1. Tech Update Summary
May 2016
Blue Mountain Data Systems

3. For CTOs, CIOs & CISOs
Visit Blue Mountain Data Systems
https://www.bluemt.com

4. For CTOs, CIOs & CISOs
Every business day, we publish a Daily Tech Update for Federal & State CTOs ,CIOs & CISOs on the Blue
Mountain Data Systems Blog. We hope you will visit our blog for the latest information.
You can also receive these updates via email. Click here to subscribe.
Here’s the summary of the Daily Tech Updates for May 2016. Hope the information and ideas prove
useful.
Best,
Paul Vesely
President and Principal Architect
Blue Mountain Data Systems Inc.

5. Document Management

6. Document Management
ROI: Spend Green to Save Green: the ROI of Document Management. Metafile’s
Alyssa Putzer explains the benefits of transitioning to a paperless office with a
document management or accounts payable automation solution. If your office is
still using paper-based processes, you may be incurring unnecessary costs that
could be eliminated by going paperless with a document management or accounts
payable (AP) automation solution. Read more
[ONWINDOWS.COM]
CIO: Why You Need DRM for Your Documents. From protecting merger discussions
to everyday document management, enterprise DRM is a mature, mainstream
enterprise technology. So why aren’t more companies using it? Read the rest
[CIO.COM]

7. Document Management
GOOGLE: Google Search Appliance’s Dwindling Timeline. Google Search Appliance
(GSA) users have an approaching deadline. And missing that deadline will be
painful. Find out more
[CMSWIRE.COM]
2016: The Best Document Management Systems of 2016. Document management
software can help your business manage its files, from sharing and collaboration to
archiving inactive files. Compare 10 document management software offerings so
you can decide which is best for your business. Read more
[PCMAG.COM]

8. Encryption

9. Encyption
THE CHALLENGE: The Encryption Challenge. IT managers know the movies get it
wrong. A teenager with a laptop cannot crack multiple layers of encryption —
unless that laptop is connected to a supercomputer somewhere and the teenager
can afford to wait a few billion years. Encryption works. It works so well that even
the government gets stymied, as demonstrated by the lengths to which the FBI
went to access an iPhone used by one of the San Bernardino, Calif., shooters. Read
more
[GCN.COM]

10. Encyption
POLITICAL TECH: Tech Groups Call on Presidential Candidates to Support
Encryption, Embrace Other IT Issues. U.S. presidential candidates should embrace
encryption and narrow government access to Internet users’ data as part of a
comprehensive technology agenda, IT trade groups say. While the FBI and some
lawmakers have pushed in recent months for encryption workarounds in criminal
investigations, presidential candidates should “recognize encryption as a critical
security tool,” 13 tech trade organizations said in a set of tech policy
recommendations released late Wednesday. Read the rest
[CIO.COM]

11. Encyption
BIG BROTHER: Encryption and Lack of Trust in Big Brother. The FBI wanted data
that Apple didn’t have access to and attempted to force Apple to construct a
backdoor. Find out more
[WSJ.COM]
FEDERAL GOVERNMENT: Draft Encryption Bill Puts Rule of Law Above Privacy
Concerns. A discussion draft leaked online of the first legislation to tackle the
heated encryption debate that has pit law enforcement agencies seeking access
against privacy and consumer advocates lobbying to maintain strong security. Read
more
[FEDERALTIMES.COM]

12. Databases

13. Databases & Storage
MICROSERVICES: Blow That Data Monolith to Smithereens with Microservices and
Database Swarms. The world of apps is in constant flux and, with it, so are the
demands on data. APIs are constantly changing to meet those demands (a social
media connection here, a new mobile platform there). But throughout all this, core
business can’t be bogged down; it has to move fast. And that’s where
microservices—the dissection of the data monolith into agile little services—come
in. Find out more about loosely coupled microservices and the specialized
databases that power them. Read more
[ARSTECHNICA.COM]

14. Databases & Storage
NoSQL: Using NoSQL Databases to Handle Fast Data. NoSQL databases can help
enterprises handle so-called Fast Data. MongoDB, DataStax and Redis are three
NoSQL databases worth checking out. Read the rest
[ENTERPRISEAPPSTODAY.COM]
GRAPH DATABASES: Graph Database Technology Starts to Come of Age Beyond
Social Media. Graph databases, based on mathematics known for three centuries,
are starting to yield value for businesses beyond Facebook and Twitter. Used for
tasks as diverse as dating sites and fraud detection, graph technology works by
looking at relationships, not just data. Find out more
[COMPUTERWEEKLY.COM]

15. Databases & Storage
HADOOP: Hadoop 3 Poised to Boost Storage Capacity, Resilience with Erasure
Coding. The next major version of Apache Hadoop could effectively double storage
capacity while increasing data resiliency by 50 percent through the addition of
erasure coding, according to the Apache Hadoop team at the Apache Software
Foundation. Read more
[DATANAMI.COM]

16. More About Blue Mountain
BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S.
Dept. of Labor, Employee Benefits Security Administration. Responsible to the
Office of Technology and Information Systems for information systems
architecture, planning, applications development, networking, administration and
IT security, supporting the enforcement of Title I of the Employee Retirement
Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for
design, development and support for its various enforcement database
management systems, as well as all case tracking and customer service inquiry
systems. Blue Mountain also provides IT security services to the EBSA, in the form
of FISMA Assessment and Authorization, System Security Plans, Risk and
vulnerability assessments, monitoring and investigation support. Read more.

17. Security Patches

18. Security Patches
GOOGLE: Google Patches 9 Security Flaws in New Chrome Browser Build. Google
updated its browser Thursday patching nine security bugs, labeling four as “high”
and two as a “medium” risk to computer users. The update was tied to a new
Chrome browser build (50.0.2661.94) that fixes the flaws. Google also shelled out
$14,000 tied to bug bounty payouts addressed in this security updates, according
to a Google Chrome Team security bulletin. Read more
[THREATPOST.COM]
MICROSOFT: Is Microsoft Using Security Patch KB 3146706 to Break Pirate Copies
of Windows 7? It’s not clear whether it’s intentional, but the patch is throwing blue
screen error 0x0000006B on Ghost pirate copies of Windows 7. Read the rest
[INFOWORLD.COM]

19. Security Patches
MOZILLA: Patches Firefox Flaw Discovered by GCHQ’s Information Security Arm.
Mozilla has fixed a security flaw having high vulnerability impact on its Firefox
web browser. The flaw was first discovered by the Communications-Electronics
Security Group (CESG), the information security arm of the UK Government
Communications Headquarters (GCHQ). In Firefox version 46 that was released
on 26 April across desktop and Android devices, Mozilla patched as many as 10
vulnerabilities, of which some are rated either critical or of high severity. Find
out more
[IBTIMES.CO.UK]

20. Security Patches
OFFICE 365: Microsoft Patches Serious Office 365 Security Flaw. Microsoft has
patched a vulnerability in Office 365 that could have allowed an attacker to gain
access to any account at a business with a federated domain. Researchers
Yiannis Kakavas and Klemen Bratec discovered the flaw and say Microsoft
“mitigated” the threat within seven hours of notification. However, the group of
companies that use federated domains includes some of the biggest names in
technology, such as IBM, Cisco, BT, Vodafone and Microsoft itself, and high
profile firms like British Airways, PwC and KPMG. Read more
[CHANNELBIZ.CO.UK]

21. Penetration Testing

22. Penetration Testing
REGULAR CHECKUPS: Pentesting-as-a-Service. Ten years ago, penetration testing
was viewed as a luxury service, typically aimed at ensuring that companies’ network
perimeters were secured against malicious external attacks. More recently, we have
seen the emergence of vulnerability scanning software, an automated way to
perform more frequent vulnerability testing, but not to the level of rigour the
company would receive from a penetration test performed by a security expert.
Read more
[INFOSECURITY-MAGAZINE.COM]
THINK TANK: Penetration Testing Still Relevant, but Approach Needs to Change.
How can an organization ensure it gets value from penetration and security testing
services? Security managers need permission from their respective companies to
test live networks, and they need the right pen testing tools for the job. Read more
[COMPUTERWEEKLY.COM]

23. Penetration Testing
HOW: A White Hat Hacker Breaks Into a Business. A pen tester talks through how to
break into a company. Read more
[NEWSWEEK.COM]
PENTAGON: Sees White Hat Hackers as Low-Cost Penetration Testers. The Defense
Department announced it would be launching the federal government’s first-ever
"bug bounty," banking on the idea that there’s a nascent community of white hat
hackers that’s been itching to help the Pentagon with its cybersecurity challenges
but hasn’t been able to until now. Read more
[FEDERALNEWSRADIO.COM]

24. Mergers & Modernization

25. Mergers & Modernization
MERGER: HP Enterprise to Spin Off, Merge Services Business. Deal with
Computer Sciences creates IT-services provider with $26 billion in annual
revenue. Hewlett Packard Enterprise Co. said it would spin off most of its
technology services operations and merge them with those of Computer
Sciences Corp., the company’s latest adjustment to a shifting landscape that is
roiling the market for corporate technology. HP Enterprise will shed a business
that accounts about 100,000 employees, or close to half of the Silicon Valley
giant’s workforce. Read more
[WSJ.COM]

26. Mergers & Modernization
MODERNIZATION: CIO Scott Pushes $3.1B IT Fund as Congress Probes Legacy
Tech. Obama administration officials want Congress to back a revolving fund to
modernize legacy IT systems. The goal is to kick-start projects with money
agencies will pay back into a fund administered by the General Services
Administration. In this way, $3.1 billion in initial funding would support upwards
of $12 billion in modernization spending over a decade. Read the rest
[FCW.COM]
HEALTH CARE: When Mergers Fail Because of Clashing Work Culture. The Wall
Street Journal got a hold of correspondence Monday that suggests there may be
some tension between insurance giants Anthem and Cigna, two companies that
have proposed a $48 billion merger. Read more
[MARKETPLACE.ORG]

27. Mergers & Modernization
FEDERAL GOVERNMENT TECH: ‘Ticking Time Bomb?’ The Department of
Defense still uses a 1970’s IBM Series/1 computing system – including 8-inch
floppy disk drives – to coordinate operations of the United States nuclear forces.
Two of the Treasury Department’s tax systems, which retain tax data for more
than 100 million Americans, assess refunds and update taxpayer accounts, are
running on “low-level computer code” that was written 56 years ago. Those are
just a few of the most egregious examples of outdated technology still in use by
the government highlighted in an audit by the Government Accountability Office
that will be presented to Congress May 25. The congressional watchdog for years
has been touting the need to modernize IT systems or risk excess billions in
spending and untold security risks. Find out more
[NEXTGOV.COM]

28. For the CIO, CTO & CISO

29. For the CIO, CTO & CISO
CIO: Focus Needs to Shift from Cutting IT Costs. Put your own house in order before
you start giving advice to others is a popular idiom. And CIOs have been doing that
for years, incrementally cutting costs in IT functions. But what if the mandate from
your CEO is for IT to help improve the performance of another department such as
finance and accounting (F&A), for instance, but at the same time cut F&A costs by
60 percent? How can IT help that department? Read more
[CIO.COM]
CTO: US CTO Megan Smith Highlights Heritage of Women in Tech. The former
Googler and current chief technology officer of the United States also talks about
encryption and bringing more techies to government. Read the rest
[CNET.COM]

30. For the CIO, CTO & CISO
FEDERAL CIO: Hire Faster, from Every Discipline. The government needs to hire
skilled cybersecurity professionals fast, starting with the federal chief information
security officer, according to Federal CIO Tony Scott. “There’s no area combined
with cybersecurity that I would say we’re full up on,” Scott said, adding that
agencies need to broaden their reach. They should consider hiring people from a
variety of disciplines — such as cultural anthropology, economics, biology and
foreign languages — who also have cybersecurity knowledge. “Cyber is a global
problem, and we need people who speak every language on the planet,” he said.
Read more
[FCW.COM]

31. For the CIO, CTO & CISO
CISO: House Bill Would Elevate HHS CISO from CIO’s Purview. The HHS Data
Protection Act would create a CISO’s office to alleviate concerns that the current
organizational structure sacrifices security for operational efficiencies. Find out
more
[FEDSCOOP.COM]

32. Application Development

33. Application Development
STRATEGY: Choosing Your Application Development Strategy. Which is more
effective: the top-down or bottom-up application strategy? Discover why choosing
one requires an in-depth understanding of application requirements. Read the rest
[SEARCHSOA.TECHTARGET.COM]
CLOUD: Why Amazon and OpenStack Continue to Thrive in a Complex Cloud World.
Amazon announcing AWS hitting a $10B annual run rate and OpenStack’s 13th
release—lead some to wonder who is winning. Both are. Read more
[EWEEK.COM]

34. Application Development
MICROSOFT: Power BI Hits 5M Subscribers, Adds Deeper Excel Integration.
Microsoft has a ton of new features planned for its cloud-based BI service.
Microsoft’s cloud-based business intelligence service is celebrating a major user
growth milestone with a handful of new features, including the ability to import
data from an Excel spreadsheet and turn it into live-updating charts and graphs.
Power BI now has more than 5 million subscribers, who are using the service to
take in business data and create dashboards they can use to better understand
their businesses. Subscribers will be able to use an Excel connector to easily “pin”
live-updating data from the Excel desktop app to a Power BI dashboard. Both that
feature, and one that allows users to analyze data from Power BI in Excel, were
previously available for beta testing and are now generally available. Read more
[PCWORLD.COM]

35. Application Development
NODE.js: Top Reasons to Use Node.js for Web Application Development. There are
many reasons why developers (regardless of experience level) should use Node.js
for web application development, starting with its speed and ending with its
proficiency at multi-user, real-time web applications. Not to mention that three
years ago Nodejitsu reached out to the npm community for help running the public
npm servers and raised over $300,000 for the project, proving that the community
is both active and generous. Read more
[JAXENTER.COM]

36. BYOD

37. BYOD
WINDOWS 10: IT Department Finds BYOD Policy Pits It in Eternal War with Windows
10. It seemed like such a good idea at the time: Implement a BYOD policy that puts
the responsibility of laptop maintenance in the hands of the users, offload
maintenance and have happier users. And then Windows 10 happened. Read more
[WINDOWSITPROS.COM]
ENTERPRISE SECURITY: BYOD vs. Enterprise Security: Is It Possible to Have Both?
Weighing the advantages of a BYOD policy against the potential security risks can
prove challenging. BYOD can be a challenge for IT and security departments, because
it essentially puts corporate security into the hands of employees. Any decisions an
employee makes about that device – from failing to keep the software up-to-date to
using unsecured Wi-Fi networks – ultimately puts the enterprise and its data at risk.
Read the rest
[CIODIVE.COM]

38. BYOD
FUTURE: Will a Smartphone Replace Your PC? Will you buy another desktop
computer or laptop? Or, can your smartphone meet your technology needs? Should
your business continue buying PCs? The IT infrastructure industry is divided, but the
answer affects more than you think. Here’s why. Find out more
[GOVTECH.COM]
MOBILITY: Why Oak Ridge and Other Agencies Have Opened Their Own App Stores.
Employees want apps. Agencies want control. With iTunes-like stores, the two can
find a happy medium. Read more
[FEDTECHMAGAZINE.COM]

39. Big Data

40. Big Data
EDUCATION: ‘Big Data’ was Supposed to Fix Education. It Didn’t. It’s Time for ‘Small
Data.’ For over a decade, “big data” and “analytics” have increasingly become a part
of the education world. (Big data is a term used to describe data sets so large that
they can only be analyzed by computers, and analytics is used to describe how the
data is collected, analyzed and used.) Big data lovers believe the information can
help policy-makers make systemic improvements in student outcomes — but, so
far, that hasn’t happened. Here is a post about the problems with big data in
education and about something new that could actually make a real difference:
“small data.” What is it? Read the post by Pasi Sahlberg and Jonathan Hasak.
Read more
[WASHINGTONPOST.COM]

41. Big Data
ANALYTICS: How the Skills Shortage is Transforming Big Data. According to this
Silicon Valley dean, “The profession is subdividing.” In the early days of computing,
developers were often jacks of all trades, handling virtually any task needed for
software to get made. As the field matured, jobs grew more specialized. Now we’re
seeing a similar pattern in a brand-new domain: big data. That’s according to P.K.
Agarwal, regional dean and CEO of Northeastern University’s recently formed
Silicon Valley campus, who says big-data professionals so far have commonly
handled everything from data cleaning to analytics, and from Hadoop to Apache
Spark. Read the rest
[PCWORLD.COM]

42. Big Data
DATABASES: HBase…The Database Big Data Left Behind. As the default database for
Hadoop, you’d expect HBase to be more popular than it is, but its time may already
have passed. Find out more
[INFOWORLD.COM]
MORE ANALYTICS: 12 Inspiring Women In Data Science, Big Data. Women make up
half the population, yet it’s been well documented that they don’t come close to
parity in STEM fields. Could the rise of big data and data science offer women a
clearer path to success in technology? Here’s a list of 12 inspiring women who work
in big data and data science. Read more
[INFORMATIONWEEK.COM]

43. Mobile Applications

44. Mobile Applications
DHS: Playbook Strives for Consistency of Mobile Apps. The Homeland Security
Department has a new playbook for developing mobile applications and it’s willing
to share to ease the burden and ensure consistency across the government. This
how-to guide is for everyone from the technology experts to the business owners to
the app developers. Rob Palmer, the DHS deputy chief technology officer in the
Enterprise System Development Office, said the playbook is to help stem the tide of
inconsistent mobile app development. He said this led to an increased workload for
the chief information officer’s office to test, field and approve. Read more
[FEDERALNEWSRADIO.COM]

45. Mobile Applications
STATE GOVERNMENT: Build a Mobile Strategy That Truly Moves Government
Forward. Security and mobile device management play a starring role in workplace
transformation. Outfitting staff with smartphones and tablets undoubtedly helps to
mobilize the workforce, but it takes more than hardware alone to transform
operations. The VMware “State of Business Mobility Report” identifies a significant
gap between organizations’ mobility goals and their ability to achieve them. Read
the rest
[STATETECHMAGAZINE.COM]
FIDO & NIST: How US Government Can Go Mobile with FIDO. The proliferation of
mobile devices leaves U.S. government agencies with a tough balancing act
between security, usability and effectively performing their missions. How can they
accommodate an increasingly mobile workforce that wants to use all of their
devices to access online services, while adhering to a plethora of security policies
and directives?
Find out more
[PLANETBIOMETRICS.COM]

46. Mobile Applications
CRITICAL READ: Why Agencies Should Adopt a “Mobile First” Strategy. What:
“Using Mobile Apps in Government,” a report from the IBM Center for the Business
of Government on the state of mobile apps and access in the federal government.
Why: Most Americans own cell phones and many also own tablets, so it should
come as no surprise that more than one-third of the traffic on U.S. government
websites comes from mobile devices and 40 percent of smartphone owners use
those devices to look up government services or information. Read more
[FCW.COM]

47. Accessible Web

48. Accessible Web
WINDOWS: Using UI Automation Support in Edge to Build More Accessible Web
Apps. Microsoft is at it again, making an effort to live up to their mission statement:
to empower everybody to do great things. In a recent blog post, Microsoft spoke
about the effort it’s putting into Microsoft Edge, and how they want it to better serve
the needs of people who have trouble surfing the web. Using UI Automation, a
process which allows Windows 10 applications to “provide programmatic
information about their user interface,” Microsoft Edge is creating a much more
accessible browser. Read more
[WINBETA.ORG]

49. Accessible Web
DOJ: Refreshes Its Efforts to Promulgate Title II Website Accessibility Regulations and
Other Accessible Technology Updates – What Does It All Suggest for Businesses? On
April 28, 2016, the U.S. Department of Justice, Civil Rights Division, withdrew its
Notice of Proposed Rulemaking (NPRM) titled Nondiscrimination on the Basis of
Disability; Accessibility of Web Information and Services of State and Local
Government Entities. Citing “the growing confusion around web site accessibility,” on
April 29, 2016, the National Association of Realtors wrote a letter to DOJ’s Civil Rights
Division imploring DOJ to take actions to regulate the issue of website accessibility
for Title III entities as soon as possible. Read the rest
[NATLAWREVIEW.COM]

50. Accessible Web
WEB DESIGN & CONTENT: Accessible Best Practice: Don’t Use Color As Part of Your
Instructional Content. Are you using color as a way of instructing visitors about the
next action to take on your Web site? Think again. WCAG 2.0 Guideline 1.4.1 warns
Web designers, developers and content creators about depending solely on color
when conveying instructions. Find out more
[ACCESSIBLEWEBSITESERVICES.COM]
COLOR CONTRAST: How to Measure Color Contrast, for Web Accessibility. The
essence of accessible color contrast is simple. Given a foreground color and a
background color, the contrast between those two must be distinguishable in a wide
variety of environments, by individuals with different color perception abilities. Using
the Web Content Accessibility Guidelines — WCAG — version 2.0, these contrasts are
measured using an algorithm that compares the relative luminosity of the two colors
and returns a ratio, which is to exceed WCAG’s recommended minimum.
Read more
[PRACTICALECOMMERCE.COM]

51. Programming & Scripting Development
Client & Server-Side

52. Programming & Scripting Development
Client & Server-Side
ANGULAR: 3 Development Patterns of Angular Universal. While Angular is a
powerful way to build web apps, developers have long known its limitations with
SEO and accessibility. Sure, Google’s crawler can execute JavaScript, but it’s not the
only crawler in the game. For example, after posting a link to Slack, its crawler will
pull down a preview, but it doesn’t execute JavaScript, so the raw Angular HTML
templates show up in the preview. To eliminate the trouble this causes, Jeff
Whelpley and Patrick Stapleton have worked on Angular Universal that allows the
rendering to happen on the server. Read more
[INFOQ.COM]

53. Programming & Scripting Development
Client & Server-Side
JAVASCRIPT: What JavaScript Means for Ecommerce Merchants. Web developers
use three core tools when building ecommerce sites: HTML for content and
organization, CSS for the design and presentation, and JavaScript for the
interaction with backend servers. Using JavaScript, merchants can engage their
visitors. Read the rest
[PRACTICALECOMMERCE.COM]
VISUAL STUDIO: C#/XAML for HTML5 Beta 8 Released. The free Visual Studio
extension that allows developers to build HTML5 applications using C# or XAML
has hit beta version 8 on its way to general availability. Find out more
[SDTIMES.COM]

54. Programming & Scripting Development
Client & Server-Side
JAVA: A Warning About Overloading Methods in Java. Autoboxing and method
overloading can be useful when building a Java app. But sometimes these features
can cause confusion, improper outputs, or errors, if not handled carefully. Read
more
[DZONE.COM]

55. Cloud Computing

56. Cloud Computing
CLOUD SECURITY: Is Single Sign-on the Answer to Your Cloud Computing Security
Worries? The downside of the cloud is a password and username overload — but
there are technologies available to help. The cloud provides a raft of business
benefits to organisations that want to access applications in a flexible and cost-
conscious manner. But to really take advantage, businesses must be sure that
information is easily and safely accessible. Read more
[ZDNET.COM]
ORACLE: Dives Further in Cloud Computing, Acquires Opower. Oracle has acquired
Opower, an Arlington-based data analytics company, in a $532 million cash deal.
Oracle will pay $10.30 per share for Opower — with a 30% premium on the closing
share price of the company. Read the rest
[TECHNEWSTODAY.COM]

57. Cloud Computing
TRENDS: Amazon, Microsoft Invest Billions as Computing Shifts to Cloud. As cloud
computing proliferates, its leading providers — Amazon and Microsoft among them
— have unleashed a torrent of capital spending to build the infrastructure that
handles the technology. That, in turn, has significant economic effects globally and
locally. Find out more
[SEATTLETIMES.COM]
EMCS: Latest VCE Nodes Aim to Make Clouds Easy. Neutrino Nodes let different
software stacks run anywhere in a VxRack system. Read more
[INFOWORLD.COM]

58. Business Intelligence

59. Business Intelligence
OPINION: The ‘Business’ in Business Intelligence: There’s NOT An App for That.
Identifying and prioritizing business needs is the most important step to take
before making an investment in a technology tool or platform. Ours is a society of
technophiles. We readily adopt – and rely heavily upon – the software that
powers our digital devices to entertain us, to make us more productive, to
monitor our health, or to get us safely from Point A to Point B, and back again.
With this passionate (some might say “frantic”) adoption of consumer technology,
it is understandable that we are encouraged to believe that a compelling, easy-to-
install, easy-to-configure software solution already exists to address our most
pressing personal and business challenges. “There’s an app for that” has become
as axiomatic as “Nothing is certain but death and taxes.” Read more
[CIO.COM]

60. Business Intelligence
ANALYTICS: 3 Tips for Adopting Business Intelligence. Business Intelligence (BI) – the
ability to garner actionable, data-driven insights into the working of an enterprise –
is revolutionizing how companies make decisions. It is not only making companies
more efficient, it is enhancing the bottom line. In fact, business intelligence is such a
major initiative for enterprises across the world that Gartner predicts the worldwide
BI market will reach nearly $17 billion in 2016. Read the rest
[INFORMATION-MANAGEMENT.COM]
MANAGEMENT: EMC World 2016: Smart Cities Are a Platform for Innovation.
Technology can enable local governments to build and operate integrated and highly
efficient cities. Find out more
[STATETECHMAGAZINE.COM]

61. Business Intelligence
NETWORKING: Fog Computing Brings Connectivity, Analytics to Agencies’ Network
Edge. The Defense Department and TSA are already using fog computing, but
agencies must be cautious about security risks. The Internet of Things holds a world
of possibility for federal agencies, but in order to leverage that potential, they’ll
need a more agile computing platform. Enter fog computing, which could offer users
greater functionality from distributed endpoints and environments. Read more
[FEDTECHMAGAZINE.COM]

62. IT Security | Cybersecurity

63. IT Security | Cybersecurity
FEDERAL GOVERNMENT: New Rule Puts Onus on Contractors to Tighten IT Security.
It is official: The government requires minimum cybersecurity standards for
contractors that store sensitive information in their IT systems. A new rule aimed at
systems that store controlled unclassified information and classified information is
one result of the White House’s 2010 executive order aimed at bolstering CUI
protections. “Systems that contain classified information, or CUI such as personally
identifiable information, require more than the basic level of protection,” a May 16
Federal Register notice states. The regulation was issued by the Defense
Department, the General Services Administration and NASA. Read more
[FCW.COM]

64. IT Security | Cybersecurity
HOW TO: Defend Macs and iOS Devices Against Malware Attacks. With attacks on
the rise, raise your guard against malware infecting iOS and OS X devices. IT
professionals have long maintained that Apple devices don’t get malware, and that
was generally true for many years. But times have changed, and iOS mobile devices
and OS X Macintosh computers are now the source of frequent security
vulnerabilities and a popular target of hackers and malware authors. Read the rest
[STATETECHMAGAZINE.COM]
OPERATIONS: Security By The Numbers Launches IT Security Measurement Index
and Collaborative Group. Online resource behind benchmark survey promises to
help companies measure the effectiveness of cybersecurity and share best practices.
Find out more
[DARKREADING.COM]

65. IT Security | Cybersecurity
TSA: DHS Inspector General Lambasts TSA’s IT Security Flaws. TSA typically has not
managed security equipment in compliance with departmental guidelines regarding
sensitive IT systems, according to OIG report. Read more
[NETWORKWORLD.COM]
EDUCATION: Computer Science Teachers Need Cybersecurity Education, Says CSTA
Industry Group. The Computer Science Teachers Association (CTSA) is working on a
cybersecurity certification program for computer science educators, so they can
better teach students about computer security. Read more
[TECHREPUBLIC.COM]

66. IT Security | Cybersecurity
SHORTAGE: High-Demand Cybersecurity Skill Sets. Specialized cybersecurity skills
around cloud computing represent the biggest gap. According to ESG research, 46
percent of organizations say they have a “problematic shortage” of cybersecurity
skills in 2016. By comparison, 28 percent of organizations claimed to have a
“problematic shortage” of cybersecurity skills in 2015. That means there has been
an 18 percent year-over-year increase. Read the rest
[NETWORKWORLD.COM]
DEFENSE: DISA Unveils New Cybersecurity Review. The Defense Information Systems
Agency unveiled a cybersecurity review process on May 9 that takes an agile,
“outside-in” assessment of the resources and technologies the Department of
Defense Information Network (DODIN) needs to defend itself against attack. Find
out more
[FCW.COM]

67. IT Security | Cybersecurity
FDIC: Reports Five ‘Major Incidents’ of Cybersecurity Breaches Since Fall. The
Federal Deposit Insurance Corp. (FDIC) on Monday retroactively reported to
Congress that five additional “major incidents” of data breaches have occurred since
Oct. 30. FDIC also is launching “a new initiative to enhance security.” The incidents
involved the breach of taxpayers’ personally identifiable information. In each case,
employees with legitimate access to the information were leaving the agency when
they inadvertently downloaded the data along with personal files. The individuals
involved provided affidavits saying the data was not shared. Read more
[WASHINGTONPOST.COM]

68. From the Blue Mountain Data Systems Blog
Three-Dimensional Governance for the CIO
https://www.bluemt.com/three-dimensional-governance-for-the-cio
7 Reasons to Take Control of IT Incidents
https://www.bluemt.com/7-reasons-to-take-control-of-it-incidents/
Breach Mitigation Response Time Too Long, Survey Says
https://www.bluemt.com/breach-mitigation-response-time-too-long-survey-
says/
Six Tactics for Cyberdefense
https://www.bluemt.com/six-tactics-for-cyberdefense/

69. From the Blue Mountain Data Systems Blog
Feds Report Mixed Responses to Shared Services
https://www.bluemt.com/feds-report-mixed-responses-to-shared-services
Federal Employees Are Not Security Experts
https://www.bluemt.com/federal-employees-are-not-security-experts
Survival Guide for Network Administrators
https://www.bluemt.com/survival-guide-for-network-administrators
DBaaS: OpenStack Trove Changes DB Management
https://www.bluemt.com/dbaas-openstack-trove-changes-db-management

70. From the Blue Mountain Data Systems Blog
Help Wanted: Certified Cybersecurity Professionals
https://www.bluemt.com/help-wanted-certified-cybersecurity-professionals
Cyber Threat Intelligence Integration Center Preview
https://www.bluemt.com/cyber-threat-intelligence-integration-center-preview/
Cloud Moves in 1-2-3
https://www.bluemt.com/cloud-moves-in-1-2-3/
Change Management for Disaster Recovery
https://www.bluemt.com/change-management-for-disaster-recovery/

71. From the Blue Mountain Data Systems Blog
Jeffersonian Advice For C-Suite Career Advancement
https://www.bluemt.com/jeffersonian-advice-for-c-suite-career-advancement/
Ways To Survive The “Mobile-Pocalypse”
https://www.bluemt.com/ways-to-survive-the-mobile-pocalypse/
Microsoft Cloud Services Receive FedRAMP Authority to Operate
https://www.bluemt.com/microsoft-cloud-services-receive-fedramp-authority-
to-operate/
Hiring Pentesters? Here Are 10 Things You Need to Know
https://www.bluemt.com/hiring-pentesters-here-are-10-things-you-need-to-
know/

72. From the Blue Mountain Data Systems Blog
Home Router Malware Alert
https://www.bluemt.com/home-router-malware-alert/
Threat Model Deconstruction
https://www.bluemt.com/threat-model-deconstruction/
Business Email Scam Nets $214 Million
https://www.bluemt.com/business-email-scam-nets-214-million/
How to Prevent Unauthorized Software from Taking Over Your Organization
https://www.bluemt.com/the-cios-guide-to-happy-end-users-2/

73. From the Blue Mountain Data Systems Blog
Digital Marketing Predictions for 2015
https://www.bluemt.com/digital-marketing-predictions-for-2015/
SDN: Network Administrator’s Friend or Foe?
https://www.bluemt.com/sdn-network-administrators-friend-or-foe/
Mobile Payments: A Must for Federal Agencies
https://www.bluemt.com/mobile-payments-a-must-for-federal-agencies/
Soft Skills Are A Must-Have For Careers In IT
https://www.bluemt.com/soft-skills-are-a-must-have-for-careers-in-it/

74. From the Blue Mountain Data Systems Blog
Security Risks Most Prevalent in Younger Workers
https://www.bluemt.com/security-risks-most-prevalent-in-younger-workers/
The Security World’s Maturation
https://www.bluemt.com/the-security-worlds-maturation/
Data Breach Concerns Keep CISOs Up At Night
https://www.bluemt.com/data-breach-concerns-keep-cisos-up-at-night/
Personalized Govt Equals Instant Gratification for Citizens
https://www.bluemt.com/personalized-govt-equals-instant-gratification-for-
citizens/

75. From the Blue Mountain Data Systems Blog
People-Centric Security
https://www.bluemt.com/people-centric-security/
Pentagon Tries BYOD To Strike Work/Life Balance
https://www.bluemt.com/pentagon-tries-byod-to-strike-worklife-balance/
Open Source Model Considered for MS Windows
https://www.bluemt.com/open-source-model-considered-for-ms-windows/
Open Internet: To Be or Not to Be?
https://www.bluemt.com/open-internet-to-be-or-not-to-be/

76. From the Blue Mountain Data Systems Blog
Malware Stays A Step Ahead Infecting One Third of Websites
https://www.bluemt.com/malware-stays-a-step-ahead-infecting-one-third-of-
websites/
Machine-Generated Data: Potential Goldmine for the CIO
https://www.bluemt.com/machine-generated-data-potential-goldmine-for-the-
cio/
Government Legacy Programs: Reuse vs. Replacement
https://www.bluemt.com/government-legacy-programs-reuse-vs-replacement/
It Takes a Whole Village to Protect Networks and Systems
https://www.bluemt.com/it-takes-a-whole-village-to-protect-networks-and-
systems/

77. From the Blue Mountain Data Systems Blog
Governance For the CIO
https://www.bluemt.com/governance-for-the-cio/
Help Desk Consolidation – Lessons Learned
https://www.bluemt.com/help-desk-consolidation-lessons-learned/
One Year Later, Companies Still Vulnerable to Heartbleed
https://www.bluemt.com/one-year-later-companies-still-vulnerable-to-
heartbleed/
Federal Projects Cultivate Worker Passion
https://www.bluemt.com/federal-projects-cultivate-worker-passion-2/

78. ABOUT US
Blue Mountain Data Systems Inc.
Blue Mountain Data Systems Inc. is dedicated to application
and systems development, electronic document management,
IT security support, and the automation of workflow processes.
Read more about our experience here:
>> http://bluemt.com/experience

79. Recent Experience
U.S. Dept. of Labor
Employee Benefits Security Administration
1994 to Present
Responsible to the Office of Technology and Information Systems for information
systems architecture, planning, applications development, networking,
administration and IT security, supporting the enforcement of Title I of the
Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue
Mountain is responsible for design, development and support for its various
enforcement database management systems, as well as all case tracking and
customer service inquiry systems. Blue Mountain also provides IT security services
to the EBSA, in the form of FISMA Assessment and Authorization, System Security
Plans, Risk and vulnerability assessments, monitoring and investigation support.

80. MANAGEMENT
Paul T. Vesely
Founder, President, CEO and Principal Architect
Mr. Vesely is a recognized thought leader in systems
architecture and delivery, having designed and
delivered many enterprise wide information and
document management solutions. Mr. Vesely’s history
includes 33 years experience in the information
systems industry, with Unisys, Grumman, PRC and a
host of clients in both government and private sectors.

81. CONTACT US
Contact Us Today to Discuss Your Next IT Project
HEADQUARTERS
366 Victory Drive
Herndon, VA 20170
PHONE 703-502-3416
FAX 703-745-9110
EMAIL
paul@bluemt.com
WEB
https://www.bluemt.com