Chief Information Officer and IT Managers Areas of Interest

Disaster Recovery Planning, Job Descriptions, Salary Survey, Business Continuity, ITSM, SOA, Compliance, SOX, and HIPAA

Chief Information Officer and IT Managers Areas of Interest - The CIO and IT management news feed is one that you can subscribe to and re-publish on your web site or blog. The only requirement that you need to meet is that the feed is included with no modifications and that the links within the feed are retained as is.

If you wish to subscribe to this news feed add the link below to your reader:

Janco RSS Newsfeed  Chief Information Officer News Feed

IT Governance addresses top 10 security vulnerabilities

CIO and IT Manager news articles

IT Governance addresses cloud processing security and compliance vulnerabilities

IT Governance Infrastructure HandiGuide by Janco addresses top 10 cloud security vulnerabilities.

  1. Data breaches
  2. Weak Security
  3. Non-Secure Interfaces & API
  4. OS vulnerabilities
  5. Account hijacking 
  6. Insider breach as System Administrator
  7. Parasitic code on server
  8. Data Destruction -
  9. Denial of service (DoS)
  10. Ransomware

Read On  Order IT Governance Infrastructure Strategy 

- IT Governance addresses top 10 security vulnerabilities

Employment Picture Continues to Improve

States with the Lowest Unemployment -- Full Employment States

In July there were 8 states at full employment (unemployment rates 3.5% or less) - Nebraska (2.3%), Utah (2.6%), South Dakota (2.9%), New Hampshire (2.9%), and Vermont (3.1%, Idaho (3.0%), Alabama (3.2%), and Oklahoma (3.5%).

Full Empployment States

Hiring is more difficult in today's IT Job Market

IT Pro's Hiring Kit - Includes latest IT Salary Data, Interview and Hiring Guide, and 312 Job Descriptions - In today's economy, nearly every organization faces pressure to have the right talent in place, run at peak efficiency and "do more with less". With the economy improvement and lowest unemployment numbers in several years, HR departments are pressured to get qualified professionals on board now.

Salary Survey Job Descriptions IT Job Families IT Hiring Kit Interview Guide

Order IT Hiring Kit  Download IT Hiring Kit TOC

- Employment Picture Continues to Improve

System Analyst Pay grades need to be fair and reflect market positions

System Analyst job class for pay gradesSystem Analyst Pay grades need to be fair and reflect market positions

Many organizations do not have a robust methodology for setting pay grades for high in demand positions. The IT Job Family Classification & Pay Grade System is shortcut created by Janco which has worked for many organizations.

The Professional Family has three (3) levels: Technologist (Level I), Supervisor (Level II), and Manager (Level III). Using that framework, we defined the System Analyst Class to include 5 specific job titles - System Analyst I (entry level ) though System Analyst V (Supervisor to Entry Level Manager). With some analysis Janco defined and created five detail job descriptions for those positions and applied them to the Professional Family.

Read On  Order Classification Pay Grade System  Download Selected Pages

- System Analyst Pay grades need to be fair and reflect market positions

FCC fines ISP $750,000

FCC fines ISP $750,000

he FCC's Enforcement Division found that at five conventions across the U.S., the Smart City network sent coded messages called de-authentication frames to devices connected to personal hotspots, such as those created by smartphones.

These messages were sent to Wi-Fi base stations to terminate connections. The FCC said that Smart City was trying to force users to pay its $80 daily fee for Internet connectivity.

"It is unacceptable for any company to charge consumers exorbitant fees to access the Internet while at the same time blocking them from using their own personal Wi-Fi hotspots to access the Internet," said the chief of the FCC's Enforcement Bureau.

Order Mobile computing policy bundleDownload Mobility Bundle Table of Contents
- FCC fines ISP $750,000

CIOs and Cybersecurity Awareness

WFH increases CIO cybersecurity awareness

Top 10 Best Practices "World Class" CIOs follow include:WFH Security Best Practices

  1. Scan Network for Layer Vulnerabilities .
  2. Isolate executables from critical system resources
  3. Implement and manage a Patch Management / Version Control Policy
  4. Maintain a configuration management process
  5. Monitor and prevent internet activity with known un-trusted networks
    and devices
  6. Regularly scan internal and external applications
  7. Control WiFi usage and look for employees venturing to other WiFi networks  
  8. Monitor web traffic and install application level firewalls
  9. Conduct penetration testing which is not to be confused with vulnerability scanning
    methods of attack that could be used to compromise your networks. 
  10. Manage identities in a customer environment provides peace of mind that access is granted as needed

Read on Order Security Manual Template

- CIOs and Cybersecurity Awareness

10 Step Security Implementation

Enterprise are challenged to meet compliance requirements for security as the number of threats increase

10 step security implementation process10 step security implementation process that Janco has utilized successfully in hundreds of organizations includes:

  1. Make security an executive directive
  2. Implement clear security guidelines
  3. Provide specifics for security compliance.
  4. Enforce that everyone follows the rules 
  5. Provide formal training program -
  6. Communicate Security
  7. Monitor security compliance 
  8. Establish security compliance metrics
  9. Provide security compliance feedback
  10. Audit security with a third party

Read on Order Security Manual Template Download sample

- 10 Step Security Implementation

Free hacker tools make it easy to compromise weak passwords

Security Manual defines compliant password rules

Janco finds that over 30% of all users use the same passwords for multiple sites.  With that knowledge in hand hackers can target individual users to find their favorite passwords and use that information to more easily compromise secure business and personal data. 

Security Policies Procedures

Some of the tools they have available are:

  • Custom Word List Generator - Spiders a site or users social network postings to  determine unique words in site or in an individual's profile.
  • RSMangle - Takes a word list and generates mangled combinations and manipulations of those words.
  • Assocaited Word List Generator - Generates word lists based on search terms for a particular site or user profile.
  • Common User Password Profiler - A word list generator based on answers to questions that users submit to various web sites.
  • Userpass.py - A script that generates customized word list for a specific target so that a search is launched to find users in a company and then search profiles in social networks to generate a common word list.

Read on Order Security Manual Template Download sample

- Free hacker tools make it easy to compromise weak passwords

Why move to the Cloud and Outsource

How to Guide for Cloud Processing and Outsourcing provides EVERYTHING that is needed to select a vendor, enter into an agreement, and manage the relationship

Move to Cloud and OutsourcingThe journey to the cloud for many organizations begins with a mandate to get out of the data center business. Focusing on the growth of the business and aiming to shed increasing infrastructure costs, the CIOs make the strategic decision to migrate to the cloud.

An aggressive timeline typcally are set to migrate systems to the cloud and shut down related servers and storage in the data center. There are many pitfalls and successes in this journey.  They can result in significant advantages to the organization with this move.

- Why move to the Cloud and Outsource

Internet And PC Workstation Policies And Procedures

Internet and PC Workstation Policies & Procedures HandiGuide

Internet and PC Workstation Policies & ProceduresInternet and PC Workstation Policies & Procedures HandiGuide - Over 85% pf all employees uses a PC in their day to day work. Policies and procedures need to be put in place so that all mandated compliance requiremnts are met.

all of the materials included in this offering have been updated and are included in the IT Governance Infrastructure. This product is obsolete and no longer sold.

Read On  Order IT Governance Infrastructure Strategy  Download Selected Pages

- Internet And PC Workstation Policies And Procedures

40 million user records for sale

40 million user records for sale as hackers breach one application

Data Protection Priorities Key on Compliance - Data protection priorities are impacted by various factors. Janco has identified seven of the ones that drive security policies and procedures.

Security breaches on the rise

Order Security Manual Template Download Sample

- 40 million user records for sale