Tech Update Summary from Blue Mountain Data Systems February 2016

Tech Update Summary
February 2016
Blue Mountain Data Systems

For CTOs, CIOs & CISOs
Visit Blue Mountain Data Systems
https://www.bluemt.com

For CTOs, CIOs & CISOs
Every business day, we publish a Daily Tech Update for Federal & State CTOs ,CIOs & CISOs on the Blue
Mountain Data Systems Blog. We hope you will visit our blog for the latest information.
You can also receive these updates via email. Click here to subscribe.
Here’s the summary of the Daily Tech Updates for February 2016. Hope the information and ideas
prove useful.
Best,
Paul Vesely
President and Principal Architect
Blue Mountain Data Systems Inc.

Databases & Storage
NoSQL: A Primer on Open-Source NoSQL Databases. A beginner’s guide to the
different flavors of NoSQL databases, including key-value, document-oriented,
graph, and column-oriented databases. Read more
[DZONE.COM]
OPEN SOURCE: 16 Open Source Big Data Databases. The databases and data
warehouses you’ll find on this list are the true workhorses of the Big Data world.
They hold and help manage the vast reservoirs of structured and unstructured data
that make it possible to mine for insight with Big Data. Read more
[DATAMATION.COM]
SHAREPOINT: Shrinking An Already Ginormous SharePoint Database Transaction
Log. What do you do when you can’t avoid huge transaction logs in SharePoint and
your files are too large? Read more
[COMPUTERWORLD.COM]

Databases & Storage
OPEN SOURCE FOR GOVT AGENCIES: Bringing Open Source to Government
Agencies. Although the American economy has stabilized, Capitol Hill is still closely
examining the spending and budgets of government agencies with an eye toward
program cuts wherever possible. With this in mind, government CIOs are always on
the lookout for ways to centralize and optimize their existing technology to fit into
new budget requirements, and are looking to open source to enhance innovation
while reducing costs. In fact, open-source technologies have become a high priority
for government agencies as they look to rein in spending while delivering high
performing, secure, flexible, and scalable solutions for government IT groups.
Read the rest
[DATA-INFORMED.COM]

Databases & Storage
ORACLE: Despite the Rise of Open Source, Oracle Was 2015’s Fastest-Growing
Database. It’s far too early to count Oracle out of the database wars. According to a
new report from DB-Engines, a site that tracks the popularity of database
technologies, Oracle was not only the most widely used and discussed database in
the world in 2015, it was also saw the most growth in those areas last year as well,
at least by one metric. Read more
[WIRED.COM]

Databases & Storage
PRIVATE BLOCK CHAINS: Why Private Blockchains Will Not Replace Relational
Databases (yet). While blockchain technology carries the same sizzle as cloud
technology did a few years ago, its current usefulness may be more limited than
many expect. Businesses eager to appear on the bleeding edge have entered the
second stage of DeRose’s law: They are experimenting with private, proprietary
implementations of blockchains and want to “blockchain all of the things.”
However, in many cases, blockchains are not any faster, safer, cheaper, or easier to
use than a properly architected, administered, and secured relational database.
Read more
[UPSTART.BIZJOURNALS.COM]

Databases & Storage
NoSQL: NoSQL Databases – 4 Game-Changing Use Cases. Sure, you’ve heard about
NoSQL, but is it just another technology fad that’s all hype? What can you actually
do with a NoSQL database? With the performance and scalability that NoSQL
offers, the only limit is your imagination. Read more
[SMARTDATACOLLECTIVE.COM]
SQL SERVER 2005: What You Need to Know as SQL Server 2005 Fades Away. On
April 12, 2016, Microsoft will end support for the 2005 version of the venerable
database server, which means no more upgrades or security patches. IT directors
who haven’t already upgraded face the possibility of a costly migration from the
decade-old technology. There’s still time to plot your upgrade strategy before
Microsoft ceases support.Read more
[STATETECHMAGAZINE.COM]

More About Blue Mountain
BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S.
Dept. of Labor, Employee Benefits Security Administration. Responsible to the
Office of Technology and Information Systems for information systems
architecture, planning, applications development, networking, administration and
IT security, supporting the enforcement of Title I of the Employee Retirement
Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for
design, development and support for its various enforcement database
management systems, as well as all case tracking and customer service inquiry
systems. Blue Mountain also provides IT security services to the EBSA, in the form
of FISMA Assessment and Authorization, System Security Plans, Risk and
vulnerability assessments, monitoring and investigation support. Read more.

Security Patches
ANDROID SECURITY: Google Kills Remote Hacker Bug, Patches Seven Critical Flaws.
Google has fixed seven critical security vulnerabilities in its February Android
update for Nexus devices. Read more
[ZDNET.COM]
ORACLE: Oracle Releases a Record 248 Security Patches for Multiple Products:
Security news IT leaders need to know. Read more
[BUSINESS.FINANCIALPOST.COM]

Security Patches
MICROSOFT: Microsoft Patches Six Critical Security Flaws Affecting Windows,
Office. Microsoft said Tuesday as part of its its monthly security bulletin that all
Windows users should patch their systems to prevent attackers from exploiting
at least two critical flaws. The first two critical patches fix a number of security
vulnerabilities in Internet Explorer and Microsoft Edge respectively. The most
serious flaw (MS16-001) affecting Internet Explorer could allow an attacker to
remotely execute code by tricking a user into visiting a specially-crafted
webpage. The attacker would gain the same user rights as the current user,
which puts administrators at a greater risk. Read more
[ZDNET.COM]

Application Development
AGILE SECURITY: How Policy Can Enhance, Rather Than Hinder, Breach Detection.
With the recent attacks on U.S. organizations in the commercial and public sectors,
many companies have asserted they have done everything in their power to
prevent further incidents. Most of these claims are tied to adherence to regulatory
compliance. In theory, security policies put standards in place to protect
organizations, stakeholders, and users. But in practice, security policy often
becomes a distraction, forcing organizations to focus on satisfying the demands of a
governing body or an auditor, rather than addressing real threats. Behaviorally,
organizations become more concerned with meeting these standards than
protecting the business. Read more
[INFOQ.COM]

SOFTWARE: Bimodal IT – Best Of Both Worlds For Large Enterprises. Managing two
separate modes of IT delivery, one focused on stability and the other on agility, can
be critical for IT success — if the company is large enough. Read more
[INFORMATIONWEEK.COM]
MOBILE: Key Business and Process-related Mistakes in Mobile Application
Development. How do you add staying power to an app? More precisely, when
you’re developing a new app, what should you avoid? What are the common
mistakes? Most app slip-ups fall into one of two categories: process-related
mistakes and business-related mistakes. Read more
[DEVELOPER-TECH.COM]

AGILE CLOUD: IBM Aims To Make Enterprises Agile With Cloud Data Service. IBM
says its new “Open for data” slogan encompasses a slew of new cloud data services
and analytics offerings designed to make it easy for enterprises to quickly get
started with big data in the cloud, even if their workloads require secure on-
premises implementations. Read more
ADOBE: Rolls Out New Enterprise App Creation Service. The Experience Manager
Mobile service can help business users without a lot of coding know-how to build
professional-looking apps. Find out more
[INFOWORLD.COM]

CIOs: Why CIOs Need to Plan for API Deprecation. As the strategic value of APIs
continue to grow, so do the risks associated with the common act of updating or
retiring them. Read more
[CIO.COM]
STACKS: Beware of One-Click, Fuss-Free Application Stacks. Prebuilt stacks offer a
handy shortcut, but sometimes the shortcut leads to a longer journey. Read more
[INFOWORLD.COM]
QUESTION: How Long Does It Take to Build a Custom App? Thanks to advances in
app-building technology and a changing mindset, the answer may surprise you.
Read more
[CIO.COM]

TRENDS 2016: 3 Trends That Will Shake Up App Development in 2016. With the
number of apps and mobile users projected to increase exponentially, developers
who create the most advanced technology fastest will gain the competitive edge
needed to stand out amongst competition. Read the rest
[INFORMATION-AGE.COM]
HYBRID APPS: Web Standards Evolution Drives Hybrid Apps: IDC Study. Progress in
the Web platform standards such as HTML5 and in the latest versions of iOS and
Android has made Web languages and tools more viable for a greater swath of
enterprise apps, according to a recent IDC study. In a report titled “The Evolving
State of Mobile Software Development,” IDC analyst Al Hilwa says Web platform
technologies now occupy an “ever-larger footprint” inside of many third-party
cross-platform mobile platforms. Read more
[EWEEK.COM]

AGILE: Why One Real Estate CIO is Sold on Agile. A part of a plan to increase
business value, Marcus & Millichap is embracing agile software development as it
plans to refresh or replace several applications in 2016, says CIO Ken Sayward.
Read more
[CIO.COM]
HEALTH TECH: Sending Medicaid to the Cloud. The Wyoming state government
already has considerable experience with cloud-based services. It uses Google
Apps for Government, NEOGOV for human resources and is looking at
Salesforce.com for customer relationship management. But as its Department of
Health prepares to issue an RFP to replace its Medicaid Management Information
System (MMIS), all eyes in the Medicaid IT sector are on Wyoming because it will
be the first time a state has tried to move away from an expensive custom-
developed system to an MMIS-as-a-service approach. Read more
[GOVTECH.COM]

Electronic Document Management

2016 TRENDS: 8 Tech Trends Changing How We Work In 2016. People value the
flexibility to work from anywhere, any time, on any device, and have come to expect
this user experience. What does this mean for the business? Greater complexity to
support the end user experience in a secure way. However, the benefits to the
business when they support mobile workspaces and workplace of the future are
typically substantial. Here are some key trends that organizations need to consider
and prepare for as the workforce of the future is at their doorsteps today. Read more
[FORBES.COM]
GOVT TECH 2016: 3 Government Tech Trends to Watch in 2016. Legislation under the
U.S. Patriot Act and Government Paper Elimination Act, as well as recent programs
such as the Affordable Healthcare Act, have legalized electronic signature
applications and made the use of digital document management systems not only
available, but a requirement in some cases. Read more
[NEXTGOV.COM]

INTEGRATORS: Document Overload. Just like the security market, the language
services industry is undergoing major technology advances. Manual processes are
more a thing of the past. Quality localization is as much about the varying cultures
and languages as it is about data mining and document management systems. There
are three major categories of work that must be completed when going global. Read
more
[SECURITYINFOWATCH.COM]
PHARMA: Streamlining the Regulatory Review Process in Pharma: The Upcoming
Transition to Electronic Common Technical Documents. For pharmaceutical
companies, filing Common Technical Documents (CTDs) is a critical aspect to the
regulatory approval process. Historically, this process has been paper-centric until
recently. Read about a recent collaborative effort between West Pharmaceutical
Services, FDA, Health Canada and others to establish a process and protocol for filing
CTDs electronically, which will likely become common practice as early as 2017.
Read more
[RAPS.ORG]

Big Data
BUSINESS INTELLIGENCE: Transforming An Antiquated Business Intelligence
Process. The personal story of how one executive transformed an unused business
intelligence system. Find out more
APACHE: Apache Arrow Aims to Speed Access to Big Data. Apache’s new project
leverages columnar storage to speed data access not only for Hadoop but
potentially for every language and project with big data needs. Read more
[INFOWORLD.COM]
DATA SECURITY: Comparing the Top Big Data Security Analytics Tools. Expert Dan
Sullivan compares how the top-rated big data security analytics tools measure up
against each other to help you select the right one for your organization. Read more
[SEARCHSECURITY.TECHTARGET.COM]

Big Data
MEDICAL: How Big Data Is Transforming Medicine. In order to safeguard
participants and improve reliability, clinical trials have to meet rigorous scientific
standards. However, that’s not to say there is no risk of methodological flaws, or
that the small-ish populations used in clinical trials always generalize well outside of
a particular study. This is where big data can help. By mining the world of practice-
based clinical data—i.e. actual patient records—for information on who has what
condition and what treatments are working, we could learn a lot about the way we
care for individuals. Read more
[FORBES.COM]

Project Management
PROJECT MANAGERS: Project Managers Are Great Change Managers Too. Driving
transformational change can seem like an insurmountable challenge. But you may
already have more resources at your disposal than you think. Read more
[MANAGERS.ORG.UK]
BEST PRACTICES: 5 Reasons You Didn’t Get That Last Project Management Job. You
wanted a job or tried for a career move that didn’t happen. Here are five top
reasons why you maybe didn’t land the position. Read more
[CIO.COM]

Project Management
THE CLOUD: Managing Projects in the Cloud. Technology is moving to the cloud. We
no longer use our precious SSD space to store the pictures from our recent holidays.
Our personal files are located on Dropbox, Google Drive or any other storage or
sharing service. This not only helps in keeping the files safe from the hardware
malfunctions, but also assists in sharing the data with our networks. Besides these
obvious incentives there are a growing number of reasons to use cloud-based
project management. Read more
[SMARTDATACOLLECTIVE.COM]
cURL: How to cURL the JIRA Project Management API. The cURL project is the cross-
browser command line utility for transferring files using various protocols. The
project consists of two products; curl is the CLU for sending or receiving files using
URL syntax; libcurl is the client-side URL transfer library that supports a range of
protocols, including FTP, IMAP, SMTP and HTTPS, among many others.
Learn more
[PROGRAMMABLEWEB.COM]

Open Source
CYBERSECURITY: U.S. Cyber Effort Targets Open Source Software. A growing list of
cyber attacks targeting U.S. government employees has prompted the Obama
administration to launch a high-profile cyber security effort that among others things
will target Internet “utilities” such as open source software. Read the rest
[ENTERPRISETECH.COM]
SAN FRANCISCO: Prepares to Open Source Its Voting System Software. Will it be the
first in the nation to do so in 2019? The proposal to adopt a solution in time for the
end of the current contract on January 1, 2017 reappeared at the Board of
Supervisors on Tuesday when Supervisor Scott Wiener called for a hearing on how
the city is progressing with the plan to use standard hardware and open-source
software to carry out future balloting. Read more
[THEREGISTER.CO.UK]

Open Source
SECURITY: New Bill Aims to Stop State-Level Decryption Before It Starts. Over the last
several months, local legislators have embarked on a curious quest to ban encryption
at a state level. For a litany of reasons, this makes no sense. And now, a new bill in
Congress will attempt to stop the inanity before it becomes a trend. Read more
[WIRED.COM]
VERIFIED GOVT SOCIAL MEDIA: Feds Launch Social Media Verification Registry.
Called the U.S. Digital Registry, the effort aims to provide much-needed verification
not only for agencies’ social media accounts, but also for their third-party sites and
apps. Read more
[GOVTECH.COM]

Network Systems
ETHERNET: 25 Gigabit Ethernet Forges a Path Forward. Since 2014, large network
players such as Brocade, Hewlett Packard Enterprise and Microsoft have been
working to develop a standard for 25 Gigabit Ethernet. According to experts, 2016
will be the year the technology finally makes its way into large data centers. Read
more
INCIDENT RESPONSE: How Incident Response Fails In Industrial Control System
Networks. Experts say a solid incident response plan is the best way to minimize the
damage of a cyberattack–but IR isn’t so simple for the ICS/SCADA world. Read more
[DARKREADING.COM]

For the CTO, CIO & CISO
CIO: Why Change Initiatives Fail. Creating the right conditions for successful change
requires putting people before things. Many companies want to change and
transform (especially when facing digital disruption from competitors). Yet a
majority of change efforts fail – one famous and oft-cited study pegged the rate of
failure at 70%. Read more
[CIO.COM]
CTO: Maker Movement at Center of HHS’ Innovative Strategy. Like the emergence of
open health data movement, CTO Susannah Fox sees the maker and inventor
movements as the future of innovation around health care at HHS. .Read more
[FEDSCOOP.COM]

CISO: Survey Roundup: Feeling Better With a CISO. A survey of around 200
security analysts by ThreatTrack Security found, for those organizations that have
a chief information security officer, 23% said it’s become easier to defend against
malware-based cyberattacks in the past year versus 15% of respondents from
companies without a CISO who said that. Ninety-four percent of those at a
company with a CISO said they also have a dedicated incident response team,
compared with 48% for those at a business without a CISO. And 71% at CISO
companies said they would personally guarantee the safety of customer data in
2016, versus 42% of those at a non-CISO firm who would make that promise.
Read more
[BLOGS.WSJ.COM]

CIO: How to Conquer Recruiting, Retention and IT Skills Challenges. Experts in the
technology industry look at the year ahead and what it holds for recruitment and
retention. They also identify what tech skills will top the charts. Read the rest
[CIO.COM]
CTO: ‘Corporate’ IT Teams Can Hamper Agile Projects, Warns William Hill CTO.
“Corporate” IT teams who try to use agile within their organisations without
notifying other departments are more likely to hamper “agile” as a concept, than
those organisations that try to carry out too many agile projects, according to
Finnbar Joy, chief technology officer at William Hill. Read more
[COMPUTING.CO.UK]

CISO: Obama Wants More Cybersecurity Funding and a Federal CISO. In the final
budget of the Obama administration, the White House is looking to boost spending
on security, hire more experts and partner with the private sector. Read more
[CIO.COM]
GOVERNMENT CIO: Senate Passes Permanent Ban on Internet Access Taxes. The
ban on taxes targeting Internet services now heads to Obama. The Permanent
Internet Tax Freedom Act was included in a trade enforcement bill passed by
senators in a 75-20 vote Thursday. The provision, passed by the House of
Representatives last June, would permanently extend a 18-year moratorium on
Internet-targeted taxes that expired in October. Congress had extended the
moratorium several times since 1998, but supporters weren’t able to pass a
permanent ban until now. Read more
[CIO.COM]

Incident Response
NETWORKS: The Incident Response “Fab Five”. CISOs should consider and
coordinate incident detection and response in five areas: hosts, networks, threat
intelligence, user behavior monitoring, and process automation. Read more
[NETWORKWORLD.COM]
FEDERAL GOVERNMENT: Incident Response in the Spotlight. The White House is
devising a plan specifying federal agencies’ responsibilities in the event of a
crippling cyberattack, which could be released as an executive order or
presidential directive in the next few months, MC has learned. The guidance will
address the federal response to a cyberattack against “critical infrastructure,”
including power plants, chemical facilities, banks and telecommunications
providers, according to industry officials. The goal is to ensure agencies are
focused on chasing hackers out of compromised systems rather than figuring out
who to call or talking to lawyers. Read more
[POLITICO.COM]

Incident Response
OPINION: A Breach is Coming — Is Your Agency Ready? Advanced threats are
spreading at an alarming rate, putting agency data at risk and making attacks
almost inevitable. In July, the Government Accountability Office reported that
information security incidents involving federal agencies skyrocketed from 5,503
in fiscal 2006 to 67,168 in fiscal 2014. Read more
[FCW.COM]
VICTIMS OR VILLAINS: Intelligent Incident Response Can Save the Day. We all
know the lessons of nursery school tales: don’t lie, don’t steal, and play nice with
others. The data breach morality tale is a bit more complicated. When you find
out someone is stealing from you: don’t lie, act quickly, and be nice even when
everyone’s mad at you. If you get defensive or try to be sneaky, you’ll go from
victim to villain in the swipe of a headline. Data breaches are happening with
greater frequency, and are compromising larger volumes of data, than ever
before. Read more
[INFOSECURITY-MAGAZINE.COM]

Operating Systems
NETWORK SECURITY: Juniper Will Repatch Its Netscreen Operating System.
Company says there’s nothing wrong with the current patch, but redoing it will
make ScreenOS more robust. Read more
[NETWORKWORLD.COM]
THOUGHT LEADER ON LINUX… AND MORE: Why Linux Is Still Better Than
Windows 10. Why one writer dumped Windows and switched to Linux 13 years
ago, and Amazon wants its Android OEMs to integrate its services into their
phones. Read more
[INFOWORLD.COM]

Operating Systems
APPLE: Safari Suggestions Bug Causes Browser Crashes in iOS and OS X. A server-side
problem with the Safari Suggestions feature in recent versions of iOS and OS X appears
to be causing Safari to crash and hang for some users. Developer Steve Troughton-
Smith helped to identify the issue overnight, though it has also been discussed in a pair
of Reddit threads in the Apple subreddit. The problem appears to be causing hanging
and strange behavior in OS X and outright crashes in iOS. Going to Settings > Safari in
iOS (or to the Safari Preferences and then the Search tab in OS X) and disabling the
Safari Suggestions feature appears to fix the problem, or you could try using another
browser. Read more
[ARSTECHNICA.COM]
MOBILE: 5 Gmail App Alternatives for Android. For most Android users the stock Gmail
or Email apps on smartphones and tablets is plenty. They have enough features or
functionality to complete most daily tasks. But…not everyone wants to use Gmail.
Here’s a list of five or so great Email app alternatives for Android. Read more
[GOTTABEMOBILE.COM]

Programming & Scripting Development
Client & Server-Side

TRENDS: Programming Trends To Look For This Year. There has never been a more
exciting time for technologists and developers worldwide. The number of active
development languages and frameworks, as well as development tools and
learning avenues, continues to soar. Despite all these resources at our fingertips
(or perhaps because of this abundance), it may not be obvious where industry
trends are leading us. Here is what to look out for in programming trends over the
next year. Read more
[TECHCRUNCH.COM]
FISH: A Better Alternative to Bash in Linux? Bash is a fantastic tool in Linux, but
there’s room for improvement in everything. Fish is an alternative shell for Linux
that some might consider to be a significant upgrade to what Bash has to offer.
Read more
[INFOWORLD.COM]

PROGRAMMING FONT: ‘Operator’ Font Designed To Make Coding Easier. The idea
is to put an emphasis on how certain characters appear in a programming
environment. While many of us bristle at the sight of Comic Sans, coders have an
altogether different view of typefaces and how they’re presented. Thus, Operator
Mono, the new font from one of the highest-regarded typeface-creators that was
forged to make life easier for the folks who build the websites you visit. “In
developing Operator, we found ourselves talking about Javascript and CSS,”
founder Jonathan Hoefler writes. While the blog post about typography and font
faces can come off as a bit pretentious, it’s clear that the team paid attention to
how the likes of brackets, commas and semicolons are spaced and how they
appear in back-end coding environments. Read more
[ENGADGET.COM]

JAVA: Reactive Programming by Example: Hands-On with RxJava and Reactor. Here’s a
one-stop-shop introduction to the world of reactive programming. What “reactive”
means and why it matters. Learn about Reactive Streams and Reactive Extensions and
the emerging ecosystem around them. Get a sense for what going reactive means for
the programming model. See lots of hands-on demos introducing the basic concepts in
composition libraries using RxJava and Reactor. Read more
[DZONE.COM]
JAVASCRIPT: JavaScript, Scaling and Microservices – a Team That Can’t Be Beaten.
Today it’s all about scalability. An app capable of swiftly adapting to growing user
numbers is most likely to become one of the front runners of the app game. How is
JavaScript doing in this field? According to Johann-Peter Hartmann: “Historically, the
involvement of JavaScript in this field happened purely by mistake.” Find out more
[JAXENTER.COM]

SECURITY PATCHES: Critical Fixes Issued for Windows, Java, Flash. Microsoft Windows
users and those with Adobe Flash Player or Java installed, it’s time to update again!
Microsoft released 13 updates to address some three dozen unique security
vulnerabilities. Adobe issued security fixes for its Flash Player software that plugs at
least 22 security holes in the widely-used browser component. Meanwhile, Oracle
issued an unscheduled security fix for Java, its second security update for Java in as
many weeks. Read more
[KREBONSECURITY.COM]
TYPESCRIPT: Stop Writing Spaghetti Code: Why You Should Use TypeScript. TypeScript
is a typed superset of JavaScript created by Microsoft that compiles directly to regular
JavaScript to enable JavaScript developers to code with type safety. This is important
because coding with type safety allows developers to code more cleanly, resulting in
easier maintenance and fewer bugs. Read more
[DZONE.COM]

HTML5: Google – Flash Ads Are Finally Going Out, HTML5 Ads Are In. Flash-based ads
will no longer be accepted starting January 2, 2017. After taking many steps in this
direction, Google announced Tuesday that it will finally stop serving Flash formatted
display ads. As of June 30, 2016, advertisers will no longer be able to upload new Flash
ads into AdWords or DoubleClick. The final hit will happen on January 2, 2017, when
Flash ads will no longer be eligible to run on Google’s ad networks. All display ads are to
be built in HTML5. Read more
[MARKETINGLAND.COM]
IN-DEMAND SKILLS: What Are the Most-Wanted Data Science Skills for 2016? To find
the most-wanted data science skills, CrowdFlower analyzed job postings on the
business-oriented social media site, LinkedIn. Hadoop, Python, Java, and R round out
the top five in-demand skills. Read more
[ADTMAG.COM]

JAVA: Developers can dish out tastier Web apps with JSweet. With JSweet, which
recently became available via open source, developers can leverage their Java skills to
build Web apps in JavaScript. The technology transpiles from Java to TypeScript and, in
turn, JavaScript. TypeScript is a Microsoft-built superset that compiles to JavaScript.
Read more
[INFOWORLD.COM]
JAVASCRIPT: Ransom32 – Even JavaScript Can Implement Ransomware. Despite
JavaScript living inside the browser’s protected and sandboxed environment, restricted
on what it can or not do on the user’s machine, it is still possible for those restrictions
to be bypassed upon infection with ‘drive-by download’ malware. Read more
[I-PROGRAMMER.INFO]

NEVER TOO EARLY: Fisher-Price Now Has a Toy That Teaches Preschoolers How to
Code. When is the ideal time to start your child on the path to a comfortable and
mostly satisfying career as a developer? High school? Grade School? Fisher-Price
thinks preschoolers should be introduced to the problem solving skills they might
one day need to be a great coder. Read more
[GIZMODO.COM]

Cloud Computing
HYBRID: 9 Key Trends in Hybrid Cloud Computing. All three forms of cloud computing
– public, private, and hybrid – have undergone considerable evolution since the
concepts first gained the attention of IT years ago. Hybrid cloud is the overwhelming
favorite form of the cloud, with 88% of firms surveyed rating it as important or
critical to their business. The lightning-fast evolution of hybrid cloud means the
conventional wisdom of a year or two back is already obsolete. Several industry
analysts have some interesting ideas where the hybrid cloud is headed in 2016.
Read more
[DATAMATION.COM]

Cloud Computing
VERIZON: Why Verizon Communications Inc. Killed Two Public Cloud Services.
Verizon recently announced that it will shutter two of its public cloud services,
Verizon Public Cloud and Reserved Public Cloud services, on April 12. However, the
company will keep its on-site Verizon Private Cloud (VPC) and Verizon Cloud Storage
services active. Here’s a closer look at Verizon’s frequently overlooked cloud
business, and why it’s retreating from the crowded public cloud market. Read more
[MOTLEYFOOL.COM]
GOOGLE: Google Seeks Most-Flexible Cloud Crown. Google continued to push its
cloud as an attractive alternative to Amazon Web Services and Microsoft Azure on
Wednesday by making a new, more flexible unit of cloud computing capacity broadly
available. Google’s Custom Machine Types, which have been in test mode since
November, let the buyer configure computing power with different amounts of
processing power and memory to best suit the application at hand. Read more
[FORTUNE.COM]

Cloud Computing
GOVERNMENT: CenturyLink Launches Government Cloud Service. CenturyLink has
announced the addition of a new Government Cloud offering to its hybrid IT
services portfolio. The new Infrastructure-as-a-Service (IaaS) service is available to
federal government agencies and offers cloud colocation and managed hosting
services. The service utilizes VMware’s vCloud Governement Services platform.
Read more
[CEDMAGAZINE.COM]

Cloud Computing
ENTERPRISE: Are Enterprises Taking On More Cloud Services Than They Can
Handle? Does it make sense to have a lot of clouds doing different things for the
enterprise? A recent study suggests enterprises may be taking on more cloud
services that they can handle. What is a solid threshold for cloud service
adoption? Read more
[FORBES.COM]
MICROSOFT: Microsoft to Donate Cloud Services Worth $1 Billion Over 3 Years.
Microsoft Corp. will donate cloud services worth more than $1 billion to nonprofit
groups over the next three years in a bid to “advance the public good” and help
solve some of the world’s toughest problems, President and Chief Legal Officer
Brad Smith said. Read more
[BLOOMBERG.COM]

Encryption
CYBERSECURITY: Privacy Groups Discuss Encryption with White House. White
House officials met Dec. 10 with multiple civil liberties groups behind a petition
urging the Obama administration to support strong encryption. Administration
officials told representatives from the American Civil Liberties Union, the Center
for Democracy and Technology, Human Rights Watch, Access Now and New
America’s Open Technology Institute that they planned to issue a formal response
over the holidays. Read more
[FCW.COM]

Encryption
FBI: Renews Warnings on Terror and Encryption, With No Clear Solution in Sight.
Lawmakers face dueling security concerns as tech companies warn any backdoor
access to encrypted data will pave the way for cyber attacks. In the wake of the
Paris and San Bernardino terror attacks, a long-simmering debate over the
security risks of terrorists using encryption has come to a boil. Speaking before
Congress last week, FBI Director James Comey reiterated warnings that popular
encrypted communication apps are making it difficult for law enforcement
officials to monitor suspected criminals and terrorists. Read more
[FASTCOMPANY.COM]

Encryption
SSL: Testing Your SSL Encryption Can Provide Important Security Insights. Since the
Heartbleed vulnerability of 2014, more IT managers have been concerned about
the integrity of their SSL encryption, TLS services and associated supporting code
libraries. And while most SSL technology vendors have patched their servers since
then, there are still many ways to take advantage of this encryption protocol that
you should be aware of. A new series of free SSL server tests from High-Tech
Bridge can help highlight any problems and potentially show you what is going on
with how you encrypt your Internet traffic. Read more
[SECURITYINTELLIGENCE.COM]

Encryption
SECURITY: The Government Really Doesn’t Seem to Like Encryption.
Cryptographers, civil libertarians, and privacy advocates have spoken loud and
clear about how weakening encryption will make online communications and e-
commerce more vulnerable (and make tech companies less competitive
economically). But the war against crypto rages on in the wake of terrorist attacks
in Paris and San Bernardino. Read more
[WIRED.COM]

Business Intelligence
HADOOP: Why Most Business Intelligence Tools Fail the ‘Hadoop Test’. There are
now well-known statistical techniques for dimensional reduction (e.g., principal
component analysis – PCA) but there is a huge potential for even simpler
techniques like automatically pointing out dimensions that correlate well with
your KPIs. Read the rest
[INFORMATION-MANAGEMENT.COM]
GOVT DATA: Is the Government Hoarding Too Much Data? Keeping everything
forever is a recipe for inefficiency and waste. Government databases are filled
with everything from traffic data to pet-ownership statistics, and many agencies
lack the necessary staff and infrastructure to maintain and analyze all of this
information. Public-sector data analysts report that they spend 47 percent of their
time collecting and organizing data but less than a third of their time actually
gleaning actionable insights from it. Read more
[GOVTECH.COM]

COLORADO: Legislators Move to Formalize Open-Data Program in Secretary of
State’s Office. Colorado lawmakers are taking steps to formalize a 2-1/2-year-old
pilot program that encourages state government agencies to “streamline access to
public data” by making datasets available online in machine-readable formats. Read
more
[COLORADOINDEPENDENT.COM]
DATA ANOMALIES: 4 Strategies for Finding and Interpreting Data Anomalies. When
people think of a data anomaly, they often think of an error – a random blip outside
of the normal scope of things that can be considered but discarded. A data anomaly,
to many, is little more than a data defect. In the world of business data intelligence,
however, this view is not only usually wrong, but in many cases, it can also be
damaging. A data anomaly is often much more than a blip – it’s a signal. Read more
[INSIDEBIGDATA.COM]

SOFTWARE: How the Navy Is Navigating the Move Away from SQL Server 2005. With
Microsoft on the eve of shuttering support for SQL Server 2005, agencies are
planning and carrying out their exit strategies. Read the rest
[FEDTECHMAGAZINE.COM]
GOVT DATA: Bringing Innovation into Cyberdefense Technologies. Hackers use
innovative thinking when breaching systems, why can’t government? The difference
between a hacker and cybersecurity companies is that a hack has no brand, no
national loyalty, no secure employment. Hackers immediately use or develop for
their purposes the best hacking technology out there. It is this same innovative
thinking we must use in approaching our cyber defense technologies. Read more
[GOVTECH.COM]

HADOOP: How Different SQL-on-Hadoop Engines Satisfy BI Workloads. A new
benchmark of SQL-on-Hadoop engines Impala, Spark and Hive finds they each have
their own strengths and weaknesses when it comes to Business Intelligence (BI)
workloads. Read more
[CIO.COM]
DATA: Search-driven Business Intelligence: Intelligence for a Customer-centric
Business World. Irrespective of whether a company wants to boost its customer
service efforts, intensify the efficiency of its marketing activities, or increase its
competitive edge – in a world in which the customer and customer demands are
increasingly becoming the focal point of corporate strategic thinking, the “Three Rs”
of business success are crucial: the right information to the right person at the right
time, as Forrester spells out in a current report. Read more
[COMPUTERWEEKLY.COM]

Federal Government
AGRICULTURE: Mapping the Big Data Ecosystem of U.S. Agriculture. The
Congressional Research Service recently released a report (PDF, 688 kb, 17 pages,
January 2016) describing the big data ecosystem for U.S. agriculture. The purpose
of the report was to understand the federal government’s role in emerging big data
sources and technologies involved in U.S. agriculture. As the report author, Megan
Stubbs, points out, there is not even a standard definition of big data. Read more
[DIGITALGOV.GOV.COM]
NSA: Hacker Chief Explains How to Keep Him Out of Your System. Rob Joyce, the
nation’s hacker-in-chief, took up the ironic task of telling a roomful of computer
security professionals and academics how to keep people like him and his elite
corps out of their systems. Read more
[WIRED.COM]

Federal Government
FBI: New Technologies Give Government Ample Means to Track Suspects, Study
Finds. For more than two years the F.B.I. and intelligence agencies have warned
that encrypted communications are creating a “going dark” crisis that will keep
them from tracking terrorists and kidnappers. Now, a study in which current and
former intelligence officials participated concludes that the warning is wildly
overblown, and that a raft of new technologies – like television sets with
microphones and web-connected cars – are creating ample opportunities for
the government to track suspects, many of them worrying. Read more
[NYTIMES.COM]

Federal Government
HARDWARE: Lightweight Laptop Headed for Standard Configuration List. The three
agencies charged with wrangling federal desktop and laptop computer purchases are
closing in on a new lightweight laptop configuration for the current list of baseline
computer models. Read more
[FCW.COM]
MANAGEMENT: How the Clinger-Cohen Act Continues to Ripple Through Federal IT
Today. 20 years ago, a single piece of legislation took government technology out of
the dark ages. The modern era of federal IT can be traced to one landmark event:
the signing of the Clinger-Cohen Act on Feb. 10, 1996. Although they did not know it
at the time, the vision then-congressmen William Clinger and William Cohen set
forth would guide government technology for more than two decades and lay the
groundwork for innovation that continues today. Read more
[FEDTECHMAGAZINE.COM]

Federal Government
SDx: Is SDx the Model for IT Security? Is this the year when software-defined
anything (SDx) becomes the template for federal agency IT security? It’s been
knocking at the door for a while, and the spending outlook for government IT in
President Barack Obama’s recent budget proposals could finally be the opening it
needs. In calling for a 35 percent increase in cybersecurity spending to $19 billion,
the White House also proposed a $3.1 billion revolving fund to upgrade legacy IT
throughout the government. Venting his frustration, and no doubt that of many
others in the administration and Congress, Obama talked about ancient Cobol
software running Social Security systems, archaic IRS systems and other old, broken
machines and software at federal agencies. Read more
[GCN.COM]

IT - State & Local Governments

CALIFORNIA: Step-by-Step Solution for Its New Child Welfare System. California is
dabbling with innovative ways of procuring technology for its new Child Welfare
System, transitioning from waterfall procurement to an agile and iterative
acquisition that aims to revamp the mammoth system’s services one at a time.
Read more
[GCN.COM]
LOCAL GOVERNMENT DATA: 4 Guidelines for Governments to Ease the Cost and
IT Burden of Housing Data. Connected, always on and fully transparent –
consumer tech trends are hitting state and local governments hard. Many are
moving straight from paper files and other analog solutions to complex
technologies and the systems required to support them. Data demands are
pushing IT limits in cities, so what can these local governments do to support this
deluge of data? Read more
[GOVTECH.COM]

NEW YORK CITY: What to Expect From the NYC Tech Scene in 2016. Yeah, it ain’t
Silicon Valley. But why does it have to be? Read more
[INC.COM]
LOCAL GOVT: Security, Strategic Planning Top Local Government IT Execs’ 2016
Priorities. The Public Technology Institute released its annual poll of local
government executives’ key concerns for the year ahead. Read more

IT Security | Cybersecurity
HACKING: Federal Government Confirms That It Still Sucks at Cyber Security. A $6
billion security system intended to keep hackers out of computers belonging to
federal agencies isn’t living up to expectations, an audit by the Government
Accountability Office has found. Read more
[CNBC.COM]
BANKING: FDIC Warns Banks To Beef Up Cyber Security. Due to the increase in
number and sophistication of cyber threats, cyber security has become a critical
issue facing the financial services sector. The cyber threat landscape and how
financial institutions’ information security programs can be enhanced to address
evolving cyber security risks. Learn more about the actions taken by the federal
banking agencies in response to the increase in cyber threats. Read more
[TECHNEWSWORLD.COM]

OPINION: Enterprise CIOs, Think It’s OK to Ignore SMB Security Holes? The CIOs, IT
Directors and CISOs for large companies have enough to worry about without having
to take on the mountains of security holes infesting small- and medium-sized
businesses around the globe. But a new report shows a direct connection between
SMB security flaws and those of their Fortune 1000 neighbors . Read more
[COMPUTERWORLD.COM]
THREATS: 3 Tips for Selecting Threat Intelligence Services. Threat intelligence
software can help state and local governments detect threats more quickly and
accurately. IT managers can’t maintain a strong security posture if they’re not aware
of the latest attack vectors, which is why organizations are increasingly adding
cyberthreat intelligence to their defense arsenals. Read the rest

COMODO & FACEBOOK: Comodo Identifies Facebook Malware. Cybersecurity
solutions provider Comodo Threat Research Lab has discovered a new malware
attack targeted specifically at businesses and consumers that use Facebook (FB).
Read more
[MSPMENTOR.NET]
CIO SECURITY STRATEGY: 10 Stupid Moves That Threaten Your Company’s Security
As you walk through the door of your company each morning, you are potentially
poised to be the weakest link in your organization’s defense against hackers and
malicious attackers. Here are the 10 boneheaded moves you make — often without
realizing the security risk. Read more

NIST: Program Closes in on Solutions to Identity Theft and Fraud. The National
Strategy for Trusted Identities in Cyberspace at the National Institute for Standards
and Technology is getting closer to possible solutions to identity theft and fraud.
NSTIK Director Mike Garcia gives Federal Drive with Tom Temin an update on the
program. Read more
[FEDERALNEWSRADIO.COM]
NETWORK SECURITY: 83 Percent of U.S. IT Security Pros Feel Pressure to Unveil
Projects Before They’re Ready. And 65 percent of information security pros expect to
feel more pressure in 2016 than they did last year, a recent survey found. Read more
[ESECURITYPLANET.COM]

BLACKBERRY: Buys Cyber Security Consultancy; Moves Deeper Into Services.
BlackBerry said that it has acquired U.K.-based cyber security consultancy
Encription, moving the company deeper into the services business as it continues to
morph into a more software-focused entity amid its ongoing turnaround. Read more
[REUTERS.COM]
WATCH: Top 5 YouTube Videos for IT Security Professionals. Some of the best videos
from around the web, designed to help you (and your stakeholders) understand
security, and its increasing importance. Read more
[COMPUTING.CO.UK]

CALL BLUE MOUNTAIN FOR IT SECURITY SUPPORT: Blue Mountain Data Systems is
actively involved in implementing FISMA and NIST standards with Federal Civilian
Agencies. Due to our extensive experience in this area, Blue Mountain has
developed processes and organizational techniques to help ensure security
deliverables are completed on time, and performed in the most efficient manner
possible. We ensure that NIST-800-53 control requirements are treated consistently
during definition, analysis, implementation, auditing, and reporting phases of a
system. Find out more about Blue Mountain Data Systems IT Security Support
Services. Call us at 703-502-3416.

From the Blue Mountain Data Systems Blog
Three-Dimensional Governance for the CIO
https://www.bluemt.com/three-dimensional-governance-for-the-cio
7 Reasons to Take Control of IT Incidents
https://www.bluemt.com/7-reasons-to-take-control-of-it-incidents/
Breach Mitigation Response Time Too Long, Survey Says
https://www.bluemt.com/breach-mitigation-response-time-too-long-survey-
says/
Six Tactics for Cyberdefense
https://www.bluemt.com/six-tactics-for-cyberdefense/

Feds Report Mixed Responses to Shared Services
https://www.bluemt.com/feds-report-mixed-responses-to-shared-services
Federal Employees Are Not Security Experts
https://www.bluemt.com/federal-employees-are-not-security-experts
Survival Guide for Network Administrators
https://www.bluemt.com/survival-guide-for-network-administrators
DBaaS: OpenStack Trove Changes DB Management
https://www.bluemt.com/dbaas-openstack-trove-changes-db-management

Help Wanted: Certified Cybersecurity Professionals
https://www.bluemt.com/help-wanted-certified-cybersecurity-professionals
Cyber Threat Intelligence Integration Center Preview
https://www.bluemt.com/cyber-threat-intelligence-integration-center-preview/
Cloud Moves in 1-2-3
https://www.bluemt.com/cloud-moves-in-1-2-3/
Change Management for Disaster Recovery
https://www.bluemt.com/change-management-for-disaster-recovery/

Jeffersonian Advice For C-Suite Career Advancement
https://www.bluemt.com/jeffersonian-advice-for-c-suite-career-advancement/
Ways To Survive The “Mobile-Pocalypse”
https://www.bluemt.com/ways-to-survive-the-mobile-pocalypse/
Microsoft Cloud Services Receive FedRAMP Authority to Operate
https://www.bluemt.com/microsoft-cloud-services-receive-fedramp-authority-
to-operate/
Hiring Pentesters? Here Are 10 Things You Need to Know
https://www.bluemt.com/hiring-pentesters-here-are-10-things-you-need-to-
know/

Home Router Malware Alert
https://www.bluemt.com/home-router-malware-alert/
Threat Model Deconstruction
https://www.bluemt.com/threat-model-deconstruction/
Business Email Scam Nets $214 Million
https://www.bluemt.com/business-email-scam-nets-214-million/
How to Prevent Unauthorized Software from Taking Over Your Organization
https://www.bluemt.com/the-cios-guide-to-happy-end-users-2/

Digital Marketing Predictions for 2015
https://www.bluemt.com/digital-marketing-predictions-for-2015/
SDN: Network Administrator’s Friend or Foe?
https://www.bluemt.com/sdn-network-administrators-friend-or-foe/
Mobile Payments: A Must for Federal Agencies
https://www.bluemt.com/mobile-payments-a-must-for-federal-agencies/
Soft Skills Are A Must-Have For Careers In IT
https://www.bluemt.com/soft-skills-are-a-must-have-for-careers-in-it/

Security Risks Most Prevalent in Younger Workers
https://www.bluemt.com/security-risks-most-prevalent-in-younger-workers/
The Security World’s Maturation
https://www.bluemt.com/the-security-worlds-maturation/
Data Breach Concerns Keep CISOs Up At Night
https://www.bluemt.com/data-breach-concerns-keep-cisos-up-at-night/
Personalized Govt Equals Instant Gratification for Citizens
https://www.bluemt.com/personalized-govt-equals-instant-gratification-for-
citizens/

People-Centric Security
https://www.bluemt.com/people-centric-security/
Pentagon Tries BYOD To Strike Work/Life Balance
https://www.bluemt.com/pentagon-tries-byod-to-strike-worklife-balance/
Open Source Model Considered for MS Windows
https://www.bluemt.com/open-source-model-considered-for-ms-windows/
Open Internet: To Be or Not to Be?
https://www.bluemt.com/open-internet-to-be-or-not-to-be/

Malware Stays A Step Ahead Infecting One Third of Websites
https://www.bluemt.com/malware-stays-a-step-ahead-infecting-one-third-of-
websites/
Machine-Generated Data: Potential Goldmine for the CIO
https://www.bluemt.com/machine-generated-data-potential-goldmine-for-the-
cio/
Government Legacy Programs: Reuse vs. Replacement
https://www.bluemt.com/government-legacy-programs-reuse-vs-replacement/
It Takes a Whole Village to Protect Networks and Systems
https://www.bluemt.com/it-takes-a-whole-village-to-protect-networks-and-
systems/

Governance For the CIO
https://www.bluemt.com/governance-for-the-cio/
Help Desk Consolidation – Lessons Learned
https://www.bluemt.com/help-desk-consolidation-lessons-learned/
One Year Later, Companies Still Vulnerable to Heartbleed
https://www.bluemt.com/one-year-later-companies-still-vulnerable-to-
heartbleed/
Federal Projects Cultivate Worker Passion
https://www.bluemt.com/federal-projects-cultivate-worker-passion-2/

ABOUT US
Blue Mountain Data Systems Inc.
Blue Mountain Data Systems Inc. is dedicated to application
and systems development, electronic document management,
IT security support, and the automation of workflow processes.
Read more about our experience here:
>> http://bluemt.com/experience

Recent Experience
U.S. Dept. of Labor
Employee Benefits Security Administration
1994 to Present
Responsible to the Office of Technology and Information Systems for information
systems architecture, planning, applications development, networking,
administration and IT security, supporting the enforcement of Title I of the
Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue
Mountain is responsible for design, development and support for its various
enforcement database management systems, as well as all case tracking and
customer service inquiry systems. Blue Mountain also provides IT security services
to the EBSA, in the form of FISMA Assessment and Authorization, System Security
Plans, Risk and vulnerability assessments, monitoring and investigation support.

MANAGEMENT
Paul T. Vesely
Founder, President, CEO and Principal Architect
Mr. Vesely is a recognized thought leader in systems
architecture and delivery, having designed and
delivered many enterprise wide information and
document management solutions. Mr. Vesely’s history
includes 33 years experience in the information
systems industry, with Unisys, Grumman, PRC and a
host of clients in both government and private sectors.

CONTACT US
Contact Us Today to Discuss Your Next IT Project
HEADQUARTERS
366 Victory Drive
Herndon, VA 20170
PHONE 703-502-3416
FAX 703-745-9110
EMAIL
paul@bluemt.com
WEB
https://www.bluemt.com

Tech Update Summary from Blue Mountain Data Systems February 2016

Recomendados

Recomendados

Más contenido relacionado

Último

Último (20)

Destacado

Destacado (20)

Tech Update Summary from Blue Mountain Data Systems February 2016