Tech Update Summary from Blue Mountain Data Systems September 2016

Tech Update Summary
September 2016
Blue Mountain Data Systems

For CTOs, CIOs & CISOs
Visit Blue Mountain Data Systems
https://www.bluemt.com

For CTOs, CIOs & CISOs
Every business day, we publish a Daily Tech Update for Federal & State CTOs ,CIOs & CISOs on the Blue
Mountain Data Systems Blog. We hope you will visit our blog for the latest information.
You can also receive these updates via email. Click here to subscribe.
Here’s the summary of the Daily Tech Updates for September 2016. Hope the information and ideas
prove useful.
Best,
Paul Vesely
President and Principal Architect
Blue Mountain Data Systems Inc.

Federal, State & Local IT
FEDERAL: 3 Ways Governments Are Working to Make Broadband Universally
Accessible. Broadband is commonly described as a critical piece of modern
infrastructure. Here’s how a city, a state and a school district are working to make
sure everyone has access. Read more
[GOVTECH.COM]
STATE: Texas Makes Major Progress on IT Consolidation. Like many states, Texas is
battling against an aging IT infrastructure in an age where agility, reduced
complexity and transparency are king. That’s why as part of its consolidation
efforts, the state has also implemented a hardware refresh policy. The Lone Star
State is already three-quarters of the way through its IT consolidation efforts,
which other states can derive lessons from. Find out more
[STATETECHMAGAZINE.COM]

LOCAL: A Blueprint for Crisis Communications in Local Government. Does your
team have contingency plans for how the chain of command and the flow of
information will work, including if certain members are unavailable? Advance
visioning is crucial to making sure you’re prepared to help when the unthinkable
takes place. Read more
[GOVTECH.COM]

COLLABORATION: Technology Gives Police and Public Safety Agencies the Upper
Hand. Cities put common IT infrastructure to work in the ongoing effort to prevent
and reduce criminal activity. When a suspicious person or activity happens at
Newburgh, N.Y.’s City Hall, police are notified directly. City employees can push a
button to silently page the nearby police department in an emergency, one of
many new features available since the city upgraded its communications
infrastructure, adding new IP phones, paging and emergency notification software
on top of a new Cisco Systems phone system. Find out more

Encyption
OPINION: The Long War on Encryption. Should the FBI be able to access any
communication? And will quantum cryptography break all of security? Read more
[PCMAG.COM]
CLOUDFLARE: Launches a Three-Pronged Attack to Encrypt the Entire Web. The
push for web encryption, or HTTPS, is a crucial, attainable step in improving the
Internet’s privacy and security. And ideally, we’d encrypt the entire web, as some
organizations are trying to do. But upgrading the whole Internet is complicated,
and adding encryption isn’t just an on-or-off switch. Some encrypted sites are
faster and more efficient than others. Some are only partially encrypted. So
Cloudflare – a company that touches an enormous fraction of the web – is working
in that messy gray area to encrypt as much errant web traffic as possible. Find out
more
[WIRED.COM]

Encyption
SECURITY: Scientists Demonstrate Long Distance Quantum Communication.
Scientists have shown that some subatomic particles exhibit quantum
entanglement, which potentially enables unhackable communications that may be
able to travel faster than the speed of light. Find out more
[EWEEK.COM]
CHROME: Chrome Cracks Down on Sites that Don’t Use Encryption. A special
warning will alert users when sites aren’t using HTTPS beginning in Chrome 56, the
version to be released in January 2017. Read the rest
[ENGADGET.COM]

Databases
GRAPH: IBM Releases Graph, a Service That Can Outperform SQL Databases. IBM
has announced the general availability of Graph, a service for the Bluemix cloud
offering that the company said helps set up a relatively new, high-performing type
of database. Graph databases differ from traditional SQL databases in that they
store both data and the relationships among the data. The relationships among
data points are as important as the data points themselves. Unlike SQL databases,
which can require complex queries to extract conclusions from data, graph
databases execute queries more efficiently, and their advantage over SQL
databases increases with the complexity of the query. Graph databases, which
have become more popular in the last decade, are often used in apps that make
recommendations about music or restaurants. Read the rest
[GEEKWIRE.COM]

Databases
ADMINS: It’s the Data, Stupid – Why Database Admins Are More Important Than
Ever. It may not be all about the tables anymore, but the DBA role is still essential –
even if the person doing it doesn’t have the title. Specialized databases, cloud, and
DevOps expand, not eliminate, the role of the DBA. Find out more
[ARSTECHNICA.COM]
NoSQL: Three NoSQL Databases You’ve Never Heard Of. There’s a certain class of
data problem that is elegantly addressed by NoSQL databases, which is why the
market for NoSQL databases is growing faster than the overall market. The market
is led by the Big Four, including Couchbase, Datastax, MarkLogic, and MongoDB,
but there’s a long tail of other players in the NoSQL market, including some older
products that are still going strong. Read more
[DATANAMI.COM]

Databases
OPEN SOURCE: Why Open Source Graph Databases Are Catching On. Graph
databases, which use graph structures for semantic queries, came into prominence
through social networks like Facebook and Twitter. But they’re used for far more
now than just linking connections between friends and relatives. Read more
[ENTERPRISEAPPSTODAY.COM]

Databases
GOOGLE: Cloud Databases Reach General Availability. Emerging from beta,
Google’s cloud databases are ready for business workloads. Cloud SQL, Cloud
Bigtable, and Cloud Datastore — databases offered through the Google Cloud
Platform (GCP) — are set to shed their beta designation, a scarlet letter among
enterprises, and enter general availability. In so doing, they will qualify for SLAs like
other production-ready GCP services. Read more
[INFORMATIONWEEK.COM]

Databases
GRAPH: 5 Factors Driving the Graph Database Explosion. There’s no denying it:
Graph databases are hot. Graph databases have outgrown every other type of
database in popularity since 2013, and not by a small margin either. It’s clear that
developers, data scientists, and IT pros are just beginning to explore the potential
of graph databases to solve new classes of big data analytic and transaction
challenges. Find out more
[DATANAMI.COM]
NoSQL: Current State of NoSQL Databases. With the emergence of time series data
being generated from Internet of Things (IoT) devices and sensors, it’s important to
take a look at the current state of NoSQL databases and learn about what’s
happening now and what’s coming up in the future for these databases. Read
more
[INFOQ.COM]

Databases
NoSQL: NoSQL Databases – An Enterprise Necessity. Relational databases have
long been a staple in enterprise IT. But demand for different kinds of databases has
grown in recent years. And, according to a new Forrester Wave report, “NoSQL is
not an option — it has become a necessity to support next-generation
applications.” Read more
CLOUD: Google Says Its Databases Are Enterprise Ready. Google is continuing its
campaign to entice enterprises to its public cloud platform by rolling out database
services stable enough to serve businesses’ production workloads. The company
announced the general availability of three database-focused products: the second
generation of Cloud SQL, its managed database service; Cloud Datastore, its NoSQL
document database; and Cloud Bigtable, its NoSQL database service that powers
products like Gmail. Each of those products has a service level agreement
associated with it, guaranteeing a certain amount of availability. Find out more
[COMPUTERWORLD.COM]

Databases
MICROSOFT: Introduction to SQL Server Containers. In the Fall of 2014, Microsoft
announced plans to add Docker container support to Windows Server 2016. The
announcement added emphasis to Microsoft’s growing focus on Linux and open
source tooling. In the months that followed, .NET core was open sourced,
Microsoft and Red Hat formed an alliance, and plans to port SQL Server to Linux
were announced. Containers are just around the corner for the Windows
community, so let’s take a closer look at the use of SQL Server containers. Read
more
[INFOQ.COM]
VIDEO: Using JSON in SQL Server 2016 and Azure SQL Database. Find out why JSON
support was added to SQL Server 2016 and the Azure SQL Database as well as best
practices on how to work with JSON data. Find out more
[CHANNEL9.MSDN.COM]

More About Blue Mountain
BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S.
Dept. of Labor, Employee Benefits Security Administration. Responsible to the
Office of Technology and Information Systems for information systems
architecture, planning, applications development, networking, administration and
IT security, supporting the enforcement of Title I of the Employee Retirement
Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for
design, development and support for its various enforcement database
management systems, as well as all case tracking and customer service inquiry
systems. Blue Mountain also provides IT security services to the EBSA, in the form
of FISMA Assessment and Authorization, System Security Plans, Risk and
vulnerability assessments, monitoring and investigation support. Read more.

Electronic Document Management

SECURE DOCUMENTS: 18 Ways to Secure Your Electronic Documents. Electronic
Document Management Systems (EDMS) are electronic repositories designed to
provide organized, readily retrievable, collections of information for the life cycle of
the documents. How can you keep these electronic files secure during the entire
chain of custody? Here are 18 security suggestions. Read more
[BLUEMT.COM]
LEGAL DEPT DOCUMENT MANAGEMENT: Investing in New Technologies: How
Corporate Legal Departments Are Leading the Way. Many departments are looking
to technology to assist with automation of processes, resource and budgetary
management, and tracking. Connie Brenton, co-founder of Corporate Legal
Operations Consortium (CLOC), a non-profit association of legal operations
executives, explains, “Corporate executives expect the GC’s office to be a business
counselor to the firm, and to discuss numbers, data and analytics. Efficiency is now
essential for legal departments, and this has advanced software’s role and
accelerated technology adoption.” Find out more
[INSIDECOUNSEL.COM]

CFPB: Looks to Embrace Cloud for Email, Office Application Needs. The Consumer
Financial Protection Bureau wants to move to a public cloud setup for some of its
core enterprise apps. The financial watchdog agency recently sent out a Request
for Information (RFI) on the process, technical requirements and costs of moving to
cloud services in fiscal year 2017. CFPB wants to establish a more complete
understanding on the costs associated with moving fully to a cloud solution for
email and office applications (e.g., documents, spreadsheets, presentations,
SharePoint and more).Read the rest
[FEDTECHMAGAZINE.COM]

ROI: 4 Ways Business Document Management Software Can Save You Money. Lisa
Croft, Group Product Marketing Manager at Adobe Document Cloud, talks about
the many ways business document management can save your company time,
space, and more importantly, loads of money. Here are the four most obvious ways
these tools provide excellent return-on-investment. Read more
[PCMAG.COM]

Security Patches
ANDROID: Google Fixes Final ‘Quadrooter’ Flaws with New Security Patch. In the latest
round of Android security fixes, the company fixed two remaining flaws that were part
of the so-called “Quadrooter” set of vulnerabilities announced last month. Quadrooter
was particularly troublesome because the set of four flaws (hence the name “quad”)
affected at least 900 million Android devices. These high-risk vulnerabilities would
allow a dedicated and well-trained attacker to gain complete access to an affected
phone and its data. Read more
[ZDNET.COM]
OS X: New OS X Security Updates Patch Same Zero-Days as iOS 9.3.5. Apple released
iOS 9.3.5 to patch three zero-day bugs that could be used to access personal data on an
infected phone. Dubbed “Trident,” the bugs were used to create spyware called
Pegasus that was used to target at least one political dissident in the United Arab
Emirates. Find out more
[ARSTECHNICA.COM]

Security Patches
MICROSOFT: Microsoft to End Decades-old Pick-a-Patch Practice in Windows 7.
Microsoft announced that beginning in October it will offer only cumulative
security updates for Windows 7 and 8.1, ending the decades-old practice of letting
customers choose which patches they apply. Read more
[COMPUTERWORLD.COM]
WORDPRESS: Critical Security Holes Affecting Thousands of Websites. WordPress
4.6.1 is now available and it patches two security flaws that put thousands of
websites at risk. The first flaw, a cross-site scripting vulnerability, was discovered
in June by security researcher Cengiz Han. This flaw allows an attacker to upload a
specially crafted image to a WordPress site then inject malicious JavaScript code
to steal login credentials, session tokens or to remotely execute more malicious
code. The second flaw is a path traversal vulnerability in the upgrade package
uploader discovered by Dominik Schilling of WordPress’ own security team.
Find out more
[KOMANDO.COM]

For the CIO, CTO & CISO
CIO: What Does Innovation Look Like? Everyone talks about innovation, but
quantifying it can be a bit, well, fuzzy. Here three CIOs put innovation into more
concrete terms. Read more
[CIO.COM]
CTO: Microsoft Azure’s CTO Wants Blockchain to Connect Every Industry. Microsoft
Azure CTO Mark Russinovich envisions a world where every industry is involved in a
blockchain consortium. In fact, since the network effect of a blockchain is only
amplified by the number of participants, he thinks this future will prove inevitable
as companies seek efficiency in numbers. And there’s evidence so far to suggest
that Russinovich is right. Find out more
[COINDESK.COM]

CIO, CTO & CISO
CISO: OMB Taps Current Fed to Fill Federal CISO Role. Seven months after
President Barack Obama announced he would be appointing a federal chief
information security officer to act as the point person on agency cybersecurity,
the administration named Gregory Touhill as the first to occupy the post. Touhill
is currently the deputy assistant secretary for cybersecurity and communications
in Homeland Security’s Office of Cybersecurity and Communications. Read more
[FEDERALTIMES.COM]
CTO: Use Ransomware to Get Security Buy-in, says Trend Micro CTO.
Ransomware is one of the top cyber threats to business, but organisations
should use that to engage stakeholders and review processes and defences, says
Trend Micro CTO Raimund Genes. Find out more
[COMPUTERWEEKLY.COM]

Penetration Testing
ANALYTICS: The New Security Mindset: Embrace Analytics To Mitigate Risk.
Merely conducting a penetration test may find a weakness. But conducting a
creative analysis of the network and carefully analyzing the results will truly
identify key areas of risk. Security professionals who can sniff out abnormalities
in their IT network and applications can foil intruders’ plans before they escalate.
This is a far different approach than simply finding a single weakness and then
declaring “mission accomplished.” Read more
[DARKREADING.COM]

Penetration Testing
HOW TO: Respond to Social Engineering Incidents: An Expert Interview. Steven
Fox is a top government cybersecurity expert, Distinguished Fellow with the
Ponemon Institute and frequent speaker at top security events all over America.
In this exclusive interview, Steven shares several low-tech but sophisticated
social engineering techniques that hackers use to gain (unauthorized) privileged
access into government systems and large and small company networks. Most
important, what can we do to prevent fraud and respond to incidents that do
occur? Find out more
[GOVTECH.COM]
TOOL: Where’s the BeEF? BeEF is short for The Browser Exploitation Framework.
It is a penetration testing tool that focuses on the web browser. Read more
[GITHUB.COM]

Penetration Testing
RISK MANAGEMENT: The Truth About Penetration Testing Vs. Vulnerability
Assessments. Vulnerability assessments are often confused with penetration
tests. In fact, the two terms are often used interchangeably, but they are worlds
apart. To strengthen an organization’s cyber risk posture, it is essential to not
only test for vulnerabilities, but also assess whether vulnerabilities are actually
exploitable and what risks they represent. To increase an organization’s
resilience against cyber-attacks, it is essential to understand the inter-
relationships between vulnerability assessment, penetration test, and a cyber
risk analysis. Find out more
[SECURITYWEEK.COM]

Open Source
GOOGLE: How Google Uses and Contributes to Open Source. Engineer Marc
Merlin has been working at Google since 2001 but has been involved with Linux
since 1993. Since then, open source adoption has dramatically increased, but a
new challenge is emerging: Not many companies care about the license side of
open source, Merlin stated in his talk “How Google Uses and Contributes to
Open Source” at LinuxCon and ContainerCon North America. Read more
[LINUX.COM]
DOS: Keeping DOS Alive and Kicking with Open Source. DOS is still alive and well
in the form of FreeDOS, an open source operating system maintained by Jim Hall
and a team of dedicated developers who are keeping the DOS legacy alive well
into the twenty-first century. And more than simply an existing code base,
FreeDOS is still being actively developed and is approaching a new release in the
near future. Find out more
[OPENSOURCE.COM]

Open Source
MICROSOFT: Microsoft Open-Sources Bing Components for Fast Code
Compilation. Engineers at Microsoft have started to provide code and details
about the BitFunnel full-text search system used to power Bing. The pieces
available so far are minimal, but one of them — an open source just-in-time
compiler — hints at applications beyond search systems. Read more
[INFOWORLD.COM]
DOCUMENTS: The Rise of the Shareable Document. Higher education is
increasingly embracing different concepts of openness, from open access to
open education resources (OER). But where does that other open concept –
open source – fit into this model? Open source represents the best way to
ensure these materials can be easily modified, without risk of material suddenly
becoming unchangeable or inaccessible. Find out more
[OPENSOURCE.COM]

Business Intelligence
APPS: Business Intelligence Apps Are Moving Beyond IT To Reach Business Users
Directly. Senior executives have long had access to BI through dashboards, along
with data scientists to interpret it for them. Increasingly, BI is moving out to provide
direct access to users throughout the organization. Read more
[FORBES.COM]
APPS ECONOMY: Microsoft And Adobe Combine Clouds To Provide Sales And
Marketing Intelligence. Two of the world’s biggest marketing and sales platforms
are getting together. Earlier this week, at Microsoft Ignite in Atlanta, Microsoft said
that it will enter into a strategic partnership with Adobe. Adobe will make the
Microsoft Azure cloud platform its preferred cloud provider while Microsoft will
make the Adobe Marketing Cloud its preferred marketing service for Dynamics 365
Enterprise edition. Find out more
[ARC.APPLAUSE.COM]

Business Intelligence
ORACLE: Bolsters Cloud Gambit With Expanded Analytics. As it looks to challenge
public cloud leader Amazon Web Services, Oracle Corp. is rolling out an analytics
package spanning data services, applications and infrastructure. Oracle unveiled its
analytics cloud during a company event used by company cofounder and CTO Larry
Ellison to declare the database giant was taking on AWS with an upgraded cloud
infrastructure. One goal is to enticing developers to run applications such as data
analytics in its datacenters. Find out more
[DATANAMI.COM]
FEDERAL GOVT: 12 Ways to Empower Government Users With the Microsoft
Business Intelligence (MBI) Stack. Your agency’s use of Microsoft Business
Intelligence (MBI) tools and reporting services help advance your organization’s ROI
& autonomy for your users. Read the rest
[BLUEMT.COM]

Operating Systems
LINUX: 10 Best Password Managers For Linux Operating Systems. With so many
online accounts on the internet, it can be tediously difficult to remember all your
passwords. Many people write them down or store them in a document, but that’s
plain insecure. There are many password managers for Windows and OS X, but here
is a look at some of the best password managers for Linux. Read more
[FOSSBYTES.COM]
APPLE: Apple’s iOS 10 Adoption Rate Nears 20% In Just Two Days. Apple’s new
mobile operating system iOS 10 has only been available for a couple of days, but it’s
already catching on among iPhone and iPad owners. Apple’s iOS 10 is now running
on 19.9% of all iOS devices, according to Mixpanel, an analytics company that
claims to have generated the findings from more than 183 billion “records” on
devices around the world. Meanwhile, iOS 9, the operating system that Apple
launched last year that had been running on more than 90% of iOS devices, is now
on 75% of Apple products currently in use. Read the rest
[FORTUNE.COM]

Operating Systems
ANDROID: Android 7.0 Nougat Could Support Dual Boot Platforms. One of the
more exciting – and yet not so much talked about – features of Android 7.0 Nougat
is seamless updating. This concept was originally taken from Google’s own Chrome
OS. It’s a way of streamlining how quickly the latest version of the Android OS,
either a security patch, an quarterly interim update or a whole new version of the
operating system is applied. Current devices perform system updates onto the
/system partition, but need exclusive file access to this part of the device; this is
why we see the little green Android on his back for several minutes during the
update process. Seamless updates removes this delay because the Android device
maintains two operating system partitions and applies operating system updates to
the unused partition. Then, when it has completed, it asks the user to reboot and as
a part of the boot process. Chrome OS’ seamless updating technology works by
swapping partitions out during the reboot process. The result is that a version
update takes at most twelve seconds of the user’s time. Find out more
[ANDROIDHEADLINES.COM]

Operating Systems
COMPUTER SECURITY: Hacker-Proof Code Confirmed. Computer scientists can
prove certain programs to be error-free with the same certainty that
mathematicians prove theorems. The advances are being used to secure everything
from unmanned drones to the internet. Read the rest
[QUANTAMAGAZINE.ORG]

Incident Response
OPINION: Keeping Up with Incident Response. Enterprise organizations are forced
to ignore security alerts, live with excess risk, and deal with data breaches reactively
when they happen. On any given day, enterprises face a cacophony of security
alerts that need further investigation, but they tend to lack the skills and resources
to look into each one. Read more
[NETWORKWORLD.COM]
GOVERNMENT CLOUD: Protecting Government Cloud Information with Incident
Response. The cloud offers a variety of innovative ways to improve productivity,
engage users and enhance a government agency’s effectiveness. However, for IT
departments, moving government information to the cloud brings many new
challenges, including dependence on a cloud service provider to fix critical
problems. Find out more
[GCN.COM]

Incident Response
WEBINAR: How to Do More with Less for a Better Incident Response. A shortage of
skilled security staff, and criminals finding new ways to infiltrate corporate
networks, is causing security alert fatigue at many organizations. Too many alerts
and too few staff members to give all of these potential infiltrations the attention
they deserve is resulting in staff cutting corners – at times processing only 5% to
10% of security alerts – in an attempt to keep up. In this webinar on September
28th, Duane Kuroda will shine a light on this problem and provide best practices to
help you take charge. Results of a just-completed survey of your peers about the
state of the problem will be shared, as well as actionable tips and tricks, to help you
begin to gain control of your incident response process and keep you secured
against advanced threats. Find out more
[WEBINAR.DARKREADING.COM]

Incident Response
RESEARCH REPORT: Universities, not Health Care Systems, Facing Highest Number
of Ransomware Attacks. The prevalence of and damage caused by ransomware-
style cyberattacks is greater in the education sector than any other industry,
according to a newly released research report by security ratings firm BitSight. Read
the rest
[FEDSCOOP.COM]

Incident Response
SOLUTION: Orchestrating Security Intelligence for Faster and More Effective
Incident Response. Today’s sophisticated, targeted attacks, coupled with increasing
network complexity, mobility and the phenomenal growth of non-traditional
devices can present incredibly difficult challenges. Nobody can afford to have an
incident response system that isn’t using all of its intelligence and powers of
communication. A new type of cyber security solution is required - one that goes
well beyond traditional network access control (NAC) capabilities. Find out more
[ITPROPORTAL.COM]

Tech Research News
MIT: Cache Management Improved Once Again. New version of breakthrough
memory management scheme better accommodates commercial chips. A year
ago, researchers from MIT’s Computer Science and Artificial Intelligence
Laboratory unveiled a fundamentally new way of managing memory on
computer chips, one that would use circuit space much more efficiently as chips
continue to comprise more and more cores, or processing units. In chips with
hundreds of cores, the researchers’ scheme could free up somewhere between
15 and 25 percent of on-chip memory, enabling much more efficient
computation. Their scheme, however, assumed a certain type of computational
behavior that most modern chips do not, in fact, enforce. Last week, at the
International Conference on Parallel Architectures and Compilation Techniques –
the same conference where they first reported their scheme – the researchers
presented an updated version that’s more consistent with existing chip designs
and has a few additional improvements. Read more
[NEWS.MIT.EDU]

Tech Research News
REPORT: Digital Readiness Gaps. According to Pew Research Center, Americans
fall along a spectrum of preparedness when it comes to using tech tools to
pursue learning online, and many are not eager or ready to take the plunge. Find
out more
[PEWINTERNET.ORG]
DOD: Ashton Carter – Cyber Tech, Automation, Biological Research Essential for
DoD Missions. Defense Secretary Ashton Carter has said automated systems,
cyber technology and biological research efforts are necessary to keep the
Defense Department moving forward. Find out more
[EXECUTIVEGOV.COM]

Tech Research News
FITNESS TRACKING: Weight Loss On Your Wrist? Fitness Trackers May Not Help.
Fitness trackers remain wildly popular, but do they make us fit? Maybe not,
according to a study that asked overweight or obese young adults to use the tiny
tracking tools to lose weight. Read the rest
[NPR.ORG]

Search Technology
SOLR: Not Just For Text Anymore. When Solr came out, it was supposed to be an
OpenSource text search engine. Now it has a big place in Big Data. Read what
Ness's CTO, Moshe Kranc has to say about how it has evolved. Read more
[DZONE.COM]
INGALLS: Spring Data 'Ingalls' Release Train Leaves Station. The Spring Data team
has announced the first milestone release of the Ingalls Release Train. This
coordinated release of subprojects under the Spring Data umbrella ships with 230
fixes and a number of new features. Find out more
[ADTMAG.COM]

Search Technology
GOOGLE: Announces New Cloud Natural Language API While Cloud Search API Goes
Beta. Google says that the Cloud Natural Language API gives developers access to
three Google-powered engines– sentiment analysis, entity recognition, and syntax
analysis. The service is currently available in open beta and is based on the
company’s natural language understanding research. It will initially support three
languages– English, Spanish and Japanese and will help developers reveal the
structure and meaning of your text in the given language. Read more
[THETECHPORTAL.COM]
AMAZON: Amazon EC2 Container Service Now Supports Networking Modes and
Memory Reservation. Docker networks provide isolation for your containers. It is
important to have control over the networks your applications run on. With
Amazon ECS, you can now specify an optional networking mode for your containers
that cater towards different use cases. Find out more
[DABCC.COM]

Application Development
IoT: Why App Development Is The Key To Unlocking The IoT Vault. Solution
providers are positioning themselves for success in the lucrative Internet of Things
market by bolstering their application development teams. Companies bringing IoT
solutions to market face several hurdles, including interoperability, security and
data management challenges – and staffing up with IoT application developers is
critical for tackling these issues. Read more
[CRN.COM]
SDKS: How Imaging SDKs Can Solve Today’s Application Development Challenges. In
a mobile-first world, developers understand the importance of creating a next-
generation app that fits in with client or user expectations. Developers should
consider the myriad of SDK options if they want to improve functionality for the
user, especially imaging SDKs. Although they are a niche market, these SDKs can
add better imaging capabilities and target industry-related problems that
companies are trying to tackle. Find out more
[SDTIMES.COM]

Application Development
SECURITY: Application Security Requires More Talk Than Tech. If you think
application security only involves installing a tool, or scanning a few apps and
moving on, you’re wrong. Application security is a unique security initiative, and its
success hinges on people as much as technology. Read more
[INFOWORLD.COM]
SPEED: How to Speed Enterprise App Development and Meet Digital
Transformation Demands. Low-code platforms are key in accelerating digital
transformation with rapid application development. Find out more
[INFORMATION-AGE.COM]

BYOD
WORKPLACE: The Pros & Cons of BYOD. For a modern-day workplace, a bring-your-
own-device (BYOD) policy is becoming commonplace. Since many organizations are
now assigning corporate devices, such as company-issued smartphones and tablets,
in order to help employees keep up with work and email, it’s natural that some
people may want to use their own device instead. Given that some levels of work can
be readily accessed through any device, it should be an easy step – except that there
are security concerns. Once your employees are granted access to company servers
on their personal devices, sensitive information is at an even greater risk of being
leaked – especially if employees are lax on keeping their device’s security measures
up to date. Read more
[TECH.CO]

BYOD
BEST PRACTICES: For Managing the Security of BYOD Smartphones and Tablets. The
practice of employees using personal phones and tablets at work is already
widespread, with the number of such devices forecast to hit one billion by 2018. The
challenge posed to enterprises by the Bring Your Own Device (BYOD) trend is that it
forces them to keep corporate data safe on a plethora of different mobile computers
that are not directly under IT’s control. Worse, each device can potentially be running
a different OS, with different apps installed and different vulnerabilities. How should
organisations approach the security of these devices in a way that doesn’t interfere
with employees’ ability to work? Read more
[ZDNET.COM]

BYOD
ENTERPRISE: Enterprise Mobile Security Tools May Not Protect BYOD. For employees,
bring-your-own-device workplace policies can increase efficiency and improve
remote work capabilities. For the organization, BYOD can reduce equipment costs,
but it can also open the enterprise up to all sorts of new exploits and breaches. Find
out more
[GCN.COM]
POLICY: Malware and ‘Connection Hijacking’ Remain Biggest BYOD Risks. A new
report from data centre provider CyrusOne outlines malware, device theft and
phishing as among the key risks for organisations looking to implement a bring your
own device (BYOD) policy. Find out more
[APPSTECHNEWS.COM]

Big Data
CASE STUDIES: The Most Practical Big Data Use Cases Of 2016. Bernard Marr,
author of Big Data in Practice, outlines 45 different practical use cases in which
companies have successfully used analytics to deliver extraordinary results. Here
are some of his favorites. Read more
[FORBES.COM]
PODCAST: The State Of Enterprise Big Data. Bill Schmarzo, EMC’s CTO of big data
services spends much of his time helping enterprises with their big data challenges.
Listen to what Bill has to say about the trends and struggles enterprises are facing.
Find out more

Big Data
BEST PRACTICES: Got Big Data? Check Out These 100 Best Practices For Keeping It
Secure. Big data is best known for its volume, variety, and velocity — collectively
referred to as the “3 Vs” — and all three of those traits make security an elusive
goal. Targeting companies grappling with that challenge, the Cloud Security Alliance
has released a new report offering 100 best practices. Read more
[CSOONLINE.COM]
INDUSTRY INSIGHT: How Big Data Can Drive Cost Containment. Many federal
hospitals and health systems look toward the savings they expect from
implementing big data models for health care analytics. However, cost containment
without reducing quality of care is often both a central goal and a lead concern. By
approaching the task properly, federal health care providers can leverage data
analytics to control costs across care delivery and simultaneously account for the
cost of implementation itself. The best place to start is identifying the type of
problem where data analytics will have greatest return on investment.
Find out more
[GCN.COM]

Mobile Applications
FDA: Agency Launches Competition to Spur Innovative Technologies to Help
Reduce Opioid Overdose Deaths. The FDA, with support from the National Institute
on Drug Abuse (NIDA) and the Substance Abuse and Mental Health Services
Administration (SAMHSA), is inviting computer programmers, public health
advocates, clinical researchers, entrepreneurs and innovators from all disciplines to
create a mobile phone application that can connect opioid users experiencing an
overdose with nearby carriers of the prescription drug naloxone – the antidote for
an opioid overdose – thereby increasing the likelihood of timely administration and
overdose reversal. Read more
[FDA.GOV]

Mobile Applications
MANAGEMENT: Organizations Need to Balance Value and Security When
Adopting New Mobile Devices. As new products hit the market, enterprises must
decide whether to introduce the device or wait. Unfortunately, enterprises don’t
have the luxury of constantly equipping their workforce with the latest and greatest
new products. Doing so is not only financially irresponsible, but presents a security
risk if the new technology lacks robust security like multi-factor authentication.
That doesn’t mean new devices cannot be of value. The question is simply when to
incorporate them into the enterprise. Read the rest

Mobile Applications
DHS: Agency Explores Ways to Make Federal Employees’ Mobile Devices Safer.
Congress has tasked the Department of Homeland Security with studying how to
best safeguard smartphones, tablets, mobile applications and wireless networks
used by federal workers. Find out more
[FEDTECHMAGAZINE.COM]
CROSS-PLATFORM DEVELOPMENT: Pros and Cons of Cross-Platform Mobile App
Development. Though creating cross-platform native applications is possible today,
the current state of implementation is far from complete. Most of the mobile apps
are heavy on the GUI (Graphical User Interface) implementation side. Almost all the
critical business application logic resides on the server which is accessed by the
mobile via web services. Since the User Interface (UI) and User Experience Design
(UXD) of iOS and Android are quite different from each other, it’s not an easy task
to create a uniform GUI wrapper on top of it. Read the rest
[INFOQ.ORG]

Personnel Management
STAFF RETENTION: 16 Ways to Retain Technical Staff. A recent study indicates that
companies in the IT industry (amongst the Fortune 500) experience the highest
turnover rate. Good employees quit because they feel undervalued, underwhelmed,
underpaid, or overworked. As a result, employee turnover is costing your
organization more time and money than you think. Believing that technical
employees are “replaceable” may appear to be satisfactory to some firms. In the long
term, however, you may sacrifice more than money; customer satisfaction, business
knowledge, and team morale. Read more
[BLUEMT.COM]

BEST PRACTICES: Managing a Software-as-a-Service Vendor Relationship. Here are
eight tips to make sure your company gets the most out of a SaaS vendor, from the
beginning to the end of the relationship. Find out more
[ZDNET.COM]
LEADERSHIP: How Minimizing Management Supervision Can Maximize Employee
Performance. What if, instead of stretch goals, employees were given goals that only
specify the minimum level of performance outcomes required, and leave everything
else loose or undefined? Sounds impractical, even crazy? Not really if you consider
what’ s changing in today’s workforce. Read more
[FORBES.COM]

REMOTE TEAMS: 13 Tips for Successfully Managing Remote Teams. The advantages
to working remotely are plentiful for telecommuting workers, which include
increased productivity, greater work-life balance, more efficient time management,
fewer out-of-pocket costs, and less stress. Implementing a remote workforce doesn’t
come without its challenges, however. There are four key areas to consider when
building and successfully managing your remote team. Find out more
[REMOTE.CO]

Programming & Scripting Development
Client & Server-Side

JAVASCRIPT: Mozilla Relaunches JavaScript Debugger as Part of Tools Transition
Plan. Debugger.html does away with XUL in favor of the React JavaScript library for
easier changes. Built as a web application using React and the Redux state
container for JavaScript apps, debugger.html ships within Firefox and offers “a
completely new take on the debugger,” said Mozilla’s Bryan Clark, Firefox
developer tools product manager. “Debugger.html rethinks how to write, maintain
and access the debugger yourself.” Still in development, debugger.html will replace
the current debugger in Firefox Developer Tools. Read more
[INFOWORLD.COM]

SWIFT: Apple’s Swift 3.0 Revitalizes the Language but Breaks Backward
Compatibility. Last week Apple, Inc. announced the 3.0 version of its Swift
programming language, which makes for the first major release of the language
since it was open sourced. This release brings major improvements to the core
language, functionality, and major changes to the Linux port of Swift libraries. All
this is nice for programmers working with Swift, however version 3.0 is also not
backward compatible with the previous version 2.3. Read the rest
[SILICONANGLE.COM]
MILK: MIT’s New Programming Language That Makes Code Run 4 Time Faster.
When a program deals with big data, which act on tons of data items spread here
and there, this principle of locality acts as a performance killer that can lead to the
slower execution of a program. To counter this issue, MIT’s Computer Science and
Artificial Intelligence Laboratory (CSAIL) researchers have developed a new
programming language named Milk. Find out more
[FOSSBYTES.COM]

JAVA: Oracle Plans Two Major Java EE Upgrades for the Cloud. Version 8, due in
late 2017, focuses on services configuration and health; Version 9, due a year later,
focuses on smaller services and consistency. Although Java EE already in use in
cloud deployments, Oracle sees a need to better equip it for this paradigm, said
Anil Gaur, Oracle’s group vice president of engineering, at the JavaOne conference
in San Francisco. To this end Java EE 8, which had already been mapped out, will
receive two additional sets of capabilities: one for configuration of services, and
the other for health checking to monitor and manage services communications.
Read the rest
[INFOWORLD.COM]

Cloud Computing
FEDERAL GOVT: Why the U.S. Government Finally Loves Cloud Computing. U.S.
government agencies are moving to cloud computing and away from their own data
centers faster than private corporations, according to several integrators and tech
companies in both sectors. Apparently, the Obama Administration’s “Cloud First
Initiative” announced five years ago is finally kicking in. Read more
[FORTUNE.COM]
CHARTS: The Cloud Computing Industry is Getting Huge, Decimating Sales of On-
Premise Servers. According to research firm Forrester, public-cloud services will grow
at a compounded annual rate of 22 percent between 2015 and 2020, reaching $236
billion. Find out more
[GEEKWIRE.COM]

Cloud Computing
EMPLOYMENT: Cloud Computing Brings Big Centers But Few Jobs to Small Towns. A
giant Microsoft facility just outside Boydton, VA hides behind a quarter-mile berm
and a guard house, across the highway from the rubble of a demolished prison.
Behind the berm, six unmarked hangars each hold tens of thousands of computer
servers. Microsoft has cleared enough scrub trees and vines for at least 15 of these
buildings, and six more are under construction. One thing there isn’t much of at this
Microsoft complex, one single computer data center, is long-term work. Microsoft
says it might have “several dozen” employees in a place like this. They are mostly
elite computer workers who tend not to come from Boydton, which lost a lot of
good jobs when nearby factories closed and the prison shut down. Read more
[SFGATE.COM]

Cloud Computing
PREDICTION: 60% of Workloads Running in Cloud by 2018 – and the Rise of Cloud-
First. According to the latest forecast from 451 Research, three in five enterprise
workloads will run in the cloud by mid-2018, up from two in five (41%) today. The
analyst firm argues there will be strong growth in particular enterprise workload
categories, including data and analytics and business applications. In the same
timeframe, almost a quarter (23%) of enterprise workloads will be software as a
service (SaaS), compared to 12% for IaaS. 451 argues that IaaS will be the highest
growing segment, and despite the ‘hype and attention’ associated with it comprises
only 6% of workloads today. Find out more
[CLOUDCOMPUTING-NEWS.COM]

Personal Tech
GOOGLE: Personalized Traffic Alerts From Google. Google pulls in traffic data from
multiple sources for its Maps app, including information from police and local
transportation departments. Many reports concerning real-time events – like cars
stopped on the highway shoulder, debris on the road, construction, congestion
and accidents – come from the users of its Waze service. Read more
[NYTIMES.COM]
MOBILE PHONES: Give Old iPhones and iPads a New Lease on Life. Save money
and spare landfills by putting old smartphones and tablets to work as home
security systems, picture frames, alarm clocks and more. Read more
[WSJ.COM]

Personal Tech
OFF TO COLLEGE: Maybe These Devices Should Go Along. Back-to-school shopping
for technology gadgets has become increasingly complex for parents. In the past, the
dilemma for most students was whether to get a Windows PC or a Mac. Now,
because of a proliferation of different computing forms with the rise of mobile
devices, the debate has shifted toward whether to buy a computer or a tablet – and
which operating system on top of that. Here’s a guide to some of the best back-to-
school products, including computers, mobile devices, audio accessories and food
gadgets. Find out more
[NYTIMES.COM]

Personal Tech
PRESENTATIONS: The Best Apps for Improving Your Public Speaking. Americans
supposedly fear it more than death: public speaking. Does your smartphone hold
the cure? Now there are apps that can help shore up the delivery: settle your nerves
a bit, keep you within your time limit, help you to not get lost. You can also
download a teleprompter onto your phone. Find out more
[TOPTECHNEWS.COM]

IT Security | Cybersecurity
CLOUD: How Cloud, Mobile Are Changing IT, Security Management. The evolution of
technology is changing the role of IT and security pros as more employees use cloud
apps and connect personal devices to corporate networks. Read more
[DARKREADING.COM]
QUESTIONS: Time to Kill Security Questions – or Answer Them With Lies. The notion
of using robust, random passwords has become all but mainstream—by now anyone
with an inkling of security sense knows that “password1” and “1234567” aren’t
doing them any favors. But even as password security improves, there’s something
even more problematic that underlies them: security questions.. Find out more
[WIRED.COM]

NETWORKS: Federal Cyber Incidents Grew an Astounding 1,300% Between 2006 and
2015. GAO report says Federal networks are highly complex and dynamic,
technologically diverse, and geographically dispersed making them hard to protect.
Find out more
[NETWORKWORLD.COM]
COMPLIANCE MONITORING: 10 Best Practices for Security, Compliance Monitoring.
One of biggest challenges big data providers face as they migrate to the cloud is
ensuring real-time security and compliance monitoring. Here are some best
practices to consider. Read the rest
[CHANNELINSIDER.COM]

ANALYTICS: Introducing Deep Learning: Boosting Cybersecurity With An Artificial
Brain. With nearly the same speed and precision that the human eye can identify a
water bottle, the technology of deep learning is enabling the detection of malicious
activity at the point of entry in real-time. Read more
[DARKREADING.COM]
ANDROID: New Malware Targets Android Banking Apps, Cybersecurity Group Says.
According to Kaspersky Lab the malicious software sidesteps security features on
version 6 of the Android mobile-phone operating system. Find out more
[WSJ.COM]

VIDEO: John McAfee: U.S. Is Not No. 1 in Cybersecurity. John McAfee, McAfee
Associates founder and MGT Capital chief executive officer, comments on
cybersecurity risks during an interview with Bloomberg’s Kathleen Hays on
“Bloomberg Markets.” Read more
[BLOOMBERG.COM]
BEST PRACTICES: How Municipal Utilities Can Implement Cybersecurity Best
Practices. Critical municipal utility infrastructure remains a prime target for criminal
hackers. Arm yourself with these best practices. Find out more

From the Blue Mountain Data Systems Blog
Three-Dimensional Governance for the CIO
https://www.bluemt.com/three-dimensional-governance-for-the-cio
7 Reasons to Take Control of IT Incidents
https://www.bluemt.com/7-reasons-to-take-control-of-it-incidents/
Breach Mitigation Response Time Too Long, Survey Says
https://www.bluemt.com/breach-mitigation-response-time-too-long-survey-
says/
Six Tactics for Cyberdefense
https://www.bluemt.com/six-tactics-for-cyberdefense/

Feds Report Mixed Responses to Shared Services
https://www.bluemt.com/feds-report-mixed-responses-to-shared-services
Federal Employees Are Not Security Experts
https://www.bluemt.com/federal-employees-are-not-security-experts
Survival Guide for Network Administrators
https://www.bluemt.com/survival-guide-for-network-administrators
DBaaS: OpenStack Trove Changes DB Management
https://www.bluemt.com/dbaas-openstack-trove-changes-db-management

Help Wanted: Certified Cybersecurity Professionals
https://www.bluemt.com/help-wanted-certified-cybersecurity-professionals
Cyber Threat Intelligence Integration Center Preview
https://www.bluemt.com/cyber-threat-intelligence-integration-center-preview/
Cloud Moves in 1-2-3
https://www.bluemt.com/cloud-moves-in-1-2-3/
Change Management for Disaster Recovery
https://www.bluemt.com/change-management-for-disaster-recovery/

Jeffersonian Advice For C-Suite Career Advancement
https://www.bluemt.com/jeffersonian-advice-for-c-suite-career-advancement/
Ways To Survive The “Mobile-Pocalypse”
https://www.bluemt.com/ways-to-survive-the-mobile-pocalypse/
Microsoft Cloud Services Receive FedRAMP Authority to Operate
https://www.bluemt.com/microsoft-cloud-services-receive-fedramp-authority-
to-operate/
Hiring Pentesters? Here Are 10 Things You Need to Know
https://www.bluemt.com/hiring-pentesters-here-are-10-things-you-need-to-
know/

Home Router Malware Alert
https://www.bluemt.com/home-router-malware-alert/
Threat Model Deconstruction
https://www.bluemt.com/threat-model-deconstruction/
Business Email Scam Nets $214 Million
https://www.bluemt.com/business-email-scam-nets-214-million/
How to Prevent Unauthorized Software from Taking Over Your Organization
https://www.bluemt.com/the-cios-guide-to-happy-end-users-2/

Digital Marketing Predictions for 2015
https://www.bluemt.com/digital-marketing-predictions-for-2015/
SDN: Network Administrator’s Friend or Foe?
https://www.bluemt.com/sdn-network-administrators-friend-or-foe/
Mobile Payments: A Must for Federal Agencies
https://www.bluemt.com/mobile-payments-a-must-for-federal-agencies/
Soft Skills Are A Must-Have For Careers In IT
https://www.bluemt.com/soft-skills-are-a-must-have-for-careers-in-it/

Security Risks Most Prevalent in Younger Workers
https://www.bluemt.com/security-risks-most-prevalent-in-younger-workers/
The Security World’s Maturation
https://www.bluemt.com/the-security-worlds-maturation/
Data Breach Concerns Keep CISOs Up At Night
https://www.bluemt.com/data-breach-concerns-keep-cisos-up-at-night/
Personalized Govt Equals Instant Gratification for Citizens
https://www.bluemt.com/personalized-govt-equals-instant-gratification-for-
citizens/

People-Centric Security
https://www.bluemt.com/people-centric-security/
Pentagon Tries BYOD To Strike Work/Life Balance
https://www.bluemt.com/pentagon-tries-byod-to-strike-worklife-balance/
Open Source Model Considered for MS Windows
https://www.bluemt.com/open-source-model-considered-for-ms-windows/
Open Internet: To Be or Not to Be?
https://www.bluemt.com/open-internet-to-be-or-not-to-be/

Malware Stays A Step Ahead Infecting One Third of Websites
https://www.bluemt.com/malware-stays-a-step-ahead-infecting-one-third-of-
websites/
Machine-Generated Data: Potential Goldmine for the CIO
https://www.bluemt.com/machine-generated-data-potential-goldmine-for-the-
cio/
Government Legacy Programs: Reuse vs. Replacement
https://www.bluemt.com/government-legacy-programs-reuse-vs-replacement/
It Takes a Whole Village to Protect Networks and Systems
https://www.bluemt.com/it-takes-a-whole-village-to-protect-networks-and-
systems/

Governance For the CIO
https://www.bluemt.com/governance-for-the-cio/
Help Desk Consolidation – Lessons Learned
https://www.bluemt.com/help-desk-consolidation-lessons-learned/
One Year Later, Companies Still Vulnerable to Heartbleed
https://www.bluemt.com/one-year-later-companies-still-vulnerable-to-
heartbleed/
Federal Projects Cultivate Worker Passion
https://www.bluemt.com/federal-projects-cultivate-worker-passion-2/

ABOUT US
Blue Mountain Data Systems Inc.
Blue Mountain Data Systems Inc. is dedicated to application
and systems development, electronic document management,
IT security support, and the automation of workflow processes.
Read more about our experience here:
>> http://bluemt.com/experience

Recent Experience
U.S. Dept. of Labor
Employee Benefits Security Administration
1994 to Present
Responsible to the Office of Technology and Information Systems for information
systems architecture, planning, applications development, networking,
administration and IT security, supporting the enforcement of Title I of the
Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue
Mountain is responsible for design, development and support for its various
enforcement database management systems, as well as all case tracking and
customer service inquiry systems. Blue Mountain also provides IT security services
to the EBSA, in the form of FISMA Assessment and Authorization, System Security
Plans, Risk and vulnerability assessments, monitoring and investigation support.

MANAGEMENT
Paul T. Vesely
Founder, President, CEO and Principal Architect
Mr. Vesely is a recognized thought leader in systems
architecture and delivery, having designed and
delivered many enterprise wide information and
document management solutions. Mr. Vesely’s history
includes 33 years experience in the information
systems industry, with Unisys, Grumman, PRC and a
host of clients in both government and private sectors.

CONTACT US
Contact Us Today to Discuss Your Next IT Project
HEADQUARTERS
366 Victory Drive
Herndon, VA 20170
PHONE 703-502-3416
FAX 703-745-9110
EMAIL
paul@bluemt.com
WEB
https://www.bluemt.com

Tech Update Summary from Blue Mountain Data Systems September 2016

Recommended

Recommended

More Related Content

Recently uploaded

Recently uploaded (20)

Featured

Featured (20)

Tech Update Summary from Blue Mountain Data Systems September 2016