SlideShare a Scribd company logo
1 of 113
Download to read offline
Blue Mountain
Data Systems
Tech Update
Summary
November 2017
For CTOs, CIOs & CISOs
Visit Blue Mountain Data Systems
https://www.bluemt.com
For CTOs, CIOs & CISOs
Every business day, we publish a Daily Tech Update for Federal & State CTOs ,CIOs & CISOs on the Blue
Mountain Data Systems Blog. We hope you will visit our blog for the latest information.
You can also receive these updates via email. Click here to subscribe.
Here’s the summary of the Daily Tech Updates for November 2017. Hope the information and ideas
prove useful.
Best,
Paul Vesely
President and Principal Architect
Blue Mountain Data Systems Inc.
Network Security
Network Security
CISO: Convincing Employees to Care About Network Security. Employees remain
the biggest source of corporate cyber risk. According to the “IBM X-Force 2016
Cyber Security Intelligence Index,” staff members are responsible for 60 percent of
all digital attacks endured by enterprises. In most cases, there’s no malicious
intent. Employees may subvert network security by opening infected email
attachments, falling for well-crafted phishing attacks, accessing compromised
third-party apps or accidentally posting confidential information on social media
sites. Read more
[SECURITYINTELLIGENCE.COM]
Network Security
FEDERAL GOVERNMENT: Consolidating Federal Networks Could Lead to New
Security Holes. For years, one of the chief aims of the IT modernization movement
has been replacing the federal government’s outdated architecture. Before truly
tapping into the transformative power of new software and security tools, the
thinking goes, government must first scrap its ancient patchwork networks for a
new unified IT infrastructure. Read the rest
[FCW.COM]
OPINION: Why Chipmakers are Taking IoT Security Into Their Own Hands. As the
IoT and chip industry both continue to grow more chipmakers will come to
understand the importance of putting security and privacy first. Read more
[NETWORKWORLD.COM]
Network Security
STATES: Federal Government Notifies 21 States of Election Hacking. The federal
government has told election officials in 21 states that hackers targeted their
systems before last year’s presidential election. The notification came roughly a
year after U.S. Department of Homeland Security officials first said states were
targeted by hacking efforts possibly connected to Russia. The states that told The
Associated Press they had been targeted included some key political
battlegrounds, such as Florida, Ohio, Pennsylvania, Virginia and Wisconsin. Find
out more
[USNEWS.COM]
Encryption
Encyption
SECURITY: How Blockchain Encryption Works: It’s All About Math. Riot
Blockchain’s CEO John O’Rourke explains how the blockchain encryption mining
network works. Read more
[TECHREPUBLIC.COM]
CISO: Data Storage and Encryption Should Top the CISO’s To-Do List. In today’s
digitized world, data storage and encryption are surely top of mind for most chief
information officers (CIOs). But given the increasing regulations and privacy
implications surrounding data security, these measures should also be on the chief
information security officer (CISO)’s agenda. Get the plugin.
[SECURITYINTELLIGENCE.COM]
Encyption
DMARC: States Should Follow Federal Directive to Enhance Email and Web
Security. The Department of Homeland Security (DHS) has mandated that all
federal executive branch agencies implement Domain-based Message
Authentication, Reporting and Conformance (DMARC) to improve email security. In
the same directive, DHS also mandated better Web security protections be put into
place. State and local governments should follow the lead of their federal
counterparts and make implementing DMARC a priority. Here’s why. Find out more
[GOVTECH.COM]
Encyption
INDUSTRY INSIGHT: Don’t Leave Your Front Door Open to Attack. The web has
grown to over 1 billion websites. While websites have grown incredibly complex
and become a part of our virtual lives, most users and website operator are still
focused on functionality. Arguably, there are internet users and website owners
concerned about security because of headlines about rampant cyberattacks, data
leaks and breaches. But, not all are proactively securing their websites. Here’s why
websites can be a treasure trove for attackers. Read more
[GCN.COM]
Databases
Databases
MICROSOFT: Enabling Automatic Database Tuning in Azure SQL DB in 2018.
Microsoft’s automated and AI-enabled database tuning technology will become
the new default configuration on the Azure SQL cloud database in January 2018.
Read more
[EWEEK.COM]
BIG DATA: Neo4j Looks Beyond the Graph Database. Graph database company
Neo4j wants to move beyond providing only its graph database, and is working on
what it calls a ‘graph platform’ to help companies make the most of their data.
Read more.
[ZDNET.COM]
Databases
MySQL: Configuring a MySQL Database on Amazon RDS. Cloud-based database
solutions have really taken off in recent years. Although concerns about ownership
and security have put a damper on some companies’ aspirations to offload some
or all of their database management to a third party, the vast majority of
companies have embraced the new paradigm and are reaping substantial financial
rewards as a result. Learn about the different cloud database categories, as well as
how to configure a MySQL database on the Cloud, using Amazon RDS. Read more
[DATABASEJOURNAL.COM]
Databases
CLOUD: Distributed PostgreSQL Settling Into Cloud. Organizations that want the
scalability of a distributed PostgreSQL database but don’t want the hassle of
managing it themselves may be interested in the latest news from Citus Data,
which has unveiled new options for its hosted, scale-out relational database. Find
out more
[DATANAMI.COM]
More About Blue Mountain
BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S.
Dept. of Labor, Employee Benefits Security Administration. Responsible to the
Office of Technology and Information Systems for information systems
architecture, planning, applications development, networking, administration and
IT security, supporting the enforcement of Title I of the Employee Retirement
Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for
design, development and support for its various enforcement database
management systems, as well as all case tracking and customer service inquiry
systems. Blue Mountain also provides IT security services to the EBSA, in the form
of FISMA Assessment and Authorization, System Security Plans, Risk and
vulnerability assessments, monitoring and investigation support. Read more.
Federal Tech
Federal Tech
FEDERAL GOVERNMENT: APIs, Shared Services Can Reshape,
Modernize Government Technology. The size and scope of the
federal government’s information technology landscape only
continues to grow and in a way that makes it incredibly difficult to
change. In the Federal Chief Information Officers Council’s latest
study, the current state of government IT is described as monolithic.
And, it is not meant as a compliment. Read more
[FEDERALNEWSRADIO.COM]
Federal Tech
OPINION: Government Efforts to Weaken Privacy are Bad for Business and
National Security. The federal government’s efforts to require technology and
social media companies to relax product security and consumer privacy standards
– if successful – will ultimately make everyone less safe and secure. Read the rest
[INFOSECURITY-MAGAZINE.COM]
PUBLIC SAFETY: Rapid DNA Technology Gives Law Enforcement Access to Your
DNA in 90 Minutes. Before recently-passed legislation, law enforcement agencies
had to send DNA samples to government labs and wait for it to get tested, which
could take days or even weeks. Find out more
[GOVTECH.COM]
Federal Tech
MODERNIZATION: Making Modernization Happen. Now more than ever before,
comprehensive IT modernization for federal agencies is a real possibility. The
question that remains is whether President Donald Trump’s words and actions
during his first months in office will be sustained by the administration and
Congress in the months and years ahead. Read more
[FCW.COM]
State Tech
State Tech
SURVEY: Cybersecurity Concerns May Keep One in Four Americans
from Voting. Cybersecurity concerns may prevent one in four
Americans from heading to the polls in November, according to a
new survey by cybersecurity firm Carbon Black. The company
recently conducted a nationwide survey of 5,000 eligible US voters to
determine whether reports of cyberattacks targeting election-related
systems are impacting their trust in the US electoral process. The
results revealed that nearly half of voters believe the upcoming
elections will be influenced by cyberattacks. Consequently, more
than a quarter said they will consider not voting in future elections.
Read more
[HSTODAY.US.COM]
State Tech
ALASKA: Unique Challenges in IT Consolidation. The Last Frontier is
centralizing IT operations under Alaska’s newly created Office of
Information Technology. But consolidating IT in a sprawling state like
Alaska offers challenges not found in other environments, says the
state’s new CIO Bill Vajda. Read the rest
[GCN.COM]
ALABAMA: Acting CIO Jim Purcell Is a Man on a Mission for Smarter
State IT. Jim Purcell wasn’t expecting a call from Alabama’s new
governor, Kay Ivey, and he certainly wasn’t expecting her to ask him
to head up the Office of Information Technology (OIT) – but that’s
exactly what happened last week. Find out more
[GOVTECH.COM]
State Tech
ILLINOIS: Inside a State Digital Transformation. Hardik Bhatt, CIO of the State of
Illinois, sought to become the nation’s first Smart State – a process that required
reorganizing its 38 IT departments into one, improving government services, and
finding new sources of innovation to apply to its revenue model. Within 18
months, Illinois rose in national rankings from the bottom fourth of state
governments to the top third. Read more
[ENTERPRISERSPROJECT.COM]
Electronic Document Management
Electronic Document Management
CFPB: Looks to Embrace Cloud for Email, Office Application Needs. The Consumer
Financial Protection Bureau wants to move to a public cloud setup for some of its
core enterprise apps. The financial watchdog agency recently sent out a Request
for Information (RFI) on the process, technical requirements and costs of moving to
cloud services in fiscal year 2017. CFPB wants to establish a more complete
understanding on the costs associated with moving fully to a cloud solution for
email and office applications (e.g., documents, spreadsheets, presentations,
SharePoint and more).Read the rest
[FEDTECHMAGAZINE.COM]
Electronic Document Management
ROI: 4 Ways Business Document Management Software Can Save You Money. Lisa
Croft, Group Product Marketing Manager at Adobe Document Cloud, talks about
the many ways business document management can save your company time,
space, and more importantly, loads of money. Here are the four most obvious ways
these tools provide excellent return-on-investment. Read more
[PCMAG.COM]
508 Compliance
Section 508 Compliance
LEGAL: Credit Unions Experiencing an Increase in ADA Lawsuits. The number of
credit unions hit with lawsuits in recent weeks over the accessibility of their
websites continued to climb into double digits, and experts warned that even more
credit unions could become targets if they don’t get up to speed on the issue. Read
more
[CUTIMES.COM]
TESTING TOOL: Funkify Accessibility Simulator. Funkify is a plugin for Chrome that
helps you experience the web and interfaces through the eyes of extreme users
with different abilities and disabilities. The free demo version helps web
developers, designers and content creators experience the web through the eyes
of people with different abilities. Get the plugin.
[ACCESSIBLEWEBSITESERVICES.COM]
Section 508 Compliance
WCAG 2.0: Checklists. It’s extremely useful to have a WCAG 2.0 checklist on hand
when you’re working through the guidelines. A WCAG 2.0 checklist helps you to
check your web accessibility progress, record how far you’ve come and set your
targets out for the future. Find out more
[WUHCAG.COM]
WEBSITE AUDITOR: The Hot Job Title You Want. “The web accessibility
compliance auditor is a field that every computer science and information systems
student should think of pursing,” says Dr. James Logan, who is the quality
assurance manager for Georgia Institute of Technology’s Enterprise Information
Systems. “It really is just an extension of information systems. The field has so
many opportunities for web developers.” Read more
[BLACKENGINEER.COM]
Section 508 Compliance
CITIES: 3 Easy Steps to City Website Accessibility for WCAG 2.0 AA. Beginning January
18, 2018, all federal, state and local websites must meet Web Content Accessibility
Guidelines (WCAG 2.0 AA) adopted as part of updates to existing federal laws governing
equal access to government services – Section 508 of the Rehabilitation Act of 1973.
Jurisdictions that do not comply with these guidelines risk lawsuits from private
citizens, as well as legal action by the Department of Justice, which has taken the
position that websites offering goods or services to consumers are places of public
accommodation and must be accessible to the disabled. Here are three key website
content areas where agencies can make adjustments to help their customers find and
understand the information they need from their local government’s website –
regardless of age or disability. Read more
[EFFICIENTGOV.COM]
Section 508 Compliance
ECOMMERCE: Online Retailers Beware: Court Holds Website Violates ADA
Despite Lack of Physical Store . Courts across the country continue to weigh in on
the issue of website accessibility. Last week, the U.S. District Court for the District
of New Hampshire denied a motion to dismiss filed by online food delivery servicer
Blue Apron. In denying the motion, the court found that Blue Apron’s website is a
place of public accommodation – despite the fact that Blue Apron operates only
online and has no traditional brick and mortar locations. Read more.
[LEXOLOGY.COM]
Section 508 Compliance
CAREERS & WORKPLACE: Websites Are the Next Frontier of ADA Compliance.
While the DOJ continues to delay the rule-making process and the roll out of any
final rules, companies should beware. Federal court lawsuits based on alleged
website inaccessibility have spiked since the beginning of 2015 with several
hundred filed against a wide spectrum of businesses – from retailers to restaurants
– that provide public accommodation. Find out more
[BIZJOURNALS.COM]
Section 508 Compliance
LEGAL: Location, Location, Location: New Website Accessibility Decision May
Encourage Forum Shopping. On November 8, 2017, the U.S. District Court for the
District of New Hampshire joined the ranks of the federal courts that have held
that a website itself is a place of public accommodation—even if the business that
maintains the website does not own or operate any physical place of public
accommodation. The defendant in this case operates an online-only business and
does not own or operate any traditional brick and mortar locations. The websites
of such online-only businesses have been subject to increasing attack. Read more
[NATLAWREVIEW.COM]
Section 508 Compliance
ONLINE COURSE: Digital Accessibility: Enabling Participation in the Information
Society. This course will help you to understand how those with sensory, physical
and cognitive impairments may be disabled by barriers encountered when using
digital technologies. The course will highlight how the use of accessible and
inclusive design can help overcome many of these difficulties. Get the plugin.
[FUTURELEARN.COM]
PR: How PR Firms Need to Navigate Website Compliance Under the Americans
with Disabilities Act. Here’s what the ADA means for websites, and what PR pros
need to know. Find out more
[PRWEEK.COM]
Security Patches
Security Patches
MICROSOFT: Thanksgiving Turkeys: One Patch Disappears, Another Yanked. If
you’re just coming back from the long US Thanksgiving weekend, all sorts of
Windows patch inanities await. The Epson dot matrix bug in this month’s security
patches was fixed for older versions of Windows, but .NET patch KB 4049016 and
others got pulled. Read more
[COMPUTERWORLD.COM]
REPORT: Java Developers Aren’t Applying Security Patches. Application security
vendor Veracode has released the “2017 State of Software Security Report,” and
the results paint an unflattering picture of Java developers. An alarming 88 percent
of Java applications contain at least one vulnerable component, the report’s
authors found. Why? Developers don’t patch components in production once
vulnerabilities are found and new versions of those components are released. Get
the plugin.
[ADTMAG.COM]
Security Patches
WORDPRESS: Patches SQL Injection Bug in Security Release. A bug discovered in
WordPress allows attackers to trigger an SQL injection attack leading to complete
website hijacking. The vulnerability CVE-2017-14723 was discovered in the
WordPress content management system (CMS) versions 4.8.2 and below.
Webmasters should update immediately to prevent website takeovers. Find out
more
[ZDNET.COM]
INTEL: Patches Management Engine for Critical Vulnerabilities. Intel issued a
critical firmware update on Nov. 20 for a set of eight vulnerabilities that impact
the Intel Management Engine firmware. “In response to issues identified by
external researchers, Intel has performed an in-depth comprehensive security
review of our Intel Management Engine (ME), Intel Server Platform Services (SPS),
and Intel Trusted Execution Engine (TXE) with the objective of enhancing firmware
resilience,” Intel stated in an advisory. Read more
[EWEEK.COM]
CIO, CTO & CISO
For the CIO, CTO & CISO
CIO: Interview with Alin D’Silva, Vice President of IT and CTO of Digital Workplace
at Verizon. While it may seem more straightforward for technology-oriented
companies to continue accelerating their digital transformations, they face the
same challenges as any other. Alin D’Silva, Vice President of IT and CTO of Digital
Workplace at Verizon, shares his thoughts on some of those challenges and what
motivates him to drive forward. Read more
[CIO.COM]
CIO, CTO & CISO
CTO: Tom Eck, CTO Industry Platforms IBM Sweet Talks Fintech. Despite the
burgeoning fintech startup market, the broader financial services market
struggles to engage. Financial institutions want to move with the agility of a
fintech, but without ‘breaking the bank’, says Tom Eck, global chief technology
officer of industry platforms at IBM.According to Eck, IBM financial services
clients are keen to experiment and get products to market fast, but they don’t
have the freedom to make certain types of mistakes. Read the rest
[DIGINOMICA.COM]
CIO, CTO & CISO
CISO: An 18F for Cyber? DHS CISO Wants One. Department of Homeland
Security CISO Jeff Eisensmith wants the federal government to establish a team
of cybersecurity experts akin to the General Services Administration’s 18F digital
service team. Find out more
[FEDSCOOP.COM]
INTERVIEW: Nordic CIO interview: Filippa Jennersjö, Sweden’s Public
Employment Agency. The CIO at Sweden’s Public Employment Agency has been
bringing the organisation in line with other departments’ digital developments.
Read more
[COMPUTERWEEKLY.COM]
Penetration Testing
Penetration Testing
FEDERAL GOVERNMENT: Whitehouse Renews Call for Cyber IG. Sen. Sheldon
Whitehouse (D-R.I.) is looking to establish a cybersecurity inspector general with
the authority to probe federal networks for weaknesses. A cyber IG, Whitehouse
argues, would be a way to recruit cybersecurity experts who would prefer to
focus on penetration testing and other white hat activities, rather than toil in
one of the more than 70 IG offices around government. Read more
[FCW.COM]
Penetration Testing
IoT: Security For Embedded Electronics. One of the biggest challenges for
embedded devices and systems, especially those employed in the Internet of
Things, is adequately protecting them from increasingly sophisticated hacking.
This is a new tool for criminal enterprises, and a very lucrative one because it can
be done remotely with little fear of being caught. Even when hackers are caught,
they rarely are prosecuted, which has not gone unnoticed by criminal
enterprises. A lack of reprisal has allowed them to recruit some of the best and
brightest programmers. Read more.
[SEMIENGINEERING.COM]
Penetration Testing
ELECTIONS: Senator Calls on Voting Machine Makers to Detail How They’ll
Prevent Hacks. One of the Senate’s main cybersecurity proponents wants
assurances that voting systems in the U.S. are ready for their next major threat
and he’s going straight to the hardware makers to get it. In a letter, Oregon
Senator Ron Wyden — an outspoken member of the Senate Intelligence
Committee — called on six of the main voting machine manufacturers in the U.S.
to provide details about their cybersecurity efforts to date. The request comes
on the heels of emerging details around Russia’s successful attempts to hack
election systems in many states. Find out more
[TECHCRUNCH.COM]
Penetration Testing
COMMUNICATIONS: Secure Communications Across Radio and Cell Networks.
To help eliminate the communications problems that plague first responders,
Lockheed Martin has teamed with Blue Cedar to enable secure communications
across multiple devices. Also intended for military or remote users, Lockheed’s
Universal Communications Platform (UCP) hub bridges communications across
land mobile radios, voice-over-IP, smartphones and other networks, allowing
interoperability between multiple types of secure radio and cellular
communications. The UCP Communicator app can be downloaded to
commercial smartphones, expanding secure communications to users without
access to radio equipment. Read more
[GCN.COM]
Open Source
Open Source
BUSINESS: Giving Open-Source Projects Life After a Developer’s Death. You’ve
probably never heard of the late Jim Weirich or his software. But you’ve almost
certainly used apps built on his work. Weirich helped create several key tools for
Ruby, the popular programming language used to write the code for sites like
Hulu, Kickstarter, Twitter, and countless others. His code was open source,
meaning that anyone could use it and modify it. “He was a seminal member of
the western world’s Ruby community,” says Justin Searls, a Ruby developer and
co-founder of the software company Test Double. When Weirich died in 2014,
Searls noticed that no one was maintaining one of Weirich’s software-testing
tools. That meant there would be no one to approve changes if other developers
submitted bug fixes, security patches, or other improvements. Any tests that
relied on the tool would eventually fail, as the code became outdated and
incompatible with newer tech. Read more
[WIRED.COM]
Open Source
OPEN STACK: Next Mission – Bridging the Gaps Between Open Source Projects.
OpenStack, the massive open source project that provides large businesses with the
software tools to run their data center infrastructure, is now almost eight years old.
While it had its ups and downs, hundreds of enterprises now use it to run their
private clouds and there are even over two dozen public clouds that use the
project’s tools. Users now include the likes of AT&T, Walmart, eBay, China Railway,
GE Healthcare, SAP, Tencent and the Insurance Australia Group, to name just a few.
Read the rest
[TECHCRUNCH.COM]
REPORT: Open Source Software Projects are Maturing. Electronic design
automation company Synopsys released the findings of its 2017 Coverity Scan
Report, which shows an increased of “project maturity” in the over 4,600 open
source software projects analyzed based on certain secure development strategies.
Find out more [SDTIMES.COM]
Open Source
FEDERAL NEWS: How One Contractor Belittled the White House’s IT
Modernization Strategy. The White House is busily reviewing more than 90
comments on its draft IT modernization strategy. The comments came from
industry associations, specific companies and individuals, including federal
employees, and most were pretty vanilla, offering basic support for the initiatives in
the draft strategy and insights, both generally and specific to the organizations’ or
vendors’ area of expertise. But none was more fascinating then the flames Oracle
decided to throw about the entire IT modernization effort over the last nine years.
Read more
[FEDERALNEWSRADIO.COM]
Business Intelligence
Business Intelligence
READ: 12 Ways to Empower Government Users with the Microsoft Business
Intelligence (MBI) Stack. Are your organization’s Federal IT resources under
constant pressure, with no end in sight? Your agency is not alone. With limited
access to dedicated information technology resources, non-technical end users
often play the waiting game, relying on IT staff to do simple tasks like generating
custom queries and embedding them within applications. Your department’s need
to generate on demand, ad hoc reports gets pushed to the back burner while IT
resources respond to more pressing matters. Implementing a self-service approach
alleviates your IT staff from such tasks, affording them more time to focus on
solving high impact problems. Read more
[BLUEMT.COM]
Business Intelligence
REPORT: 2017 State Of Business Intelligence And Predictive Analytics. Insights
gained from interviews with Dresner Advisory Service’s research community of over
3,000 organizations, in addition to vendor customer community interviews. 57% of
respondents are from North America, 31% from Europe, the Middle East & Africa,
with the remaining 12% from Asia-Pacific (8%) and Latin America (4%). For
additional details regarding the methodology, please see page 11 of the study.
Industry interest in advanced and predictive analytics grew sharply in 2017, with
business intelligence experts, business analysts, and statisticians/data scientists
being the most prevalent early adopters. Click here for key takeaways.
[FORBES.COM]
Business Intelligence
READ: Business Intelligence vs. Business Analytics: Where BI Fits Into Your Data
Strategy. While BI leverages past and present data to describe the state of your
business today, business analytics mines data to predict where your business is
heading and prescribe actions to maximize beneficial outcomes. Find out more
[CIO.COM]
U.S. GOVT FINANCE: 11 Ways to Speed Up Government Procurement. Buying with
public money is difficult by design, but are there fair ways to fix it? Read more
[GOVTECH.COM]
Operating Systems
Operating Systems
NEWS: All Operating Systems Are Susceptible to This WiFi Attack. With so many
consumers relying on mobile devices these days, it is no surprise criminals continue
to look for new ways to take advantage. A new exploit recently uncovered by
researchers shows how assailants can read WiFi-based traffic between devices.
Around 41% of all current Android devices are susceptible to such an exploit. This
issue goes well beyond mobile devices, although Linux-based devices are most
prone to attack. Read more
[THEMERKLE.COM]
Operating Systems
APPLE: Operating Systems Vulnerable to Password Theft. Apple released a new
macOS operating system Monday, but already security experts are saying it is
vulnerable to a zero-day exploit that puts users’ passwords at risk. Read the rest
[CONSUMERAFFAIRS.COM]
MICROSOFT: Has Already Fixed the Wi-Fi Attack Vulnerability. Microsoft says it has
already fixed the problem for customers running supported versions of Windows.
“We have released a security update to address this issue,” says a Microsoft
spokesperson in a statement to The Verge. “Customers who apply the update, or
have automatic updates enabled, will be protected. We continue to encourage
customers to turn on automatic updates to help ensure they are protected.”
Microsoft says the Windows updates released on October 10th protect customers,
and the company “withheld disclosure until other vendors could develop and
release updates.” Find out more
[THEVERGE.COM]
Operating Systems
DHS: Mandates New Security Standards for Federal Networks. The Department of
Homeland Security is requiring agencies to use new email and web security
guidelines that address man-in-the-middle attacks. A binding operational directive
from DHS gives federal agencies 90 days to implement a pair of tools, Domain-
based Message Authentication Reporting and Conformance (DMARC) and
STARTTLS. DMARC is an email authentication tool designed to prevent email
spoofing and provide data on where a forgery may have originated. STARTTLS helps
protect against passive man-in-the-middle attacks by allowing for email encryption
while data is in transit. The directive also requires agencies to switch all publicly
accessible federal websites to HTTPS and HSTS-secure connections within 120 days.
Doing so could potentially eliminate a large swath of security flaws that affect most
federal government websites. Find out more
[FCW.COM]
BYOD
BYOD
SURVEY: The Evolution of BYOD Security in a Mobile-First World. Bitglass’ research
team surveyed 200 IT and security professionals at a national Gartner conference to
learn more about the evolution of BYOD security in a mobile-first world. According
to the research, one in four organizations lack some form of multi-factor
authentication when securing BYOD, which is consistent with well-known enterprise
security gaps. Using compromised passwords to control access and single-factor
authentication has resulted in several high-profile data breaches in recent months.
Enterprises have since turned to technology as a means of solving the secure
identity management challenge. Read more
[HELPNETSECURITY.COM]
BYOD
SECURITY: Quarter of Firms Allow Password-Only BYOD Security. Over a quarter
(28%) of organizations rely solely on user-generated passwords to secure BYOD,
potentially exposing countless endpoints to credential guessing, cracking and theft.
Read more.
[INFOSECURITY-MAGAZINE.COM]
MESSAGING: The Risks of Messaging Apps in BYOD. Are using messaging apps
adding another layer of risk to your business information? Quite possibly, according
to research from Infinite Convergence Solutions and 451 Research. That’s because
employees are using unsecure messaging applications to communicate with each
other, with nearly three in four employees using consumer messaging apps for
business purposes. Yet, nearly two-thirds of organizations have done nothing to
create security policies around their use. Find out more
[ITBUSINESSEDGE.COM]
BYOD
READ: Hackers Reveal Leading Enterprise Security Blind Spots. When it comes to
cybersecurity, hackers said mobile devices are a critical blind spot. This is
unsurprising considering bring-your-own-device (BYOD) policies which connect
unknown mobile devices, OS versions, and patch processes to corporate networks.
Read more
[ZDNET.COM]
Incident Response
Incident Response
NIST: How to Recover from Cyber Incidents in Government. What actions do
organizations need to take to prepare for cybersecurity incidents? The National
Institute of Standards and Technology (NIST) has answers in Special Publication 800-
184, titled: ‘Guide for Cybersecurity Event Recovery.’ Here’s an exclusive interview
with one of the authors. Read more
[GOVTECH.COM]
AUSTRALIA: Government Reveals Draft Digital Identity Framework. A series of
documents outlining the security and usability standards by which Australians’
digital identity information is to be collected, stored, and used has been released by
the government. Read more.
[ZDNET.COM]
Incident Response
CYBERSECURITY: How to Fix Information Sharing, According to Industry. Secret
cyber threat data and a clunky clearance process are barriers to bidirectional
information sharing, industry representatives told the House Homeland Security
Committee’s Cybersecurity and Infrastructure subcommittee on Nov. 16. Find out
more
FCW.COM]
FEDERAL GOVERNMENT: Top 17 State & Local Cybersecurity Leaders to Watch.
Here’s a cross-section of government’s best state and local cybersecurity talent,
assembled through StateScoop’s own stories and reporting; from the
recommendations of leaders across the state and local government technology
industry; and by the suggestions of nonprofits and associations across the space.
Read more
[STATESCOOP.COM]
Cybersecurity
Cybersecurity
MICROSOFT: A Pictorial Walk-Through Of Microsoft’s New Cybersecurity Tools.
Cybersecurity should be on every person’s mind in 2017, and certainly every
lawyer’s. Here’s why…Read more
[ABOVETHELAW.COM]
FEDERAL GOVT: U.S. Government Cybersecurity Lags Behind That of a Fast Food
Joint, Say Analysts. The American federal government and countless state and local
governments throughout the U.S. are more vulnerable to cyberattacks than your
local McDonald’s. A new study ranking the cybersecurity of 18 industries “paints a
grim picture” with the U.S. government 16th when it comes to protecting its
computer systems and data from hackers. Read the rest
[NEWSWEEK.COM]
Cybersecurity
DATA: The Piece of Cybersecurity Feds Can No Longer Ignore. The Trump
administration needs to work with Congress to fully fund the Department of
Homeland Security’s Continuous Diagnostics and Mitigation program. Find out more
[FEDTECHMAGAZINE.COM]
STATE & LOCAL GOVERNMENT: Annual Cybersecurity Review for State and Local
Government Approaches. Non-federal agencies still ride low on the maturity
benchmark, but the increased political attention around cybersecurity could
improve results in the coming survey period. Find out more about the study results
[STATESCOOP.COM]
IT Management
IT Management
READ: All Management Is Change Management. Change management is having its
moment. There’s no shortage of articles, books, and talks on the subject. But many
of these indicate that change management is some occult subspecialty of
management, something that’s distinct from “managing” itself. This is curious
given that, when you think about it, all management is the management of
change. Read more
[HBR.ORG]
NARA: Improvements Seen in Federal Records Management, but ‘There is Work
to be Done’. Compliance, collaboration and accountability are the themes of the
National Archives’ recommendations to agencies for improving how they handle
paper – and electronic – trails. That’s according to NARA’s 2016 Federal Agency
Records Management Annual Report. Read more.
[FEDERALNEWSRADIO.COM]
IT Management
FINANCIAL: Washington State’s Strategy for Tracking IT Spending. The state of
Washington’s first efforts to bring technology business management to its IT
spending practices began in 2010 when the legislature mandated annual reports
and specific evaluation requirements for investments. As interest grew in
monitoring the cost of IT along with the business services IT provides, officials in
the Washington’s Office of the CIO worked to refine the strategy through the
creation of a state TBM program. Find out more
[GCN.COM]
IT Management
HR: A Blueprint for Improving Government’s HR Function. Government, at its
core, is its employees and their commitment to serve the country. That fact is
too often overlooked. While technology enables employees to make better,
faster decisions, until artificial intelligence replaces the acquired knowledge of
employees, agency performance will continue to depend on the skill and
dedication of government workers. As such, civil service reform is increasingly
important because workforce rules and regulations are out of sync with current
management thinking. To use a basketball analogy, government is still shooting
two handed set shots. Read more
[GOVEXEC.COM]
Application Development
Application Development
INDUSTRY INSIGHT: 4 Steps to Agile Success. There’s a noticeable shift toward agile
development taking place within the federal government. Driven by a need for
accelerated application development and meeting internal customers’ needs on the
very first attempt, agencies like the General Services Administration and
Department of Homeland Security have begun to move away from traditional
waterfall project management frameworks and toward iterative, agile frameworks
like scrum. Read more
[GCN.COM]
Application Development
IT MODERNIZATION: 3 Strategies for Building Successful Agile Teams. Is the
federal government truly ready to embrace agile software development?
Successful agile environments do not start with technology; they start with
creating the right team. This can be harder than it may first appear, because agile
challenges preconceived norms of how federal IT teams should be structured and
the way they approach projects. Agile teams are typically a combination of
individual contributors (particularly those from development and quality assurance
backgrounds) who rarely work together but must now collaborate to achieve
common goals. Read the rest
[NEXTGOV.COM]
ENTERPRISE: Air Force Intelligence Unit Goes Agile. The US Air Force is
determined to get more agile to produce applications that can be useful in times of
conflict. Find out more
[INFORMATIONWEEK.COM]
Application Development
PEOPLE & CAREERS: Sloughing Off the Government Stereotypes. What are CIOs
doing to lure millennials into government IT? Government CIOs across the board
are being forced to confront the retirement wave that’s about to decimate their
ranks. But does the next generation of IT pros want the jobs their parents and
grandparents are leaving behind? Read more
[GOVTECH.COM]
Big Data
Big Data
PREDICTIONS: 10 Predictions For AI, Big Data, And Analytics in 2018. A new
Forrester Research report, Predictions 2018: The Honeymoon For AI Is Over,
predicts that in 2018 enterprises will finally move beyond the hype to recognize
that AI requires hard work—planning, deploying, and governing it correctly. Read
more
[FORBES.COM]
READ: How “Big Data” Went Bust. Barack Obama’s White House launched a $200
million national big data initiative, and the frenzy commenced: Academia,
nonprofits, governments, and companies raced to figure out just what “big data”
was and how they could capitalize on it. The frenzy, as it turned out, was short-
lived. Read more.
[SLATE.COM]
Big Data
FEDERAL GOVERNMENT: One Big Risk With Big Data: Format Lock-In. Insider
threat programs and other long-term Big Data projects demand users take a longer
view than is necessary with most technologies. If the rapid development of new
technologies over the past three decades has taught us anything, it’s that each
successive new technology will undoubtedly be replaced by another. Find out more
[GOVTECHWORKS.COM]
STATE GOVERNMENT: Fearing Hackers, States Start Buying Cyber-Insurance. As the
threat from hackers and cybercriminals intensifies, a growing number of states are
buying cyber insurance to protect themselves – and taxpayers. Read more
[GOVERNING.COM]
Personal Tech
Personal Tech
DOWNLOADS: Resolutions for the Big (and Small) Screens. When it comes to
streaming and downloading movies, find out the difference between standard
definition and the high-definition versions. Read more
[NYTIMES.COM]
TECH TRAVEL: Checking Voice Mail While Abroad. Find out how to check voice mail
on a smartphone when traveling in Europe. Read more.
[NYTIMES.COM]
Personal Tech
STAY ALERT: Technology Can Be A Threat To Your Physical Safety. Discover the
personal safety habits you can practice to stay safe at home and on the go. Find out
more
[FORBES.COM]
HOW TO: Schedule Your Smartphone for a Little Peace and Quiet. Have you signed
up for alerts from a bunch of news sites on your iPhone to keep up with the
headlines, but now they’re waking you up at night with their sounds and turning on
the phone screen? Find out how to mute the noises and phone screen light before
bed without turning off the phone’s alarm clock. Read more
[NYTIMES.COM]
Mobile Applications
Mobile
ANDROIDS: Millions of Android Apps at Risk from Eavesdropper Vulnerability.
Poor mobile app development practices have created the Eavesdropper
vulnerability, which has resulted in a large-scale data exposure from nearly 700
apps in enterprise mobile environments, over 170 of which are live in the official
app stores today. Read more
[INFOSECURITY-MAGAZINE.COM]
iPHONE X: 10 Popular Mobile Apps Optimized for Apple’s iPhone X. The new
iPhone X presents a problem and an opportunity for mobile application developers.
Read more.
[EWEEK.COM]
Mobile
MOBILE APP DEVELOPMENT: IT and ‘Citizen Developers’ Partner on Mobile Apps
and More. With low-code and no-code tools, ordinary business users can quickly
and easily spin up new apps or add features and functions, but IT oversight is
crucial. Find out more
[COMPUTERWORLD.COM]
HEALTH CARE: Mobile Apps – The Future of Cancer Care? From anxiety and pain
self-management to side effect monitoring in clinical trials, mobile applications are
revolutionizing oncology. Researchers say the technology is even transforming
clinical trials themselves. Read more
[CANCERTHERAPYADVISOR.COM]
Programming & Scripting Development
Client & Server-Side
Programming & Scripting Development
Client & Server-Side
PERL: The Most Hated Programming Language. What do computer programmers
not want to code in? Perl, the Old Spice of programming languages, is the most
disliked by a significant margin, reports Stack Overflow. Delphi, used by children to
write viruses for adults, and Visual Basic, used by adults to write games for
children, are running neck-and-neck for second place. Read more
[BOINGBOING.NET]
JAVASCRIPT: At GitHub, JavaScript Rules in Usage, TensorFlow Leads in Forks.
Python and TypeScript makes big gains in pull requests, while Java slips to third
place. Read the rest
[INFOWORLD.COM]
Programming & Scripting Development
Client & Server-Side
ANDROID: Kotlin Expected to Surpass Java as Android Default Programming
Language for Apps. A new report released earlier this week estimates that Kotlin
will surpass Java as the primary programming language used for Android apps by
December 2018. Until earlier this year, Kotlin was a little-known programming
language [1, 2] that was built to run on the Java Virtual Machine, but one that
could also be compiled to JavaScript and could interoperate with Java. The
programming language got a serious boost in the developer community when
Google officially announced earlier this year, at the Google I/O 2017 conference,
that Kotlin will become the first third-party supported programming language for
Android apps, besides Java. Find out more
[BLEEPINGCOMPUTER.COM]
Programming & Scripting Development
Client & Server-Side
MICROSOFT: Azure Functions Adds Support for Java. Azure Functions, Microsoft’s
platform for building serverless applications, has long supported a variety of
programming languages but it’s adding an important one today: Java. Fittingly, the
company made this announcement at the JavaOne conference in San Francisco.
Read more
[TECHCRUNCH.COM]
JAVASCRIPT: What’s New in TypeScript 2.6. TypeScript 2.6 introduces a new strict
checking flag, error suppression comments, and “minor” breaking changes.
Read more
[INFOWORLD.COM]
SURVEY: Most Loathed Programming Language? Here’s How Developers Cast
Their Votes. Developers on Stack Overflow really don’t want to work in Perl and
don’t like Microsoft much either. Read more
[ZDNET.COM]
Programming & Scripting Development
Client & Server-Side
ENTERPRISE-SCALE DEVELOPMENT: What is TypeScript? Industrial-strength
JavaScript. JavaScript is the language of the web, but it’s tough to manage for
enterprise-scale development. TypeScript offers an attractive alternative. Read
more.
[ARNNET.COM.AU]
INTERVIEW: Q&A with Java Chair Heather VanCura. As the current Chair, Heather
VanCura leads the activities of the JCP Program Office, manages its organization’s
membership, guides spec leads and experts through the process, leads the
Executive Committee (EC) meetings, and manages the JCP.org Web site. Read her
insights on the future of Java development. Find out more
[ADTMAG.COM]
Cloud Computing
Cloud Computing
TOP 5 CLOUD-COMPUTING VENDORS: #1 Microsoft, #2 Amazon, #3 IBM, #4
Salesforce, #5 SAP. As businesses move beyond cloud experiments to deeply
strategic deployments, the balance of power in the Cloud Wars Top 10 is shifting
toward those tech providers that can move those business customers past the
infrastructure phase and into the high-value realm of AI-driven competitive
advantage. Read more
[FORBES.COM]
HOW TO: Build a Business Case for Cloud Computing. When planning a migration to
the cloud, what do you need to take into account? Click here for key takeaways.
[ZDNET.COM]
Cloud Computing
ALLIANCE: Salesforce and Google Forge Alliance in Cloud Computing Race.
Emergence of handful of dominant platforms forces others to seek allies. Find out
more
[FT.COM]
TRENDS: 5 Cloud Computing Trends to Prepare for in 2018. As we enter the last
quarter of 2017, business and IT executives are turning more of their attention to
how they can use technology to accomplish their 2018 business objectives. Here’s a
list of five trends in cloud computing that strategic businesses will prepare for in the
coming year. Read more
[NETWORKWORLD.COM]
Announcement
Announcement
Blue Mountain Data Systems DOL Contract Extended Another Six Months
The Department of Labor has extended Blue Mountain Data Systems Inc. contract
DOLOPS16C0017 for 6 months for network administration and application
support.
U.S. Dept. of Labor, Employee Benefits Security Administration
1994 to Present Responsible to the Office of Technology and Information Systems
for information systems architecture, planning, applications development,
networking, administration and IT security, supporting the enforcement of Title I
of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue
Mountain is responsible for design, development and support for its various
enforcement database management systems, as well as all case tracking and
customer service inquiry systems. Blue Mountain also provides IT security services
to the EBSA, in the form of FISMA Assessment and Authorization, System Security
Plans, Risk and vulnerability assessments, monitoring and investigation support.
IT Security | Cybersecurity
IT Security | Cybersecurity
SECURITY: 5 Things You Need to Know About the Future of Cybersecurity. Terrorism
researchers, AI developers, government scientists, threat-intelligence specialists,
investors and startups gathered at the second annual WIRED conference to discuss
the changing face of online security. These are the people who are keeping you safe
online. Their discussions included Daesh’s media strategy, the rise of new forms of
online attacks, how to protect infrastructure, the threat of pandemics and the
dangers of hiring a nanny based on her Salvation Army uniform. Read more
[WIRED.CO.UK]
IT MANAGEMENT: Top 5 Cybersecurity Mistakes IT Leaders Make, and How to Fix
Them. Cybersecurity teams are largely understaffed and underskilled. Here’s how to
get the most out of your workers and keep your business safe. Read more.
[TECHREPUBLIC.COM]
IT Security | Cybersecurity
FEDERAL GOVERNMENT: Rep. Hurd Champions Modernizing Federal Cybersecurity.
The federal government is and will continue to be a target of cyber crimes.
According to the Identity Theft Resource Center, U.S. companies and government
agencies suffered a total of 1,093 data breaches in 2016. Mid-year numbers for 2017
show 791 incidents as of the end of June – a 29 percent increase over the same
period in 2016. With that said, is the government doing enough to prepare for cyber
threats? On this episode of CyberChat, host Sean Kelley, former Environmental
Protection Agency chief information security officer and former Veterans Affairs
Department deputy chief information officer, spoke with Rep. Will Hurd (R-Texas)
about initiatives to modernize the federal cybersecurity space. Read more
[FEDERALNEWSRADIO.COM]
IT Security | Cybersecurity
STATE GOVERNMENT: To Simplify Cybersecurity Regulations, State Groups Ask
Federal Government for Help. A letter to the Office of Management and Budget
says that today’s regulatory environment “hampers” states in their pursuit of cost
savings and IT optimization. Find out more
STATESCOOP.COM]
From the Blue Mountain Data Systems Blog
Programming & Scripting
https://www.bluemt.com/programming-scripting-daily-tech-update-september-
29-2017/
Cloud Computing
https://www.bluemt.com/cloud-computing-daily-tech-update-september-18-
2017/
Business Intelligence
https://www.bluemt.com/business-intelligence-daily-tech-update-september-15-
2017/
Mobile Applications
https://www.bluemt.com/mobile-applications-daily-tech-update-september-11-
2017/
From the Blue Mountain Data Systems Blog
Personal Tech
https://www.bluemt.com/personal-tech-daily-tech-update-september-28-2017/
Databases
https://www.bluemt.com/databases-daily-tech-update-september-21-2017/
Penetration Testing
https://www.bluemt.com/penetration-testing-daily-tech-update-september-26-
2017/
Incident Response
https://www.bluemt.com/incident-response-daily-tech-update-september-14-
2017/
From the Blue Mountain Data Systems Blog
Security Patches
https://www.bluemt.com/security-patches-daily-tech-update-september-22-
2017/
Operating Systems
https://www.bluemt.com/operating-systems-daily-tech-update-september-20-
2017/
Encryption
https://www.bluemt.com/encryption-daily-tech-update-september-19-2017/
Cloud Computing
https://www.bluemt.com/cloud-computing-daily-tech-update-september-18-
2017/
From the Blue Mountain Data Systems Blog
Open Source
https://www.bluemt.com/programming-scripting-daily-tech-update-september-
5-2017/
CTO, CIO and CISO
https://www.bluemt.com/cio-cto-ciso-daily-tech-update-september-6-2017/
Programming & Scripting
https://www.bluemt.com/programming-scripting-daily-tech-update-september-
5-2017/
From the Blue Mountain Data Systems Blog
Security Risks Most Prevalent in Younger Workers
https://www.bluemt.com/security-risks-most-prevalent-in-younger-workers/
The Security World’s Maturation
https://www.bluemt.com/the-security-worlds-maturation/
Data Breach Concerns Keep CISOs Up At Night
https://www.bluemt.com/data-breach-concerns-keep-cisos-up-at-night/
Personalized Govt Equals Instant Gratification for Citizens
https://www.bluemt.com/personalized-govt-equals-instant-gratification-for-
citizens/
From the Blue Mountain Data Systems Blog
People-Centric Security
https://www.bluemt.com/people-centric-security/
Pentagon Tries BYOD To Strike Work/Life Balance
https://www.bluemt.com/pentagon-tries-byod-to-strike-worklife-balance/
Open Source Model Considered for MS Windows
https://www.bluemt.com/open-source-model-considered-for-ms-windows/
Open Internet: To Be or Not to Be?
https://www.bluemt.com/open-internet-to-be-or-not-to-be/
From the Blue Mountain Data Systems Blog
Malware Stays A Step Ahead Infecting One Third of Websites
https://www.bluemt.com/malware-stays-a-step-ahead-infecting-one-third-of-
websites/
Machine-Generated Data: Potential Goldmine for the CIO
https://www.bluemt.com/machine-generated-data-potential-goldmine-for-the-
cio/
Government Legacy Programs: Reuse vs. Replacement
https://www.bluemt.com/government-legacy-programs-reuse-vs-replacement/
It Takes a Whole Village to Protect Networks and Systems
https://www.bluemt.com/it-takes-a-whole-village-to-protect-networks-and-
systems/
From the Blue Mountain Data Systems Blog
Governance For the CIO
https://www.bluemt.com/governance-for-the-cio/
Help Desk Consolidation – Lessons Learned
https://www.bluemt.com/help-desk-consolidation-lessons-learned/
One Year Later, Companies Still Vulnerable to Heartbleed
https://www.bluemt.com/one-year-later-companies-still-vulnerable-to-
heartbleed/
Federal Projects Cultivate Worker Passion
https://www.bluemt.com/federal-projects-cultivate-worker-passion-2/
ABOUT US
Blue Mountain Data Systems Inc.
Blue Mountain Data Systems Inc. is dedicated to application
and systems development, electronic document management,
IT security support, and the automation of workflow processes.
Read more about our experience here:
>> http://bluemt.com/experience
Recent Experience
U.S. Dept. of Labor
Employee Benefits Security Administration
1994 to Present
Responsible to the Office of Technology and Information Systems for information
systems architecture, planning, applications development, networking,
administration and IT security, supporting the enforcement of Title I of the
Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue
Mountain is responsible for design, development and support for its various
enforcement database management systems, as well as all case tracking and
customer service inquiry systems. Blue Mountain also provides IT security services
to the EBSA, in the form of FISMA Assessment and Authorization, System Security
Plans, Risk and vulnerability assessments, monitoring and investigation support.
MANAGEMENT
Paul T. Vesely
Founder, President, CEO and Principal Architect
Mr. Vesely is a recognized thought leader in systems
architecture and delivery, having designed and
delivered many enterprise wide information and
document management solutions. Mr. Vesely’s history
includes 33 years experience in the information
systems industry, with Unisys, Grumman, PRC and a
host of clients in both government and private sectors.
CONTACT US
Contact Us Today to Discuss Your Next IT Project
HEADQUARTERS
366 Victory Drive
Herndon, VA 20170
PHONE 703-502-3416
FAX 703-745-9110
EMAIL
paul@bluemt.com
WEB
https://www.bluemt.com

More Related Content

Recently uploaded

Leveraging AI for Mobile App Testing on Real Devices | Applitools + Kobiton
Leveraging AI for Mobile App Testing on Real Devices | Applitools + KobitonLeveraging AI for Mobile App Testing on Real Devices | Applitools + Kobiton
Leveraging AI for Mobile App Testing on Real Devices | Applitools + KobitonApplitools
 
Ronisha Informatics Private Limited Catalogue
Ronisha Informatics Private Limited CatalogueRonisha Informatics Private Limited Catalogue
Ronisha Informatics Private Limited Catalogueitservices996
 
Enhancing Supply Chain Visibility with Cargo Cloud Solutions.pdf
Enhancing Supply Chain Visibility with Cargo Cloud Solutions.pdfEnhancing Supply Chain Visibility with Cargo Cloud Solutions.pdf
Enhancing Supply Chain Visibility with Cargo Cloud Solutions.pdfRTS corp
 
Strategies for using alternative queries to mitigate zero results
Strategies for using alternative queries to mitigate zero resultsStrategies for using alternative queries to mitigate zero results
Strategies for using alternative queries to mitigate zero resultsJean Silva
 
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...OnePlan Solutions
 
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...Bert Jan Schrijver
 
Keeping your build tool updated in a multi repository world
Keeping your build tool updated in a multi repository worldKeeping your build tool updated in a multi repository world
Keeping your build tool updated in a multi repository worldRoberto Pérez Alcolea
 
Introduction to Firebase Workshop Slides
Introduction to Firebase Workshop SlidesIntroduction to Firebase Workshop Slides
Introduction to Firebase Workshop Slidesvaideheekore1
 
UI5ers live - Custom Controls wrapping 3rd-party libs.pptx
UI5ers live - Custom Controls wrapping 3rd-party libs.pptxUI5ers live - Custom Controls wrapping 3rd-party libs.pptx
UI5ers live - Custom Controls wrapping 3rd-party libs.pptxAndreas Kunz
 
GraphSummit Madrid - Product Vision and Roadmap - Luis Salvador Neo4j
GraphSummit Madrid - Product Vision and Roadmap - Luis Salvador Neo4jGraphSummit Madrid - Product Vision and Roadmap - Luis Salvador Neo4j
GraphSummit Madrid - Product Vision and Roadmap - Luis Salvador Neo4jNeo4j
 
eSoftTools IMAP Backup Software and migration tools
eSoftTools IMAP Backup Software and migration toolseSoftTools IMAP Backup Software and migration tools
eSoftTools IMAP Backup Software and migration toolsosttopstonverter
 
Osi security architecture in network.pptx
Osi security architecture in network.pptxOsi security architecture in network.pptx
Osi security architecture in network.pptxVinzoCenzo
 
Zer0con 2024 final share short version.pdf
Zer0con 2024 final share short version.pdfZer0con 2024 final share short version.pdf
Zer0con 2024 final share short version.pdfmaor17
 
SAM Training Session - How to use EXCEL ?
SAM Training Session - How to use EXCEL ?SAM Training Session - How to use EXCEL ?
SAM Training Session - How to use EXCEL ?Alexandre Beguel
 
Data modeling 101 - Basics - Software Domain
Data modeling 101 - Basics - Software DomainData modeling 101 - Basics - Software Domain
Data modeling 101 - Basics - Software DomainAbdul Ahad
 
VictoriaMetrics Q1 Meet Up '24 - Community & News Update
VictoriaMetrics Q1 Meet Up '24 - Community & News UpdateVictoriaMetrics Q1 Meet Up '24 - Community & News Update
VictoriaMetrics Q1 Meet Up '24 - Community & News UpdateVictoriaMetrics
 
Copilot para Microsoft 365 y Power Platform Copilot
Copilot para Microsoft 365 y Power Platform CopilotCopilot para Microsoft 365 y Power Platform Copilot
Copilot para Microsoft 365 y Power Platform CopilotEdgard Alejos
 
Best Angular 17 Classroom & Online training - Naresh IT
Best Angular 17 Classroom & Online training - Naresh ITBest Angular 17 Classroom & Online training - Naresh IT
Best Angular 17 Classroom & Online training - Naresh ITmanoharjgpsolutions
 
Effectively Troubleshoot 9 Types of OutOfMemoryError
Effectively Troubleshoot 9 Types of OutOfMemoryErrorEffectively Troubleshoot 9 Types of OutOfMemoryError
Effectively Troubleshoot 9 Types of OutOfMemoryErrorTier1 app
 
Amazon Bedrock in Action - presentation of the Bedrock's capabilities
Amazon Bedrock in Action - presentation of the Bedrock's capabilitiesAmazon Bedrock in Action - presentation of the Bedrock's capabilities
Amazon Bedrock in Action - presentation of the Bedrock's capabilitiesKrzysztofKkol1
 

Recently uploaded (20)

Leveraging AI for Mobile App Testing on Real Devices | Applitools + Kobiton
Leveraging AI for Mobile App Testing on Real Devices | Applitools + KobitonLeveraging AI for Mobile App Testing on Real Devices | Applitools + Kobiton
Leveraging AI for Mobile App Testing on Real Devices | Applitools + Kobiton
 
Ronisha Informatics Private Limited Catalogue
Ronisha Informatics Private Limited CatalogueRonisha Informatics Private Limited Catalogue
Ronisha Informatics Private Limited Catalogue
 
Enhancing Supply Chain Visibility with Cargo Cloud Solutions.pdf
Enhancing Supply Chain Visibility with Cargo Cloud Solutions.pdfEnhancing Supply Chain Visibility with Cargo Cloud Solutions.pdf
Enhancing Supply Chain Visibility with Cargo Cloud Solutions.pdf
 
Strategies for using alternative queries to mitigate zero results
Strategies for using alternative queries to mitigate zero resultsStrategies for using alternative queries to mitigate zero results
Strategies for using alternative queries to mitigate zero results
 
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...
 
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...
 
Keeping your build tool updated in a multi repository world
Keeping your build tool updated in a multi repository worldKeeping your build tool updated in a multi repository world
Keeping your build tool updated in a multi repository world
 
Introduction to Firebase Workshop Slides
Introduction to Firebase Workshop SlidesIntroduction to Firebase Workshop Slides
Introduction to Firebase Workshop Slides
 
UI5ers live - Custom Controls wrapping 3rd-party libs.pptx
UI5ers live - Custom Controls wrapping 3rd-party libs.pptxUI5ers live - Custom Controls wrapping 3rd-party libs.pptx
UI5ers live - Custom Controls wrapping 3rd-party libs.pptx
 
GraphSummit Madrid - Product Vision and Roadmap - Luis Salvador Neo4j
GraphSummit Madrid - Product Vision and Roadmap - Luis Salvador Neo4jGraphSummit Madrid - Product Vision and Roadmap - Luis Salvador Neo4j
GraphSummit Madrid - Product Vision and Roadmap - Luis Salvador Neo4j
 
eSoftTools IMAP Backup Software and migration tools
eSoftTools IMAP Backup Software and migration toolseSoftTools IMAP Backup Software and migration tools
eSoftTools IMAP Backup Software and migration tools
 
Osi security architecture in network.pptx
Osi security architecture in network.pptxOsi security architecture in network.pptx
Osi security architecture in network.pptx
 
Zer0con 2024 final share short version.pdf
Zer0con 2024 final share short version.pdfZer0con 2024 final share short version.pdf
Zer0con 2024 final share short version.pdf
 
SAM Training Session - How to use EXCEL ?
SAM Training Session - How to use EXCEL ?SAM Training Session - How to use EXCEL ?
SAM Training Session - How to use EXCEL ?
 
Data modeling 101 - Basics - Software Domain
Data modeling 101 - Basics - Software DomainData modeling 101 - Basics - Software Domain
Data modeling 101 - Basics - Software Domain
 
VictoriaMetrics Q1 Meet Up '24 - Community & News Update
VictoriaMetrics Q1 Meet Up '24 - Community & News UpdateVictoriaMetrics Q1 Meet Up '24 - Community & News Update
VictoriaMetrics Q1 Meet Up '24 - Community & News Update
 
Copilot para Microsoft 365 y Power Platform Copilot
Copilot para Microsoft 365 y Power Platform CopilotCopilot para Microsoft 365 y Power Platform Copilot
Copilot para Microsoft 365 y Power Platform Copilot
 
Best Angular 17 Classroom & Online training - Naresh IT
Best Angular 17 Classroom & Online training - Naresh ITBest Angular 17 Classroom & Online training - Naresh IT
Best Angular 17 Classroom & Online training - Naresh IT
 
Effectively Troubleshoot 9 Types of OutOfMemoryError
Effectively Troubleshoot 9 Types of OutOfMemoryErrorEffectively Troubleshoot 9 Types of OutOfMemoryError
Effectively Troubleshoot 9 Types of OutOfMemoryError
 
Amazon Bedrock in Action - presentation of the Bedrock's capabilities
Amazon Bedrock in Action - presentation of the Bedrock's capabilitiesAmazon Bedrock in Action - presentation of the Bedrock's capabilities
Amazon Bedrock in Action - presentation of the Bedrock's capabilities
 

Featured

Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTExpeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsPixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthThinkNow
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfmarketingartwork
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024Neil Kimberley
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)contently
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024Albert Qian
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsKurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summarySpeakerHub
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next Tessa Mero
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentLily Ray
 
Time Management & Productivity - Best Practices
Time Management & Productivity -  Best PracticesTime Management & Productivity -  Best Practices
Time Management & Productivity - Best PracticesVit Horky
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project managementMindGenius
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...RachelPearson36
 
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Applitools
 

Featured (20)

Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
 
Time Management & Productivity - Best Practices
Time Management & Productivity -  Best PracticesTime Management & Productivity -  Best Practices
Time Management & Productivity - Best Practices
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
 
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
 

Tech Update Summary from Blue Mountain Data Systems November 2017

  • 1. Blue Mountain Data Systems Tech Update Summary November 2017
  • 2.
  • 3. For CTOs, CIOs & CISOs Visit Blue Mountain Data Systems https://www.bluemt.com
  • 4. For CTOs, CIOs & CISOs Every business day, we publish a Daily Tech Update for Federal & State CTOs ,CIOs & CISOs on the Blue Mountain Data Systems Blog. We hope you will visit our blog for the latest information. You can also receive these updates via email. Click here to subscribe. Here’s the summary of the Daily Tech Updates for November 2017. Hope the information and ideas prove useful. Best, Paul Vesely President and Principal Architect Blue Mountain Data Systems Inc.
  • 6. Network Security CISO: Convincing Employees to Care About Network Security. Employees remain the biggest source of corporate cyber risk. According to the “IBM X-Force 2016 Cyber Security Intelligence Index,” staff members are responsible for 60 percent of all digital attacks endured by enterprises. In most cases, there’s no malicious intent. Employees may subvert network security by opening infected email attachments, falling for well-crafted phishing attacks, accessing compromised third-party apps or accidentally posting confidential information on social media sites. Read more [SECURITYINTELLIGENCE.COM]
  • 7. Network Security FEDERAL GOVERNMENT: Consolidating Federal Networks Could Lead to New Security Holes. For years, one of the chief aims of the IT modernization movement has been replacing the federal government’s outdated architecture. Before truly tapping into the transformative power of new software and security tools, the thinking goes, government must first scrap its ancient patchwork networks for a new unified IT infrastructure. Read the rest [FCW.COM] OPINION: Why Chipmakers are Taking IoT Security Into Their Own Hands. As the IoT and chip industry both continue to grow more chipmakers will come to understand the importance of putting security and privacy first. Read more [NETWORKWORLD.COM]
  • 8. Network Security STATES: Federal Government Notifies 21 States of Election Hacking. The federal government has told election officials in 21 states that hackers targeted their systems before last year’s presidential election. The notification came roughly a year after U.S. Department of Homeland Security officials first said states were targeted by hacking efforts possibly connected to Russia. The states that told The Associated Press they had been targeted included some key political battlegrounds, such as Florida, Ohio, Pennsylvania, Virginia and Wisconsin. Find out more [USNEWS.COM]
  • 10. Encyption SECURITY: How Blockchain Encryption Works: It’s All About Math. Riot Blockchain’s CEO John O’Rourke explains how the blockchain encryption mining network works. Read more [TECHREPUBLIC.COM] CISO: Data Storage and Encryption Should Top the CISO’s To-Do List. In today’s digitized world, data storage and encryption are surely top of mind for most chief information officers (CIOs). But given the increasing regulations and privacy implications surrounding data security, these measures should also be on the chief information security officer (CISO)’s agenda. Get the plugin. [SECURITYINTELLIGENCE.COM]
  • 11. Encyption DMARC: States Should Follow Federal Directive to Enhance Email and Web Security. The Department of Homeland Security (DHS) has mandated that all federal executive branch agencies implement Domain-based Message Authentication, Reporting and Conformance (DMARC) to improve email security. In the same directive, DHS also mandated better Web security protections be put into place. State and local governments should follow the lead of their federal counterparts and make implementing DMARC a priority. Here’s why. Find out more [GOVTECH.COM]
  • 12. Encyption INDUSTRY INSIGHT: Don’t Leave Your Front Door Open to Attack. The web has grown to over 1 billion websites. While websites have grown incredibly complex and become a part of our virtual lives, most users and website operator are still focused on functionality. Arguably, there are internet users and website owners concerned about security because of headlines about rampant cyberattacks, data leaks and breaches. But, not all are proactively securing their websites. Here’s why websites can be a treasure trove for attackers. Read more [GCN.COM]
  • 14. Databases MICROSOFT: Enabling Automatic Database Tuning in Azure SQL DB in 2018. Microsoft’s automated and AI-enabled database tuning technology will become the new default configuration on the Azure SQL cloud database in January 2018. Read more [EWEEK.COM] BIG DATA: Neo4j Looks Beyond the Graph Database. Graph database company Neo4j wants to move beyond providing only its graph database, and is working on what it calls a ‘graph platform’ to help companies make the most of their data. Read more. [ZDNET.COM]
  • 15. Databases MySQL: Configuring a MySQL Database on Amazon RDS. Cloud-based database solutions have really taken off in recent years. Although concerns about ownership and security have put a damper on some companies’ aspirations to offload some or all of their database management to a third party, the vast majority of companies have embraced the new paradigm and are reaping substantial financial rewards as a result. Learn about the different cloud database categories, as well as how to configure a MySQL database on the Cloud, using Amazon RDS. Read more [DATABASEJOURNAL.COM]
  • 16. Databases CLOUD: Distributed PostgreSQL Settling Into Cloud. Organizations that want the scalability of a distributed PostgreSQL database but don’t want the hassle of managing it themselves may be interested in the latest news from Citus Data, which has unveiled new options for its hosted, scale-out relational database. Find out more [DATANAMI.COM]
  • 17. More About Blue Mountain BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S. Dept. of Labor, Employee Benefits Security Administration. Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support. Read more.
  • 19. Federal Tech FEDERAL GOVERNMENT: APIs, Shared Services Can Reshape, Modernize Government Technology. The size and scope of the federal government’s information technology landscape only continues to grow and in a way that makes it incredibly difficult to change. In the Federal Chief Information Officers Council’s latest study, the current state of government IT is described as monolithic. And, it is not meant as a compliment. Read more [FEDERALNEWSRADIO.COM]
  • 20. Federal Tech OPINION: Government Efforts to Weaken Privacy are Bad for Business and National Security. The federal government’s efforts to require technology and social media companies to relax product security and consumer privacy standards – if successful – will ultimately make everyone less safe and secure. Read the rest [INFOSECURITY-MAGAZINE.COM] PUBLIC SAFETY: Rapid DNA Technology Gives Law Enforcement Access to Your DNA in 90 Minutes. Before recently-passed legislation, law enforcement agencies had to send DNA samples to government labs and wait for it to get tested, which could take days or even weeks. Find out more [GOVTECH.COM]
  • 21. Federal Tech MODERNIZATION: Making Modernization Happen. Now more than ever before, comprehensive IT modernization for federal agencies is a real possibility. The question that remains is whether President Donald Trump’s words and actions during his first months in office will be sustained by the administration and Congress in the months and years ahead. Read more [FCW.COM]
  • 23. State Tech SURVEY: Cybersecurity Concerns May Keep One in Four Americans from Voting. Cybersecurity concerns may prevent one in four Americans from heading to the polls in November, according to a new survey by cybersecurity firm Carbon Black. The company recently conducted a nationwide survey of 5,000 eligible US voters to determine whether reports of cyberattacks targeting election-related systems are impacting their trust in the US electoral process. The results revealed that nearly half of voters believe the upcoming elections will be influenced by cyberattacks. Consequently, more than a quarter said they will consider not voting in future elections. Read more [HSTODAY.US.COM]
  • 24. State Tech ALASKA: Unique Challenges in IT Consolidation. The Last Frontier is centralizing IT operations under Alaska’s newly created Office of Information Technology. But consolidating IT in a sprawling state like Alaska offers challenges not found in other environments, says the state’s new CIO Bill Vajda. Read the rest [GCN.COM] ALABAMA: Acting CIO Jim Purcell Is a Man on a Mission for Smarter State IT. Jim Purcell wasn’t expecting a call from Alabama’s new governor, Kay Ivey, and he certainly wasn’t expecting her to ask him to head up the Office of Information Technology (OIT) – but that’s exactly what happened last week. Find out more [GOVTECH.COM]
  • 25. State Tech ILLINOIS: Inside a State Digital Transformation. Hardik Bhatt, CIO of the State of Illinois, sought to become the nation’s first Smart State – a process that required reorganizing its 38 IT departments into one, improving government services, and finding new sources of innovation to apply to its revenue model. Within 18 months, Illinois rose in national rankings from the bottom fourth of state governments to the top third. Read more [ENTERPRISERSPROJECT.COM]
  • 27. Electronic Document Management CFPB: Looks to Embrace Cloud for Email, Office Application Needs. The Consumer Financial Protection Bureau wants to move to a public cloud setup for some of its core enterprise apps. The financial watchdog agency recently sent out a Request for Information (RFI) on the process, technical requirements and costs of moving to cloud services in fiscal year 2017. CFPB wants to establish a more complete understanding on the costs associated with moving fully to a cloud solution for email and office applications (e.g., documents, spreadsheets, presentations, SharePoint and more).Read the rest [FEDTECHMAGAZINE.COM]
  • 28. Electronic Document Management ROI: 4 Ways Business Document Management Software Can Save You Money. Lisa Croft, Group Product Marketing Manager at Adobe Document Cloud, talks about the many ways business document management can save your company time, space, and more importantly, loads of money. Here are the four most obvious ways these tools provide excellent return-on-investment. Read more [PCMAG.COM]
  • 30. Section 508 Compliance LEGAL: Credit Unions Experiencing an Increase in ADA Lawsuits. The number of credit unions hit with lawsuits in recent weeks over the accessibility of their websites continued to climb into double digits, and experts warned that even more credit unions could become targets if they don’t get up to speed on the issue. Read more [CUTIMES.COM] TESTING TOOL: Funkify Accessibility Simulator. Funkify is a plugin for Chrome that helps you experience the web and interfaces through the eyes of extreme users with different abilities and disabilities. The free demo version helps web developers, designers and content creators experience the web through the eyes of people with different abilities. Get the plugin. [ACCESSIBLEWEBSITESERVICES.COM]
  • 31. Section 508 Compliance WCAG 2.0: Checklists. It’s extremely useful to have a WCAG 2.0 checklist on hand when you’re working through the guidelines. A WCAG 2.0 checklist helps you to check your web accessibility progress, record how far you’ve come and set your targets out for the future. Find out more [WUHCAG.COM] WEBSITE AUDITOR: The Hot Job Title You Want. “The web accessibility compliance auditor is a field that every computer science and information systems student should think of pursing,” says Dr. James Logan, who is the quality assurance manager for Georgia Institute of Technology’s Enterprise Information Systems. “It really is just an extension of information systems. The field has so many opportunities for web developers.” Read more [BLACKENGINEER.COM]
  • 32. Section 508 Compliance CITIES: 3 Easy Steps to City Website Accessibility for WCAG 2.0 AA. Beginning January 18, 2018, all federal, state and local websites must meet Web Content Accessibility Guidelines (WCAG 2.0 AA) adopted as part of updates to existing federal laws governing equal access to government services – Section 508 of the Rehabilitation Act of 1973. Jurisdictions that do not comply with these guidelines risk lawsuits from private citizens, as well as legal action by the Department of Justice, which has taken the position that websites offering goods or services to consumers are places of public accommodation and must be accessible to the disabled. Here are three key website content areas where agencies can make adjustments to help their customers find and understand the information they need from their local government’s website – regardless of age or disability. Read more [EFFICIENTGOV.COM]
  • 33. Section 508 Compliance ECOMMERCE: Online Retailers Beware: Court Holds Website Violates ADA Despite Lack of Physical Store . Courts across the country continue to weigh in on the issue of website accessibility. Last week, the U.S. District Court for the District of New Hampshire denied a motion to dismiss filed by online food delivery servicer Blue Apron. In denying the motion, the court found that Blue Apron’s website is a place of public accommodation – despite the fact that Blue Apron operates only online and has no traditional brick and mortar locations. Read more. [LEXOLOGY.COM]
  • 34. Section 508 Compliance CAREERS & WORKPLACE: Websites Are the Next Frontier of ADA Compliance. While the DOJ continues to delay the rule-making process and the roll out of any final rules, companies should beware. Federal court lawsuits based on alleged website inaccessibility have spiked since the beginning of 2015 with several hundred filed against a wide spectrum of businesses – from retailers to restaurants – that provide public accommodation. Find out more [BIZJOURNALS.COM]
  • 35. Section 508 Compliance LEGAL: Location, Location, Location: New Website Accessibility Decision May Encourage Forum Shopping. On November 8, 2017, the U.S. District Court for the District of New Hampshire joined the ranks of the federal courts that have held that a website itself is a place of public accommodation—even if the business that maintains the website does not own or operate any physical place of public accommodation. The defendant in this case operates an online-only business and does not own or operate any traditional brick and mortar locations. The websites of such online-only businesses have been subject to increasing attack. Read more [NATLAWREVIEW.COM]
  • 36. Section 508 Compliance ONLINE COURSE: Digital Accessibility: Enabling Participation in the Information Society. This course will help you to understand how those with sensory, physical and cognitive impairments may be disabled by barriers encountered when using digital technologies. The course will highlight how the use of accessible and inclusive design can help overcome many of these difficulties. Get the plugin. [FUTURELEARN.COM] PR: How PR Firms Need to Navigate Website Compliance Under the Americans with Disabilities Act. Here’s what the ADA means for websites, and what PR pros need to know. Find out more [PRWEEK.COM]
  • 38. Security Patches MICROSOFT: Thanksgiving Turkeys: One Patch Disappears, Another Yanked. If you’re just coming back from the long US Thanksgiving weekend, all sorts of Windows patch inanities await. The Epson dot matrix bug in this month’s security patches was fixed for older versions of Windows, but .NET patch KB 4049016 and others got pulled. Read more [COMPUTERWORLD.COM] REPORT: Java Developers Aren’t Applying Security Patches. Application security vendor Veracode has released the “2017 State of Software Security Report,” and the results paint an unflattering picture of Java developers. An alarming 88 percent of Java applications contain at least one vulnerable component, the report’s authors found. Why? Developers don’t patch components in production once vulnerabilities are found and new versions of those components are released. Get the plugin. [ADTMAG.COM]
  • 39. Security Patches WORDPRESS: Patches SQL Injection Bug in Security Release. A bug discovered in WordPress allows attackers to trigger an SQL injection attack leading to complete website hijacking. The vulnerability CVE-2017-14723 was discovered in the WordPress content management system (CMS) versions 4.8.2 and below. Webmasters should update immediately to prevent website takeovers. Find out more [ZDNET.COM] INTEL: Patches Management Engine for Critical Vulnerabilities. Intel issued a critical firmware update on Nov. 20 for a set of eight vulnerabilities that impact the Intel Management Engine firmware. “In response to issues identified by external researchers, Intel has performed an in-depth comprehensive security review of our Intel Management Engine (ME), Intel Server Platform Services (SPS), and Intel Trusted Execution Engine (TXE) with the objective of enhancing firmware resilience,” Intel stated in an advisory. Read more [EWEEK.COM]
  • 40. CIO, CTO & CISO
  • 41. For the CIO, CTO & CISO CIO: Interview with Alin D’Silva, Vice President of IT and CTO of Digital Workplace at Verizon. While it may seem more straightforward for technology-oriented companies to continue accelerating their digital transformations, they face the same challenges as any other. Alin D’Silva, Vice President of IT and CTO of Digital Workplace at Verizon, shares his thoughts on some of those challenges and what motivates him to drive forward. Read more [CIO.COM]
  • 42. CIO, CTO & CISO CTO: Tom Eck, CTO Industry Platforms IBM Sweet Talks Fintech. Despite the burgeoning fintech startup market, the broader financial services market struggles to engage. Financial institutions want to move with the agility of a fintech, but without ‘breaking the bank’, says Tom Eck, global chief technology officer of industry platforms at IBM.According to Eck, IBM financial services clients are keen to experiment and get products to market fast, but they don’t have the freedom to make certain types of mistakes. Read the rest [DIGINOMICA.COM]
  • 43. CIO, CTO & CISO CISO: An 18F for Cyber? DHS CISO Wants One. Department of Homeland Security CISO Jeff Eisensmith wants the federal government to establish a team of cybersecurity experts akin to the General Services Administration’s 18F digital service team. Find out more [FEDSCOOP.COM] INTERVIEW: Nordic CIO interview: Filippa Jennersjö, Sweden’s Public Employment Agency. The CIO at Sweden’s Public Employment Agency has been bringing the organisation in line with other departments’ digital developments. Read more [COMPUTERWEEKLY.COM]
  • 45. Penetration Testing FEDERAL GOVERNMENT: Whitehouse Renews Call for Cyber IG. Sen. Sheldon Whitehouse (D-R.I.) is looking to establish a cybersecurity inspector general with the authority to probe federal networks for weaknesses. A cyber IG, Whitehouse argues, would be a way to recruit cybersecurity experts who would prefer to focus on penetration testing and other white hat activities, rather than toil in one of the more than 70 IG offices around government. Read more [FCW.COM]
  • 46. Penetration Testing IoT: Security For Embedded Electronics. One of the biggest challenges for embedded devices and systems, especially those employed in the Internet of Things, is adequately protecting them from increasingly sophisticated hacking. This is a new tool for criminal enterprises, and a very lucrative one because it can be done remotely with little fear of being caught. Even when hackers are caught, they rarely are prosecuted, which has not gone unnoticed by criminal enterprises. A lack of reprisal has allowed them to recruit some of the best and brightest programmers. Read more. [SEMIENGINEERING.COM]
  • 47. Penetration Testing ELECTIONS: Senator Calls on Voting Machine Makers to Detail How They’ll Prevent Hacks. One of the Senate’s main cybersecurity proponents wants assurances that voting systems in the U.S. are ready for their next major threat and he’s going straight to the hardware makers to get it. In a letter, Oregon Senator Ron Wyden — an outspoken member of the Senate Intelligence Committee — called on six of the main voting machine manufacturers in the U.S. to provide details about their cybersecurity efforts to date. The request comes on the heels of emerging details around Russia’s successful attempts to hack election systems in many states. Find out more [TECHCRUNCH.COM]
  • 48. Penetration Testing COMMUNICATIONS: Secure Communications Across Radio and Cell Networks. To help eliminate the communications problems that plague first responders, Lockheed Martin has teamed with Blue Cedar to enable secure communications across multiple devices. Also intended for military or remote users, Lockheed’s Universal Communications Platform (UCP) hub bridges communications across land mobile radios, voice-over-IP, smartphones and other networks, allowing interoperability between multiple types of secure radio and cellular communications. The UCP Communicator app can be downloaded to commercial smartphones, expanding secure communications to users without access to radio equipment. Read more [GCN.COM]
  • 50. Open Source BUSINESS: Giving Open-Source Projects Life After a Developer’s Death. You’ve probably never heard of the late Jim Weirich or his software. But you’ve almost certainly used apps built on his work. Weirich helped create several key tools for Ruby, the popular programming language used to write the code for sites like Hulu, Kickstarter, Twitter, and countless others. His code was open source, meaning that anyone could use it and modify it. “He was a seminal member of the western world’s Ruby community,” says Justin Searls, a Ruby developer and co-founder of the software company Test Double. When Weirich died in 2014, Searls noticed that no one was maintaining one of Weirich’s software-testing tools. That meant there would be no one to approve changes if other developers submitted bug fixes, security patches, or other improvements. Any tests that relied on the tool would eventually fail, as the code became outdated and incompatible with newer tech. Read more [WIRED.COM]
  • 51. Open Source OPEN STACK: Next Mission – Bridging the Gaps Between Open Source Projects. OpenStack, the massive open source project that provides large businesses with the software tools to run their data center infrastructure, is now almost eight years old. While it had its ups and downs, hundreds of enterprises now use it to run their private clouds and there are even over two dozen public clouds that use the project’s tools. Users now include the likes of AT&T, Walmart, eBay, China Railway, GE Healthcare, SAP, Tencent and the Insurance Australia Group, to name just a few. Read the rest [TECHCRUNCH.COM] REPORT: Open Source Software Projects are Maturing. Electronic design automation company Synopsys released the findings of its 2017 Coverity Scan Report, which shows an increased of “project maturity” in the over 4,600 open source software projects analyzed based on certain secure development strategies. Find out more [SDTIMES.COM]
  • 52. Open Source FEDERAL NEWS: How One Contractor Belittled the White House’s IT Modernization Strategy. The White House is busily reviewing more than 90 comments on its draft IT modernization strategy. The comments came from industry associations, specific companies and individuals, including federal employees, and most were pretty vanilla, offering basic support for the initiatives in the draft strategy and insights, both generally and specific to the organizations’ or vendors’ area of expertise. But none was more fascinating then the flames Oracle decided to throw about the entire IT modernization effort over the last nine years. Read more [FEDERALNEWSRADIO.COM]
  • 54. Business Intelligence READ: 12 Ways to Empower Government Users with the Microsoft Business Intelligence (MBI) Stack. Are your organization’s Federal IT resources under constant pressure, with no end in sight? Your agency is not alone. With limited access to dedicated information technology resources, non-technical end users often play the waiting game, relying on IT staff to do simple tasks like generating custom queries and embedding them within applications. Your department’s need to generate on demand, ad hoc reports gets pushed to the back burner while IT resources respond to more pressing matters. Implementing a self-service approach alleviates your IT staff from such tasks, affording them more time to focus on solving high impact problems. Read more [BLUEMT.COM]
  • 55. Business Intelligence REPORT: 2017 State Of Business Intelligence And Predictive Analytics. Insights gained from interviews with Dresner Advisory Service’s research community of over 3,000 organizations, in addition to vendor customer community interviews. 57% of respondents are from North America, 31% from Europe, the Middle East & Africa, with the remaining 12% from Asia-Pacific (8%) and Latin America (4%). For additional details regarding the methodology, please see page 11 of the study. Industry interest in advanced and predictive analytics grew sharply in 2017, with business intelligence experts, business analysts, and statisticians/data scientists being the most prevalent early adopters. Click here for key takeaways. [FORBES.COM]
  • 56. Business Intelligence READ: Business Intelligence vs. Business Analytics: Where BI Fits Into Your Data Strategy. While BI leverages past and present data to describe the state of your business today, business analytics mines data to predict where your business is heading and prescribe actions to maximize beneficial outcomes. Find out more [CIO.COM] U.S. GOVT FINANCE: 11 Ways to Speed Up Government Procurement. Buying with public money is difficult by design, but are there fair ways to fix it? Read more [GOVTECH.COM]
  • 58. Operating Systems NEWS: All Operating Systems Are Susceptible to This WiFi Attack. With so many consumers relying on mobile devices these days, it is no surprise criminals continue to look for new ways to take advantage. A new exploit recently uncovered by researchers shows how assailants can read WiFi-based traffic between devices. Around 41% of all current Android devices are susceptible to such an exploit. This issue goes well beyond mobile devices, although Linux-based devices are most prone to attack. Read more [THEMERKLE.COM]
  • 59. Operating Systems APPLE: Operating Systems Vulnerable to Password Theft. Apple released a new macOS operating system Monday, but already security experts are saying it is vulnerable to a zero-day exploit that puts users’ passwords at risk. Read the rest [CONSUMERAFFAIRS.COM] MICROSOFT: Has Already Fixed the Wi-Fi Attack Vulnerability. Microsoft says it has already fixed the problem for customers running supported versions of Windows. “We have released a security update to address this issue,” says a Microsoft spokesperson in a statement to The Verge. “Customers who apply the update, or have automatic updates enabled, will be protected. We continue to encourage customers to turn on automatic updates to help ensure they are protected.” Microsoft says the Windows updates released on October 10th protect customers, and the company “withheld disclosure until other vendors could develop and release updates.” Find out more [THEVERGE.COM]
  • 60. Operating Systems DHS: Mandates New Security Standards for Federal Networks. The Department of Homeland Security is requiring agencies to use new email and web security guidelines that address man-in-the-middle attacks. A binding operational directive from DHS gives federal agencies 90 days to implement a pair of tools, Domain- based Message Authentication Reporting and Conformance (DMARC) and STARTTLS. DMARC is an email authentication tool designed to prevent email spoofing and provide data on where a forgery may have originated. STARTTLS helps protect against passive man-in-the-middle attacks by allowing for email encryption while data is in transit. The directive also requires agencies to switch all publicly accessible federal websites to HTTPS and HSTS-secure connections within 120 days. Doing so could potentially eliminate a large swath of security flaws that affect most federal government websites. Find out more [FCW.COM]
  • 61. BYOD
  • 62. BYOD SURVEY: The Evolution of BYOD Security in a Mobile-First World. Bitglass’ research team surveyed 200 IT and security professionals at a national Gartner conference to learn more about the evolution of BYOD security in a mobile-first world. According to the research, one in four organizations lack some form of multi-factor authentication when securing BYOD, which is consistent with well-known enterprise security gaps. Using compromised passwords to control access and single-factor authentication has resulted in several high-profile data breaches in recent months. Enterprises have since turned to technology as a means of solving the secure identity management challenge. Read more [HELPNETSECURITY.COM]
  • 63. BYOD SECURITY: Quarter of Firms Allow Password-Only BYOD Security. Over a quarter (28%) of organizations rely solely on user-generated passwords to secure BYOD, potentially exposing countless endpoints to credential guessing, cracking and theft. Read more. [INFOSECURITY-MAGAZINE.COM] MESSAGING: The Risks of Messaging Apps in BYOD. Are using messaging apps adding another layer of risk to your business information? Quite possibly, according to research from Infinite Convergence Solutions and 451 Research. That’s because employees are using unsecure messaging applications to communicate with each other, with nearly three in four employees using consumer messaging apps for business purposes. Yet, nearly two-thirds of organizations have done nothing to create security policies around their use. Find out more [ITBUSINESSEDGE.COM]
  • 64. BYOD READ: Hackers Reveal Leading Enterprise Security Blind Spots. When it comes to cybersecurity, hackers said mobile devices are a critical blind spot. This is unsurprising considering bring-your-own-device (BYOD) policies which connect unknown mobile devices, OS versions, and patch processes to corporate networks. Read more [ZDNET.COM]
  • 66. Incident Response NIST: How to Recover from Cyber Incidents in Government. What actions do organizations need to take to prepare for cybersecurity incidents? The National Institute of Standards and Technology (NIST) has answers in Special Publication 800- 184, titled: ‘Guide for Cybersecurity Event Recovery.’ Here’s an exclusive interview with one of the authors. Read more [GOVTECH.COM] AUSTRALIA: Government Reveals Draft Digital Identity Framework. A series of documents outlining the security and usability standards by which Australians’ digital identity information is to be collected, stored, and used has been released by the government. Read more. [ZDNET.COM]
  • 67. Incident Response CYBERSECURITY: How to Fix Information Sharing, According to Industry. Secret cyber threat data and a clunky clearance process are barriers to bidirectional information sharing, industry representatives told the House Homeland Security Committee’s Cybersecurity and Infrastructure subcommittee on Nov. 16. Find out more FCW.COM] FEDERAL GOVERNMENT: Top 17 State & Local Cybersecurity Leaders to Watch. Here’s a cross-section of government’s best state and local cybersecurity talent, assembled through StateScoop’s own stories and reporting; from the recommendations of leaders across the state and local government technology industry; and by the suggestions of nonprofits and associations across the space. Read more [STATESCOOP.COM]
  • 69. Cybersecurity MICROSOFT: A Pictorial Walk-Through Of Microsoft’s New Cybersecurity Tools. Cybersecurity should be on every person’s mind in 2017, and certainly every lawyer’s. Here’s why…Read more [ABOVETHELAW.COM] FEDERAL GOVT: U.S. Government Cybersecurity Lags Behind That of a Fast Food Joint, Say Analysts. The American federal government and countless state and local governments throughout the U.S. are more vulnerable to cyberattacks than your local McDonald’s. A new study ranking the cybersecurity of 18 industries “paints a grim picture” with the U.S. government 16th when it comes to protecting its computer systems and data from hackers. Read the rest [NEWSWEEK.COM]
  • 70. Cybersecurity DATA: The Piece of Cybersecurity Feds Can No Longer Ignore. The Trump administration needs to work with Congress to fully fund the Department of Homeland Security’s Continuous Diagnostics and Mitigation program. Find out more [FEDTECHMAGAZINE.COM] STATE & LOCAL GOVERNMENT: Annual Cybersecurity Review for State and Local Government Approaches. Non-federal agencies still ride low on the maturity benchmark, but the increased political attention around cybersecurity could improve results in the coming survey period. Find out more about the study results [STATESCOOP.COM]
  • 72. IT Management READ: All Management Is Change Management. Change management is having its moment. There’s no shortage of articles, books, and talks on the subject. But many of these indicate that change management is some occult subspecialty of management, something that’s distinct from “managing” itself. This is curious given that, when you think about it, all management is the management of change. Read more [HBR.ORG] NARA: Improvements Seen in Federal Records Management, but ‘There is Work to be Done’. Compliance, collaboration and accountability are the themes of the National Archives’ recommendations to agencies for improving how they handle paper – and electronic – trails. That’s according to NARA’s 2016 Federal Agency Records Management Annual Report. Read more. [FEDERALNEWSRADIO.COM]
  • 73. IT Management FINANCIAL: Washington State’s Strategy for Tracking IT Spending. The state of Washington’s first efforts to bring technology business management to its IT spending practices began in 2010 when the legislature mandated annual reports and specific evaluation requirements for investments. As interest grew in monitoring the cost of IT along with the business services IT provides, officials in the Washington’s Office of the CIO worked to refine the strategy through the creation of a state TBM program. Find out more [GCN.COM]
  • 74. IT Management HR: A Blueprint for Improving Government’s HR Function. Government, at its core, is its employees and their commitment to serve the country. That fact is too often overlooked. While technology enables employees to make better, faster decisions, until artificial intelligence replaces the acquired knowledge of employees, agency performance will continue to depend on the skill and dedication of government workers. As such, civil service reform is increasingly important because workforce rules and regulations are out of sync with current management thinking. To use a basketball analogy, government is still shooting two handed set shots. Read more [GOVEXEC.COM]
  • 76. Application Development INDUSTRY INSIGHT: 4 Steps to Agile Success. There’s a noticeable shift toward agile development taking place within the federal government. Driven by a need for accelerated application development and meeting internal customers’ needs on the very first attempt, agencies like the General Services Administration and Department of Homeland Security have begun to move away from traditional waterfall project management frameworks and toward iterative, agile frameworks like scrum. Read more [GCN.COM]
  • 77. Application Development IT MODERNIZATION: 3 Strategies for Building Successful Agile Teams. Is the federal government truly ready to embrace agile software development? Successful agile environments do not start with technology; they start with creating the right team. This can be harder than it may first appear, because agile challenges preconceived norms of how federal IT teams should be structured and the way they approach projects. Agile teams are typically a combination of individual contributors (particularly those from development and quality assurance backgrounds) who rarely work together but must now collaborate to achieve common goals. Read the rest [NEXTGOV.COM] ENTERPRISE: Air Force Intelligence Unit Goes Agile. The US Air Force is determined to get more agile to produce applications that can be useful in times of conflict. Find out more [INFORMATIONWEEK.COM]
  • 78. Application Development PEOPLE & CAREERS: Sloughing Off the Government Stereotypes. What are CIOs doing to lure millennials into government IT? Government CIOs across the board are being forced to confront the retirement wave that’s about to decimate their ranks. But does the next generation of IT pros want the jobs their parents and grandparents are leaving behind? Read more [GOVTECH.COM]
  • 80. Big Data PREDICTIONS: 10 Predictions For AI, Big Data, And Analytics in 2018. A new Forrester Research report, Predictions 2018: The Honeymoon For AI Is Over, predicts that in 2018 enterprises will finally move beyond the hype to recognize that AI requires hard work—planning, deploying, and governing it correctly. Read more [FORBES.COM] READ: How “Big Data” Went Bust. Barack Obama’s White House launched a $200 million national big data initiative, and the frenzy commenced: Academia, nonprofits, governments, and companies raced to figure out just what “big data” was and how they could capitalize on it. The frenzy, as it turned out, was short- lived. Read more. [SLATE.COM]
  • 81. Big Data FEDERAL GOVERNMENT: One Big Risk With Big Data: Format Lock-In. Insider threat programs and other long-term Big Data projects demand users take a longer view than is necessary with most technologies. If the rapid development of new technologies over the past three decades has taught us anything, it’s that each successive new technology will undoubtedly be replaced by another. Find out more [GOVTECHWORKS.COM] STATE GOVERNMENT: Fearing Hackers, States Start Buying Cyber-Insurance. As the threat from hackers and cybercriminals intensifies, a growing number of states are buying cyber insurance to protect themselves – and taxpayers. Read more [GOVERNING.COM]
  • 83. Personal Tech DOWNLOADS: Resolutions for the Big (and Small) Screens. When it comes to streaming and downloading movies, find out the difference between standard definition and the high-definition versions. Read more [NYTIMES.COM] TECH TRAVEL: Checking Voice Mail While Abroad. Find out how to check voice mail on a smartphone when traveling in Europe. Read more. [NYTIMES.COM]
  • 84. Personal Tech STAY ALERT: Technology Can Be A Threat To Your Physical Safety. Discover the personal safety habits you can practice to stay safe at home and on the go. Find out more [FORBES.COM] HOW TO: Schedule Your Smartphone for a Little Peace and Quiet. Have you signed up for alerts from a bunch of news sites on your iPhone to keep up with the headlines, but now they’re waking you up at night with their sounds and turning on the phone screen? Find out how to mute the noises and phone screen light before bed without turning off the phone’s alarm clock. Read more [NYTIMES.COM]
  • 86. Mobile ANDROIDS: Millions of Android Apps at Risk from Eavesdropper Vulnerability. Poor mobile app development practices have created the Eavesdropper vulnerability, which has resulted in a large-scale data exposure from nearly 700 apps in enterprise mobile environments, over 170 of which are live in the official app stores today. Read more [INFOSECURITY-MAGAZINE.COM] iPHONE X: 10 Popular Mobile Apps Optimized for Apple’s iPhone X. The new iPhone X presents a problem and an opportunity for mobile application developers. Read more. [EWEEK.COM]
  • 87. Mobile MOBILE APP DEVELOPMENT: IT and ‘Citizen Developers’ Partner on Mobile Apps and More. With low-code and no-code tools, ordinary business users can quickly and easily spin up new apps or add features and functions, but IT oversight is crucial. Find out more [COMPUTERWORLD.COM] HEALTH CARE: Mobile Apps – The Future of Cancer Care? From anxiety and pain self-management to side effect monitoring in clinical trials, mobile applications are revolutionizing oncology. Researchers say the technology is even transforming clinical trials themselves. Read more [CANCERTHERAPYADVISOR.COM]
  • 88. Programming & Scripting Development Client & Server-Side
  • 89. Programming & Scripting Development Client & Server-Side PERL: The Most Hated Programming Language. What do computer programmers not want to code in? Perl, the Old Spice of programming languages, is the most disliked by a significant margin, reports Stack Overflow. Delphi, used by children to write viruses for adults, and Visual Basic, used by adults to write games for children, are running neck-and-neck for second place. Read more [BOINGBOING.NET] JAVASCRIPT: At GitHub, JavaScript Rules in Usage, TensorFlow Leads in Forks. Python and TypeScript makes big gains in pull requests, while Java slips to third place. Read the rest [INFOWORLD.COM]
  • 90. Programming & Scripting Development Client & Server-Side ANDROID: Kotlin Expected to Surpass Java as Android Default Programming Language for Apps. A new report released earlier this week estimates that Kotlin will surpass Java as the primary programming language used for Android apps by December 2018. Until earlier this year, Kotlin was a little-known programming language [1, 2] that was built to run on the Java Virtual Machine, but one that could also be compiled to JavaScript and could interoperate with Java. The programming language got a serious boost in the developer community when Google officially announced earlier this year, at the Google I/O 2017 conference, that Kotlin will become the first third-party supported programming language for Android apps, besides Java. Find out more [BLEEPINGCOMPUTER.COM]
  • 91. Programming & Scripting Development Client & Server-Side MICROSOFT: Azure Functions Adds Support for Java. Azure Functions, Microsoft’s platform for building serverless applications, has long supported a variety of programming languages but it’s adding an important one today: Java. Fittingly, the company made this announcement at the JavaOne conference in San Francisco. Read more [TECHCRUNCH.COM] JAVASCRIPT: What’s New in TypeScript 2.6. TypeScript 2.6 introduces a new strict checking flag, error suppression comments, and “minor” breaking changes. Read more [INFOWORLD.COM] SURVEY: Most Loathed Programming Language? Here’s How Developers Cast Their Votes. Developers on Stack Overflow really don’t want to work in Perl and don’t like Microsoft much either. Read more [ZDNET.COM]
  • 92. Programming & Scripting Development Client & Server-Side ENTERPRISE-SCALE DEVELOPMENT: What is TypeScript? Industrial-strength JavaScript. JavaScript is the language of the web, but it’s tough to manage for enterprise-scale development. TypeScript offers an attractive alternative. Read more. [ARNNET.COM.AU] INTERVIEW: Q&A with Java Chair Heather VanCura. As the current Chair, Heather VanCura leads the activities of the JCP Program Office, manages its organization’s membership, guides spec leads and experts through the process, leads the Executive Committee (EC) meetings, and manages the JCP.org Web site. Read her insights on the future of Java development. Find out more [ADTMAG.COM]
  • 94. Cloud Computing TOP 5 CLOUD-COMPUTING VENDORS: #1 Microsoft, #2 Amazon, #3 IBM, #4 Salesforce, #5 SAP. As businesses move beyond cloud experiments to deeply strategic deployments, the balance of power in the Cloud Wars Top 10 is shifting toward those tech providers that can move those business customers past the infrastructure phase and into the high-value realm of AI-driven competitive advantage. Read more [FORBES.COM] HOW TO: Build a Business Case for Cloud Computing. When planning a migration to the cloud, what do you need to take into account? Click here for key takeaways. [ZDNET.COM]
  • 95. Cloud Computing ALLIANCE: Salesforce and Google Forge Alliance in Cloud Computing Race. Emergence of handful of dominant platforms forces others to seek allies. Find out more [FT.COM] TRENDS: 5 Cloud Computing Trends to Prepare for in 2018. As we enter the last quarter of 2017, business and IT executives are turning more of their attention to how they can use technology to accomplish their 2018 business objectives. Here’s a list of five trends in cloud computing that strategic businesses will prepare for in the coming year. Read more [NETWORKWORLD.COM]
  • 97. Announcement Blue Mountain Data Systems DOL Contract Extended Another Six Months The Department of Labor has extended Blue Mountain Data Systems Inc. contract DOLOPS16C0017 for 6 months for network administration and application support. U.S. Dept. of Labor, Employee Benefits Security Administration 1994 to Present Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support.
  • 98. IT Security | Cybersecurity
  • 99. IT Security | Cybersecurity SECURITY: 5 Things You Need to Know About the Future of Cybersecurity. Terrorism researchers, AI developers, government scientists, threat-intelligence specialists, investors and startups gathered at the second annual WIRED conference to discuss the changing face of online security. These are the people who are keeping you safe online. Their discussions included Daesh’s media strategy, the rise of new forms of online attacks, how to protect infrastructure, the threat of pandemics and the dangers of hiring a nanny based on her Salvation Army uniform. Read more [WIRED.CO.UK] IT MANAGEMENT: Top 5 Cybersecurity Mistakes IT Leaders Make, and How to Fix Them. Cybersecurity teams are largely understaffed and underskilled. Here’s how to get the most out of your workers and keep your business safe. Read more. [TECHREPUBLIC.COM]
  • 100. IT Security | Cybersecurity FEDERAL GOVERNMENT: Rep. Hurd Champions Modernizing Federal Cybersecurity. The federal government is and will continue to be a target of cyber crimes. According to the Identity Theft Resource Center, U.S. companies and government agencies suffered a total of 1,093 data breaches in 2016. Mid-year numbers for 2017 show 791 incidents as of the end of June – a 29 percent increase over the same period in 2016. With that said, is the government doing enough to prepare for cyber threats? On this episode of CyberChat, host Sean Kelley, former Environmental Protection Agency chief information security officer and former Veterans Affairs Department deputy chief information officer, spoke with Rep. Will Hurd (R-Texas) about initiatives to modernize the federal cybersecurity space. Read more [FEDERALNEWSRADIO.COM]
  • 101. IT Security | Cybersecurity STATE GOVERNMENT: To Simplify Cybersecurity Regulations, State Groups Ask Federal Government for Help. A letter to the Office of Management and Budget says that today’s regulatory environment “hampers” states in their pursuit of cost savings and IT optimization. Find out more STATESCOOP.COM]
  • 102. From the Blue Mountain Data Systems Blog Programming & Scripting https://www.bluemt.com/programming-scripting-daily-tech-update-september- 29-2017/ Cloud Computing https://www.bluemt.com/cloud-computing-daily-tech-update-september-18- 2017/ Business Intelligence https://www.bluemt.com/business-intelligence-daily-tech-update-september-15- 2017/ Mobile Applications https://www.bluemt.com/mobile-applications-daily-tech-update-september-11- 2017/
  • 103. From the Blue Mountain Data Systems Blog Personal Tech https://www.bluemt.com/personal-tech-daily-tech-update-september-28-2017/ Databases https://www.bluemt.com/databases-daily-tech-update-september-21-2017/ Penetration Testing https://www.bluemt.com/penetration-testing-daily-tech-update-september-26- 2017/ Incident Response https://www.bluemt.com/incident-response-daily-tech-update-september-14- 2017/
  • 104. From the Blue Mountain Data Systems Blog Security Patches https://www.bluemt.com/security-patches-daily-tech-update-september-22- 2017/ Operating Systems https://www.bluemt.com/operating-systems-daily-tech-update-september-20- 2017/ Encryption https://www.bluemt.com/encryption-daily-tech-update-september-19-2017/ Cloud Computing https://www.bluemt.com/cloud-computing-daily-tech-update-september-18- 2017/
  • 105. From the Blue Mountain Data Systems Blog Open Source https://www.bluemt.com/programming-scripting-daily-tech-update-september- 5-2017/ CTO, CIO and CISO https://www.bluemt.com/cio-cto-ciso-daily-tech-update-september-6-2017/ Programming & Scripting https://www.bluemt.com/programming-scripting-daily-tech-update-september- 5-2017/
  • 106. From the Blue Mountain Data Systems Blog Security Risks Most Prevalent in Younger Workers https://www.bluemt.com/security-risks-most-prevalent-in-younger-workers/ The Security World’s Maturation https://www.bluemt.com/the-security-worlds-maturation/ Data Breach Concerns Keep CISOs Up At Night https://www.bluemt.com/data-breach-concerns-keep-cisos-up-at-night/ Personalized Govt Equals Instant Gratification for Citizens https://www.bluemt.com/personalized-govt-equals-instant-gratification-for- citizens/
  • 107. From the Blue Mountain Data Systems Blog People-Centric Security https://www.bluemt.com/people-centric-security/ Pentagon Tries BYOD To Strike Work/Life Balance https://www.bluemt.com/pentagon-tries-byod-to-strike-worklife-balance/ Open Source Model Considered for MS Windows https://www.bluemt.com/open-source-model-considered-for-ms-windows/ Open Internet: To Be or Not to Be? https://www.bluemt.com/open-internet-to-be-or-not-to-be/
  • 108. From the Blue Mountain Data Systems Blog Malware Stays A Step Ahead Infecting One Third of Websites https://www.bluemt.com/malware-stays-a-step-ahead-infecting-one-third-of- websites/ Machine-Generated Data: Potential Goldmine for the CIO https://www.bluemt.com/machine-generated-data-potential-goldmine-for-the- cio/ Government Legacy Programs: Reuse vs. Replacement https://www.bluemt.com/government-legacy-programs-reuse-vs-replacement/ It Takes a Whole Village to Protect Networks and Systems https://www.bluemt.com/it-takes-a-whole-village-to-protect-networks-and- systems/
  • 109. From the Blue Mountain Data Systems Blog Governance For the CIO https://www.bluemt.com/governance-for-the-cio/ Help Desk Consolidation – Lessons Learned https://www.bluemt.com/help-desk-consolidation-lessons-learned/ One Year Later, Companies Still Vulnerable to Heartbleed https://www.bluemt.com/one-year-later-companies-still-vulnerable-to- heartbleed/ Federal Projects Cultivate Worker Passion https://www.bluemt.com/federal-projects-cultivate-worker-passion-2/
  • 110. ABOUT US Blue Mountain Data Systems Inc. Blue Mountain Data Systems Inc. is dedicated to application and systems development, electronic document management, IT security support, and the automation of workflow processes. Read more about our experience here: >> http://bluemt.com/experience
  • 111. Recent Experience U.S. Dept. of Labor Employee Benefits Security Administration 1994 to Present Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support.
  • 112. MANAGEMENT Paul T. Vesely Founder, President, CEO and Principal Architect Mr. Vesely is a recognized thought leader in systems architecture and delivery, having designed and delivered many enterprise wide information and document management solutions. Mr. Vesely’s history includes 33 years experience in the information systems industry, with Unisys, Grumman, PRC and a host of clients in both government and private sectors.
  • 113. CONTACT US Contact Us Today to Discuss Your Next IT Project HEADQUARTERS 366 Victory Drive Herndon, VA 20170 PHONE 703-502-3416 FAX 703-745-9110 EMAIL paul@bluemt.com WEB https://www.bluemt.com