September 2017: For CTOs, CIOs & CISOs Every business day, we publish a Daily Tech Update for Federal & State CTOs ,CIOs & CISOs on the Blue Mountain Data Systems Blog. We hope you will visit our blog for the latest information >> https://bluemt.com/blog/

1. Blue Mountain Data Systems
Tech Update Summary
September 2017

3. For CTOs, CIOs & CISOs
Visit Blue Mountain Data Systems
https://www.bluemt.com

4. For CTOs, CIOs & CISOs
Every business day, we publish a Daily Tech Update for Federal & State CTOs ,CIOs & CISOs on the Blue
Mountain Data Systems Blog. We hope you will visit our blog for the latest information.
You can also receive these updates via email. Click here to subscribe.
Here’s the summary of the Daily Tech Updates for September 2017. Hope the information and ideas
prove useful.
Best,
Paul Vesely
President and Principal Architect
Blue Mountain Data Systems Inc.

5. Network Security

6. Network Security
FEDERAL GOVERNMENT: All the Ways US Government Cybersecurity Falls Flat.
Data breaches and hacks of US government networks, once novel and shocking,
have become a problematic fact of life over the past few years. So it makes sense
that a cybersecurity analysis released today placed the government at 16 out of 18
in a ranking of industries, ahead of only telecommunications and education. Health
care, transportation, financial services, retail, and pretty much everything else
ranked above it. The report goes beyond the truism of government cybersecurity
shortcomings, though, to outline its weakest areas, potentially offering a roadmap
to change. Read more
[WIRED.COM]

7. Network Security
CYBERSECURITY: Washington, Not Silicon Valley, Leads the Way in Cybersecurity.
It’s a common trope that government has a lot to learn from Silicon Valley when it
comes to technology. But in cybersecurity, Washington is leading the way in many
respects. Read the rest
[NEXTGOV.COM]
PODCAST: Improving Government Productivity by Reducing IT Friction. A recent
FedScoop study shows the federal government workforce could see a meaningful
boost in productivity by reducing friction with devices and applications and
improving secure access to data and information via their mobile devices.
Find out more
[FEDSCOOP.COM]

8. Network Security
SECURITYSCORECARD: Government Ranks #16 Out of 18 Industries in
Cybersecurity. SecurityScorecard’s annual U.S. State and Federal Government
Cybersecurity Report was released August 24, and it paints a very grim picture of
the government’s cyber health status. Read more
[SDTIMES.COM]

9. Encryption

10. Encyption
NEWS: Keybase Launches Fully Encrypted Slack-like Communications Tool – and
It’s Free. Keybase added to its encrypted tool kit when it launched Keybase Teams,
an open source, Slack-like communications tool with end-to-end encryption.
Desktop and mobile versions are available for download now. Read more
[TECHCRUNCH.COM]
HOW TO: It’s Time to Replace Your Encryption-Key Spreadsheet. On-premises or
in the cloud, smart key management is at the heart of cybersecurity. Find out more
[DATACENTERKNOWLEDGE.COM]

11. Encyption
DATA PROTECTION: Need-to-Know Only – Use Encryption to Make Data
Meaningless to Prying Eyes. Organizations continue to be plagued by data
breaches, and data is leaking from our enterprises in large quantities. However,
data leakage is not the only issue. The problems — namely, regulatory fines, brand
damage and lost revenue — begin when sensitive data that is readable and
accessible falls into the wrong hands. Despite these concerns, security
professionals can rest assured that there is a way to immediately stop the
madness: Use data encryption. Click here for key takeaways.
[SECURITYINTELLIGENCE.COM]

12. Encyption
FIELD GUIDE: Why You Should Be Encrypting Your Devices and How to Easily Do
It. Is the data on your phone or laptop encrypted? Should it be? And what does
encrypting your data do to it anyway? Here we’ll explain the ins and outs of
encryption, and how you can make sure that everything in your digital life is safe
from prying eyes. Read more
[FIELDGUIDE.GIZMODO.COM]

13. Databases

14. Databases
AMAZON: Wants Your Enterprise Database. Amazon’s awaited release of
PostgreSQL on Aurora sharply raises the stakes in its competition with Oracle. Still
in public preview, when will Aurora PostgreSQL go GA, and what can we look
forward to in the roadmap? Here are some hints of what we expect. Read more
[ZDNET.COM]
MICROSOFT: Upgrading to SQL Server 2016. Here is a series of blog posts that,
when taken as a whole, provide a guide for upgrading to Microsoft® SQL Server®
2016. Read the rest
[SQLMAG.COM]

15. Databases
ORACLE: What the Annual Oracle Database Release Cycle Means for DBAs. As
Oracle changes its database release cycle to yearly updates with new version
numbers, Oracle users will get faster access to new features — but also new
upgrade questions to weigh. Find out more
[SEARCHORACLE.TECHTARGET.COM]
MySQL: Real-time MySQL Performance Monitoring. A key part of keeping your
MySQL database running smoothly is the regular monitoring of performance
metrics. In fact, there are literally hundreds of metrics that can be measured that
can enable you to gain real-time insight into your database’s health and
performance. Several MySQL monitoring tools have been developed to make
performance monitoring easier. Here’s how to use Monyog to measure a few of the
more important metrics. Read more
[DATABASEJOURNAL.COM]

16. More About Blue Mountain
BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S.
Dept. of Labor, Employee Benefits Security Administration. Responsible to the
Office of Technology and Information Systems for information systems
architecture, planning, applications development, networking, administration and
IT security, supporting the enforcement of Title I of the Employee Retirement
Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for
design, development and support for its various enforcement database
management systems, as well as all case tracking and customer service inquiry
systems. Blue Mountain also provides IT security services to the EBSA, in the form
of FISMA Assessment and Authorization, System Security Plans, Risk and
vulnerability assessments, monitoring and investigation support. Read more.

17. Federal Tech

18. Federal Tech
FEDERAL GOVERNMENT: APIs, Shared Services Can Reshape,
Modernize Government Technology. The size and scope of the
federal government’s information technology landscape only
continues to grow and in a way that makes it incredibly difficult to
change. In the Federal Chief Information Officers Council’s latest
study, the current state of government IT is described as monolithic.
And, it is not meant as a compliment. Read more
[FEDERALNEWSRADIO.COM]

19. Federal Tech
OPINION: Government Efforts to Weaken Privacy are Bad for Business and
National Security. The federal government’s efforts to require technology and
social media companies to relax product security and consumer privacy standards
– if successful – will ultimately make everyone less safe and secure. Read the rest
[INFOSECURITY-MAGAZINE.COM]
PUBLIC SAFETY: Rapid DNA Technology Gives Law Enforcement Access to Your
DNA in 90 Minutes. Before recently-passed legislation, law enforcement agencies
had to send DNA samples to government labs and wait for it to get tested, which
could take days or even weeks. Find out more
[GOVTECH.COM]

20. Federal Tech
MODERNIZATION: Making Modernization Happen. Now more than ever before,
comprehensive IT modernization for federal agencies is a real possibility. The
question that remains is whether President Donald Trump’s words and actions
during his first months in office will be sustained by the administration and
Congress in the months and years ahead. Read more
[FCW.COM]

21. State Tech

22. State Tech
SURVEY: Cybersecurity Concerns May Keep One in Four Americans
from Voting. Cybersecurity concerns may prevent one in four
Americans from heading to the polls in November, according to a
new survey by cybersecurity firm Carbon Black. The company
recently conducted a nationwide survey of 5,000 eligible US voters to
determine whether reports of cyberattacks targeting election-related
systems are impacting their trust in the US electoral process. The
results revealed that nearly half of voters believe the upcoming
elections will be influenced by cyberattacks. Consequently, more
than a quarter said they will consider not voting in future elections.
Read more
[HSTODAY.US.COM]

23. State Tech
ALASKA: Unique Challenges in IT Consolidation. The Last Frontier is
centralizing IT operations under Alaska’s newly created Office of
Information Technology. But consolidating IT in a sprawling state like
Alaska offers challenges not found in other environments, says the
state’s new CIO Bill Vajda. Read the rest
[GCN.COM]
ALABAMA: Acting CIO Jim Purcell Is a Man on a Mission for Smarter
State IT. Jim Purcell wasn’t expecting a call from Alabama’s new
governor, Kay Ivey, and he certainly wasn’t expecting her to ask him
to head up the Office of Information Technology (OIT) – but that’s
exactly what happened last week. Find out more
[GOVTECH.COM]

24. State Tech
ILLINOIS: Inside a State Digital Transformation. Hardik Bhatt, CIO of the State of
Illinois, sought to become the nation’s first Smart State – a process that required
reorganizing its 38 IT departments into one, improving government services, and
finding new sources of innovation to apply to its revenue model. Within 18
months, Illinois rose in national rankings from the bottom fourth of state
governments to the top third. Read more
[ENTERPRISERSPROJECT.COM]

25. Electronic Document Management

26. Electronic Document Management
CFPB: Looks to Embrace Cloud for Email, Office Application Needs. The Consumer
Financial Protection Bureau wants to move to a public cloud setup for some of its
core enterprise apps. The financial watchdog agency recently sent out a Request
for Information (RFI) on the process, technical requirements and costs of moving to
cloud services in fiscal year 2017. CFPB wants to establish a more complete
understanding on the costs associated with moving fully to a cloud solution for
email and office applications (e.g., documents, spreadsheets, presentations,
SharePoint and more).Read the rest
[FEDTECHMAGAZINE.COM]

27. Electronic Document Management
ROI: 4 Ways Business Document Management Software Can Save You Money. Lisa
Croft, Group Product Marketing Manager at Adobe Document Cloud, talks about
the many ways business document management can save your company time,
space, and more importantly, loads of money. Here are the four most obvious ways
these tools provide excellent return-on-investment. Read more
[PCMAG.COM]

28. Security Patches

29. Security Patches
MICROSOFT: Outlook Security Patches Intentionally Break Custom Forms. While
the language-changing bug in KB 4011089 wasn’t intended, Microsoft now says the
unannounced part that breaks VBScript printing in custom forms is a feature, not a
bug. Read more
[COMPUTERWORLD.COM]
WORDPRESS: Patches Nine Security Vulnerabilities. WordPress.org released
version 4.8.2 of its content management system that fixes nine security issues, five
of which involve cross-site scripting (XSS) vulnerabilities. Click here for key
takeaways.
[SCMAGAZINEUK.COM]

30. Security Patches
ANDROID: Google Patches Dozens of Dangerous Bugs, Including Some in Oreo.
Pixel and Nexus owners will get the September Android patch as part of the
Android 8.0 Oreo rollout. Find out more
[ZDNET.COM]
EQUIFAX: Failure to Patch Enabled Massive Hack. Last week, a massive hack of
the credit bureau Equifax stole critical personally identifiable information (PII) on
143 million US citizens. The company’s response to the incident has been strongly
criticized, and now we know the incompetence isn’t limited to the customer-
facing sections of the company. The flaws that allowed hackers to penetrate
Equifax and steal its customer data were patched several months ago. The flaw in
question is within Apache Struts and is identified CVE-2017-5638. It’s described as
a flaw in file upload handling. Read more
[EXTREMETECH.COM]

31. CIO, CTO & CISO

32. For the CIO, CTO & CISO
CTO: Should Your CTO Still Be Coding? Your chief technology officer (CTO) is
integral to your operations by overseeing technology integration, acceptance and
issues. But has your CTO moved on from the task you primarily hired them to
complete in the first place? Are they no longer coding as a regular part of their
responsibilities? Or do they no longer have the time for it as business architecture
design, prototyping and other day-to-day issues require more and more of their
undivided attention? 11 executives from Forbes Technology Council share the
reasons why your CTO should be coding as part of their regular duties and under
what circumstances they should give up the practice. Read the rest
[FORBES.COM]

33. CIO, CTO & CISO
CIO: Daimler’s Jan Brecht Says Emerging Technology Is Key to Competitive
Edge. Jan Brecht, chief information officer for Daimler AG, says current emerging
technologies such as AI and blockchain are moving to the mainstream, and that
businesses must keep up with that adoption. Read more
[BLOGS.WSJ.COM]
CIO: How to Stay Current with Emerging Tech: CIO Tips. CIOs from Target, CVS
Health, GE, and others share strategies for keeping up with the latest
technologies. Read more
[ENTERPRISERSPROJECT.COM]

34. CIO, CTO & CISO
CISO: The Security Leader’s Expanding Role: Seven Priorities to Drive CISO
Success. Some of the security leader’s tasks are project-based, but because the
job is ongoing, CISOs need to remain cognizant of a set of priorities that can’t be
left to chance. Here are seven priorities can help today’s CISOs stay on top of
their game and keep their companies secure. Find out more
[SECURITYINTELLIGENCE.COM]

35. Penetration Testing

36. Penetration Testing
APPLICATION TESTING: Don’t Sweep Web Application Penetration Testing
Under the Rug. Web application penetration testing is one of the most critical
components of your information security program. The exploitation of a web-
related vulnerability could result in a massive breach, so web security must be
front and center in any organization. However, people sweep web security under
the rug and fail to follow through on their findings. Read more
[SECURITYINTELLIGENCE.COM]
SECURITY: The Front-Line Defensive Measure: Penetration Testing. Growth in
leaked exploit attacks means penetration testing should be a front-line defensive
measure, warns Sec-1. Read more.
[INFORMATION-AGE.COM]

37. Penetration Testing
EQUIFAX: All the Ways Equifax Epically Bungled Its Breach Response. The
breach of the credit monitoring firm Equifax, which exposed extensive personal
data for 143 million people, is the worst corporate data breach to date. But,
incredibly, the mistakes and the superlatives don’t end there. Three weeks since
the company first publicly disclosed the situation, a steady stream of gaffes and
revelations paint a picture of Equifax’s deeply lacking response to catastrophe.
Find out more
[WIRED.COM]
NEXT-GEN: Breaking Into Infosec. Discover the career path information security
analyst and penetration tester Ryan Hausknecht followed to break into the
information security field. Read more
[INFOSECURITY-MAGAZINE.COM]

38. Open Source

39. Open Source
AI: Government Ventures Into AI. The Army has enlisted artificial intelligence to
help mechanics predict problems in Stryker armored vehicles before they
happen. IBM’s Watson system analyzed data from the vehicles’ onboard sensors
and 15 years of maintenance logs to create a comprehensive maintenance
picture. Watson demonstrated its abilities on 350 Stryker vehicles during a field
test that began in mid-2016. The Army is one of a handful of early AI adopters in
the federal government, and several other agencies are looking into using AI,
machine learning and related technologies. AI experts cite dozens of potential
government uses, including cognitive chatbots that answer common questions
from the public and complex AIs that search for patterns that could signal
Medicaid fraud, tax cheating or criminal activity. Read more
[GCN.COM]

40. Open Source
ERP: The Coming Federal ERP Systems Battle. Across government, agencies can
expect their legacy IT business systems to fall behind at an accelerating rate.
Vendors are aiming many of their advances in business analytics, big data and
artificial intelligence at their cloud platforms and not at on-premises systems. That
approach will hit enterprise resource planning (ERP) systems hard. Chatbots, for
instance, now use texting and voice in human-like, conversational formats to
interface with applications. They are gaining artificial intelligence capabilities and
could fundamentally change how people interact with computers. Read the rest
[FCW.COM]
FLASH: A Foolish Petition to Open Source Adobe Flash. In 2020, Adobe promises us
that Adobe Flash will finally be put in its grave. Thank God! But now developer Juha
Lindsted wants to open-source Flash. Oh please! Not just no, but hell no! Find out
more
[ZDNET.COM]

41. Open Source
MANAGEMENT: Active Management of Open Source Components Delivers
Measurable Improvements Claims Sonatype Report. Sonatype has released
their third annual State of the Software Supply Chain report concluding that
when organisations actively manage the quality of open source components in
software applications they see a 28% improvement in developer productivity
(through reduction in manual governance), a 30% reduction in overall
development costs, and a 48% increase in application quality (as application
vulnerabilities are removed early reducing their incidence in production).
Analysis also showed that applications built by teams utilising automated
governance tools reduced the percentage of defective components by 63%. Read
more
[INFOQ.COM]

42. Business Intelligence

43. Business Intelligence
READ: 12 Ways to Empower Government Users with the Microsoft Business
Intelligence (MBI) Stack. Are your organization’s Federal IT resources under
constant pressure, with no end in sight? Your agency is not alone. With limited
access to dedicated information technology resources, non-technical end users
often play the waiting game, relying on IT staff to do simple tasks like generating
custom queries and embedding them within applications. Your department’s need
to generate on demand, ad hoc reports gets pushed to the back burner while IT
resources respond to more pressing matters. Implementing a self-service approach
alleviates your IT staff from such tasks, affording them more time to focus on
solving high impact problems. Read more
[BLUEMT.COM]

44. Business Intelligence
REPORT: 2017 State Of Business Intelligence And Predictive Analytics. Insights
gained from interviews with Dresner Advisory Service’s research community of over
3,000 organizations, in addition to vendor customer community interviews. 57% of
respondents are from North America, 31% from Europe, the Middle East & Africa,
with the remaining 12% from Asia-Pacific (8%) and Latin America (4%). For
additional details regarding the methodology, please see page 11 of the study.
Industry interest in advanced and predictive analytics grew sharply in 2017, with
business intelligence experts, business analysts, and statisticians/data scientists
being the most prevalent early adopters. Click here for key takeaways.
[FORBES.COM]

45. Business Intelligence
READ: Business Intelligence vs. Business Analytics: Where BI Fits Into Your Data
Strategy. While BI leverages past and present data to describe the state of your
business today, business analytics mines data to predict where your business is
heading and prescribe actions to maximize beneficial outcomes. Find out more
[CIO.COM]
U.S. GOVT FINANCE: 11 Ways to Speed Up Government Procurement. Buying with
public money is difficult by design, but are there fair ways to fix it? Read more
[GOVTECH.COM]

46. Operating Systems

47. Operating Systems
ORACLE: Unveils New SPARC Chip in Wake of Layoff Reports. The vendor rolls out
the SPARC M8 platform and servers just weeks after reports that it is slashing the
workforce in its hardware business. Read more
[EWEEK.COM]
MICROSOFT: Is Adding a Potent Security Feature to Windows 10. Microsoft is
making it easier for Windows 10 business customers to recover from security
breaches. The tech giant plans to add a new tool to its flagship software that
automates what a security professional would do in response to a hacking. Click
here for key takeaways.
[FORTUNE.COM]

48. Operating Systems
LINUX: Mint 18.3 Ubuntu-based Operating System is Named ‘Sylvia’. If you are a
diehard Linux Mint user, here is interesting news. Version 18.3 is coming soon, and
we now know the official code name. As is typical with the Mint operating system, a
woman’s name is being used. This time, “Sylvia” has been selected. Besides the
name, we know some other interesting tidbits — the distro will be getting a
secondary default backup tool (Timeshift), and Xreader is being significantly
improved. Find out more
[BETANEWS.COM]
IBM: Watson Data Platform Aims to Become Data Science Operating System. IBM’s
plan is to create a data science operating system that can bring together data
scientists, analysts, and business leaders. Read more
[ZDNET.COM]

49. Incident Response

50. Incident Response
FEDERAL CISOs: Want More Education and Training to Help Boost Incident
Response. Federal CISOs agree that investment in workforce training and education
is the key to increasing incident response capabilities. If budgets weren’t an issue,
Department of Homeland Security CISO Jeffrey Eisensmith said during a panel on
CISO priorities for 2018 at the Sept. 13 Billington Cybersecurity Summit in
Washington, D.C., he would put a “significant investment in workforce both in
training and retention” by instituting performance-based training and testing.” Read
more
[FCW.COM]

51. Incident Response
BANKS: How to Strengthen Incident Response. Effective incident response requires
fine coordination between technical and human resources, says Mike Fowler of DF
Labs, an incident-response platform provider. “Think about the last cyberattack you
read about [and what] we see is that we need more cyber-trained people,” Fowler
says in an interview at Information Security Media Group’s recent New York Fraud
and Breach Prevention Summit. “Part of the problem is the human element, and I
think part of the solution is taking what we have – the resources, be they hardware,
software or human – and making them better.” Read the rest
[BANKINFOSECURITY.COM]

52. Incident Response
FEDERAL GOVERNMENT: IRS Computer Security Incident Response Center Needs
Improvement. The Internal Revenue Service’s Computer Security Incident Response
Center is preventing some cybersecurity violations, but could use some
improvements, according to a new report. The report, from the Treasury Inspector
General for Tax Administration, noted that the CSIRC is responsible for preventing,
detecting, reporting, and responding to cybersecurity incidents, such as computer
related threats and attacks targeting the IRS’s technology assets. As the IRS holds
tax information on all taxpayers, the agency presents an attractive target for
hackers. But weaknesses in the CSIRC program could prevent the timely detection,
prevention, or reporting of unauthorized access and disclosure of taxpayer data.
Find out more
[ACCOUNTINGTODAY.COM]

53. Incident Response
GOVERNANCE: The Methodology of Improving Incident Response. AusCERT is one
of the oldest CERT’s in the world, and Phil Cole says the independent organization is
now laser-focused on helping enterprises across sectors to fundamentally improve
their strategies and solutions for incident response. Read more
[DATABREACHTODAY.COM]
HHS: Incident Response Will Be Scrutinized. A federal watchdog agency has added
two security-related evaluations to its to-do list: assessing the Department of
Health and Human Services’ incident response capabilities and reviewing internal IT
and security controls of federal Affordable Care Act health insurance enrollment
systems. Read more
[GOVINFOSECURITY.COM]

54. Incident Response
IoT: Operational Integrity and Incident Response for IoT Security. Given the
increasing volume of connected devices throughout society, Internet of Things (IoT)
security should be a key consideration for businesses and consumers alike.
Embedded in everything from our homes and cars to commercial and industrial
manufacturing, IoT solutions are already providing significant benefits. As a result,
IDC expects organizations to increase their IoT investments to an estimated $1.29
trillion by 2020. Click here for key takeaways.
[SECURITYINTELLIGENCE.COM]
ADOBE: In Spectacular Fail, Adobe Security Team Posts Private PGP Key on Blog.
Having some transparency about security problems with software is great, but
Adobe’s Product Security Incident Response Team (PSIRT) took that transparency a
little too far today when a member of the team posted the PGP keys for PSIRT’s e-
mail account—both the public and the private keys. The keys have since been taken
down, and a new public key has been posted in its stead. Find out more
[ARSTECHNICA.COM]

55. Incident Response
CISO: When Responding to a Data Breach, Cooperation Is Nine-Tenths of the Law.
In recent years, several high-profile breaches involving customer data have led to
long and costly litigations. These events demonstrated that data protection is more
than just a cybersecurity concern. When responding to a data breach, legal teams
have to work closely with the chief information security officer (CISO) to ensure that
security policies, regulatory compliance and response plans are adequate to
effectively protect sensitive data. Together, these departments can develop a sound
incident response strategy that protects both the organization’s data and its legal
interests in the event of a breach. Read more
[SECURITYINTELLIGENCE.COM]

56. Cybersecurity

57. Cybersecurity
MICROSOFT: A Pictorial Walk-Through Of Microsoft’s New Cybersecurity Tools.
Cybersecurity should be on every person’s mind in 2017, and certainly every
lawyer’s. Here’s why…Read more
[ABOVETHELAW.COM]
FEDERAL GOVT: U.S. Government Cybersecurity Lags Behind That of a Fast Food
Joint, Say Analysts. The American federal government and countless state and local
governments throughout the U.S. are more vulnerable to cyberattacks than your
local McDonald’s. A new study ranking the cybersecurity of 18 industries “paints a
grim picture” with the U.S. government 16th when it comes to protecting its
computer systems and data from hackers. Read the rest
[NEWSWEEK.COM]

58. Cybersecurity
DATA: The Piece of Cybersecurity Feds Can No Longer Ignore. The Trump
administration needs to work with Congress to fully fund the Department of
Homeland Security’s Continuous Diagnostics and Mitigation program. Find out more
[FEDTECHMAGAZINE.COM]
STATE & LOCAL GOVERNMENT: Annual Cybersecurity Review for State and Local
Government Approaches. Non-federal agencies still ride low on the maturity
benchmark, but the increased political attention around cybersecurity could
improve results in the coming survey period. Find out more about the study results
[STATESCOOP.COM]

59. IT Management

60. IT Management
FEDERAL GOVERNMENT: Trump Finally Begins to Fill Out Important Government
Management Leadership Roles. The long-wait is over. The Trump administration
has revealed the names of the four people who could, possibly, maybe hold key
federal management positions. It was like someone poured an entire bottle of
Drano to move the clog that has backed up White House personnel. Read more
[FEDERALNEWSRADIO.COM]
PRODUCTIVITY: Here Are PepsiCo CEO Indra Nooyi’s Secrets For Managing Her
Hectic Life. In a Fortune Magazine interview, Indra Nooyi revealed that every day
she makes a to-do list of 50 to 60 items, down to very small things. Her list is two
columns—one side the personal, the other the professional – that both live on a
single page. Tasks that aren’t completed get carried over to the next day, although
she tries to keep that down to two to three items. Read more.
[FORTUNE.COM]

61. IT Management
DIGITAL TRANSFORMATION: 10 Tips for Change Management Success. Change
management is the discipline of leading individuals, teams and entire
organizations through organizational change via a combination of behavioral and
social sciences, information technology and business solutions. Here are 10 steps
to success when transforming your company. Find out more
[CIO.COM]
CLOUD: Multi-Cloud Management: 6 Expert Tips. Using multiple cloud
providers? Here’s how to keep your environment running without a hitch. Read
more
[ENTERPRISERSPROJECT.COM]

62. Application Development

63. Application Development
INDUSTRY INSIGHT: 4 Steps to Agile Success. There’s a noticeable shift toward agile
development taking place within the federal government. Driven by a need for
accelerated application development and meeting internal customers’ needs on the
very first attempt, agencies like the General Services Administration and
Department of Homeland Security have begun to move away from traditional
waterfall project management frameworks and toward iterative, agile frameworks
like scrum. Read more
[GCN.COM]

64. Application Development
IT MODERNIZATION: 3 Strategies for Building Successful Agile Teams. Is the
federal government truly ready to embrace agile software development?
Successful agile environments do not start with technology; they start with
creating the right team. This can be harder than it may first appear, because agile
challenges preconceived norms of how federal IT teams should be structured and
the way they approach projects. Agile teams are typically a combination of
individual contributors (particularly those from development and quality assurance
backgrounds) who rarely work together but must now collaborate to achieve
common goals. Read the rest
[NEXTGOV.COM]
ENTERPRISE: Air Force Intelligence Unit Goes Agile. The US Air Force is
determined to get more agile to produce applications that can be useful in times of
conflict. Find out more
[INFORMATIONWEEK.COM]

65. Application Development
PEOPLE & CAREERS: Sloughing Off the Government Stereotypes. What are CIOs
doing to lure millennials into government IT? Government CIOs across the board
are being forced to confront the retirement wave that’s about to decimate their
ranks. But does the next generation of IT pros want the jobs their parents and
grandparents are leaving behind? Read more
[GOVTECH.COM]

66. Big Data

67. Big Data
FINTECH: For the Finance Sector, Big Data Keeps Getting Bigger. The value that can
be extracted from a growing wealth of data across boundless sectors is only just
beginning to be grasped. If you look at search engines or digital commerce
platforms, an almost direct relationship exists between the amount of data users
willingly give up and the value this has. There is also the fact that those with the
most data at their disposal will probably have the best artificial intelligence in the
future, making them nigh on invincible. In finance, data of one sort or another has
always held intrinsic value. People who trade in the zero-sum game of capital
markets all need a Bloomberg terminal or Thomson Reuters data to have a look at
all the traditional price information, earnings estimates and so on. Read the rest
[NEWSWEEK.COM]

68. Big Data
OPINION: Big Data Needs Bigger Security. The age of “big data” is here, along with
a growing list of big data breaches and the big mess created for millions of affected
consumers. The only thing missing is big consequences for companies that are
causing these big losses. Read more
[USNEWS.COM]
REAL ESTATE: How Real Estate Agents Can Capitalize on Big Data for Big Results.
Big data powers predictive analytics. As the field grows, these massive data sets
propel some of the biggest companies in new, unexpected ways. The truth is that
big data isn’t just for big companies — and leveraging predictive technology doesn’t
mean you have to scrap your current business model for something built in a hacker
lab. Predictive products can help agents optimize nearly everything from mailers
and marketing to cold calls and conversational outreach. Find out more
[INMAN.COM]

69. Big Data
HOW: Big Data and Digital Transformation – How One Enables the Other.
Drowning in data is not the same as big data. Here’s the true definition of big data
and a powerful example of how it’s being used to power digital transformation. Find
out more about the study results
[ZDNET.COM]

70. Personal Tech

71. Personal Tech
DOWNLOADS: Resolutions for the Big (and Small) Screens. When it comes to
streaming and downloading movies, find out the difference between standard
definition and the high-definition versions. Read more
[NYTIMES.COM]
TECH TRAVEL: Checking Voice Mail While Abroad. Find out how to check voice mail
on a smartphone when traveling in Europe. Read more.
[NYTIMES.COM]

72. Personal Tech
STAY ALERT: Technology Can Be A Threat To Your Physical Safety. Discover the
personal safety habits you can practice to stay safe at home and on the go. Find out
more
[FORBES.COM]
HOW TO: Schedule Your Smartphone for a Little Peace and Quiet. Have you signed
up for alerts from a bunch of news sites on your iPhone to keep up with the
headlines, but now they’re waking you up at night with their sounds and turning on
the phone screen? Find out how to mute the noises and phone screen light before
bed without turning off the phone’s alarm clock. Read more
[NYTIMES.COM]

73. Mobile Applications

74. Mobile
OPINION: It’s Time for IT to Take Control of Mobile Apps. IT is seeing a very
dangerous collision of two trends: BYOD and mobile apps. IT’s job is to protect
corporate data – and it’s an app download away from failing. Read more
[COMPUTERWORLD.COM]
USDA: Unveils Mobile Application for Its Government Ethics Content. U.S.
Secretary of Agriculture Sonny Perdue officially unveiled a new mobile app
Wednesday for agency employees – a simple ethics guide called “USDA Ethics.” The
app promises to answer employees’ ethics questions “on the go” with short articles
on ethics requirements, easy-to-access forms and even a video library of ethics
training content. Read the rest
[FEDSCOOP.COM]

75. Mobile
FEDERAL GOVERNMENT: Startups Are Finally Taking On Food Stamps. Felicia
Graybill uses her smartphone for everything: sending email, checking Facebook,
and even monitoring her bank account. But for years, when the 28-year-old
Brooklyn mom went to check on her food stamps benefits she might as well have
been using a landline. Reviewing her balance required dialing into a hotline and
entering her entire card number. All she could access was the sum of her funds –
there was no way of breaking down how and when she’d spent the money. Thanks
to new trends in civic technology, that’s beginning to change. Young tech workers
have increasingly noticed the wide-open opportunity to bring disruption to
outdated social programs. With a user base of nearly 43 million Americans, the
Supplemental Nutrition Assistance Program (SNAP), which provides food stamps, is
ripe for innovation. Take Graybill. Now she uses FreshEBT, an app launched by
mobile software startup Propel. The app allows her to check her balance on her
phone and organize her budget around local deals using an online shopping list.
Find out more
[WIRED.COM]

76. Mobile
HEALTH: Mobile Apps for Diabetes Patients Need Careful Review. Diabetes
patients who use smartphone applications to manage their condition should know
that not all apps are reliable, researchers say. “We have more than 165,000 health
and fitness apps in app stores right now and little control over what’s being
published,” said study author Francois Modave of the University of Florida in
Gainesville. “App manufacturers want to produce good information, but there’s no
oversight from any health organization or agency,” Modave told Reuters Health.
Approximately 29 million Americans have diabetes, according to the Centers for
Disease Control and Prevention in Atlanta. Modave and colleagues used the Mobile
App Rating Scale to analyze and rank the top free apps for diabetes management.
They also looked at the number of diabetes-specific management tasks that the
apps included, such as physical activity, nutrition, blood glucose testing, medication
and insulin dosage, health feedback, and education.
Find out more about the study results
[REUTERS.COM]

77. Programming & Scripting Development
Client & Server-Side

78. Programming & Scripting Development
Client & Server-Side
JAVASCRIPT: How to Write Shell Scripts with JavaScript. How to use JavaScript to
recursively iterate over the files in a directory and to identify any occurrences of a
specified string. Read more
[SITEPOINT.COM]
JAVA: Java 9 Delayed Due to Modularity Controversy. Oracle has proposed that
Java 9 Standard Edition be delayed until September 21 so the open source
community that is finalizing Java 9 can address the ongoing controversy over a
planned but later rejected approach to modularity, said Georges Saab, vice
president of software development in the Java platform group at Oracle and
chairman of the OpenJDK governing board. Read the rest
[INFOWORLD.COM]

79. Programming & Scripting Development
Client & Server-Side
C#: The Future of Microsoft’s Languages: C# To Be Powerful, Visual Basic Friendly.
Since their introduction in 2002, Microsoft’s pair of .NET programming languages,
C# and Visual Basic.NET, have been close siblings. Although they look very
different—one uses C-style braces, brackets, and lots of symbols, whereas the
other looks a great deal more like English—their features have, for the most part,
been very similar. This strategy was formalized in 2010, with Microsoft planning
coevolution, to keep them if not identical then at least very similar in capability.
But the two languages have rather different audiences, and Microsoft has decided
to change its development approach. Read more
[ARSTECHNICA.COM]

80. Programming & Scripting Development
Client & Server-Side
PYTHON: How to Set Up and Learn Python Coding on a Mac. Python is one of the
most popular programming languages. Students use Python to learn coding; data
scientists use Python to crunch numbers. Discover how to set up and learn Python
coding on a Mac, including the best Python text editors and the best Python
training courses. Find out more
[MACWORLD.CO.UK]

81. Cloud Computing

82. Cloud Computing
AUTOMOTIVE: How The Automotive Industry Is Leveraging Cloud Computing. The
Volkswagen Group, the world’s second largest car manufacturer, is planning to use
open-source cloud-computing platforms in order to build a private cloud to host
websites for its brands Audi, VW, and Porsche. The company is also looking at a
comprehensive platform for innovative automotive technology. In fact, VW officials
debated for a long time over how to leverage the technology. The Group employs
over 600,000 employees globally and of them, there are 11,000 who are internal IT
experts. Read the rest
[CXOTODAY.COM]

83. Cloud Computing
MICROSOFT: Huawei Ups Its Bet on Cloud Computing with Broader Support for
Microsoft Apps. Huawei’s bid to be a player in China’s cloud computing scene got a
little stronger with the signing of a deal with Microsoft to host more of the software
giant’s apps on its cloud. Read more
[GEEKWIRE.COM]
GOOGLE: Service Promotes Hybrid Clouds. Google is offering Dedicated
Interconnect a new service for enterprises to build hybrid infrastructure by
extending corporate networks into its cloud. Read more
[NETWORKWORLD.COM]

84. Cloud Computing
OPINION: It’s Time to Think Beyond Cloud Computing. That problem from the
frontier of technology is why many tech leaders foresee the need for a new “edge
computing” network – one that turns the logic of today’s cloud inside out. Today the
$247 billion cloud computing industry funnels everything through massive
centralized data centers operated by giants like Amazon, Microsoft, and Google.
That’s been a smart model for scaling up web search and social networks, as well as
streaming media to billions of users. But it’s not so smart for latency-intolerant
applications like autonomous cars or mobile mixed reality. Find out more
[WIRED.COM]

85. Cloud Computing
FEDERAL GOVERNMENT: Here’s a Cloud Guide Written by Feds for Feds. Will the
White House Listen? Several dozen federal technologists, chief information officers
and acquisition experts have developed a guidebook for how agencies ought to
pursue cloud-based solutions. Here’s a draft copy of the guide, which was authored
in partnership with an interagency group comprised of tech leaders from the
Defense Department, Federal Communications Commission, General Services
Administration and other agencies. Read more
[NEXTGOV.COM]

86. Cloud Computing
DHS: Invests in Mobile App Security. When it comes to the securing mobile
computing, government agencies are challenged not only by traditional software
vulnerabilities, but also by the number and types of services accessible through
mobile apps. The Department of Homeland Security’s Science and Technology
Directorate began taking an active role in validation and threat protection for mobile
apps two years ago when it began working with Kryptowire for assessing risk,
analyzing vulnerabilities and archiving mobile applications. Click here for key
takeaways.
[GCN.COM]
CLOUD COMPUTING: Spurs Hybrid Architecture Adoption. Enterprises turn to the
hybrid cloud for disaster recovery, data archiving and other applications. Find out
more
[INFORMATIONWEEK.COM]

87. Cloud Computing
READ: Google, Microsoft Emphasize Cloud Security as Hacks Intensify and Big
Businesses Eye the Cloud. Security fears have been associated with cloud
computing ever since it began, and for the most part those fears have been
unfounded: the big cloud providers are way better at security than your average
enterprise. Still, there’s always more to be done, and Google and Microsoft unveiled
new services this week to give customers additional peace of mind. Read more
[GEEKWIRE.COM]

88. Announcement

89. Announcement
Blue Mountain Data Systems DOL Contract Extended Another Six Months
The Department of Labor has extended Blue Mountain Data Systems Inc. contract
DOLOPS16C0017 for 6 months for network administration and application
support.
U.S. Dept. of Labor, Employee Benefits Security Administration
1994 to Present Responsible to the Office of Technology and Information Systems
for information systems architecture, planning, applications development,
networking, administration and IT security, supporting the enforcement of Title I
of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue
Mountain is responsible for design, development and support for its various
enforcement database management systems, as well as all case tracking and
customer service inquiry systems. Blue Mountain also provides IT security services
to the EBSA, in the form of FISMA Assessment and Authorization, System Security
Plans, Risk and vulnerability assessments, monitoring and investigation support.

90. IT Security | Cybersecurity

91. IT Security | Cybersecurity
INSIGHT: Why State and Local Government Still Struggle with Cybersecurity. State
and local governments are struggling to deal with a number of cybersecurity threats.
Tight budgets, lack of talent in the workforce and the constantly evolving nature of
threats are a few reasons why the challenge is mounting. But cybersecurity cannot
go neglected. State and local agencies store massive amounts of sensitive
constituent data such as Social Security numbers, health care records and driver
license numbers. And without a secure infrastructure, the public transportation
systems, electric grids and water plants powering our nation’s cities remain
vulnerable. Read more
[GCN.COM]
FYI: New Framework Defines Cyber Security Workforce Needs. Both the federal
government and its contractors are locked in a battle for talent with commercial
providers, each vying for the best personnel in critical areas of cybersecurity, and
each dealing with a shortage of available talent. Read the rest
[GOVTECHWORKS.COM]

92. IT Security | Cybersecurity
OPINION: We’re Thinking about Cybersecurity All Wrong. Obama’s former cyber
advisor, Michael Daniel, on how we need to overhaul the way we manage the new
“tool for statecraft.” Find out more
[TECHNOLOGYREVIEW.COM]
FEDERAL HIRING: One Easy Thing Your Agency Can Do to Attract More
Cybersecurity Talent. Building a well-trained cyber workforce has been a challenge
for the federal government, and the first step in that process is finding well-qualified
candidates to fill the positions. Laura Bate, senior programming associate for New
America’s Cybersecurity Initiative, said there are several factors that make that the
case, but agencies do have options to overcome the obstacles. Read more
[FEDERALNEWSRADIO.COM]

93. From the Blue Mountain Data Systems Blog
Programming & Scripting
https://www.bluemt.com/programming-scripting-daily-tech-update-september-
29-2017/
Cloud Computing
https://www.bluemt.com/cloud-computing-daily-tech-update-september-18-
2017/
Business Intelligence
https://www.bluemt.com/business-intelligence-daily-tech-update-september-15-
2017/
Mobile Applications
https://www.bluemt.com/mobile-applications-daily-tech-update-september-11-
2017/

94. From the Blue Mountain Data Systems Blog
Personal Tech
https://www.bluemt.com/personal-tech-daily-tech-update-september-28-2017/
Databases
https://www.bluemt.com/databases-daily-tech-update-september-21-2017/
Penetration Testing
https://www.bluemt.com/penetration-testing-daily-tech-update-september-26-
2017/
Incident Response
https://www.bluemt.com/incident-response-daily-tech-update-september-14-
2017/

95. From the Blue Mountain Data Systems Blog
Security Patches
https://www.bluemt.com/security-patches-daily-tech-update-september-22-
2017/
Operating Systems
https://www.bluemt.com/operating-systems-daily-tech-update-september-20-
2017/
Encryption
https://www.bluemt.com/encryption-daily-tech-update-september-19-2017/
Cloud Computing
https://www.bluemt.com/cloud-computing-daily-tech-update-september-18-
2017/

96. From the Blue Mountain Data Systems Blog
Open Source
https://www.bluemt.com/programming-scripting-daily-tech-update-september-
5-2017/
CTO, CIO and CISO
https://www.bluemt.com/cio-cto-ciso-daily-tech-update-september-6-2017/
Programming & Scripting
https://www.bluemt.com/programming-scripting-daily-tech-update-september-
5-2017/

97. From the Blue Mountain Data Systems Blog
Security Risks Most Prevalent in Younger Workers
https://www.bluemt.com/security-risks-most-prevalent-in-younger-workers/
The Security World’s Maturation
https://www.bluemt.com/the-security-worlds-maturation/
Data Breach Concerns Keep CISOs Up At Night
https://www.bluemt.com/data-breach-concerns-keep-cisos-up-at-night/
Personalized Govt Equals Instant Gratification for Citizens
https://www.bluemt.com/personalized-govt-equals-instant-gratification-for-
citizens/

98. From the Blue Mountain Data Systems Blog
People-Centric Security
https://www.bluemt.com/people-centric-security/
Pentagon Tries BYOD To Strike Work/Life Balance
https://www.bluemt.com/pentagon-tries-byod-to-strike-worklife-balance/
Open Source Model Considered for MS Windows
https://www.bluemt.com/open-source-model-considered-for-ms-windows/
Open Internet: To Be or Not to Be?
https://www.bluemt.com/open-internet-to-be-or-not-to-be/

99. From the Blue Mountain Data Systems Blog
Malware Stays A Step Ahead Infecting One Third of Websites
https://www.bluemt.com/malware-stays-a-step-ahead-infecting-one-third-of-
websites/
Machine-Generated Data: Potential Goldmine for the CIO
https://www.bluemt.com/machine-generated-data-potential-goldmine-for-the-
cio/
Government Legacy Programs: Reuse vs. Replacement
https://www.bluemt.com/government-legacy-programs-reuse-vs-replacement/
It Takes a Whole Village to Protect Networks and Systems
https://www.bluemt.com/it-takes-a-whole-village-to-protect-networks-and-
systems/

100. From the Blue Mountain Data Systems Blog
Governance For the CIO
https://www.bluemt.com/governance-for-the-cio/
Help Desk Consolidation – Lessons Learned
https://www.bluemt.com/help-desk-consolidation-lessons-learned/
One Year Later, Companies Still Vulnerable to Heartbleed
https://www.bluemt.com/one-year-later-companies-still-vulnerable-to-
heartbleed/
Federal Projects Cultivate Worker Passion
https://www.bluemt.com/federal-projects-cultivate-worker-passion-2/

101. ABOUT US
Blue Mountain Data Systems Inc.
Blue Mountain Data Systems Inc. is dedicated to application
and systems development, electronic document management,
IT security support, and the automation of workflow processes.
Read more about our experience here:
>> http://bluemt.com/experience

102. Recent Experience
U.S. Dept. of Labor
Employee Benefits Security Administration
1994 to Present
Responsible to the Office of Technology and Information Systems for information
systems architecture, planning, applications development, networking,
administration and IT security, supporting the enforcement of Title I of the
Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue
Mountain is responsible for design, development and support for its various
enforcement database management systems, as well as all case tracking and
customer service inquiry systems. Blue Mountain also provides IT security services
to the EBSA, in the form of FISMA Assessment and Authorization, System Security
Plans, Risk and vulnerability assessments, monitoring and investigation support.

103. MANAGEMENT
Paul T. Vesely
Founder, President, CEO and Principal Architect
Mr. Vesely is a recognized thought leader in systems
architecture and delivery, having designed and
delivered many enterprise wide information and
document management solutions. Mr. Vesely’s history
includes 33 years experience in the information
systems industry, with Unisys, Grumman, PRC and a
host of clients in both government and private sectors.

104. CONTACT US
Contact Us Today to Discuss Your Next IT Project
HEADQUARTERS
366 Victory Drive
Herndon, VA 20170
PHONE 703-502-3416
FAX 703-745-9110
EMAIL
paul@bluemt.com
WEB
https://www.bluemt.com