, Risk and vulnerability assessments, monitoring and investigation support.

MANAGEMENT
Paul T. Vesely
Founder, President, CEO and Principal Architect
Mr. Vesely is a recognized thought leader in systems
architecture and delivery, having designed and
delivered many enterprise wide information and
document management solutions. Mr. Vesely’s history
includes 33 years experience in the information
systems industry, with Unisys, Grumman, PRC and a
host of clients in both government and private sectors.

CONTACT US
Contact Us Today to Discuss Your Next IT Project
HEADQUARTERS
366 Victory Drive
Herndon, VA 20170
PHONE 703-502-3416
FAX 703-745-9110
EMAIL
paul@bluemt.com
WEB
https://www.bluemt.com