Tech Update Summary fromBlue Mountain Data Systems

December 2014

For CTOs, CIOs & CISOs

Follow Blue Mountain Data Systems on Twitter

https://twitter.com/bluemt_data

For CTOs, CIOs & CISOs

Every business day, we publish a Daily Tech Update for Federal & State CTOs ,CIOs & CISOs on the Blue

Mountain Data Systems Blog. We hope you will visit our blog for the latest information.

You can also receive these updates via email. Click here to subscribe.

Here’s the summary of the Daily Tech Updates for December 2014. Hope the information and ideas

prove useful in 2015.

Best,

Paul Vesely

President and Principal Architect

Blue Mountain Data Systems Inc.

For the CTO, CIO & CISO

CISOs: More CISOs Needed to Battle Cybersecurity Threats in 2015. If the year 2014 can teach corporations anything, it is that there is a glaring shortage of talent capable of facing cyber threats and managing fallout from breaches, a cybersecurity expert said. And the talent shortage will worsen in 2015 as the technical and managerial skills required of today’s chief information security officers outpace training efforts. Read more[BLOGS.WSJ.COM]

CLOUD: CISO’s influence grows as cloud envelops the enterprise. In case you need any more evidence that enterprises no longer see the cloud as a security threat, here it is straight from the horse’s mouth – almost 90 percent of IT security leaders have, or are planning to adopt the cloud very soon, according to new research from IBM. Read more[SILICONANGLE.COM]

For the CTO, CIO & CISO

SELF-SERVICE BI: Demand for self-service BI tools expected to grow. Business managers want to gain insight from data independent of their IT department and seek self-service business intelligence (BI) tools, according to a new report. Less than one-quarter of the respondents actually have access to those tools now, however. Self-service BI includes the capabilities of software tools and applications that enable business users to access data, analyze it, visualize insights, and share formatted information in reports and dashboards—all without IT’s help. Read more[CIOINSIGHT.COM]

NETWORKS: Slowdowns are the biggest issue for IT, survey shows. The single most common issue faced by the IT pros surveyed recently by Kelton Research is network slowdowns or outages, which outstripped applicationperformance problems, availability and even the dreaded “unanticipated change request.” Read more

[COMPUTERWORLD.COM]

For the CTO, CIO & CISO

BYOD: More than half of employees across the globe bring a mobile device to work. However, when you look at individual countries, the results vary wildly in terms of ownership and adoption — surprisingly, some tech-loving countries are lagging behind. Read more[CIO.COM]

THE NEW CTO: A CTO must be willing to embrace several new roles. These are called the Futurist, the Distiller, the Change Agent, and the Architect. Read more[WIRED.COM]

CIOs: Bedeviled by IT Services Access, App Downtime. The vast majority (82 percent) of chief information officers (CIOs) admit that they are unable to meet their organization’s need for immediate, always-on access to IT services. Read more[EWEEK.COM]

For the CTO, CIO & CISO

HOW-TO: Use More Open Source in Your Next Federal IT Acquisition. Robert L. Read and Eric Mill of 18F explain why it’s important that every Federal CIO, CTO, Architect, and Program Manager seeking to build or procure new IT projects understand that open source exists, that it can be of high quality and highly reusable, and how to use it securely. Read more[18f.GSA.GOV]

HIRING: Competing for talent in government – aligning strategy and human capital. Crafting policy often is the easiest part of government. Implementation and execution via government projects and programs is the hard part fraught with pitfalls and traps. Attracting and retaining the right talent to carry out these governmental initiatives is the key to ensuring policy is implemented and executed as aligned with the conceived intent. So, how does the government establish an effective talent management framework? Read more

[FEDERALTIMES.COM]

For the CTO, CIO & CISO

SELF-REPAIRING SOFTWARE: CTOs should know about this. University of Utah computer scientists have developed software that not only detects and eradicates never-before-seen viruses and other malware, but also automatically repairs damage caused by them. The software then prevents the invader from ever infecting the computer again. Read more[NEWSWISE.COM]

SOCIAL SOFTWARE & THE CIO: CIOs Use Social Software to Help the Help Desk. CIOs are turning to employee-curated social software to manage the corporate knowledge-base, an asset long obscured and often rendered useless by outdated information and even poorer performing search tools. Read more[BLOGS.WSJ.COM]

Open Source

FIREFOX: Firefox releases version 34 with SSLv3 fixes. Mozilla has disabled SSLv3 support and added Firefox Hello to its latest version of Firefox. Find out more[ZDNET.COM]

ADVICE: 6 tips for adopting open source. Open source code drives collaborative innovation from a larger pool of developers at a lower cost, which is why federal agencies are adopting the “open source first” model. So what’s the best way to increase your agency’s adoption of open source software and keep it secure? Here are six tips to get you there. Find out more[OPENSOURCE.COM]

Open Source

SURVEY: Control, not cost savings, drives IT’s love for open source. More IT professionals are embracing open source software, with control and business continuity outweighing the cost savings as factors. The PonemonInstitute polled nearly 1,400 IT professionals in the U.S. and in 18 countries in Europe, the Middle East and Africa about their perceptions of open source software versus proprietary programs. Nearly three-quarters of U.S. respondents (74 percent) said open source applications allow for better control and continuity with an organization’s overall IT practices. Read more[FEDSCOOP.COM]

Programming & Scripting Development Client & Server-Side

JAVASCRIPT: jQuery reigns as top JavaScript library. The new Libscore search engine, which crawls the Web tracking library usage, affirms jQuery’s dominance among popular sites. Read more[INFOWORLD.COM]

JAVA: Google launching open source Cloud Dataflow SDK for Java. Cloud Dataflow fills a major puzzle piece in Google’s rapidly evolving and growing cloud stack as the Internet giant continues to challenge Amazon Web Services. Read more[ZDNET.COM]

MICROSOFT: Salesforce connects SharePoint files to its cloud with new tool. Salesforce, the not-so-little cloud CRM company that could, is furthering its play to bring everybody everywhere into the fold with the launch of Salesforce Files Connect, a new tool that brings files from on-premises Microsoft SharePoint into a company’s cloud workflow. Read more[COMPUTERWORLD.COM]

Programming & Scripting Development Client & Server-Side

JAVA 8 & GROOVY: Peter Ledbrook discusses the impact of the Java 8 language changes on Groovy applications and if Groovy still provides an edge in terms of developer productivity. [VIDEO & SLIDES] Watch now[INFOQ.COM]

JOB HUNTING CODERS: 5 myths and 5 mistakes job-hunting coders make. The things you need to know after you’ve made it through coding boot camp. Find out more[COMPUTERWORLD.COM]

TYPESCRIPT & BACKBONE: Creating a Master/Detail Page with Backbone and TypeScript. There are two strategies for downloading multiple objects from your service with Backbone: The obvious one and the fast one. Read more[VISUALSTUDIOMAGAZINE.COM]

Programming & Scripting Development Client & Server-Side

NODE.JS: Gains a new fork, much to Joyent’s dismay. Dissatisfaction with Joyent’sstewardship of the Node.js project has bubbled over, leading to the creation of the io.js fork. Find out more[INFOWORLD.COM]

MOBILE: Apple CloudKit Brings Remote Data Storage to Your Apps. With CloudKit, Apple’s answer to Dropbox, Parse and other cloud-based solutions, the developer does not have to deal with server-side application logic and can instead focus on client-side development. CloudKit exposes the standard cloud interfaces of authentication, public databases and asset storage. Most importantly, it’s free, with generous bandwidth and storage limits–10TB of database storage and 1PB of asset storage. Find out more[PROGRAMMABLEWEB.COM]

XHP-BOOTSTRAP: Project Announced, Combines XHP with Bootstrap Framework. XHP is a way to create HTML user interfaces from PHP or Hack, and provides an XML-like syntax for creating stringable objects representing markup. Read more[INFOQ.COM]

Programming & Scripting Development Client & Server-Side

HTML5: Introduction to Service Worker. A service worker is a script that is run by your browser in the background, separate from a web page, opening the door to features which don’t need a web page or user interaction. Read more[HTML5ROCKS.COM]

WHAT IF: Hemingway Wrote JavaScript – A creative programming exercise. Twitter engineer Angus Croll had a dream where he gave 25 literary figures an assignment to solve a common coding exercise with JavaScript, and, to his surprise, they were (almost) all able to write workable solutions. Read more[EMBEDDED-COMPUTING.COM]

VISUAL STUDIO 2013: Has JavaScript Powered Macros. Many popular development environments offer a scripting language or similar method of automating common tasks to make ease life for the developer. The Visual Studio Platform Team has released a new extension for Visual Studio 2013 that will allow developers to record and playback macros from within the editor. Read more [INFOQ.COM]

Programming & Scripting Development Client & Server-Side

FLOW: A static type checker for JavaScript. If your biggest objection to JavaScript is that it is dynamically typed, then Flow from Facebook might be just what you are looking for. Read more[I-PROGRAMMER.INFO]

OPEN SOURCE: Pure JavaScript Meteor 1.0 is an open source platform for building web and mobile apps in pure JavaScript. Meteor apps have “live-updating interfaces” to allow users to see information and collaborate with each other in real time, have touches like dialog boxes, and popups that feel more like desktop apps than websites. Read more[DRDOBBS.COM]

Programming & Scripting Development Client & Server-Side

PHP: The venerable server-side scripting language is famous for its use in Web development. First released in 1995 by Rasmus Lerdorf, it has been leveraged by the likes of WordPress and Facebook and reportedly is used in 82 percent of websites whose server-side programming language is known, according to W3Techs. The language is slightly behind Java in the PyPLPopularity of Programming Language index, and it ranks sixth in the rival Tiobe index. A high-performing upgrade, PHP 7, is due in 2015. Like any technology, however, it has its devotees and bashers. Here’s why advocates swear by PHP and why some dissenters might swear at it. Read more[INFOWORLD.COM]

Cloud

CALL FOR PARTICIPATION: NIST Seeks Members for Three New Cloud Computing Working Groups. The National Institute of Standards and Technology (NIST) Cloud Computing Program (NCCP) is forming three public working groups to provide solutions to cloud computing challenges. A teleconference on Wednesday, June 25, 2014, at 11 a.m. Eastern will kick off the effort. Program leaders will discuss group goals, member roles and responsibilities, meeting schedules and deadlines. Read more[NIST.GOV]

Open Source

SOFTWARE DEVELOPMENT: Why all software needs a license. All software developers should add a copyright license. Why? Because open source licensing is all about granting permission in advance. Read more[INFOWORLD.COM]

MySQL: Why the open source database is better off under Oracle. Oracle’s stewardship has been good for the MySQL database argues Percona CEO Peter Zaitsev. Read more[OPENSOURCE.COM]

SOFTWARE DESIGN: Attacks on open source call for better software design. Another day, another major vulnerability for government systems, it seems. This time it affects Drupal, a popular, open source content management system that’s been used for an increasing number of agency websites, including the

White House. Read more[GCN.COM]

Open Source

MICROSOFT: We shall set you FREE across ALL PLATFORMS. Microsoft, fixin’ to broaden the appeal of its .Net software development platform, has committed to delivering a new version of the toolset that is not only language agnostic but also cross-platform and entirely open source. Read more[THE REGIS TER.CO.UK]

Federal Agencies

DOJ: The Department of Justice has a new cybersecurity office. The unit will be operating under DoJ’s Computer Crime and Intellectual Property section, and will serve to offer legal advice for cyber crime investigations worldwide. Read more[FEDERALNEWSRADIO.COM]

FEDERAL DATA SECURITY: For feds, secure information sharing puzzle slowly coming together. Kshemendra Paul, the program manager of the Information Sharing Environment (ISSE) said one key policy and technology issue is taking shape to strike the balance of secure information sharing. Read more[FEDERALNEWSRADIO.COM]

Federal Agencies

RETRO GOVT IT: In December of 2004, the Office of Management and Budget (OMB) issued the first Policies for Federal Public Websites. Over the past decade, technology has completely transformed how government delivers information and services to the public. On this 10-year anniversary, here’s a recap some of the pivotal moments that have shaped today’s digital government landscape. Read more[DIGITALGOV.GOV]

OPM: 48,000 Federal Employees Potentially Affected by Second Background Check Hack. The Office of Personnel Management is alerting more than 48,000 federal employees their personal information may have been exposed following a breach at KeyPoint Government Solutions, which conducts background investigations of federal employees seeking security clearances. Read more[NEXTGOV.COM]

Federal Agencies

MORE FROM OPM: If you’re taking a vacation day and a storm closes government offices, you still get charged for the vacation. No more excused absences. That’s the gist of a revised weather-closure policy from the Office of Personnel Management. Read more[OPM.GOV]

DHS: Warns Feds About Electronic Billing Ploy. The Department of Homeland Security’s cybersecurity team has warned employees of federal, state and local agencies that they have been targeted by a phishing campaign masked as an unpaid bill. Read more[FCW.COM]

Federal Agencies

U.S. FEDERAL GOVERNMENT: Beware the Risks of Government Data Center Consolidation. In an effort to cut costs, Washington is consolidating its data centers, and though consolidation is a smart move, data centers – both federal and otherwise – invite specific risks when they are merged. How those risks are managed will ultimately determine the success of the mandate. Read more[NEXTGOV.COM]

USPS: Reducing Risk in the Cloud. Security is one of the highest priorities for today’s government agencies as cyber-security threats rise and become increasingly sophisticated. While many IT and agency department heads feel increasing concern and pressure around security breaches and privacy, FedRAMP and key compliance mandates are driving greater standards within the industry. Read more[FEDERALNEWSRADIO.COM]

Federal Agencies

FDA: Tragic Deaths Highlight the Dangers of Powdered Pure Caffeine. Read more[FDA.GOV]

OMB & GSA: Driving the federal government towards a Low Price Regardless (LPR) contracting model. As part of the Federal Strategic Sourcing Initiative (FSSI), the Office of Management and Budget and the General Services Administration have created a Prices Paid Portal. The goal of the Prices Paid tool is to reduce total cost of ownership for goods and services by providing greater visibility on the prices agencies have paid for them. Read more[FEDERALTIMES.COM]

Federal Agencies

DEPT OF ENERGY: Find Fuel During Disasters with Lantern Live App. This app crowdsources the ability to find fuel during an emergency through user-generated status reports of local gas stations. It also allows users to check for power outages in the area, and includes useful tips and guidelines for emergency situations. Read more[DIGITALGOV.GOV]

FAA: FAA’s Treatment Of Amazon Proves Congress Must Act Or Companies Will Take Drone Research Abroad. Amazon.com Inc, has begun utilizing outdoor testing facilities outside the United States and has told the FAA that America’s current regulatory environment will force the company to move more research and development abroad unless substantial progress is quickly made on efforts to integrate drones into the national airspace. Read more[FORBES.COM]

Federal Agencies

OPM: OPM plans new case management system to speed retirement processing. The Office of Personnel Management has shrunk its inventory of outstanding retirement claims from 23,544 in February to just over 14,000 cases at last count, said Kenneth Zawodny, associate director of retirement services at the agency. Although external factors have contributed to the backlog — including a flood of early retirements among U.S. Postal Service workers responding to a buyout offer — OPM is also hamstrung by a lack of automation, a struggle to connect legacy systems, and difficulty finding information on retirees who have moved across agencies and in and out of government during their careers. Read more[FCW.COM]

Federal Agencies

VETERANS AFFAIRS: Veterans and Service Members: Find Help to Tackle Debt, Scams and Fraud. Join Marietta, the editor in chief of the Consumer Action Handbook, and special guest Holly Petraeus, who leads the Consumer Financial Protection Bureau’s Office of Service Member Affairs, for a live Google Hangout where they will answer your most pressing questions about scams, fraud, debt collection and other consumer issues you might be facing. You’ll also learn about free help that’s available if you’ve been ripped off. Read more[USA.GOV]

US MINT: Interested in teaching kids about coins? Show them the U.S. Mint’s new video that follows the journey of how a coin is made. View now[USMINT.GOV]

Federal Agencies

INTERNET SALES TAX: A last-ditch push by about 30 Republicans to convince House Speaker John Boehner to allow lame-duck action on an online sales-tax measure failed Wednesday, but those attending the closed meeting said he is promising to revisit the issue early next year. Read more[CIOBRIEFING.COM]

COMMERCE: Looks like innovation support is in demand. What do you get when you take a $15 million Regional Innovation Strategies program and add 254 applicants requesting more than $100 million in support? You get a very busy Office of Innovation and Entrepreneurship and compelling evidence that this program is crucial. Read more[COMMERCE.GOV]

Federal Agencies

FTC: Approves Final Order in Case About Google Billing for Kids’ In-App Charges Without Parental Consent. Following a public comment period, the Federal Trade Commission has approved a final order resolving FTC allegations that Google, Inc., unfairly billed consumers for in-app charges incurred by children without their parents’ consent. Read more[FTC.GOV]

DOD: The Marine Corps is partnering with industry to adopt a BYOD solution that could also benefit other security-conscious sectors. Legal organizations and medical and financial institutions could also benefit from the investments. Read more[FEDTECHMAGAZINE.COM]

Federal Agencies

OMB & TREASURY: Agencies Under the Gun to Meet Data Transparency Deadlines. The Obama administration has six months to prove its implementation of a sweeping new data transparency law is on track. The Office of Management and Budget and the Treasury Department have until May 2015 to finish hammering out common standards for agencies to identify and track federal financial data as required by the Digital Accountability and and Transparency — or DATA — Act. Find out more[NETGOV.COM]

ENERGY: Power grid jobs are on the rise! See what types of jobs are out there. Read more[ENERGY.GOV]

Federal Agencies

FAA: New F.A.A. Report Tallies Drone Sightings, Highlighting Safety Issues. Sales of drones to civilians are taking off and so are safety concerns about the proliferation of the unmanned vehicles buzzing the skies. Now, the agency tasked with regulating airspace in the United States has released a tally of drone misbehavior this year –including near-misses with manned aircraft and more mundane stunts like orbiting the Hollywood sign. Read more[NYTIMES.COM]

NSA: Releases First in Series of Software Products to Open Source Community. The National Security Agency announced the public release of its new technology that automates data flows among multiple computer networks, even when data formats and protocols differ. The tool, called “Niagarafiles (Nifi),” could benefit the U.S. private sector in various ways. Read more[CTOVISION.COM]

IT - State & Local Governments

WILL COUNTY, ILLINOIS: BizTalk Server 2013 adds efficiencies in Will County, Illinois that enables the Sheriff’s Office to issue warrants and apprehend suspects in the same day. Read more[STATETECHMAGAZINE.COM]

STATE GOVERNMENT IT STUDY: $1 spent on state government tech saves $3.50. Researchers at three universities found that IT investments are making government more efficient, productive and transparent, leading to a reduction in state expenditures. Read more[COMPUTERWORLD.COM]

STATE GOVT IT MANAGEMENT: State and Local IT Pros Share 2015 Wish Lists. When asked what they wanted most in 2015, CIOs and CISOs Answers range from increased collaboration to wider adoption of cloud computing. Read more[STATETECHMAGAZINE.COM]

IT - State & Local Governments

CALIFORNIA CYBERSECURITY LAWS: California Strengthens Data Breach Notification Law Gov. Jerry Brown recently approved 13 privacy bills, including one that provides identity theft prevention services for affected consumers. Read more[STATETECHMAGAZINE.COM]

NEW YORK: Fighting Fires with Big Data. Public safety professionals and researchers refer to this evolving work as smart firefighting. The New York City Fire Department has become the poster child for smart firefighting and how the exploitation of Big Data can empower firefighters to perform their duties effectively and efficiently.Read more[STATETECHMAGAZINE.COM]

IT - State & Local Governments

NEW YORK: New York Cybersecurity Exams Will Be Tougher than FFIEC’s. New York regulator Benjamin Lawsky has confirmed expectations that his agency’s forthcoming cybersecurity examination process for state-chartered banks will be much tougher and more precise than federal regulators’ cyber assessments. Read more[AMERICANBANKER.COM]

DELAWARE: Delaware’s cyber-security website has been named the nation’s best. The state Department of Technology and Information site, digiknow.delaware.gov, won first place in the 2014 “BEST OF THE WEB” State Government Competition, Delaware Chief Information Officer James Collins announced Monday. This is the site’s third time in the last five years to win that top honor. Read more[DELAWAREONLINE.COM]

IT - State & Local Governments

STATE TECH BLOGS: 50 Must-Read State and Local IT Blogs 2014. You don’t have to search far for stellar blogs that cover state and local government IT. For the past two years, StateTech has compiled a list of the best blogs the web has to offer, and this year is no different. Read more[STATETECHMAGAZINE.COM]

NEW JERSEY: Library systems are expanding their digital offerings to provide qualified adults with online high school diploma programs career certificates. A new pilot program offered by the New Jersey State Library allows residents to earn an accredited high school diploma and career certificate online – for free. Read more[STATETECHMAGAZINE.COM]

IT Security | Cybersecurity

HINDSIGHT & A LOOK AHEAD AT 2015: Nobody was safe in 2014. In addition to large retailers, media companies and financial institutions, technology companies like eBay and Snapchat were hacked, too, and so were government organizations and healthcare institutions. Also this year, massive Internet infrastructure vulnerabilities were discovered, including Shellshock, Heartbleed and POODLE. Here are five of the most prominent cybersecurity market trends projected to define the sector in 2015. Read more[TECHCRUNCH.COM]

DATA PROTECTION: 8 tips to improve cyber security in the New Year. Some of the cyber incidents we dealt with in 2014 include malware infections, compromised servers, and ransomware, to name a few. More of the same can be expected in 2015. Read more[CSOONLINE.COM]

IT Security | Cybersecurity

NETWORKS: 10 Last Minute Cybersecurity Predictions for 2015. 1) Widespread impact from the cybersecurity skills shortage. 2) Expanding attack surface 3) Health care heartache. Read the rest[NETWORKWORLD.COM]

INTERNET: 6 aging protocols that could cripple the Internet. From BGP to SSL, several Internet protocols are no match for today’s malicious hackers — and should be replaced. Read more[COMPUTERWORLD.COM]

IT Security | Cybersecurity

NIST: CIOs who ignore the NIST Cybersecurity Framework do so at their own peril. On December 5, 2014, the National Institute of Standards and Technology (NIST, part of the Commerce Department) issued an update to its “Framework for Improving Critical Infrastructure Cybersecurity.” As defined by the Department of Homeland Security, critical infrastructure includes power plants, dams and defense facilities. DHS now also considers commercial facilities such as arenas, casinos, shopping malls and motion picture studios as critical infastructure too. Read more[BLOGS.WSJ.COM]

IT Security | Cybersecurity

PATCH NOW: NTP vulns remotely exploitable. Sploits in wild already. The network time protocol (NTP) is badly vulnerable (again). Time to get patching (again). Read more[COMPUTERWORLD.COM]

PRIVACY: Half of online Americans don’t know what a privacy policy is. Federal agencies are required by law to use privacy policies on their digital properties that explain how they use the data they collect about users and visitors. This ensures that these users and visitors know what the government is doing with their data. The problem, according to Pew Research, is that half of these users don’t know what a privacy policy is. Read more[DIGITALGOV.GOV]

IT Security | Cybersecurity

NETWORK SECURITY: Two-factor authentication oversight led to JPMorgan breach. The attackers stole an employee’s access credentials and used them to access a server that lacked a stronger authentication mechanism, report says. Read more[COMPUTERWORLD.COM]

WEBCAM HACKS: RATs (Remote Access Tools) are software that allow a third party to spy on a computer user from afar, whether rifling through messages and browsing activity, photographing the computer screen, or in many cases hijacking the webcam and taking photographs of whomever is on the other side. Are you safe? Read more[NEXTGOV.COM]

IT Security | Cybersecurity

MEDICAL DEVICES: NIST Cybersecurity Center Invites Feedback on Securing Medical Devices. Hospitals are increasingly using networked technology to improve the accuracy and efficiency of medical care by connecting medical devices to a central system. A networked infusion pump—a device used to convey fluids, drugs and nutrients into a patient’s bloodstream—can allow centralized control of the device’s programming as well as automated cross checks against pharmacy records and patient data to ensure the right dose of fluids or medication are delivered at the right time to the right patient. But these connected devices can introduce new risks in safety and security compared with stand-alone devices. To address the cybersecurity challenges of wireless infusion pumps, the National Cybersecurity Center of Excellence (NCCoE) is inviting comments on a draft project to secure those devices. The challenges include vulnerabilities to malware or hacking and access control. Read more[NIST.GOV]

IT Security | Cybersecurity

MALWARE IN WORDPRESS: Google blacklists 11,000 WordPress sites amid malware campaign. Google has blacklisted over 11,000 domains after a malware campaign, dubbed SoakSoak, compromised more than 100,000 websites using the WordPress content management system. The issue: use of Revolution Slider plugin. All versions below 4.2 are exploitable. Read more[ZDNET.COM]

LEGISLATION: Congress Ramps Up Cyber Legislation Activity: Four Bills Await President Obama’s Signature. Last week Congress hammered out details on four different cyber bills that are intended to help the country move forward with its cyber efforts. Ranging from information sharing, to workforce enhancement, to government cyber reorganization, the four bills represent arguably one of the most productive Congressional sessions in dealing with cyber issues. Read more[JDSUPRA.COM]

IT Security | Cybersecurity

MEDICAL: $150,000 HIPAA Settlement Following Breach of Unsecured PHI Due To Malware. The U.S. Department of Health and Human Services (HHS) Office of Civil Rights (OCR) announced on December 8, 2014 that a community behavioral health organization agreed to pay $150,000 and adopt a corrective action plan to settle potential violations related to the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Read more[ABOVETHELAW.COM]

MALWARE IN 2014: Here are the five most active malware packages that give attackers a huge ROI on a small investment. A common theme emerged with all of them. They achieved their aims through the recycling of code and by refining previously perfected attack methods. Across the entire group, these five malicious attacks reused 37 components. Read more[DARKREADING.COM]

IT Security | Cybersecurity

RANSOMWARE: The Future of Consumer Cybercrime. Experts think that ransomware will scale well in the Internet of things. It’s already targeting networked storage. Read more[THREATPOST.COM]

SECURITY TESTING: 37 Powerful Penetration Testing Tools For Every Penetration Tester. Even though companies realize they can’t make every system 100% secure, they are extremely interested to know exactly what kind of security issues they are dealing with. That’s where Pen-testing comes handy with its use of ethical hacking techniques. Read more[NIST.GOV]

NIST: Issues New Revision of Guide to Assessing Information Security Safeguards. The National Institute of Standards and Technology (NIST) has released the final version of the 2014 update to its core guide to assessing the security and privacy safeguards for federal information systems and organizations. Read more

[NIST.GOV]

IT Security | Cybersecurity

MOBILE: Android apps exploit permissions granted. One in three apps accesses location, and two in three track users’ identities, a study by CNIL and INRIA found. Read more[COMPUTERWORLD.COM]

FINANCIAL INSTITUTION SECURITY: What Banks Don’t Know About the Security Hazards of Cloud Computing. As bank executives continue to debate, hesitate and worry over the security issues related to using applications that connect to the cloud, their employees are using cloud-based apps by the hundreds — often without banks’ knowledge. Read more[AMERICANBANKER.COM]

2014 RECAP: 2014 in security: The biggest hacks, leaks, and data breaches. Hundreds of millions of records have been stolen this year through hacks and data breaches as a result of poor, or flawed security. Here are the most notable stories of the year. Read more

[ZDNET.COM]

IT Security | Cybersecurity

SURVEY: Computerworld’s 2015 Forecast Predicts Security, Cloud Computing And Analytics Will Lead IT Spending. IT decision makers’ spending on security technologies will increase 46% in 2015, with cloud computing increasing 42% and business analytics investments up 38%. Enterprise investments in storage will increase 36%, and for wireless & mobile, 35%. Read more[FORBES.COM]

FISMA: Reform Heading to the White House Congress Passes Two Cybersecurity Bills. For the first time in 12 years, Congress has passed and sent to the White House major cybersecurity legislation, including an update to the law that governs federal government information security. Read more[GOVINFOSECURITY.COM]

IT Security | Cybersecurity

E-COMMERCE: Alibaba security flaws exposed data on millions of users, analysts say. Two separate vulnerabilities, discovered by two different security analysts, exposed personal details such as names and shipping addresses and left merchants’ accounts open to easy attacks from hackers, who could have stolen financial information or hijacked merchant accounts. Read more[LATIMES.COM]

NEW CYBER SECURITY ASSESSMENT: New York DFS Announces New Cyber Security Assessment Process for Banks. New York’s Financial Services Superintendent Benjamin Lawsky issued an industry guidance letter to all New York Department of Financial Services (DFS)-regulated banks announcing the department’s new, targeted cyber security preparedness assessments. Read more[INSURANCEJOURNAL.COM]

IT Security | Cybersecurity

BIG DATA: How You Think About Big Data For Cyber Security–And What You’re Doing About It–May Not Agree. Read more[FORBES.COM]

TRENDS: 5 Information Security Trends That Will Dominate 2015. Cybercriminals are becoming more sophisticated and collaborative with every coming year. To combat the threat in 2015, information security professionals must understand these five trends. Read more[CIO.COM]

NEW CYBER SECURITY ASSESSMENT: New York DFS Announces New Cyber Security Assessment Process for Banks. New York’s Financial Services Superintendent Benjamin Lawsky issued an industry guidance letter to all New York Department of Financial Services (DFS)-regulated banks announcing the department’s new, targeted cyber security preparedness assessments. Read more[INSURANCEJOURNAL.COM]

IT Security | Cybersecurity

MALWARE: The FBI is warning companies that cyberattackers are launching destructive malware in the U.S., Reuters reports. The five-page “flash” warning comes in the wake of a crippling attack on Sony Pictures Entertainment last week, though the FBI would not say whether the Sony hack prompted the warning. The advisory cautioned that the malware “overrides data on hard drives of computers, which can make them inoperable and shut down networks,” Reuters reported. The hard drives could be impossible to recover. Read more[POLITICO.COM]

Application Development

BIG DATA: How Big Data, Business Intelligence and Analytics Are Fueling Mobile Application Development. You can’t separate successful mobile application development from either data or analytics. Consumers demand immediate insight into their “mobile moments” – exact points in time where context and real-time data fuels decision-making, prompts a buyer to purchase, and allows companies to present brand consistency across devices. Read more[FORBES.COM]

MOBILE: 2015 for the Mobile Developer – Things to know. The explosion of the mobile device market sees an urgent need to support both mobile applications and social applications together. The growth in the volume of the data and the speed of data has made it necessary for organizations to develop internal mobile applications. As per the predictions made in the Gartner report, the mobile AD (Application Development) projects on smartphones and tablets will surpass native PC projects by a ratio of 4:1. Read more

[TECH.CO]

Application Development

APIS: Are your applications API-ly working together? Today, more and more applications are designed as a set of capabilities or services that interact through APIs. The key to making applications work well together, is to insulate one application from changes in the other applications, or one service from changes in the other services. Read more[INFOWORLD.COM]

HOW-TO: Use Low-Code Platforms to Develop the Apps Customers Want. Low-code, rapid development platforms provide a way to incorporate user feedback into apps during development. This improves the turnaround time for consumer-facing applications while ensuring that projects don’t turn into white elephants. Read more[CIO.COM]

Application Development

SOFTWARE: 8 significant software releases of 2014. A look at the multitude of software releases in 2014, and the ones that made an impact. Many of these could continue to transform the tech industry into 2015 and beyond. Read more[COMPUTERWORLD.COM]

User Experience (UX)

APP DEVELOPMENT: Do users hate your app’s UX? Recent study indicates that if users hate your app, it’s probably more about the look and feel than it is about functionality. Read more[COMPUTERWORLD.COM]

M-COMMERCE: Traffic and sales data collected by IBM show that e-commerce sites had 288% higher conversion rates on desktop than on smartphones during Christmas 2014. Read more[NNGROUP.COM]

Tech Trends 2015

CLOUD: 9 key enterprise tech trends for 2015 and beyond. Enterprise tech is developing at breakneck speed. Here are the trends that will make an impact for years to come. Read more[INFOWORLD.COM]

GARTNER: Top 10 Strategic IT Trends For 2015. IT experts have identified what they believe to be the top-ten information technology trends for the year ahead. Strategic technology trends are defined as having potentially significant impact on organizations in the next three years. Here is a summary of the trends. Read more[FORBES.COM]

FYI: 6 tech trends for 2015 that will change our future. Breakthroughs from years ago are finally leading to real products and services today. Others are inching forward with the promise of big changes in 2015 and beyond. Read more[MASHABLE.COM]

Tech Trends 2015

PREDICTIONS: 6 technologies that will change PCs in 2015. Laptops and desktops will be interactive, get 3D depth-sensing cameras and be wire-free. Read more[COMPUTERWORLD.COM]

GARTNER: Top 10 Strategic IT Trends For 2015. IT experts have identified what they believe to be the top-ten information technology trends for the year ahead. Strategic technology trends are defined as having potentially significant impact on organizations in the next three years. Here is a summary of the trends. Read more[FORBES.COM]

FYI: 6 tech trends for 2015 that will change our future. Breakthroughs from years ago are finally leading to real products and services today. Others are inching forward with the promise of big changes in 2015 and beyond. Read more[MASHABLE.COM]

Tech Tools & Tutorials

HOW-TO: Clear history, cache, and cookies in Safari on iPhone or iPad. Read more[HOWTOGEEK.COM]

HARDWARE: Turn your PC into a touch-enabled PC. It’s easy to touch-enable your existing Windows PC, and to do so without breaking the bank! Here are a few recommendations, along with pros and cons for each method. Read more[ZDNET.COM]

MOBILE: How To Factory Reset Windows Phone. Read more[TECHAERIS.COM]

WEB SERVICES: RESTful Web Services: A Tutorial. As REST has become the default for most Web and mobile apps, it’s imperative to have the basics at your fingertips. Read more[DRDOBBS.COM]

Tech Tools & Tutorials

MICROSOFT SHAREPOINT: Users not happy over quiet SharePoint Online feature cut. Microsoft is phasing out certain SharePoint Online features, and Public Sites are rumored to be the next to go. But Microsoft’s not talking. Read more[ZDNET.COM]

GMAIL: Google now offers native document conversion within Gmail. Being able to convert files within an email removes a fussy step of viewing and further editing files for Gmail users. Gmail has long offered the ability to preview a file within Google Docs, but editing either required that the file be saved to Google Drive then reopened, or simply downloaded to the desktop and then opened in its original program. This is a particularly significant move given that many Office users have a Gmail account and use Office mostly offline. Read more[WINBETA.ORG]

Tech Tools & Tutorials

MOBILE BANK DEPOSITS: Some drawbacks in tapping the phone to deposit a check. Since the feature first became available five years ago, the ability to deposit a check with a few taps on a smartphone has become one of the most popular features of mobile banking. While the systems generally run smoothly, some possible drawbacks are becoming evident as use of the service grows. Find out more[NYTIMES.COM]

TECH Q & A: How to restore old versions of Word documents, export a Gmail address book, and manage your iPhone mail more efficiently with one hand. Find out more[NYTIMES.COM]

ABOUT US

Blue Mountain Data Systems Inc.

Blue Mountain Data Systems Inc. is dedicated to application and systems development, electronic document management, IT security support, and the automation of workflow processes.

Read more about our experience here:>> http://bluemt.com/experience

MANAGEMENT

Paul T. VeselyFounder, President, CEO and Principal Architect

Mr. Vesely is a recognized thought leader in systems architecture and delivery, having designed and delivered many enterprise wide information and document management solutions. Mr. Vesely’s history includes 33 years experience in the information systems industry, with Unisys, Grumman, PRC and a host of clients in both government and private sectors.

CONTACT US

Contact Us Today to Discuss Your Next IT Project

HEADQUARTERS

366 Victory DriveHerndon, VA 20170

PHONE 703-502-3416

FAX 703-745-9110

EMAIL

paul@bluemt.com

WEB

http://bluemt.com