SlideShare a Scribd company logo
Tech Update Summary
March 2016
Blue Mountain Data Systems
For CTOs, CIOs & CISOs
Visit Blue Mountain Data Systems
https://www.bluemt.com
For CTOs, CIOs & CISOs
Every business day, we publish a Daily Tech Update for Federal & State CTOs ,CIOs & CISOs on the Blue
Mountain Data Systems Blog. We hope you will visit our blog for the latest information.
You can also receive these updates via email. Click here to subscribe.
Here’s the summary of the Daily Tech Updates for March 2016. Hope the information and ideas prove
useful.
Best,
Paul Vesely
President and Principal Architect
Blue Mountain Data Systems Inc.
Databases
Databases & Storage
SECURITY: DB Networks Launches Real-Time Database Security Sensor. By
integrating this sensor into their products, security OEMs provide their customers
with more usage detail and metrics from data-tier cyber-threats. Read the rest
[EWEEK.COM]
MongoDB: Security, and How Not to Get Stung. Recently, Microsoft got roundly
savaged for a database security leak. In the back and forth, MongoDB’s database
security got caught in the crossfire. Find out why MongoDB was mistakenly
blamed. Read more
[DZONE.COM]
Databases & Storage
DATA PROTECTION: Safeguarding Databases Against Insider Threats. While
phishing, malware, distributed denial-of-service (DDoS) and similar types of
external threats rightfully receive significant attention from organizations, they
only represent one aspect of the threat equation. Insider threats are the other
piece of this puzzle and can be equally damaging. Read more
[SECURITYINTELLIGENCE.COM]
HOMELAND SECURITY: Visa Waiver Program Now Includes Daily Database Check. A
change to how Customs and Border Protection vets applicants for the Visa Waiver
Program is helping prevent a potential blind spot in the process, the agency’s chief
told a House panel on March 1. Read more
[FCW.COM]
Databases & Storage
LINUX: Tune Up Your Databases! MySQLTuner is a Perl script that checks your local
(or remote) MySQL server and gives recommendations for improving security and
performance. Read the rest
[LINUXJOURNAL.COM]
NoSQL: 10 Tips for Integrating NoSQL Databases in Your Business. NoSQL
databases provide the agility, scalability, performance and availability to support
many applications today, but implementing them is not always easy. Here are 10
tips for integrating NoSQL systems in your organization. Read more
[CIO.COM]
Databases & Storage
DOD: A Prime Target for Cyberattacks. Databases, storing tactical and various other
types of sensitive information, are widely used across the Department of Defense.
Yet a growing number of defense technology industry observers, including Oracle
CEO Mark Hurd, believe that DoD is misapplying its security resources, prioritizing
overall network protection over what has become the prime target of most
attackers. Read more
[C4ISRNET.COM]
CLOUD: NoSQL in the Cloud: A Scalable Alternative to Relational Databases. If you
are using a traditional relational database you may find yourself working on a
complex policy for distributing your database load across multiple database
instances. This solution will often present a lot of problems and probably won’t be
great at elastically scaling. Why not consider using a cloud-based NoSQL database
as an alternative? Read more
[DZONE.COM]
Databases & Storage
SAVE $$$$: Moving to Open Source Databases Can See Savings of 90 Per Cent.
Enterprises could save up to 90 per cent on licensing costs by moving away from
incumbent proprietary databases to an open source alternative, according to Frank
Fanzilli, independent board director at PostgreSQL vendor EnterpriseDB and board
director of the Linux Foundation. Read more
[V3.CO.UK]
FDA: Proposes New Databases to Monitor CAR T-Cell Safety Across INDs. The US
Food and Drug Administration (FDA) wants to create two new databases that will
allow it to look at safety and manufacturing information across multiple
applications for products within a promising class of cancer immunotherapies
called anti-CD19 CAR modified T-cells. Read more
[RAPS.ORG]
Databases & Storage
HADOOP: Don’t Expect Your DBA to Do a Hadoop Expert’s Job. Big data deployments
challenge organizations to rethink the role of data across their entire operations
landscape. But a funny thing happens when it comes to administering these systems:
There is an understandable tendency to map the organizational responsibilities for the
care and feeding of big data systems such as Hadoop to existing database
administrators (DBAs). After all, these same teams have kept your data assets humming
along to this point. Surely they can pick up the running of the new Hadoop cluster,
right? Not in most cases. Read more
[DATA-INFORMED.COM]
ORACLE: Amazon, Microsoft Launch Full-Court Press To Steal Oracle’s Database
Customers. Amazon Web Services and Microsoft are both taking aim at Oracle’s
database business with separate offerings designed to make it easier for customers to
ditch Oracle’s software. AWS plans to launch the AWS Database Migration Service,
which migrates on-premises Oracle, SQL Server, MySQL and PostgreSQL production
databases to the AWS cloud. Microsoft is running a campaign in which organizations
can migrate their Oracle databases to SQL Server and receive free Microsoft licenses.
Read more
[CRN.COM]
More About Blue Mountain
BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S.
Dept. of Labor, Employee Benefits Security Administration. Responsible to the
Office of Technology and Information Systems for information systems
architecture, planning, applications development, networking, administration and
IT security, supporting the enforcement of Title I of the Employee Retirement
Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for
design, development and support for its various enforcement database
management systems, as well as all case tracking and customer service inquiry
systems. Blue Mountain also provides IT security services to the EBSA, in the form
of FISMA Assessment and Authorization, System Security Plans, Risk and
vulnerability assessments, monitoring and investigation support. Read more.
Security Patches
Security Patches
CISCO: Cisco Patches Severe Default Password Security Issue in Network Hardware.
Cisco has patched another hard-coded, default password problem which gives
cyberattackers root access to devices. Read more
[ZDNET.COM]
MICROSOFT: Microsoft Fixes Flash Flaw in IE and Edge Browsers. Users of Windows
Vista through Windows 10 advised to patch immediately. Read more
[THEINQUIRER.NET]
Security Patches
DRUPAL: Patches 10 Security Flaws, Critical Issues. The content management
system’s latest security update includes fixes for issues including remote code
execution. Read more
[ZDNET.COM]
WINDOWS: Keeping Track of Windows Updates. At least once a month,
Microsoft invades your Windows 7 computer with so-called improvements. If
you have no idea what they are, how can you find out? Read more
[NYTIMES.COM]
Security Patches
APPLE: Patches 100 Security Issues Across Its Product Line. Among all the
product and legal news surrounding Apple, the company has released seven
security updates containing more than 100 fixes covering a wide range of its
products and operating systems. Read more
[SCMAGAZINE.COM]
MOBILE: Google Issues Emergency Android Security Patch as Rooting Bug Gains
Critical Threat Status. Google has pushed out an Android patch for millions of
devices after it became aware of a rooting application using an unpatched local
elevation of privilege vulnerability. The known issue in the upstream Linux kernel
was fixed in April 2014 but wasn’t called out as a security fix until February 2015.
Read more
[CBRONLINE.COM]
Security Patches
MICROSOFT: Mystery Continues with Microsoft’s Unidentified Patch KB
3103709. One week after the patch appeared, KB 3103709 still has no
description and apparently only appears on Windows 8.1 system. Read more
[INFOWORLD.COM]
GOOGLE: Reverse Engineering Software BinDiff Now Free for Researchers. The
advanced security software is now a free tool for researchers worldwide. Read
more
[ZDNET.COM]
Penetration Testing
Penetration Testing
REGULAR CHECKUPS: Pentesting-as-a-Service. Ten years ago, penetration testing
was viewed as a luxury service, typically aimed at ensuring that companies’ network
perimeters were secured against malicious external attacks. More recently, we have
seen the emergence of vulnerability scanning software, an automated way to
perform more frequent vulnerability testing, but not to the level of rigour the
company would receive from a penetration test performed by a security expert.
Read more
[INFOSECURITY-MAGAZINE.COM]
THINK TANK: Penetration Testing Still Relevant, but Approach Needs to Change.
How can an organization ensure it gets value from penetration and security testing
services? Security managers need permission from their respective companies to
test live networks, and they need the right pen testing tools for the job. Read more
[COMPUTERWEEKLY.COM]
Penetration Testing
HOW: A White Hat Hacker Breaks Into a Business. A pen tester talks through how to
break into a company. Read more
[NEWSWEEK.COM]
PENTAGON: Sees White Hat Hackers as Low-Cost Penetration Testers. The Defense
Department announced it would be launching the federal government’s first-ever
"bug bounty," banking on the idea that there’s a nascent community of white hat
hackers that’s been itching to help the Pentagon with its cybersecurity challenges
but hasn’t been able to until now. Read more
[FEDERALNEWSRADIO.COM]
508 Compliance
508 Compliance
508 & THE CLOUD: When the Cloud Complicates 508 Compliance. The National Institute
of Standards and Technology found that as organizations move to cloud-based systems
and platforms, the accessibility for employees with disabilities can be compromised.
Accessibility tools for those with disabilities rely on local computers capable of running
them. And with most software and information now migrating to remote locations
accessed through the Internet, NIST warned, those tools might not function. Read more
[GCN.COM]
E-LEARNING: Accessibility for E-Learning: Section 508 and WCAG. What are Section 508
and WCAG? How do they differ? Why should you care? What tools can you use to make
your e-learning courses follow accessibility best practices and adhere to the law? Have
you ever thought about how someone with a disability experiences the online courses
you create? What if your target audience includes people who are deaf or hard of
hearing, color blind, visually impaired (partially or totally), or have limited mobility?
Shouldn’t they be afforded the same learning opportunities and access to your courses?
Section 508 and the Web Content Accessibility Guidelines (WCAG) help with just that—
by establishing a set of rules that, when followed, will ensure your e-learning content is
accessible to those with disabilities. Read more
[TD.ORG]
508 Compliance
VIDEO: Five Predictions about Video Accessibility for 2016. 2015 was a year where
there was tremendous growth in awareness about video accessibility due to
changes in the legal landscape, especially as it relates to the deaf and hard of
hearing. As these trends continue into 2016, there are five predictions based on
issues that were left unsolved in 2015, expected outcomes of recent changes in
regulations, and increased awareness of video accessibility issues. Read more
[AUTOMATICSYNC.COM]
BANKS SHOULD BEWARE THE LAWSUITS: Is Your Website Built for the Visually-
Impaired? If Not, You Could Lose an Ugly Lawsuit. The DOJ has already settled a
lawsuit with mobile grocer Peapod over their website’s compliance issues. What
you don't know about new ADA regulations governing website accessibility for
people with visual disabilities could embroil your financial institution in a costly
lawsuit. Here's what financial marketers need to do now — before the April 2018
deadline. Read more
[THEFINANCIALBRAND.COM]
Technology Refresh Planning
Technology Refresh Planning
DATA CENTER: The Army and Navy Use SQL Server On and Off the Battlefield.
The Defense Department relies on SQL Server to manage a wide range of
databases. Microsoft will end support for SQL Server 2005 on April 12. Like many
organizations around the world, the Defense Department has migrated to newer
versions of SQL Server to keep important databases running. Read more
[FEDTECHMAGAZINE.COM]
INFRASTRUCTURE: Hardware Refreshes Are Driving Move to Converged
Infrastructure. Converged infrastructure is appealing to companies for its ability
to (among other things) streamline operations, optimize workloads and cut
costs. More and more companies are catching on, and they are increasingly
adopting the technology via the hardware–and especially server–refresh cycle.
Read more
[WINDOWSITPRO.COM]
Technology Refresh Planning
AGENCY OVERSIGHT: Most Agencies Say They’ll Meet Year-End Records
Management Deadline. Roughly 90 percent of federal agencies say they’ll meet
the government-wide deadline to manage all permanent and temporary email in
an accessible, electronic format by Dec. 31, 2016, the National Archives and
Records Administration said. Yet many agencies told NARA it’s unclear how
they’ll measure their success and know that they’re compliant with federal
reords management requirements. Read more
[FEDEcRALNEWSRADIO.COM]
SECURE ACCESS: Beyond the ‘Land of No’: 5 Ways to Balance User Satisfaction
and Endpoint Security. As agencies increasingly move to desktop virtualization to
simplify and centralize access to classified and unclassified information, the issue
of traveling user profiles and adequate controls is becoming even more critical.
However, there are five practical steps agencies can take right now to provide
workers access to their personalized desktop yet give agency IT managers the
controls they need to deliver a secure data flow. Read more
[GCN.COM]
For the CIO, CTO & CISO
For the CIO, CTO & CISO
BIG DATA: CIOs Focus Spending on Big Data: Survey. The shaky economy has chief
information officers focusing IT spending on efforts to “drive more revenue from
better operations”, according to tech industry research firm Gartner Inc. But on top
of tighter IT budgets, their efforts are being stymied by a dearth of tech talent, both
internally and in the broader job market, Gartner said a report this week. Read the
rest
[BLOGS.WSJ.COM]
CTO: How One CTO Built a Culture of Trust and Engagement. When Joe McBreen
took over as CTO of St. Vrain Valley School District in 2009, he walked into an IT
nightmare. Seven years later, he’s turned things around. Here’s how he did it. Read
more
[CIO.COM]
For the CIO, CTO & CISO
CISO: CISO Still Viewed As Tech Not Business Leader. RSAC/ISACA study shows only
one in seven CISOs report to CEO. Read more
[DARKREADING.COM]
CIO: 2016 STATE of IT – 20 CIO Budget, Technology and Digital Business Findings.
Gartner recently advised CIOs to consider 10 New Year’s resolutions for 2016
including improving relationships with CMO and board members, exploiting
crowdsourcing and shifting IT thinking from “how, and what skills” to “why, and
which competencies”. There is no doubt that in the connected economy, where
customers – both internal and external – are more mobile, social, data-driven and
smarter, businesses must heavily rely on CIOs and IT leaders to meet the growing
expectations of their products and services. Read more
[HUFFINGTONPOST.COM]
For the CIO, CTO & CISO
SECURITY: The Human Firewall Cannot Be Fixed, says McAfee CTO. A five-question
interview on current topics in cybersecurity. One question may even surprise you.
Read more
[CSOONLINE.COM]
MANAGEMENT: CIOs Who Master Digital Transformations Will Win CEO Jobs. CIOs
who work closely with CEOs to direct digital strategies will eventually find
themselves in the CEO’s seat themselves, according to Salesforce.com CEO Marc
Benioff. Read more
[CIO.COM]
For the CIO, CTO & CISO
FEDERAL CISO: ‘Must Haves’ & ‘Must Dos’ For The First Federal CISO. Offensive and
defensive experience, public/private sector know-how, ‘mini-NSA’ mindset and
vision are top traits we need in a chief information security officer. Read more
[DARKREADING.COM]
NETWORKS: New Juniper Security CTO Promises Open Framework for Software
Defined Network Security. The new Juniper Networks liaison between the
company’s engineering team and its customers says it will take time, but Juniper’s
software defined security networking (SDSN) will eventually support third-party
devices to help build security into the network fabric itself. Read more
[NETWORKWORLD.COM]
Application Development
Application Development
JAVA: WSO2 Launches New Microservices Framework for Java. WSO2’s new
Microservices Framework for Java (MS4J) facilitates the creation of container-ready
microservices based on Java. Read the rest
[EWEEK.COM]
POPULAR: Ruby, Groovy Post Surprise Gains in Popularity. The Tiobe index author
isn’t convinced these are long-term gains, though, pointing out earlier high rankings
that have since faltered. Read more
[INFOWORLD.COM]
Application Development
VISUAL STUDIO: Microsoft Visual Studio Update Soups Up C/C++ Programming.
Visual Studio 2015 Update 2 release candidate speeds up C/C++ operations and
fixes multiple performance issues. Read more
[INFOWORLD.COM]
SWIFT: Flies To Cloud With IBM For Simpler App Development. IBM demos
updated version of programming language Swift, designed to simplify the way
developers build enterprise apps. Read more
[TECHWEEKEUROPE.CO.UK]
Content & Data Management
Content & Data Management
SQL SERVER: Microsoft is porting SQL Server to Linux. Microsoft is making available a
private preview of SQL Server for Linux, and plans to make the product generally
available by mid-2017. Read more
[ZDNET.COM]
2016 PREDICTION: Rise of the Data Manager. The role of storage administrators will
continue to evolve in response to transforming government IT landscapes. As
organizations move to a cloud delivery model to reduce costs and increase flexibility,
they shift from being builders and operators of their own data centers to being
brokers of services that span both private and public cloud resources. In 2016, the
classic storage administrator will either evolve into a data manager of the hybrid
cloud with a seat at the executive table, or hole up in comfortable storage product
minutia and become increasingly less relevant. Read more
[FEDERALNEWSRADIO.COM]
Content & Data Management
POLICY: OMB Tightens Hold on Data Center Policy. Federal CIO Tony Scott is looking
for feedback on new governmentwide data center consolidation policy. Meant to
supersede the Office of Management and Budget’s 2010 Federal Data Center
Consolidation Initiative, the new Data Center Optimization Initiative went online
March 2 for a 30-day comment period. Read more
[FCW.COM]
OPEN DATA: When Publishing Open Data, Cities and States Have Variety of Platform
Choices. As the open data publishing market heats up, all levels of government have
more partners to choose from. Read more
[GOVTECH.COM]
Data Breaches
Data Breaches
HACKERS: More Hackers Relying on Compromised Credentials. Dell SecureWorks
Researchers Describe Latest Trends. Cybercriminals are adapting their attack
techniques, moving away from attacks waged with malware to using compromised
credentials linked to privileged accounts to invade networks and systems, according
to researchers at Dell SecureWorks. Read more
[GOVINFOSECURITY.COM]
IRS: Data Breach Should Sound Eerily Familiar to Bankers. For bankers, there are
scary parallels between the IRS’ failure to protect sensitive personal information and
their own such struggles. Read more
[AMERICANBANKER.COM]
Data Breaches
SECURITY: Identity Theft Makes Half of Data Breaches. In 2015 around the world,
1,673 data breaches led to 707 million data records being compromised, according to
Gemalto. Gemalto’s Breach Level Index shows that more than 3.6 billion data records
have been exposed since 2013 when the index began benchmarking publicly
disclosed data breaches. Read more
[ENTERPRISEINNOVATION.NET]
INVESTIGATIONS: Verizon Releases First-ever Data Breach Digest with Security Case
Studies. Verizon is known for its huge annual Data Breach Investigations Report, but
it has released a less data-heavy digest organized by case study. Read more
[CSOONLINE.COM]
Electronic Document Management
Electronic Document Management
2016 TRENDS: 8 Tech Trends Changing How We Work In 2016. People value the
flexibility to work from anywhere, any time, on any device, and have come to expect
this user experience. What does this mean for the business? Greater complexity to
support the end user experience in a secure way. However, the benefits to the
business when they support mobile workspaces and workplace of the future are
typically substantial. Here are some key trends that organizations need to consider
and prepare for as the workforce of the future is at their doorsteps today. Read more
[FORBES.COM]
GOVT TECH 2016: 3 Government Tech Trends to Watch in 2016. Legislation under the
U.S. Patriot Act and Government Paper Elimination Act, as well as recent programs
such as the Affordable Healthcare Act, have legalized electronic signature
applications and made the use of digital document management systems not only
available, but a requirement in some cases. Read more
[NEXTGOV.COM]
Electronic Document Management
INTEGRATORS: Document Overload. Just like the security market, the language
services industry is undergoing major technology advances. Manual processes are
more a thing of the past. Quality localization is as much about the varying cultures
and languages as it is about data mining and document management systems. There
are three major categories of work that must be completed when going global. Read
more
[SECURITYINFOWATCH.COM]
PHARMA: Streamlining the Regulatory Review Process in Pharma: The Upcoming
Transition to Electronic Common Technical Documents. For pharmaceutical
companies, filing Common Technical Documents (CTDs) is a critical aspect to the
regulatory approval process. Historically, this process has been paper-centric until
recently. Read about a recent collaborative effort between West Pharmaceutical
Services, FDA, Health Canada and others to establish a process and protocol for filing
CTDs electronically, which will likely become common practice as early as 2017.
Read more
[RAPS.ORG]
Big Data
Big Data
INFORMATION MANAGEMENT: What are the Numbers, Facts and Figures Behind
Big Data? Business leaders know they want to invest in big data, and they have high
expectations on ROI, but do they really know what big data is? Read the rest
[INFORMATION-AGE.COM]
IoT: The Internet of Things Will Make Big Data Look Small. Get ready for the data
deluge. It’s kind of amazing that we all settled on the term “big data” before the
“Internet of things” really arrived. That pending revolution, in which we’ll see all
kinds of new objects connected to the Internet thanks to the cheap hardware
provided by the smartphone boom, will generate information on a scale we can’t
even really comprehend yet. Read more
[FORTUNE.COM]
Big Data
MASSACHUSETTS: Report – Big Data Booms in Massachusetts. In Massachusetts,
big data is big business. A new report finds that 53 new big data companies have
come to Massachusetts since 2014, bringing the number to 537 – a jump of about
10 percent. Read more
[BETABOSTON.COM]
STATISTICS: Part of the Massive Big-Data Future. Statistical methods make it
possible to run the analyses that make big-data analytics possible. Read more
[WSJ.COM]
Big Data
ANALYTICS: Big Data Streaming Analytics, Self-Service. Businesses are taking the
next step with big data technology in 2016 with plans to implement streaming
analytics and self-service, as they work to embed big data insights directly into
business applications and software. Read more
[INFORMATIONWEEK.COM]
PREDICTIONS: 17 Predictions About The Future Of Big Data Everyone Should Read.
Almost everyone can agree that big data has taken the business world by storm, but
what’s next? Will data continue to grow? What technologies will develop around it?
Or will big data become a relic as quickly as the next trend – cognitive technology?
fast data? – appears on the horizon. Here are some of the predictions from the
foremost experts in the field, and how likely they are to come to pass. Read more
[FORBES.COM]
Big Data
STORAGE: Flash is Rocketing into Big-Data Analytics. Pure Storage’s upcoming
FlashBlade will store petabytes of data at less than $1 per gigabyte. Read more
[INFOWORLD.COM]
FEDERAL GOVERNMENT: Obama’s Big Data Project Targets Community
Improvement. White House Opportunity Project initiative is a grass-roots effort to
push out government data and encourage nonprofits, developers and others to
build new community-improvement tools. Read more
[CIO.COM]
Project Management
Project Management
INTERVIEW SKILLS: 12 Questions Project Managers Should Be Prepared for in a Job
Interview. Project management job interviews can be more stressful than the new
job itself. Most candidates expect to talk about their strengths, weaknesses, skills
and methodology as a PM. But to truly be prepared when walking into that next PM
interview, be ready to answer these difficult questions. Read more
[CIO.COM]
SURVEY: The High Cost of Low Performance. Organizations waste US$122 million
for every US$1 billion invested due to poor project performance – a 12 percent
increase over last year. That’s the finding of the 2016 Pulse of the Profession®,
which reveals an imperative to strengthen the conversation around the benefits of
project management. Download the report now. Read more
[PMI.ORG]
Project Management
ORGANIZATIONAL STRUCTURE: Top-Down Solutions Like Holacracy Won’t Fix
Bureaucracy. For all its enemies, bureaucracy is amazingly resilient. Since 1983, the
number of managers, supervisors, and support staff employed in the U.S. economy
has nearly doubled, while employment in other occupations has grown by less than
40%, according to our analysis of data from the Bureau of Labor Statistics. That
makes bureaucracy the organizational equivalent of kudzu, the invasive, herbicide-
resistant vine that has overrun thousands of acres of woodland in the American
south. Why is bureaucracy so difficult to eradicate? Read more
[HBR.ORG]
INNOVATION: To Increase Innovation: Help Your Team Take Smarter Risks. Most
senior managers agree that taking risks is important for innovation, but in far too
many cases, they don’t act like they believe this. How can you break out of this
mode and create an environment that is more conducive to innovation? One of the
starting points is to be more explicit about what risk-taking really means, and what
is acceptable and what is not. Here are four tactics for doing this. Read more
[FORBES.COM]
Open Source
Open Source
YAHOO: Don’t Laugh: Yahoo’s Open Source AI Has a Secret Weapon. Yet another tech
giant is sharing its artificial intelligence know-how with the world. Yahoo has
published the source code to its CaffeOnSpark AI engine so that anyone from
academic researchers to big corporations can use or modify it. Read the rest
[WIRED.COM]
MITRE: Shares an Open Source FHIR Testing Tool. Crucible is a tool that was created
to help developers identify errors in FHIR applications. Funding from MITRE Corp. has
made it possible for the software to be offered as an open-source project with an
Apache license. Using the web interface at ProjectCrucible.org, a developer can run
228 test suites that include over 2,000 tests of the FHIR specification. Read more
[DZONE.COM]
Open Source
APPS: 6 Must-Have Open Source Apps for Windows, Mac, and Linux. Here are some
of the best open source and free apps for your heterogeneous environment. Read
more
[CIO.COM]
EDUCATION: Open-Source Textbooks Gain in Push for College Affordability. The
standard textbook for Fundamentals of General Chemistry I at the University of
Connecticut in Storrs has a list price of $303. For students who use the version
professor Edward Neth is preparing for the fall semester, the cost will be zero. An
early adopter of open source textbooks, Neth said he turned to the new technology
out of frustration with spiraling prices of commercial textbooks. Read more
[MARINECORPSTIMES.COM]
Network Systems
Network Systems
ETHERNET: 25 Gigabit Ethernet Forges a Path Forward. Since 2014, large network
players such as Brocade, Hewlett Packard Enterprise and Microsoft have been
working to develop a standard for 25 Gigabit Ethernet. According to experts, 2016
will be the year the technology finally makes its way into large data centers. Read
more
[STATETECHMAGAZINE.COM]
INCIDENT RESPONSE: How Incident Response Fails In Industrial Control System
Networks. Experts say a solid incident response plan is the best way to minimize the
damage of a cyberattack–but IR isn’t so simple for the ICS/SCADA world. Read more
[DARKREADING.COM]
For the CTO, CIO & CISO
For the CTO, CIO & CISO
CIO: Why Change Initiatives Fail. Creating the right conditions for successful change
requires putting people before things. Many companies want to change and
transform (especially when facing digital disruption from competitors). Yet a
majority of change efforts fail – one famous and oft-cited study pegged the rate of
failure at 70%. Read more
[CIO.COM]
CTO: Maker Movement at Center of HHS’ Innovative Strategy. Like the emergence of
open health data movement, CTO Susannah Fox sees the maker and inventor
movements as the future of innovation around health care at HHS. .Read more
[FEDSCOOP.COM]
For the CTO, CIO & CISO
CISO: Survey Roundup: Feeling Better With a CISO. A survey of around 200
security analysts by ThreatTrack Security found, for those organizations that have
a chief information security officer, 23% said it’s become easier to defend against
malware-based cyberattacks in the past year versus 15% of respondents from
companies without a CISO who said that. Ninety-four percent of those at a
company with a CISO said they also have a dedicated incident response team,
compared with 48% for those at a business without a CISO. And 71% at CISO
companies said they would personally guarantee the safety of customer data in
2016, versus 42% of those at a non-CISO firm who would make that promise.
Read more
[BLOGS.WSJ.COM]
For the CTO, CIO & CISO
CIO: How to Conquer Recruiting, Retention and IT Skills Challenges. Experts in the
technology industry look at the year ahead and what it holds for recruitment and
retention. They also identify what tech skills will top the charts. Read the rest
[CIO.COM]
CTO: ‘Corporate’ IT Teams Can Hamper Agile Projects, Warns William Hill CTO.
“Corporate” IT teams who try to use agile within their organisations without
notifying other departments are more likely to hamper “agile” as a concept, than
those organisations that try to carry out too many agile projects, according to
Finnbar Joy, chief technology officer at William Hill. Read more
[COMPUTING.CO.UK]
For the CTO, CIO & CISO
CISO: Obama Wants More Cybersecurity Funding and a Federal CISO. In the final
budget of the Obama administration, the White House is looking to boost spending
on security, hire more experts and partner with the private sector. Read more
[CIO.COM]
GOVERNMENT CIO: Senate Passes Permanent Ban on Internet Access Taxes. The
ban on taxes targeting Internet services now heads to Obama. The Permanent
Internet Tax Freedom Act was included in a trade enforcement bill passed by
senators in a 75-20 vote Thursday. The provision, passed by the House of
Representatives last June, would permanently extend a 18-year moratorium on
Internet-targeted taxes that expired in October. Congress had extended the
moratorium several times since 1998, but supporters weren’t able to pass a
permanent ban until now. Read more
[CIO.COM]
Incident Response
Incident Response
NETWORKS: The Incident Response “Fab Five”. CISOs should consider and
coordinate incident detection and response in five areas: hosts, networks, threat
intelligence, user behavior monitoring, and process automation. Read more
[NETWORKWORLD.COM]
FEDERAL GOVERNMENT: Incident Response in the Spotlight. The White House is
devising a plan specifying federal agencies’ responsibilities in the event of a
crippling cyberattack, which could be released as an executive order or
presidential directive in the next few months, MC has learned. The guidance will
address the federal response to a cyberattack against “critical infrastructure,”
including power plants, chemical facilities, banks and telecommunications
providers, according to industry officials. The goal is to ensure agencies are
focused on chasing hackers out of compromised systems rather than figuring out
who to call or talking to lawyers. Read more
[POLITICO.COM]
Incident Response
OPINION: A Breach is Coming — Is Your Agency Ready? Advanced threats are
spreading at an alarming rate, putting agency data at risk and making attacks
almost inevitable. In July, the Government Accountability Office reported that
information security incidents involving federal agencies skyrocketed from 5,503
in fiscal 2006 to 67,168 in fiscal 2014. Read more
[FCW.COM]
VICTIMS OR VILLAINS: Intelligent Incident Response Can Save the Day. We all
know the lessons of nursery school tales: don’t lie, don’t steal, and play nice with
others. The data breach morality tale is a bit more complicated. When you find
out someone is stealing from you: don’t lie, act quickly, and be nice even when
everyone’s mad at you. If you get defensive or try to be sneaky, you’ll go from
victim to villain in the swipe of a headline. Data breaches are happening with
greater frequency, and are compromising larger volumes of data, than ever
before. Read more
[INFOSECURITY-MAGAZINE.COM]
Operating Systems
Operating Systems
NETWORK SECURITY: Juniper Will Repatch Its Netscreen Operating System.
Company says there’s nothing wrong with the current patch, but redoing it will
make ScreenOS more robust. Read more
[NETWORKWORLD.COM]
THOUGHT LEADER ON LINUX… AND MORE: Why Linux Is Still Better Than
Windows 10. Why one writer dumped Windows and switched to Linux 13 years
ago, and Amazon wants its Android OEMs to integrate its services into their
phones. Read more
[INFOWORLD.COM]
Operating Systems
APPLE: Safari Suggestions Bug Causes Browser Crashes in iOS and OS X. A server-side
problem with the Safari Suggestions feature in recent versions of iOS and OS X appears
to be causing Safari to crash and hang for some users. Developer Steve Troughton-
Smith helped to identify the issue overnight, though it has also been discussed in a pair
of Reddit threads in the Apple subreddit. The problem appears to be causing hanging
and strange behavior in OS X and outright crashes in iOS. Going to Settings > Safari in
iOS (or to the Safari Preferences and then the Search tab in OS X) and disabling the
Safari Suggestions feature appears to fix the problem, or you could try using another
browser. Read more
[ARSTECHNICA.COM]
MOBILE: 5 Gmail App Alternatives for Android. For most Android users the stock Gmail
or Email apps on smartphones and tablets is plenty. They have enough features or
functionality to complete most daily tasks. But…not everyone wants to use Gmail.
Here’s a list of five or so great Email app alternatives for Android. Read more
[GOTTABEMOBILE.COM]
Programming & Scripting Development
Client & Server-Side
Programming & Scripting Development
Client & Server-Side
JAVASCRIPT: Ransomware Takes a Scary Turn Using JavaScript. Security researchers
have uncovered a new twist on ransomware-as-a-service with the discovery of
what is being called Ransom32. While there have been several Web-based
ransomware variants, including TOX and FAKBEN, this is a somewhat different
development since it uses a popular JavaScript framework called NW.js. Read more
jQUERY: Beyond jQuery: An Expert Guide to Choosing the Right JavaScript
Framework. How to choose from 22 essential JavaScript frameworks for Web and
mobile development. Read more
[INFOWORLD.COM]
Programming & Scripting Development
Client & Server-Side
HTML5: What HTML5 Means for Ecommerce Merchants. What is one thing all
ecommerce stores have in common? They use HTML. In fact, just about every
website uses HTML. That means when an update to HTML comes out, it has far-
reaching effects . Read more
[PRACTICALECOMMERCE.COM]
APPLICATION DEVELOPMENT: Java Finally Gets Microservices Tools. Lightbend’s
Lagom framework helps Java developers create and manage microservices
architectures. Read more
[INFOWORLD.COM]
Programming & Scripting Development
Client & Server-Side
SURVEY: Stack Overflow Survey: JavaScript Reigns, Female Developers MIA.
JavaScript is king; the full-stack Web is where it’s at; the proper term is
“developer,” not “engineer”; please stop asking us to do the impossible — and too
few of us are women. Those are some of the insights gleaned from a new survey of
55,000 developers worldwide courtesy of Stack Overflow, the massively trafficked
question-and-answer-format site used by developers of every stripe. Read more
[INFOWORLD.COM]
HTML5: 5 Steps to Create an HTML5 Video. In the past, setting up video was a
relatively straightforward concept using Flash plugins. Until the iPad showed up
and the HTML spec began to evolve, many people were happy with the results. As
that changed so did the Digital Rights Management (DRM) and other aspects of
video. One of the aspects of HTML5 was to solve the security problems inherent
with Flash. Learn how now. Read more
[HTMLGOODIES.COM]
Programming & Scripting Development
Client & Server-Side
JAVA: OpenJDK Plan Would Make Java Coding Easier. A new plan proposed for OpenJDK
would give Java a local-variable type inference capability so that it’s easier to write
code while continuing with static type safety. Read more
[INFOWORLD.COM]
JAVASCRIPT: 6 Reasons Web Developers Need to Learn JavaScript ES6 Now. If you’re a
developer, you’ve probably heard a little bit about ECMAScript 6 (ES6) already, though
at first glance it might seem a little confusing. What it really boils down to is this: it’s
the next version of JavaScript, which delivers new language features you’ll be able to
use long-term. Read more
[THENEXTWEB.COM]
Programming & Scripting Development
Client & Server-Side
SWIFT: Apple Releases Swift 2.2 Programming Language with Ubuntu Linux
Support. As of March 21, 2016, the Linux community can download the production
version of Swift 2.2, which has been made available at the moment only for
Canonical's Ubuntu 14.04 LTS (Trusty Tahr) and Ubuntu 15.10 (Wily Werewolf) Linux
kernel-based operating systems. Read more
[SITEPOINT.COM]
JAVA PATCH: Emergency Java Update Fixes Two-Year-Old Flaw After Researchers
Bypass Old Patch. The new patch comes after a security firm demonstrated that a
2013 fix for a critical vulnerability was inefficient. Read more
[PCWORLD.COM]
Programming & Scripting Development
Client & Server-Side
PHP: Peachpie Compiler Aims to Bring PHP to .Net. Built with Microsoft's open
source Roslyn compiler, Peachpie leverages .Net's metaprogramming technologies
in PHP. In addition to possible performance gains, compiling to .Net provides PHP
developers access to the existing culture of software written for .Net, as well as
features of the .Net runtime itself. Read more
[INFOWORLD.COM]
C#: How to Program Using PostSharp in C#. Take advantage of this popular AOP
framework to seamlessly manage common functionalities like exception handling,
logging, security, and transactions in your application. Read more
[INFOWORLD.COM]
Cloud Computing
Cloud Computing
SQL SERVER 2016: Offers Federal Agencies Multiple Cloud Options. The end of
support for SQL Server 2005 provides agencies ample opportunity to invest in a
hybrid cloud environment for database management. Read more
[FEDTECHMAGAZINE.COM]
MICROSOFT: Microsoft Bolsters Cloud Security. Microsoft has announced measures
to improve security management and transparency for Azure cloud services and
Office 365. The features, which come from technology Microsoft acquired last year
when it purchased Adallom, will bolster security in cloud apps such as Office 365,
Box, Salesforce, ServiceNow and Ariba. Read more
[ECOMMERCETIMES.COM]
Cloud Computing
REPORT: Government Increases Cloud Spending. A new report found that 8.5
percent of the federal government’s IT spending, or $6.7 billion, in fiscal 2016 will go
to cloud technologies – a marked increase from the 5 percent of IT spending that
the government put toward cloud in fiscal 2015. Read more
[FIERCEGOVERNMENTIT.COM]
FEDERAL GOVERNMENT: Government Benefits from a More Mature Cloud. As
agencies become more comfortable with the cloud, the technology’s true potential
starts to shine. Read more
[FEDTECHMAGAZINE.COM]
Cloud Computing
AMAZON: Amazon to Launch Cloud Migration Service. Big businesses increasingly
are moving massive databases online. Thomas Publishing Co., a 118-year-old
company once known for its big, green manufacturing guidebooks, finds itself at
the center of an emerging movement in corporate computing: the great cloud
migration. Read more
[WSJ.COM]
CLOUD SECURITY: Resources Abound to Make Cloud Services More Secure. More
and more enterprise organizations are planning and deploying into cloud
platforms. This trend is occurring despite organizations’ historical push-back on
cloud services claiming that they are less secure than private on-premises data
centers. Even though there is evidence to suggest that cloud application attacks
are on the rise, there are best practice methods to secure cloud services. Read
more
[NETWORKWORLD.COM]
Cloud Computing
DROWN: Hundreds of Cloud Companies Still Vulnerable to DROWN Security Flaw.
Companies are ignoring threat posed by DROWN SSL vulnerability – as well as
FREAK, Logjam, OpenSSL and Poodle. Read more
[COMPUTING.CO.UK]
GOOGLE: Adds New Features to Cloud Trace Application Debugging Tool. Updates
will improve the ability for developers to identify performance-slowing problems
in their apps, the company says. Read more
[EWEEK.COM]
Green IT
Green IT
SXSW: Barack Obama and Irish tech firms converge on SXSW. President asks tech
community for help in improving civic engagement in digital age. Read more
[IRISHTIMES.COM]
OPINION: The IT Security Industry Is Not Consolidating. The numbers speak: 1,440
vendors and growing. Read more
[CSOONLINE.COM]
Green IT
CYBERSECURITY: Stand and Deliver – Ransomware Wave Ravaging Irish SMEs.
Organized criminals are targeting the computers of small firms and even big
government departments. If you don’t pay up, they’ll delete your files and have
even set up call centres to take their payments from desperate victims. Read more
[INDEPENDENT.IE]
USER DATA: Microsoft’s Top Lawyer Voices Support For Encryption At RSA.
Microsoft is engaged in a legal battle with the US government concerning user
data stored on servers in Ireland. The US Justice Department served a search
warrant for user emails, which Microsoft believes should not be accessed without
approval from the Irish government. Read more
[INFORMATIONWEEK.COM]
Business Intelligence
Business Intelligence
3RD PLATFORM: How Will It Impact State, Local Governments in 2016? (Industry
Perspective). The innovative powerhouse of cloud computing, mobile, big data
and social media has been deemed by IDC as the “3rd Platform.” Here’s a look at
each component and the potential it brings for public sector. Read more
[GOVTECH.COM]
CALIFORNIA: New Digital Innovation Office Aims to Create Apps for Residents. The
Golden State also wants to collaborate with other states using open source data
and technologies. Read more
[STATETECHMAGAZINE.COM]
Business Intelligence
CIO: Cybersecurity Startups Face Tougher Path to IPO. The security industry’s largest
annual conference, which started Monday in San Francisco, is held just two blocks
from the former sand dunes where Gold Rush-era prospectors encamped in an area
known as Happy Valley. The mood at the RSA Conference this year may not be quite
as happy as it was in the recent past, as security startups find it more difficult to
realize ambitions for an IPO. Read more
[BLOGS.WSJ.COM]
WINDOWS 10: Security Boost Targets Business PCs. Microsoft launches a new
Windows 10 security feature designed to give IT leaders more insight into
recognizing and addressing cyber-attacks. Read more
[INFORMATIONWEEK.COM]
Federal Government
Federal Government
PRIVACY: The Irony in the FBI’s Request to Unlock the iPhone. In its rush, the agency
slammed the one door to gaining access to the iPhone’s data. Read more
[COMPUTERWORLD.COM]
DOD NEWS: Pentagon Invites Hackers In and Backs Encryption. The Pentagon has
invited external experts to hack into its systems in the first such test of its
cybersecurity measures. Read more
[BBC.COM]
Federal Government
INFLUENCERS FYI: Incoming Federal CISO Can Improve US Government’s
Cybersecurity. The person who fills the newly created US chief information
security officer position will be able to improve the government’s cybersecurity,
a 77 percent majority of Passcode’s pool of digital security experts said.
Read more
[CSMONITOR.COM]
AGILE DEVELOPMENT ALERT: When Agile Development is Change Management
in Disguise. The secret power of agile development for federal agencies’ citizen-
facing services and capabilities isn’t so much getting projects done more
efficiently and possibly saving money, according Environmental Protection
Agency CTO Greg Godbout. It’s really about seeding the government with new
ideas that will take hold and steer it in a new direction for planning and
acquisition and ultimately serve the public’s needs, he said. Read more
[FCW.COM]
IT - State & Local Governments
IT - State & Local Governments
CALIFORNIA: Step-by-Step Solution for Its New Child Welfare System. California is
dabbling with innovative ways of procuring technology for its new Child Welfare
System, transitioning from waterfall procurement to an agile and iterative
acquisition that aims to revamp the mammoth system’s services one at a time.
Read more
[GCN.COM]
LOCAL GOVERNMENT DATA: 4 Guidelines for Governments to Ease the Cost and
IT Burden of Housing Data. Connected, always on and fully transparent –
consumer tech trends are hitting state and local governments hard. Many are
moving straight from paper files and other analog solutions to complex
technologies and the systems required to support them. Data demands are
pushing IT limits in cities, so what can these local governments do to support this
deluge of data? Read more
[GOVTECH.COM]
IT - State & Local Governments
NEW YORK CITY: What to Expect From the NYC Tech Scene in 2016. Yeah, it ain’t
Silicon Valley. But why does it have to be? Read more
[INC.COM]
LOCAL GOVT: Security, Strategic Planning Top Local Government IT Execs’ 2016
Priorities. The Public Technology Institute released its annual poll of local
government executives’ key concerns for the year ahead. Read more
[STATETECHMAGAZINE.COM]
IT Security | Cybersecurity
IT Security | Cybersecurity
DATA PRIVACY: The Irony in the FBI’s Request to Unlock the iPhone. In its rush, the
agency slammed the one door to gaining access to the iPhone’s data. Read more
[COMPUTERWORLD.COM]
DOD: Pentagon Invites Hackers In and Backs Encryption. The Pentagon has invited
external experts to hack into its systems in the first such test of its cybersecurity
measures. Read more
[BBC.COM]
IT Security | Cybersecurity
INFLUENCERS: Incoming Federal CISO Can Improve US Government’s Cybersecurity.
The person who fills the newly created US chief information security officer position
will be able to improve the government’s cybersecurity, a 77 percent majority of
Passcode’s pool of digital security experts said. Read more
[CSMONITOR.COM]
AGILE DEVELOPMENT: When Agile Development is Change Management in
Disguise. The secret power of agile development for federal agencies’ citizen-facing
services and capabilities isn’t so much getting projects done more efficiently and
possibly saving money, according Environmental Protection Agency CTO Greg
Godbout. It’s really about seeding the government with new ideas that will take hold
and steer it in a new direction for planning and acquisition and ultimately serve the
public’s needs, he said. Read more
[FCW.COM]
IT Security | Cybersecurity
REPORT: Worldwide Cybersecurity Spending Increasing To $170 Billion By 2020.
“Interest in security technologies is increasingly driven by elements of digital
business, particularly cloud, mobile computing and now also the Internet of Things,
as well as by the sophisticated and high-impact nature of advanced targeted
attacks,” said Elizabeth Kim, research analyst at Gartner. Read the rest
[FORBES.COM]
OPERATIONS: Presidential Candidates Get Graded On Their Cybersecurity Stances.
Trump, Clinton, Sanders, Cruz, Rubio, Kasich, are all unified when it comes to
blaming China — but no one gets higher than a “C” average grade in any category.
Read more
[DARKREADING.COM]
IT Security | Cybersecurity
AUTOMOBILES: GM Asks Hackers Help Its Cybersecurity. General Motors Co. is
turning to hackers to strengthen car firewalls. The nation’s largest auto maker on
Thursday highlighted a “coordinated disclosure” program it launched earlier this
year that invites computer researchers to search for cybersecurity gaps in GM
vehicles, websites and software. Read more
[MARKETWATCH.COM]
FEDERAL GOVERNMENT: DOD Issues Cybersecurity Discipline Guidance. The
Defense Department recently issued a military-wide cybersecurity discipline
implementation plan, a document that aims to hold leaders accountable for
cybersecurity up and down the chain of command and report progress and setbacks.
Read more
[FEDERALTIMES.COM]
IT Security | Cybersecurity
CALL BLUE MOUNTAIN FOR IT SECURITY SUPPORT: Blue Mountain Data Systems is
actively involved in implementing FISMA and NIST standards with Federal Civilian
Agencies. Due to our extensive experience in this area, Blue Mountain has
developed processes and organizational techniques to help ensure security
deliverables are completed on time, and performed in the most efficient manner
possible. We ensure that NIST-800-53 control requirements are treated consistently
during definition, analysis, implementation, auditing, and reporting phases of a
system. Find out more about Blue Mountain Data Systems IT Security Support
Services. Call us at 703-502-3416.
Hadoop
Hadoop
HADOOP ECOSYSTEMS: Ecosystem Evolves: 10 Cool Big Data Projects. In the 10
years since developers created Hadoop to wrangle the challenges that came with big
data, the ecosystem for these technologies has evolved. The Apache Software
Foundation is teeming with open source big data technology projects. Here’s a look
at some significant projects, and a peek at some up-and-comers. Read the rest
[INFORMATIONWEEK.COM]
TECH WATCH: Apache Flink 1.0 takes on Spark in Hadoop Processing. Hadoop needs
fast and easy-to-use stream processing, and Flink provides that — but it’ll compete
with Spark and Storm. Read more
[INFOWORLD.COM]
Hadoop
BIG DATA: Google’s Hadoop Offerings. The master of Internet search went big with
its cloud-based big data service. The company announced that Google Dataproc, its
managed Apache Hadoop and Apache Spark service, is generally available. Read
more
[INFORMATIONWEEK.COM]
SPARK: Catching Up with Hadoop as the Primary Big Data Platform. While Apache
Hadoop has become the de-facto big data storage engine, there has been talk of it
being displaced for some processing tasks by newer technologies such as Apache
Spark. However, the research still gives Hadoop a substantial lead. Read more
[COMPUTING.CO.UK]
IT Security | Cybersecurity
CALL BLUE MOUNTAIN FOR IT SECURITY SUPPORT: Blue Mountain Data Systems is
actively involved in implementing FISMA and NIST standards with Federal Civilian
Agencies. Due to our extensive experience in this area, Blue Mountain has
developed processes and organizational techniques to help ensure security
deliverables are completed on time, and performed in the most efficient manner
possible. We ensure that NIST-800-53 control requirements are treated consistently
during definition, analysis, implementation, auditing, and reporting phases of a
system. Find out more about Blue Mountain Data Systems IT Security Support
Services. Call us at 703-502-3416.
From the Blue Mountain Data Systems Blog
Three-Dimensional Governance for the CIO
https://www.bluemt.com/three-dimensional-governance-for-the-cio
7 Reasons to Take Control of IT Incidents
https://www.bluemt.com/7-reasons-to-take-control-of-it-incidents/
Breach Mitigation Response Time Too Long, Survey Says
https://www.bluemt.com/breach-mitigation-response-time-too-long-survey-
says/
Six Tactics for Cyberdefense
https://www.bluemt.com/six-tactics-for-cyberdefense/
From the Blue Mountain Data Systems Blog
Feds Report Mixed Responses to Shared Services
https://www.bluemt.com/feds-report-mixed-responses-to-shared-services
Federal Employees Are Not Security Experts
https://www.bluemt.com/federal-employees-are-not-security-experts
Survival Guide for Network Administrators
https://www.bluemt.com/survival-guide-for-network-administrators
DBaaS: OpenStack Trove Changes DB Management
https://www.bluemt.com/dbaas-openstack-trove-changes-db-management
From the Blue Mountain Data Systems Blog
Help Wanted: Certified Cybersecurity Professionals
https://www.bluemt.com/help-wanted-certified-cybersecurity-professionals
Cyber Threat Intelligence Integration Center Preview
https://www.bluemt.com/cyber-threat-intelligence-integration-center-preview/
Cloud Moves in 1-2-3
https://www.bluemt.com/cloud-moves-in-1-2-3/
Change Management for Disaster Recovery
https://www.bluemt.com/change-management-for-disaster-recovery/
From the Blue Mountain Data Systems Blog
Jeffersonian Advice For C-Suite Career Advancement
https://www.bluemt.com/jeffersonian-advice-for-c-suite-career-advancement/
Ways To Survive The “Mobile-Pocalypse”
https://www.bluemt.com/ways-to-survive-the-mobile-pocalypse/
Microsoft Cloud Services Receive FedRAMP Authority to Operate
https://www.bluemt.com/microsoft-cloud-services-receive-fedramp-authority-
to-operate/
Hiring Pentesters? Here Are 10 Things You Need to Know
https://www.bluemt.com/hiring-pentesters-here-are-10-things-you-need-to-
know/
From the Blue Mountain Data Systems Blog
Home Router Malware Alert
https://www.bluemt.com/home-router-malware-alert/
Threat Model Deconstruction
https://www.bluemt.com/threat-model-deconstruction/
Business Email Scam Nets $214 Million
https://www.bluemt.com/business-email-scam-nets-214-million/
How to Prevent Unauthorized Software from Taking Over Your Organization
https://www.bluemt.com/the-cios-guide-to-happy-end-users-2/
From the Blue Mountain Data Systems Blog
Digital Marketing Predictions for 2015
https://www.bluemt.com/digital-marketing-predictions-for-2015/
SDN: Network Administrator’s Friend or Foe?
https://www.bluemt.com/sdn-network-administrators-friend-or-foe/
Mobile Payments: A Must for Federal Agencies
https://www.bluemt.com/mobile-payments-a-must-for-federal-agencies/
Soft Skills Are A Must-Have For Careers In IT
https://www.bluemt.com/soft-skills-are-a-must-have-for-careers-in-it/
From the Blue Mountain Data Systems Blog
Security Risks Most Prevalent in Younger Workers
https://www.bluemt.com/security-risks-most-prevalent-in-younger-workers/
The Security World’s Maturation
https://www.bluemt.com/the-security-worlds-maturation/
Data Breach Concerns Keep CISOs Up At Night
https://www.bluemt.com/data-breach-concerns-keep-cisos-up-at-night/
Personalized Govt Equals Instant Gratification for Citizens
https://www.bluemt.com/personalized-govt-equals-instant-gratification-for-
citizens/
From the Blue Mountain Data Systems Blog
People-Centric Security
https://www.bluemt.com/people-centric-security/
Pentagon Tries BYOD To Strike Work/Life Balance
https://www.bluemt.com/pentagon-tries-byod-to-strike-worklife-balance/
Open Source Model Considered for MS Windows
https://www.bluemt.com/open-source-model-considered-for-ms-windows/
Open Internet: To Be or Not to Be?
https://www.bluemt.com/open-internet-to-be-or-not-to-be/
From the Blue Mountain Data Systems Blog
Malware Stays A Step Ahead Infecting One Third of Websites
https://www.bluemt.com/malware-stays-a-step-ahead-infecting-one-third-of-
websites/
Machine-Generated Data: Potential Goldmine for the CIO
https://www.bluemt.com/machine-generated-data-potential-goldmine-for-the-
cio/
Government Legacy Programs: Reuse vs. Replacement
https://www.bluemt.com/government-legacy-programs-reuse-vs-replacement/
It Takes a Whole Village to Protect Networks and Systems
https://www.bluemt.com/it-takes-a-whole-village-to-protect-networks-and-
systems/
From the Blue Mountain Data Systems Blog
Governance For the CIO
https://www.bluemt.com/governance-for-the-cio/
Help Desk Consolidation – Lessons Learned
https://www.bluemt.com/help-desk-consolidation-lessons-learned/
One Year Later, Companies Still Vulnerable to Heartbleed
https://www.bluemt.com/one-year-later-companies-still-vulnerable-to-
heartbleed/
Federal Projects Cultivate Worker Passion
https://www.bluemt.com/federal-projects-cultivate-worker-passion-2/
ABOUT US
Blue Mountain Data Systems Inc.
Blue Mountain Data Systems Inc. is dedicated to application
and systems development, electronic document management,
IT security support, and the automation of workflow processes.
Read more about our experience here:
>> http://bluemt.com/experience
Recent Experience
U.S. Dept. of Labor
Employee Benefits Security Administration
1994 to Present
Responsible to the Office of Technology and Information Systems for information
systems architecture, planning, applications development, networking,
administration and IT security, supporting the enforcement of Title I of the
Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue
Mountain is responsible for design, development and support for its various
enforcement database management systems, as well as all case tracking and
customer service inquiry systems. Blue Mountain also provides IT security services
to the EBSA, in the form of FISMA Assessment and Authorization, System Security
Plans, Risk and vulnerability assessments, monitoring and investigation support.
MANAGEMENT
Paul T. Vesely
Founder, President, CEO and Principal Architect
Mr. Vesely is a recognized thought leader in systems
architecture and delivery, having designed and
delivered many enterprise wide information and
document management solutions. Mr. Vesely’s history
includes 33 years experience in the information
systems industry, with Unisys, Grumman, PRC and a
host of clients in both government and private sectors.
CONTACT US
Contact Us Today to Discuss Your Next IT Project
HEADQUARTERS
366 Victory Drive
Herndon, VA 20170
PHONE 703-502-3416
FAX 703-745-9110
EMAIL
paul@bluemt.com
WEB
https://www.bluemt.com

More Related Content

Recently uploaded

Mastering Windows 7 A Comprehensive Guide for Power Users .pdf
Mastering Windows 7 A Comprehensive Guide for Power Users .pdfMastering Windows 7 A Comprehensive Guide for Power Users .pdf
Mastering Windows 7 A Comprehensive Guide for Power Users .pdf
mbmh111980
 

Recently uploaded (20)

Designing for Privacy in Amazon Web Services
Designing for Privacy in Amazon Web ServicesDesigning for Privacy in Amazon Web Services
Designing for Privacy in Amazon Web Services
 
Agnieszka Andrzejewska - BIM School Course in Kraków
Agnieszka Andrzejewska - BIM School Course in KrakówAgnieszka Andrzejewska - BIM School Course in Kraków
Agnieszka Andrzejewska - BIM School Course in Kraków
 
Mastering Windows 7 A Comprehensive Guide for Power Users .pdf
Mastering Windows 7 A Comprehensive Guide for Power Users .pdfMastering Windows 7 A Comprehensive Guide for Power Users .pdf
Mastering Windows 7 A Comprehensive Guide for Power Users .pdf
 
INGKA DIGITAL: Linked Metadata by Design
INGKA DIGITAL: Linked Metadata by DesignINGKA DIGITAL: Linked Metadata by Design
INGKA DIGITAL: Linked Metadata by Design
 
Secure Software Ecosystem Teqnation 2024
Secure Software Ecosystem Teqnation 2024Secure Software Ecosystem Teqnation 2024
Secure Software Ecosystem Teqnation 2024
 
Studiovity film pre-production and screenwriting software
Studiovity film pre-production and screenwriting softwareStudiovity film pre-production and screenwriting software
Studiovity film pre-production and screenwriting software
 
De mooiste recreatieve routes ontdekken met RouteYou en FME
De mooiste recreatieve routes ontdekken met RouteYou en FMEDe mooiste recreatieve routes ontdekken met RouteYou en FME
De mooiste recreatieve routes ontdekken met RouteYou en FME
 
Benefits of Employee Monitoring Software
Benefits of  Employee Monitoring SoftwareBenefits of  Employee Monitoring Software
Benefits of Employee Monitoring Software
 
10 Essential Software Testing Tools You Need to Know About.pdf
10 Essential Software Testing Tools You Need to Know About.pdf10 Essential Software Testing Tools You Need to Know About.pdf
10 Essential Software Testing Tools You Need to Know About.pdf
 
How to install and activate eGrabber JobGrabber
How to install and activate eGrabber JobGrabberHow to install and activate eGrabber JobGrabber
How to install and activate eGrabber JobGrabber
 
A Guideline to Gorgias to to Re:amaze Data Migration
A Guideline to Gorgias to to Re:amaze Data MigrationA Guideline to Gorgias to to Re:amaze Data Migration
A Guideline to Gorgias to to Re:amaze Data Migration
 
Abortion ^Clinic ^%[+971588192166''] Abortion Pill Al Ain (?@?) Abortion Pill...
Abortion ^Clinic ^%[+971588192166''] Abortion Pill Al Ain (?@?) Abortion Pill...Abortion ^Clinic ^%[+971588192166''] Abortion Pill Al Ain (?@?) Abortion Pill...
Abortion ^Clinic ^%[+971588192166''] Abortion Pill Al Ain (?@?) Abortion Pill...
 
Top Mobile App Development Companies 2024
Top Mobile App Development Companies 2024Top Mobile App Development Companies 2024
Top Mobile App Development Companies 2024
 
Corporate Management | Session 3 of 3 | Tendenci AMS
Corporate Management | Session 3 of 3 | Tendenci AMSCorporate Management | Session 3 of 3 | Tendenci AMS
Corporate Management | Session 3 of 3 | Tendenci AMS
 
top nidhi software solution freedownload
top nidhi software solution freedownloadtop nidhi software solution freedownload
top nidhi software solution freedownload
 
Implementing KPIs and Right Metrics for Agile Delivery Teams.pdf
Implementing KPIs and Right Metrics for Agile Delivery Teams.pdfImplementing KPIs and Right Metrics for Agile Delivery Teams.pdf
Implementing KPIs and Right Metrics for Agile Delivery Teams.pdf
 
AI/ML Infra Meetup | ML explainability in Michelangelo
AI/ML Infra Meetup | ML explainability in MichelangeloAI/ML Infra Meetup | ML explainability in Michelangelo
AI/ML Infra Meetup | ML explainability in Michelangelo
 
AI/ML Infra Meetup | Perspective on Deep Learning Framework
AI/ML Infra Meetup | Perspective on Deep Learning FrameworkAI/ML Infra Meetup | Perspective on Deep Learning Framework
AI/ML Infra Meetup | Perspective on Deep Learning Framework
 
GraphAware - Transforming policing with graph-based intelligence analysis
GraphAware - Transforming policing with graph-based intelligence analysisGraphAware - Transforming policing with graph-based intelligence analysis
GraphAware - Transforming policing with graph-based intelligence analysis
 
AI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAG
AI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAGAI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAG
AI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAG
 

Featured

How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
ThinkNow
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
Kurio // The Social Media Age(ncy)
 

Featured (20)

2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
 
Time Management & Productivity - Best Practices
Time Management & Productivity -  Best PracticesTime Management & Productivity -  Best Practices
Time Management & Productivity - Best Practices
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
 

Tech Update Summary from Blue Mountain Data Systems March 2016

  • 1. Tech Update Summary March 2016 Blue Mountain Data Systems
  • 2.
  • 3. For CTOs, CIOs & CISOs Visit Blue Mountain Data Systems https://www.bluemt.com
  • 4. For CTOs, CIOs & CISOs Every business day, we publish a Daily Tech Update for Federal & State CTOs ,CIOs & CISOs on the Blue Mountain Data Systems Blog. We hope you will visit our blog for the latest information. You can also receive these updates via email. Click here to subscribe. Here’s the summary of the Daily Tech Updates for March 2016. Hope the information and ideas prove useful. Best, Paul Vesely President and Principal Architect Blue Mountain Data Systems Inc.
  • 6. Databases & Storage SECURITY: DB Networks Launches Real-Time Database Security Sensor. By integrating this sensor into their products, security OEMs provide their customers with more usage detail and metrics from data-tier cyber-threats. Read the rest [EWEEK.COM] MongoDB: Security, and How Not to Get Stung. Recently, Microsoft got roundly savaged for a database security leak. In the back and forth, MongoDB’s database security got caught in the crossfire. Find out why MongoDB was mistakenly blamed. Read more [DZONE.COM]
  • 7. Databases & Storage DATA PROTECTION: Safeguarding Databases Against Insider Threats. While phishing, malware, distributed denial-of-service (DDoS) and similar types of external threats rightfully receive significant attention from organizations, they only represent one aspect of the threat equation. Insider threats are the other piece of this puzzle and can be equally damaging. Read more [SECURITYINTELLIGENCE.COM] HOMELAND SECURITY: Visa Waiver Program Now Includes Daily Database Check. A change to how Customs and Border Protection vets applicants for the Visa Waiver Program is helping prevent a potential blind spot in the process, the agency’s chief told a House panel on March 1. Read more [FCW.COM]
  • 8. Databases & Storage LINUX: Tune Up Your Databases! MySQLTuner is a Perl script that checks your local (or remote) MySQL server and gives recommendations for improving security and performance. Read the rest [LINUXJOURNAL.COM] NoSQL: 10 Tips for Integrating NoSQL Databases in Your Business. NoSQL databases provide the agility, scalability, performance and availability to support many applications today, but implementing them is not always easy. Here are 10 tips for integrating NoSQL systems in your organization. Read more [CIO.COM]
  • 9. Databases & Storage DOD: A Prime Target for Cyberattacks. Databases, storing tactical and various other types of sensitive information, are widely used across the Department of Defense. Yet a growing number of defense technology industry observers, including Oracle CEO Mark Hurd, believe that DoD is misapplying its security resources, prioritizing overall network protection over what has become the prime target of most attackers. Read more [C4ISRNET.COM] CLOUD: NoSQL in the Cloud: A Scalable Alternative to Relational Databases. If you are using a traditional relational database you may find yourself working on a complex policy for distributing your database load across multiple database instances. This solution will often present a lot of problems and probably won’t be great at elastically scaling. Why not consider using a cloud-based NoSQL database as an alternative? Read more [DZONE.COM]
  • 10. Databases & Storage SAVE $$$$: Moving to Open Source Databases Can See Savings of 90 Per Cent. Enterprises could save up to 90 per cent on licensing costs by moving away from incumbent proprietary databases to an open source alternative, according to Frank Fanzilli, independent board director at PostgreSQL vendor EnterpriseDB and board director of the Linux Foundation. Read more [V3.CO.UK] FDA: Proposes New Databases to Monitor CAR T-Cell Safety Across INDs. The US Food and Drug Administration (FDA) wants to create two new databases that will allow it to look at safety and manufacturing information across multiple applications for products within a promising class of cancer immunotherapies called anti-CD19 CAR modified T-cells. Read more [RAPS.ORG]
  • 11. Databases & Storage HADOOP: Don’t Expect Your DBA to Do a Hadoop Expert’s Job. Big data deployments challenge organizations to rethink the role of data across their entire operations landscape. But a funny thing happens when it comes to administering these systems: There is an understandable tendency to map the organizational responsibilities for the care and feeding of big data systems such as Hadoop to existing database administrators (DBAs). After all, these same teams have kept your data assets humming along to this point. Surely they can pick up the running of the new Hadoop cluster, right? Not in most cases. Read more [DATA-INFORMED.COM] ORACLE: Amazon, Microsoft Launch Full-Court Press To Steal Oracle’s Database Customers. Amazon Web Services and Microsoft are both taking aim at Oracle’s database business with separate offerings designed to make it easier for customers to ditch Oracle’s software. AWS plans to launch the AWS Database Migration Service, which migrates on-premises Oracle, SQL Server, MySQL and PostgreSQL production databases to the AWS cloud. Microsoft is running a campaign in which organizations can migrate their Oracle databases to SQL Server and receive free Microsoft licenses. Read more [CRN.COM]
  • 12. More About Blue Mountain BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S. Dept. of Labor, Employee Benefits Security Administration. Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support. Read more.
  • 14. Security Patches CISCO: Cisco Patches Severe Default Password Security Issue in Network Hardware. Cisco has patched another hard-coded, default password problem which gives cyberattackers root access to devices. Read more [ZDNET.COM] MICROSOFT: Microsoft Fixes Flash Flaw in IE and Edge Browsers. Users of Windows Vista through Windows 10 advised to patch immediately. Read more [THEINQUIRER.NET]
  • 15. Security Patches DRUPAL: Patches 10 Security Flaws, Critical Issues. The content management system’s latest security update includes fixes for issues including remote code execution. Read more [ZDNET.COM] WINDOWS: Keeping Track of Windows Updates. At least once a month, Microsoft invades your Windows 7 computer with so-called improvements. If you have no idea what they are, how can you find out? Read more [NYTIMES.COM]
  • 16. Security Patches APPLE: Patches 100 Security Issues Across Its Product Line. Among all the product and legal news surrounding Apple, the company has released seven security updates containing more than 100 fixes covering a wide range of its products and operating systems. Read more [SCMAGAZINE.COM] MOBILE: Google Issues Emergency Android Security Patch as Rooting Bug Gains Critical Threat Status. Google has pushed out an Android patch for millions of devices after it became aware of a rooting application using an unpatched local elevation of privilege vulnerability. The known issue in the upstream Linux kernel was fixed in April 2014 but wasn’t called out as a security fix until February 2015. Read more [CBRONLINE.COM]
  • 17. Security Patches MICROSOFT: Mystery Continues with Microsoft’s Unidentified Patch KB 3103709. One week after the patch appeared, KB 3103709 still has no description and apparently only appears on Windows 8.1 system. Read more [INFOWORLD.COM] GOOGLE: Reverse Engineering Software BinDiff Now Free for Researchers. The advanced security software is now a free tool for researchers worldwide. Read more [ZDNET.COM]
  • 19. Penetration Testing REGULAR CHECKUPS: Pentesting-as-a-Service. Ten years ago, penetration testing was viewed as a luxury service, typically aimed at ensuring that companies’ network perimeters were secured against malicious external attacks. More recently, we have seen the emergence of vulnerability scanning software, an automated way to perform more frequent vulnerability testing, but not to the level of rigour the company would receive from a penetration test performed by a security expert. Read more [INFOSECURITY-MAGAZINE.COM] THINK TANK: Penetration Testing Still Relevant, but Approach Needs to Change. How can an organization ensure it gets value from penetration and security testing services? Security managers need permission from their respective companies to test live networks, and they need the right pen testing tools for the job. Read more [COMPUTERWEEKLY.COM]
  • 20. Penetration Testing HOW: A White Hat Hacker Breaks Into a Business. A pen tester talks through how to break into a company. Read more [NEWSWEEK.COM] PENTAGON: Sees White Hat Hackers as Low-Cost Penetration Testers. The Defense Department announced it would be launching the federal government’s first-ever "bug bounty," banking on the idea that there’s a nascent community of white hat hackers that’s been itching to help the Pentagon with its cybersecurity challenges but hasn’t been able to until now. Read more [FEDERALNEWSRADIO.COM]
  • 22. 508 Compliance 508 & THE CLOUD: When the Cloud Complicates 508 Compliance. The National Institute of Standards and Technology found that as organizations move to cloud-based systems and platforms, the accessibility for employees with disabilities can be compromised. Accessibility tools for those with disabilities rely on local computers capable of running them. And with most software and information now migrating to remote locations accessed through the Internet, NIST warned, those tools might not function. Read more [GCN.COM] E-LEARNING: Accessibility for E-Learning: Section 508 and WCAG. What are Section 508 and WCAG? How do they differ? Why should you care? What tools can you use to make your e-learning courses follow accessibility best practices and adhere to the law? Have you ever thought about how someone with a disability experiences the online courses you create? What if your target audience includes people who are deaf or hard of hearing, color blind, visually impaired (partially or totally), or have limited mobility? Shouldn’t they be afforded the same learning opportunities and access to your courses? Section 508 and the Web Content Accessibility Guidelines (WCAG) help with just that— by establishing a set of rules that, when followed, will ensure your e-learning content is accessible to those with disabilities. Read more [TD.ORG]
  • 23. 508 Compliance VIDEO: Five Predictions about Video Accessibility for 2016. 2015 was a year where there was tremendous growth in awareness about video accessibility due to changes in the legal landscape, especially as it relates to the deaf and hard of hearing. As these trends continue into 2016, there are five predictions based on issues that were left unsolved in 2015, expected outcomes of recent changes in regulations, and increased awareness of video accessibility issues. Read more [AUTOMATICSYNC.COM] BANKS SHOULD BEWARE THE LAWSUITS: Is Your Website Built for the Visually- Impaired? If Not, You Could Lose an Ugly Lawsuit. The DOJ has already settled a lawsuit with mobile grocer Peapod over their website’s compliance issues. What you don't know about new ADA regulations governing website accessibility for people with visual disabilities could embroil your financial institution in a costly lawsuit. Here's what financial marketers need to do now — before the April 2018 deadline. Read more [THEFINANCIALBRAND.COM]
  • 25. Technology Refresh Planning DATA CENTER: The Army and Navy Use SQL Server On and Off the Battlefield. The Defense Department relies on SQL Server to manage a wide range of databases. Microsoft will end support for SQL Server 2005 on April 12. Like many organizations around the world, the Defense Department has migrated to newer versions of SQL Server to keep important databases running. Read more [FEDTECHMAGAZINE.COM] INFRASTRUCTURE: Hardware Refreshes Are Driving Move to Converged Infrastructure. Converged infrastructure is appealing to companies for its ability to (among other things) streamline operations, optimize workloads and cut costs. More and more companies are catching on, and they are increasingly adopting the technology via the hardware–and especially server–refresh cycle. Read more [WINDOWSITPRO.COM]
  • 26. Technology Refresh Planning AGENCY OVERSIGHT: Most Agencies Say They’ll Meet Year-End Records Management Deadline. Roughly 90 percent of federal agencies say they’ll meet the government-wide deadline to manage all permanent and temporary email in an accessible, electronic format by Dec. 31, 2016, the National Archives and Records Administration said. Yet many agencies told NARA it’s unclear how they’ll measure their success and know that they’re compliant with federal reords management requirements. Read more [FEDEcRALNEWSRADIO.COM] SECURE ACCESS: Beyond the ‘Land of No’: 5 Ways to Balance User Satisfaction and Endpoint Security. As agencies increasingly move to desktop virtualization to simplify and centralize access to classified and unclassified information, the issue of traveling user profiles and adequate controls is becoming even more critical. However, there are five practical steps agencies can take right now to provide workers access to their personalized desktop yet give agency IT managers the controls they need to deliver a secure data flow. Read more [GCN.COM]
  • 27. For the CIO, CTO & CISO
  • 28. For the CIO, CTO & CISO BIG DATA: CIOs Focus Spending on Big Data: Survey. The shaky economy has chief information officers focusing IT spending on efforts to “drive more revenue from better operations”, according to tech industry research firm Gartner Inc. But on top of tighter IT budgets, their efforts are being stymied by a dearth of tech talent, both internally and in the broader job market, Gartner said a report this week. Read the rest [BLOGS.WSJ.COM] CTO: How One CTO Built a Culture of Trust and Engagement. When Joe McBreen took over as CTO of St. Vrain Valley School District in 2009, he walked into an IT nightmare. Seven years later, he’s turned things around. Here’s how he did it. Read more [CIO.COM]
  • 29. For the CIO, CTO & CISO CISO: CISO Still Viewed As Tech Not Business Leader. RSAC/ISACA study shows only one in seven CISOs report to CEO. Read more [DARKREADING.COM] CIO: 2016 STATE of IT – 20 CIO Budget, Technology and Digital Business Findings. Gartner recently advised CIOs to consider 10 New Year’s resolutions for 2016 including improving relationships with CMO and board members, exploiting crowdsourcing and shifting IT thinking from “how, and what skills” to “why, and which competencies”. There is no doubt that in the connected economy, where customers – both internal and external – are more mobile, social, data-driven and smarter, businesses must heavily rely on CIOs and IT leaders to meet the growing expectations of their products and services. Read more [HUFFINGTONPOST.COM]
  • 30. For the CIO, CTO & CISO SECURITY: The Human Firewall Cannot Be Fixed, says McAfee CTO. A five-question interview on current topics in cybersecurity. One question may even surprise you. Read more [CSOONLINE.COM] MANAGEMENT: CIOs Who Master Digital Transformations Will Win CEO Jobs. CIOs who work closely with CEOs to direct digital strategies will eventually find themselves in the CEO’s seat themselves, according to Salesforce.com CEO Marc Benioff. Read more [CIO.COM]
  • 31. For the CIO, CTO & CISO FEDERAL CISO: ‘Must Haves’ & ‘Must Dos’ For The First Federal CISO. Offensive and defensive experience, public/private sector know-how, ‘mini-NSA’ mindset and vision are top traits we need in a chief information security officer. Read more [DARKREADING.COM] NETWORKS: New Juniper Security CTO Promises Open Framework for Software Defined Network Security. The new Juniper Networks liaison between the company’s engineering team and its customers says it will take time, but Juniper’s software defined security networking (SDSN) will eventually support third-party devices to help build security into the network fabric itself. Read more [NETWORKWORLD.COM]
  • 33. Application Development JAVA: WSO2 Launches New Microservices Framework for Java. WSO2’s new Microservices Framework for Java (MS4J) facilitates the creation of container-ready microservices based on Java. Read the rest [EWEEK.COM] POPULAR: Ruby, Groovy Post Surprise Gains in Popularity. The Tiobe index author isn’t convinced these are long-term gains, though, pointing out earlier high rankings that have since faltered. Read more [INFOWORLD.COM]
  • 34. Application Development VISUAL STUDIO: Microsoft Visual Studio Update Soups Up C/C++ Programming. Visual Studio 2015 Update 2 release candidate speeds up C/C++ operations and fixes multiple performance issues. Read more [INFOWORLD.COM] SWIFT: Flies To Cloud With IBM For Simpler App Development. IBM demos updated version of programming language Swift, designed to simplify the way developers build enterprise apps. Read more [TECHWEEKEUROPE.CO.UK]
  • 35. Content & Data Management
  • 36. Content & Data Management SQL SERVER: Microsoft is porting SQL Server to Linux. Microsoft is making available a private preview of SQL Server for Linux, and plans to make the product generally available by mid-2017. Read more [ZDNET.COM] 2016 PREDICTION: Rise of the Data Manager. The role of storage administrators will continue to evolve in response to transforming government IT landscapes. As organizations move to a cloud delivery model to reduce costs and increase flexibility, they shift from being builders and operators of their own data centers to being brokers of services that span both private and public cloud resources. In 2016, the classic storage administrator will either evolve into a data manager of the hybrid cloud with a seat at the executive table, or hole up in comfortable storage product minutia and become increasingly less relevant. Read more [FEDERALNEWSRADIO.COM]
  • 37. Content & Data Management POLICY: OMB Tightens Hold on Data Center Policy. Federal CIO Tony Scott is looking for feedback on new governmentwide data center consolidation policy. Meant to supersede the Office of Management and Budget’s 2010 Federal Data Center Consolidation Initiative, the new Data Center Optimization Initiative went online March 2 for a 30-day comment period. Read more [FCW.COM] OPEN DATA: When Publishing Open Data, Cities and States Have Variety of Platform Choices. As the open data publishing market heats up, all levels of government have more partners to choose from. Read more [GOVTECH.COM]
  • 39. Data Breaches HACKERS: More Hackers Relying on Compromised Credentials. Dell SecureWorks Researchers Describe Latest Trends. Cybercriminals are adapting their attack techniques, moving away from attacks waged with malware to using compromised credentials linked to privileged accounts to invade networks and systems, according to researchers at Dell SecureWorks. Read more [GOVINFOSECURITY.COM] IRS: Data Breach Should Sound Eerily Familiar to Bankers. For bankers, there are scary parallels between the IRS’ failure to protect sensitive personal information and their own such struggles. Read more [AMERICANBANKER.COM]
  • 40. Data Breaches SECURITY: Identity Theft Makes Half of Data Breaches. In 2015 around the world, 1,673 data breaches led to 707 million data records being compromised, according to Gemalto. Gemalto’s Breach Level Index shows that more than 3.6 billion data records have been exposed since 2013 when the index began benchmarking publicly disclosed data breaches. Read more [ENTERPRISEINNOVATION.NET] INVESTIGATIONS: Verizon Releases First-ever Data Breach Digest with Security Case Studies. Verizon is known for its huge annual Data Breach Investigations Report, but it has released a less data-heavy digest organized by case study. Read more [CSOONLINE.COM]
  • 42. Electronic Document Management 2016 TRENDS: 8 Tech Trends Changing How We Work In 2016. People value the flexibility to work from anywhere, any time, on any device, and have come to expect this user experience. What does this mean for the business? Greater complexity to support the end user experience in a secure way. However, the benefits to the business when they support mobile workspaces and workplace of the future are typically substantial. Here are some key trends that organizations need to consider and prepare for as the workforce of the future is at their doorsteps today. Read more [FORBES.COM] GOVT TECH 2016: 3 Government Tech Trends to Watch in 2016. Legislation under the U.S. Patriot Act and Government Paper Elimination Act, as well as recent programs such as the Affordable Healthcare Act, have legalized electronic signature applications and made the use of digital document management systems not only available, but a requirement in some cases. Read more [NEXTGOV.COM]
  • 43. Electronic Document Management INTEGRATORS: Document Overload. Just like the security market, the language services industry is undergoing major technology advances. Manual processes are more a thing of the past. Quality localization is as much about the varying cultures and languages as it is about data mining and document management systems. There are three major categories of work that must be completed when going global. Read more [SECURITYINFOWATCH.COM] PHARMA: Streamlining the Regulatory Review Process in Pharma: The Upcoming Transition to Electronic Common Technical Documents. For pharmaceutical companies, filing Common Technical Documents (CTDs) is a critical aspect to the regulatory approval process. Historically, this process has been paper-centric until recently. Read about a recent collaborative effort between West Pharmaceutical Services, FDA, Health Canada and others to establish a process and protocol for filing CTDs electronically, which will likely become common practice as early as 2017. Read more [RAPS.ORG]
  • 45. Big Data INFORMATION MANAGEMENT: What are the Numbers, Facts and Figures Behind Big Data? Business leaders know they want to invest in big data, and they have high expectations on ROI, but do they really know what big data is? Read the rest [INFORMATION-AGE.COM] IoT: The Internet of Things Will Make Big Data Look Small. Get ready for the data deluge. It’s kind of amazing that we all settled on the term “big data” before the “Internet of things” really arrived. That pending revolution, in which we’ll see all kinds of new objects connected to the Internet thanks to the cheap hardware provided by the smartphone boom, will generate information on a scale we can’t even really comprehend yet. Read more [FORTUNE.COM]
  • 46. Big Data MASSACHUSETTS: Report – Big Data Booms in Massachusetts. In Massachusetts, big data is big business. A new report finds that 53 new big data companies have come to Massachusetts since 2014, bringing the number to 537 – a jump of about 10 percent. Read more [BETABOSTON.COM] STATISTICS: Part of the Massive Big-Data Future. Statistical methods make it possible to run the analyses that make big-data analytics possible. Read more [WSJ.COM]
  • 47. Big Data ANALYTICS: Big Data Streaming Analytics, Self-Service. Businesses are taking the next step with big data technology in 2016 with plans to implement streaming analytics and self-service, as they work to embed big data insights directly into business applications and software. Read more [INFORMATIONWEEK.COM] PREDICTIONS: 17 Predictions About The Future Of Big Data Everyone Should Read. Almost everyone can agree that big data has taken the business world by storm, but what’s next? Will data continue to grow? What technologies will develop around it? Or will big data become a relic as quickly as the next trend – cognitive technology? fast data? – appears on the horizon. Here are some of the predictions from the foremost experts in the field, and how likely they are to come to pass. Read more [FORBES.COM]
  • 48. Big Data STORAGE: Flash is Rocketing into Big-Data Analytics. Pure Storage’s upcoming FlashBlade will store petabytes of data at less than $1 per gigabyte. Read more [INFOWORLD.COM] FEDERAL GOVERNMENT: Obama’s Big Data Project Targets Community Improvement. White House Opportunity Project initiative is a grass-roots effort to push out government data and encourage nonprofits, developers and others to build new community-improvement tools. Read more [CIO.COM]
  • 50. Project Management INTERVIEW SKILLS: 12 Questions Project Managers Should Be Prepared for in a Job Interview. Project management job interviews can be more stressful than the new job itself. Most candidates expect to talk about their strengths, weaknesses, skills and methodology as a PM. But to truly be prepared when walking into that next PM interview, be ready to answer these difficult questions. Read more [CIO.COM] SURVEY: The High Cost of Low Performance. Organizations waste US$122 million for every US$1 billion invested due to poor project performance – a 12 percent increase over last year. That’s the finding of the 2016 Pulse of the Profession®, which reveals an imperative to strengthen the conversation around the benefits of project management. Download the report now. Read more [PMI.ORG]
  • 51. Project Management ORGANIZATIONAL STRUCTURE: Top-Down Solutions Like Holacracy Won’t Fix Bureaucracy. For all its enemies, bureaucracy is amazingly resilient. Since 1983, the number of managers, supervisors, and support staff employed in the U.S. economy has nearly doubled, while employment in other occupations has grown by less than 40%, according to our analysis of data from the Bureau of Labor Statistics. That makes bureaucracy the organizational equivalent of kudzu, the invasive, herbicide- resistant vine that has overrun thousands of acres of woodland in the American south. Why is bureaucracy so difficult to eradicate? Read more [HBR.ORG] INNOVATION: To Increase Innovation: Help Your Team Take Smarter Risks. Most senior managers agree that taking risks is important for innovation, but in far too many cases, they don’t act like they believe this. How can you break out of this mode and create an environment that is more conducive to innovation? One of the starting points is to be more explicit about what risk-taking really means, and what is acceptable and what is not. Here are four tactics for doing this. Read more [FORBES.COM]
  • 53. Open Source YAHOO: Don’t Laugh: Yahoo’s Open Source AI Has a Secret Weapon. Yet another tech giant is sharing its artificial intelligence know-how with the world. Yahoo has published the source code to its CaffeOnSpark AI engine so that anyone from academic researchers to big corporations can use or modify it. Read the rest [WIRED.COM] MITRE: Shares an Open Source FHIR Testing Tool. Crucible is a tool that was created to help developers identify errors in FHIR applications. Funding from MITRE Corp. has made it possible for the software to be offered as an open-source project with an Apache license. Using the web interface at ProjectCrucible.org, a developer can run 228 test suites that include over 2,000 tests of the FHIR specification. Read more [DZONE.COM]
  • 54. Open Source APPS: 6 Must-Have Open Source Apps for Windows, Mac, and Linux. Here are some of the best open source and free apps for your heterogeneous environment. Read more [CIO.COM] EDUCATION: Open-Source Textbooks Gain in Push for College Affordability. The standard textbook for Fundamentals of General Chemistry I at the University of Connecticut in Storrs has a list price of $303. For students who use the version professor Edward Neth is preparing for the fall semester, the cost will be zero. An early adopter of open source textbooks, Neth said he turned to the new technology out of frustration with spiraling prices of commercial textbooks. Read more [MARINECORPSTIMES.COM]
  • 56. Network Systems ETHERNET: 25 Gigabit Ethernet Forges a Path Forward. Since 2014, large network players such as Brocade, Hewlett Packard Enterprise and Microsoft have been working to develop a standard for 25 Gigabit Ethernet. According to experts, 2016 will be the year the technology finally makes its way into large data centers. Read more [STATETECHMAGAZINE.COM] INCIDENT RESPONSE: How Incident Response Fails In Industrial Control System Networks. Experts say a solid incident response plan is the best way to minimize the damage of a cyberattack–but IR isn’t so simple for the ICS/SCADA world. Read more [DARKREADING.COM]
  • 57. For the CTO, CIO & CISO
  • 58. For the CTO, CIO & CISO CIO: Why Change Initiatives Fail. Creating the right conditions for successful change requires putting people before things. Many companies want to change and transform (especially when facing digital disruption from competitors). Yet a majority of change efforts fail – one famous and oft-cited study pegged the rate of failure at 70%. Read more [CIO.COM] CTO: Maker Movement at Center of HHS’ Innovative Strategy. Like the emergence of open health data movement, CTO Susannah Fox sees the maker and inventor movements as the future of innovation around health care at HHS. .Read more [FEDSCOOP.COM]
  • 59. For the CTO, CIO & CISO CISO: Survey Roundup: Feeling Better With a CISO. A survey of around 200 security analysts by ThreatTrack Security found, for those organizations that have a chief information security officer, 23% said it’s become easier to defend against malware-based cyberattacks in the past year versus 15% of respondents from companies without a CISO who said that. Ninety-four percent of those at a company with a CISO said they also have a dedicated incident response team, compared with 48% for those at a business without a CISO. And 71% at CISO companies said they would personally guarantee the safety of customer data in 2016, versus 42% of those at a non-CISO firm who would make that promise. Read more [BLOGS.WSJ.COM]
  • 60. For the CTO, CIO & CISO CIO: How to Conquer Recruiting, Retention and IT Skills Challenges. Experts in the technology industry look at the year ahead and what it holds for recruitment and retention. They also identify what tech skills will top the charts. Read the rest [CIO.COM] CTO: ‘Corporate’ IT Teams Can Hamper Agile Projects, Warns William Hill CTO. “Corporate” IT teams who try to use agile within their organisations without notifying other departments are more likely to hamper “agile” as a concept, than those organisations that try to carry out too many agile projects, according to Finnbar Joy, chief technology officer at William Hill. Read more [COMPUTING.CO.UK]
  • 61. For the CTO, CIO & CISO CISO: Obama Wants More Cybersecurity Funding and a Federal CISO. In the final budget of the Obama administration, the White House is looking to boost spending on security, hire more experts and partner with the private sector. Read more [CIO.COM] GOVERNMENT CIO: Senate Passes Permanent Ban on Internet Access Taxes. The ban on taxes targeting Internet services now heads to Obama. The Permanent Internet Tax Freedom Act was included in a trade enforcement bill passed by senators in a 75-20 vote Thursday. The provision, passed by the House of Representatives last June, would permanently extend a 18-year moratorium on Internet-targeted taxes that expired in October. Congress had extended the moratorium several times since 1998, but supporters weren’t able to pass a permanent ban until now. Read more [CIO.COM]
  • 63. Incident Response NETWORKS: The Incident Response “Fab Five”. CISOs should consider and coordinate incident detection and response in five areas: hosts, networks, threat intelligence, user behavior monitoring, and process automation. Read more [NETWORKWORLD.COM] FEDERAL GOVERNMENT: Incident Response in the Spotlight. The White House is devising a plan specifying federal agencies’ responsibilities in the event of a crippling cyberattack, which could be released as an executive order or presidential directive in the next few months, MC has learned. The guidance will address the federal response to a cyberattack against “critical infrastructure,” including power plants, chemical facilities, banks and telecommunications providers, according to industry officials. The goal is to ensure agencies are focused on chasing hackers out of compromised systems rather than figuring out who to call or talking to lawyers. Read more [POLITICO.COM]
  • 64. Incident Response OPINION: A Breach is Coming — Is Your Agency Ready? Advanced threats are spreading at an alarming rate, putting agency data at risk and making attacks almost inevitable. In July, the Government Accountability Office reported that information security incidents involving federal agencies skyrocketed from 5,503 in fiscal 2006 to 67,168 in fiscal 2014. Read more [FCW.COM] VICTIMS OR VILLAINS: Intelligent Incident Response Can Save the Day. We all know the lessons of nursery school tales: don’t lie, don’t steal, and play nice with others. The data breach morality tale is a bit more complicated. When you find out someone is stealing from you: don’t lie, act quickly, and be nice even when everyone’s mad at you. If you get defensive or try to be sneaky, you’ll go from victim to villain in the swipe of a headline. Data breaches are happening with greater frequency, and are compromising larger volumes of data, than ever before. Read more [INFOSECURITY-MAGAZINE.COM]
  • 66. Operating Systems NETWORK SECURITY: Juniper Will Repatch Its Netscreen Operating System. Company says there’s nothing wrong with the current patch, but redoing it will make ScreenOS more robust. Read more [NETWORKWORLD.COM] THOUGHT LEADER ON LINUX… AND MORE: Why Linux Is Still Better Than Windows 10. Why one writer dumped Windows and switched to Linux 13 years ago, and Amazon wants its Android OEMs to integrate its services into their phones. Read more [INFOWORLD.COM]
  • 67. Operating Systems APPLE: Safari Suggestions Bug Causes Browser Crashes in iOS and OS X. A server-side problem with the Safari Suggestions feature in recent versions of iOS and OS X appears to be causing Safari to crash and hang for some users. Developer Steve Troughton- Smith helped to identify the issue overnight, though it has also been discussed in a pair of Reddit threads in the Apple subreddit. The problem appears to be causing hanging and strange behavior in OS X and outright crashes in iOS. Going to Settings > Safari in iOS (or to the Safari Preferences and then the Search tab in OS X) and disabling the Safari Suggestions feature appears to fix the problem, or you could try using another browser. Read more [ARSTECHNICA.COM] MOBILE: 5 Gmail App Alternatives for Android. For most Android users the stock Gmail or Email apps on smartphones and tablets is plenty. They have enough features or functionality to complete most daily tasks. But…not everyone wants to use Gmail. Here’s a list of five or so great Email app alternatives for Android. Read more [GOTTABEMOBILE.COM]
  • 68. Programming & Scripting Development Client & Server-Side
  • 69. Programming & Scripting Development Client & Server-Side JAVASCRIPT: Ransomware Takes a Scary Turn Using JavaScript. Security researchers have uncovered a new twist on ransomware-as-a-service with the discovery of what is being called Ransom32. While there have been several Web-based ransomware variants, including TOX and FAKBEN, this is a somewhat different development since it uses a popular JavaScript framework called NW.js. Read more jQUERY: Beyond jQuery: An Expert Guide to Choosing the Right JavaScript Framework. How to choose from 22 essential JavaScript frameworks for Web and mobile development. Read more [INFOWORLD.COM]
  • 70. Programming & Scripting Development Client & Server-Side HTML5: What HTML5 Means for Ecommerce Merchants. What is one thing all ecommerce stores have in common? They use HTML. In fact, just about every website uses HTML. That means when an update to HTML comes out, it has far- reaching effects . Read more [PRACTICALECOMMERCE.COM] APPLICATION DEVELOPMENT: Java Finally Gets Microservices Tools. Lightbend’s Lagom framework helps Java developers create and manage microservices architectures. Read more [INFOWORLD.COM]
  • 71. Programming & Scripting Development Client & Server-Side SURVEY: Stack Overflow Survey: JavaScript Reigns, Female Developers MIA. JavaScript is king; the full-stack Web is where it’s at; the proper term is “developer,” not “engineer”; please stop asking us to do the impossible — and too few of us are women. Those are some of the insights gleaned from a new survey of 55,000 developers worldwide courtesy of Stack Overflow, the massively trafficked question-and-answer-format site used by developers of every stripe. Read more [INFOWORLD.COM] HTML5: 5 Steps to Create an HTML5 Video. In the past, setting up video was a relatively straightforward concept using Flash plugins. Until the iPad showed up and the HTML spec began to evolve, many people were happy with the results. As that changed so did the Digital Rights Management (DRM) and other aspects of video. One of the aspects of HTML5 was to solve the security problems inherent with Flash. Learn how now. Read more [HTMLGOODIES.COM]
  • 72. Programming & Scripting Development Client & Server-Side JAVA: OpenJDK Plan Would Make Java Coding Easier. A new plan proposed for OpenJDK would give Java a local-variable type inference capability so that it’s easier to write code while continuing with static type safety. Read more [INFOWORLD.COM] JAVASCRIPT: 6 Reasons Web Developers Need to Learn JavaScript ES6 Now. If you’re a developer, you’ve probably heard a little bit about ECMAScript 6 (ES6) already, though at first glance it might seem a little confusing. What it really boils down to is this: it’s the next version of JavaScript, which delivers new language features you’ll be able to use long-term. Read more [THENEXTWEB.COM]
  • 73. Programming & Scripting Development Client & Server-Side SWIFT: Apple Releases Swift 2.2 Programming Language with Ubuntu Linux Support. As of March 21, 2016, the Linux community can download the production version of Swift 2.2, which has been made available at the moment only for Canonical's Ubuntu 14.04 LTS (Trusty Tahr) and Ubuntu 15.10 (Wily Werewolf) Linux kernel-based operating systems. Read more [SITEPOINT.COM] JAVA PATCH: Emergency Java Update Fixes Two-Year-Old Flaw After Researchers Bypass Old Patch. The new patch comes after a security firm demonstrated that a 2013 fix for a critical vulnerability was inefficient. Read more [PCWORLD.COM]
  • 74. Programming & Scripting Development Client & Server-Side PHP: Peachpie Compiler Aims to Bring PHP to .Net. Built with Microsoft's open source Roslyn compiler, Peachpie leverages .Net's metaprogramming technologies in PHP. In addition to possible performance gains, compiling to .Net provides PHP developers access to the existing culture of software written for .Net, as well as features of the .Net runtime itself. Read more [INFOWORLD.COM] C#: How to Program Using PostSharp in C#. Take advantage of this popular AOP framework to seamlessly manage common functionalities like exception handling, logging, security, and transactions in your application. Read more [INFOWORLD.COM]
  • 76. Cloud Computing SQL SERVER 2016: Offers Federal Agencies Multiple Cloud Options. The end of support for SQL Server 2005 provides agencies ample opportunity to invest in a hybrid cloud environment for database management. Read more [FEDTECHMAGAZINE.COM] MICROSOFT: Microsoft Bolsters Cloud Security. Microsoft has announced measures to improve security management and transparency for Azure cloud services and Office 365. The features, which come from technology Microsoft acquired last year when it purchased Adallom, will bolster security in cloud apps such as Office 365, Box, Salesforce, ServiceNow and Ariba. Read more [ECOMMERCETIMES.COM]
  • 77. Cloud Computing REPORT: Government Increases Cloud Spending. A new report found that 8.5 percent of the federal government’s IT spending, or $6.7 billion, in fiscal 2016 will go to cloud technologies – a marked increase from the 5 percent of IT spending that the government put toward cloud in fiscal 2015. Read more [FIERCEGOVERNMENTIT.COM] FEDERAL GOVERNMENT: Government Benefits from a More Mature Cloud. As agencies become more comfortable with the cloud, the technology’s true potential starts to shine. Read more [FEDTECHMAGAZINE.COM]
  • 78. Cloud Computing AMAZON: Amazon to Launch Cloud Migration Service. Big businesses increasingly are moving massive databases online. Thomas Publishing Co., a 118-year-old company once known for its big, green manufacturing guidebooks, finds itself at the center of an emerging movement in corporate computing: the great cloud migration. Read more [WSJ.COM] CLOUD SECURITY: Resources Abound to Make Cloud Services More Secure. More and more enterprise organizations are planning and deploying into cloud platforms. This trend is occurring despite organizations’ historical push-back on cloud services claiming that they are less secure than private on-premises data centers. Even though there is evidence to suggest that cloud application attacks are on the rise, there are best practice methods to secure cloud services. Read more [NETWORKWORLD.COM]
  • 79. Cloud Computing DROWN: Hundreds of Cloud Companies Still Vulnerable to DROWN Security Flaw. Companies are ignoring threat posed by DROWN SSL vulnerability – as well as FREAK, Logjam, OpenSSL and Poodle. Read more [COMPUTING.CO.UK] GOOGLE: Adds New Features to Cloud Trace Application Debugging Tool. Updates will improve the ability for developers to identify performance-slowing problems in their apps, the company says. Read more [EWEEK.COM]
  • 81. Green IT SXSW: Barack Obama and Irish tech firms converge on SXSW. President asks tech community for help in improving civic engagement in digital age. Read more [IRISHTIMES.COM] OPINION: The IT Security Industry Is Not Consolidating. The numbers speak: 1,440 vendors and growing. Read more [CSOONLINE.COM]
  • 82. Green IT CYBERSECURITY: Stand and Deliver – Ransomware Wave Ravaging Irish SMEs. Organized criminals are targeting the computers of small firms and even big government departments. If you don’t pay up, they’ll delete your files and have even set up call centres to take their payments from desperate victims. Read more [INDEPENDENT.IE] USER DATA: Microsoft’s Top Lawyer Voices Support For Encryption At RSA. Microsoft is engaged in a legal battle with the US government concerning user data stored on servers in Ireland. The US Justice Department served a search warrant for user emails, which Microsoft believes should not be accessed without approval from the Irish government. Read more [INFORMATIONWEEK.COM]
  • 84. Business Intelligence 3RD PLATFORM: How Will It Impact State, Local Governments in 2016? (Industry Perspective). The innovative powerhouse of cloud computing, mobile, big data and social media has been deemed by IDC as the “3rd Platform.” Here’s a look at each component and the potential it brings for public sector. Read more [GOVTECH.COM] CALIFORNIA: New Digital Innovation Office Aims to Create Apps for Residents. The Golden State also wants to collaborate with other states using open source data and technologies. Read more [STATETECHMAGAZINE.COM]
  • 85. Business Intelligence CIO: Cybersecurity Startups Face Tougher Path to IPO. The security industry’s largest annual conference, which started Monday in San Francisco, is held just two blocks from the former sand dunes where Gold Rush-era prospectors encamped in an area known as Happy Valley. The mood at the RSA Conference this year may not be quite as happy as it was in the recent past, as security startups find it more difficult to realize ambitions for an IPO. Read more [BLOGS.WSJ.COM] WINDOWS 10: Security Boost Targets Business PCs. Microsoft launches a new Windows 10 security feature designed to give IT leaders more insight into recognizing and addressing cyber-attacks. Read more [INFORMATIONWEEK.COM]
  • 87. Federal Government PRIVACY: The Irony in the FBI’s Request to Unlock the iPhone. In its rush, the agency slammed the one door to gaining access to the iPhone’s data. Read more [COMPUTERWORLD.COM] DOD NEWS: Pentagon Invites Hackers In and Backs Encryption. The Pentagon has invited external experts to hack into its systems in the first such test of its cybersecurity measures. Read more [BBC.COM]
  • 88. Federal Government INFLUENCERS FYI: Incoming Federal CISO Can Improve US Government’s Cybersecurity. The person who fills the newly created US chief information security officer position will be able to improve the government’s cybersecurity, a 77 percent majority of Passcode’s pool of digital security experts said. Read more [CSMONITOR.COM] AGILE DEVELOPMENT ALERT: When Agile Development is Change Management in Disguise. The secret power of agile development for federal agencies’ citizen- facing services and capabilities isn’t so much getting projects done more efficiently and possibly saving money, according Environmental Protection Agency CTO Greg Godbout. It’s really about seeding the government with new ideas that will take hold and steer it in a new direction for planning and acquisition and ultimately serve the public’s needs, he said. Read more [FCW.COM]
  • 89. IT - State & Local Governments
  • 90. IT - State & Local Governments CALIFORNIA: Step-by-Step Solution for Its New Child Welfare System. California is dabbling with innovative ways of procuring technology for its new Child Welfare System, transitioning from waterfall procurement to an agile and iterative acquisition that aims to revamp the mammoth system’s services one at a time. Read more [GCN.COM] LOCAL GOVERNMENT DATA: 4 Guidelines for Governments to Ease the Cost and IT Burden of Housing Data. Connected, always on and fully transparent – consumer tech trends are hitting state and local governments hard. Many are moving straight from paper files and other analog solutions to complex technologies and the systems required to support them. Data demands are pushing IT limits in cities, so what can these local governments do to support this deluge of data? Read more [GOVTECH.COM]
  • 91. IT - State & Local Governments NEW YORK CITY: What to Expect From the NYC Tech Scene in 2016. Yeah, it ain’t Silicon Valley. But why does it have to be? Read more [INC.COM] LOCAL GOVT: Security, Strategic Planning Top Local Government IT Execs’ 2016 Priorities. The Public Technology Institute released its annual poll of local government executives’ key concerns for the year ahead. Read more [STATETECHMAGAZINE.COM]
  • 92. IT Security | Cybersecurity
  • 93. IT Security | Cybersecurity DATA PRIVACY: The Irony in the FBI’s Request to Unlock the iPhone. In its rush, the agency slammed the one door to gaining access to the iPhone’s data. Read more [COMPUTERWORLD.COM] DOD: Pentagon Invites Hackers In and Backs Encryption. The Pentagon has invited external experts to hack into its systems in the first such test of its cybersecurity measures. Read more [BBC.COM]
  • 94. IT Security | Cybersecurity INFLUENCERS: Incoming Federal CISO Can Improve US Government’s Cybersecurity. The person who fills the newly created US chief information security officer position will be able to improve the government’s cybersecurity, a 77 percent majority of Passcode’s pool of digital security experts said. Read more [CSMONITOR.COM] AGILE DEVELOPMENT: When Agile Development is Change Management in Disguise. The secret power of agile development for federal agencies’ citizen-facing services and capabilities isn’t so much getting projects done more efficiently and possibly saving money, according Environmental Protection Agency CTO Greg Godbout. It’s really about seeding the government with new ideas that will take hold and steer it in a new direction for planning and acquisition and ultimately serve the public’s needs, he said. Read more [FCW.COM]
  • 95. IT Security | Cybersecurity REPORT: Worldwide Cybersecurity Spending Increasing To $170 Billion By 2020. “Interest in security technologies is increasingly driven by elements of digital business, particularly cloud, mobile computing and now also the Internet of Things, as well as by the sophisticated and high-impact nature of advanced targeted attacks,” said Elizabeth Kim, research analyst at Gartner. Read the rest [FORBES.COM] OPERATIONS: Presidential Candidates Get Graded On Their Cybersecurity Stances. Trump, Clinton, Sanders, Cruz, Rubio, Kasich, are all unified when it comes to blaming China — but no one gets higher than a “C” average grade in any category. Read more [DARKREADING.COM]
  • 96. IT Security | Cybersecurity AUTOMOBILES: GM Asks Hackers Help Its Cybersecurity. General Motors Co. is turning to hackers to strengthen car firewalls. The nation’s largest auto maker on Thursday highlighted a “coordinated disclosure” program it launched earlier this year that invites computer researchers to search for cybersecurity gaps in GM vehicles, websites and software. Read more [MARKETWATCH.COM] FEDERAL GOVERNMENT: DOD Issues Cybersecurity Discipline Guidance. The Defense Department recently issued a military-wide cybersecurity discipline implementation plan, a document that aims to hold leaders accountable for cybersecurity up and down the chain of command and report progress and setbacks. Read more [FEDERALTIMES.COM]
  • 97. IT Security | Cybersecurity CALL BLUE MOUNTAIN FOR IT SECURITY SUPPORT: Blue Mountain Data Systems is actively involved in implementing FISMA and NIST standards with Federal Civilian Agencies. Due to our extensive experience in this area, Blue Mountain has developed processes and organizational techniques to help ensure security deliverables are completed on time, and performed in the most efficient manner possible. We ensure that NIST-800-53 control requirements are treated consistently during definition, analysis, implementation, auditing, and reporting phases of a system. Find out more about Blue Mountain Data Systems IT Security Support Services. Call us at 703-502-3416.
  • 99. Hadoop HADOOP ECOSYSTEMS: Ecosystem Evolves: 10 Cool Big Data Projects. In the 10 years since developers created Hadoop to wrangle the challenges that came with big data, the ecosystem for these technologies has evolved. The Apache Software Foundation is teeming with open source big data technology projects. Here’s a look at some significant projects, and a peek at some up-and-comers. Read the rest [INFORMATIONWEEK.COM] TECH WATCH: Apache Flink 1.0 takes on Spark in Hadoop Processing. Hadoop needs fast and easy-to-use stream processing, and Flink provides that — but it’ll compete with Spark and Storm. Read more [INFOWORLD.COM]
  • 100. Hadoop BIG DATA: Google’s Hadoop Offerings. The master of Internet search went big with its cloud-based big data service. The company announced that Google Dataproc, its managed Apache Hadoop and Apache Spark service, is generally available. Read more [INFORMATIONWEEK.COM] SPARK: Catching Up with Hadoop as the Primary Big Data Platform. While Apache Hadoop has become the de-facto big data storage engine, there has been talk of it being displaced for some processing tasks by newer technologies such as Apache Spark. However, the research still gives Hadoop a substantial lead. Read more [COMPUTING.CO.UK]
  • 101. IT Security | Cybersecurity CALL BLUE MOUNTAIN FOR IT SECURITY SUPPORT: Blue Mountain Data Systems is actively involved in implementing FISMA and NIST standards with Federal Civilian Agencies. Due to our extensive experience in this area, Blue Mountain has developed processes and organizational techniques to help ensure security deliverables are completed on time, and performed in the most efficient manner possible. We ensure that NIST-800-53 control requirements are treated consistently during definition, analysis, implementation, auditing, and reporting phases of a system. Find out more about Blue Mountain Data Systems IT Security Support Services. Call us at 703-502-3416.
  • 102. From the Blue Mountain Data Systems Blog Three-Dimensional Governance for the CIO https://www.bluemt.com/three-dimensional-governance-for-the-cio 7 Reasons to Take Control of IT Incidents https://www.bluemt.com/7-reasons-to-take-control-of-it-incidents/ Breach Mitigation Response Time Too Long, Survey Says https://www.bluemt.com/breach-mitigation-response-time-too-long-survey- says/ Six Tactics for Cyberdefense https://www.bluemt.com/six-tactics-for-cyberdefense/
  • 103. From the Blue Mountain Data Systems Blog Feds Report Mixed Responses to Shared Services https://www.bluemt.com/feds-report-mixed-responses-to-shared-services Federal Employees Are Not Security Experts https://www.bluemt.com/federal-employees-are-not-security-experts Survival Guide for Network Administrators https://www.bluemt.com/survival-guide-for-network-administrators DBaaS: OpenStack Trove Changes DB Management https://www.bluemt.com/dbaas-openstack-trove-changes-db-management
  • 104. From the Blue Mountain Data Systems Blog Help Wanted: Certified Cybersecurity Professionals https://www.bluemt.com/help-wanted-certified-cybersecurity-professionals Cyber Threat Intelligence Integration Center Preview https://www.bluemt.com/cyber-threat-intelligence-integration-center-preview/ Cloud Moves in 1-2-3 https://www.bluemt.com/cloud-moves-in-1-2-3/ Change Management for Disaster Recovery https://www.bluemt.com/change-management-for-disaster-recovery/
  • 105. From the Blue Mountain Data Systems Blog Jeffersonian Advice For C-Suite Career Advancement https://www.bluemt.com/jeffersonian-advice-for-c-suite-career-advancement/ Ways To Survive The “Mobile-Pocalypse” https://www.bluemt.com/ways-to-survive-the-mobile-pocalypse/ Microsoft Cloud Services Receive FedRAMP Authority to Operate https://www.bluemt.com/microsoft-cloud-services-receive-fedramp-authority- to-operate/ Hiring Pentesters? Here Are 10 Things You Need to Know https://www.bluemt.com/hiring-pentesters-here-are-10-things-you-need-to- know/
  • 106. From the Blue Mountain Data Systems Blog Home Router Malware Alert https://www.bluemt.com/home-router-malware-alert/ Threat Model Deconstruction https://www.bluemt.com/threat-model-deconstruction/ Business Email Scam Nets $214 Million https://www.bluemt.com/business-email-scam-nets-214-million/ How to Prevent Unauthorized Software from Taking Over Your Organization https://www.bluemt.com/the-cios-guide-to-happy-end-users-2/
  • 107. From the Blue Mountain Data Systems Blog Digital Marketing Predictions for 2015 https://www.bluemt.com/digital-marketing-predictions-for-2015/ SDN: Network Administrator’s Friend or Foe? https://www.bluemt.com/sdn-network-administrators-friend-or-foe/ Mobile Payments: A Must for Federal Agencies https://www.bluemt.com/mobile-payments-a-must-for-federal-agencies/ Soft Skills Are A Must-Have For Careers In IT https://www.bluemt.com/soft-skills-are-a-must-have-for-careers-in-it/
  • 108. From the Blue Mountain Data Systems Blog Security Risks Most Prevalent in Younger Workers https://www.bluemt.com/security-risks-most-prevalent-in-younger-workers/ The Security World’s Maturation https://www.bluemt.com/the-security-worlds-maturation/ Data Breach Concerns Keep CISOs Up At Night https://www.bluemt.com/data-breach-concerns-keep-cisos-up-at-night/ Personalized Govt Equals Instant Gratification for Citizens https://www.bluemt.com/personalized-govt-equals-instant-gratification-for- citizens/
  • 109. From the Blue Mountain Data Systems Blog People-Centric Security https://www.bluemt.com/people-centric-security/ Pentagon Tries BYOD To Strike Work/Life Balance https://www.bluemt.com/pentagon-tries-byod-to-strike-worklife-balance/ Open Source Model Considered for MS Windows https://www.bluemt.com/open-source-model-considered-for-ms-windows/ Open Internet: To Be or Not to Be? https://www.bluemt.com/open-internet-to-be-or-not-to-be/
  • 110. From the Blue Mountain Data Systems Blog Malware Stays A Step Ahead Infecting One Third of Websites https://www.bluemt.com/malware-stays-a-step-ahead-infecting-one-third-of- websites/ Machine-Generated Data: Potential Goldmine for the CIO https://www.bluemt.com/machine-generated-data-potential-goldmine-for-the- cio/ Government Legacy Programs: Reuse vs. Replacement https://www.bluemt.com/government-legacy-programs-reuse-vs-replacement/ It Takes a Whole Village to Protect Networks and Systems https://www.bluemt.com/it-takes-a-whole-village-to-protect-networks-and- systems/
  • 111. From the Blue Mountain Data Systems Blog Governance For the CIO https://www.bluemt.com/governance-for-the-cio/ Help Desk Consolidation – Lessons Learned https://www.bluemt.com/help-desk-consolidation-lessons-learned/ One Year Later, Companies Still Vulnerable to Heartbleed https://www.bluemt.com/one-year-later-companies-still-vulnerable-to- heartbleed/ Federal Projects Cultivate Worker Passion https://www.bluemt.com/federal-projects-cultivate-worker-passion-2/
  • 112. ABOUT US Blue Mountain Data Systems Inc. Blue Mountain Data Systems Inc. is dedicated to application and systems development, electronic document management, IT security support, and the automation of workflow processes. Read more about our experience here: >> http://bluemt.com/experience
  • 113. Recent Experience U.S. Dept. of Labor Employee Benefits Security Administration 1994 to Present Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support.
  • 114. MANAGEMENT Paul T. Vesely Founder, President, CEO and Principal Architect Mr. Vesely is a recognized thought leader in systems architecture and delivery, having designed and delivered many enterprise wide information and document management solutions. Mr. Vesely’s history includes 33 years experience in the information systems industry, with Unisys, Grumman, PRC and a host of clients in both government and private sectors.
  • 115. CONTACT US Contact Us Today to Discuss Your Next IT Project HEADQUARTERS 366 Victory Drive Herndon, VA 20170 PHONE 703-502-3416 FAX 703-745-9110 EMAIL paul@bluemt.com WEB https://www.bluemt.com