Chief Information Officer and IT Managers Areas of Interest

Disaster Recovery Planning, Job Descriptions, Salary Survey, Business Continuity, ITSM, SOA, Compliance, SOX, and HIPAA

Chief Information Officer and IT Managers Areas of Interest - The CIO and IT management news feed is one that you can subscribe to and re-publish on your web site or blog. The only requirement that you need to meet is that the feed is included with no modifications and that the links within the feed are retained as is.

If you wish to subscribe to this news feed add the link below to your reader:

Janco RSS Newsfeed  Chief Information Officer News Feed


Free hacker tools make it easy to compromise weak passwords

CIO and IT Manager news articles

Security Manual defines compliant password rules

Janco finds that over 30% of all users use the same passwords for multiple sites.  With that knowledge in hand hackers can target individual users to find their favorite passwords and use that information to more easily compromise secure business and personal data. 

Security Policies Procedures

Some of the tools they have available are:

  • Custom Word List Generator - Spiders a site or users social network postings to  determine unique words in site or in an individual's profile.
  • RSMangle - Takes a word list and generates mangled combinations and manipulations of those words.
  • Assocaited Word List Generator - Generates word lists based on search terms for a particular site or user profile.
  • Common User Password Profiler - A word list generator based on answers to questions that users submit to various web sites.
  • Userpass.py - A script that generates customized word list for a specific target so that a search is launched to find users in a company and then search profiles in social networks to generate a common word list.

Read on Order Security Manual Template Download sample

- Free hacker tools make it easy to compromise weak passwords


Hiriing Overseas Remote Workers

Hiring is more difficult in today's IT Job Market

Hiring Overseas Remote WorkersOyster enables global hiring. It has entities in multiple countries that handle payroll, compliance, benefits, etc. In short, if I’m a U.S.-based employer Oyster takes care of all the compliance work and issues the paycheck, but that’s it. The remote worker can be either a full-time employee of the U.S. firm or contractor.

Cultural and management issues are their primary concerns. In addition, they are worried about inter team dynamics and communication. WFH is one thing for someone who knows our work culture, but a foreign national who does not know how and why we do something is a management nightmare waiting to happen. 

Order IT Hiring Kit  Download IT Hiring Kit TOC

- Hiriing Overseas Remote Workers


Blockchain Job Descriptions

Blockchain Job DescriptionAvailable for Immediate Download - Blockchain Job Descriptions

The major part of the blockchain and cryptocurrency jobs market remains to be focused on developers, and this continues to be the area of most demand. The "U.S Emerging Jobs Report" published by Linkedin shows that demand for blockchain developers has grown 33 times over the previous year.

The average salary for a blockchain developer was reported to be $127,000, according to Janco Associates, a consulting firm that conducts salary surveys.

Blockchain salary ranges

Order Manager Blockchain Architecture Job Description

- Blockchain Job Descriptions


IT Governance addresses top 10 security vulnerabilities

IT Governance addresses cloud processing security and compliance vulnerabilities

IT Governance Infrastructure HandiGuide by Janco addresses top 10 cloud security vulnerabilities.

  1. Data breaches
  2. Weak Security
  3. Non-Secure Interfaces & API
  4. OS vulnerabilities
  5. Account hijacking 
  6. Insider breach as System Administrator
  7. Parasitic code on server
  8. Data Destruction -
  9. Denial of service (DoS)
  10. Ransomware

Read On  Order IT Governance Infrastructure Strategy 

- IT Governance addresses top 10 security vulnerabilities


Employment Picture Continues to Improve

States with the Lowest Unemployment -- Full Employment States

In July there were 8 states at full employment (unemployment rates 3.5% or less) - Nebraska (2.3%), Utah (2.6%), South Dakota (2.9%), New Hampshire (2.9%), and Vermont (3.1%, Idaho (3.0%), Alabama (3.2%), and Oklahoma (3.5%).

Full Empployment States

Hiring is more difficult in today's IT Job Market

IT Pro's Hiring Kit - Includes latest IT Salary Data, Interview and Hiring Guide, and 312 Job Descriptions - In today's economy, nearly every organization faces pressure to have the right talent in place, run at peak efficiency and "do more with less". With the economy improvement and lowest unemployment numbers in several years, HR departments are pressured to get qualified professionals on board now.

Salary Survey Job Descriptions IT Job Families IT Hiring Kit Interview Guide

Order IT Hiring Kit  Download IT Hiring Kit TOC

- Employment Picture Continues to Improve


System Analyst Pay grades need to be fair and reflect market positions

System Analyst job class for pay gradesSystem Analyst Pay grades need to be fair and reflect market positions

Many organizations do not have a robust methodology for setting pay grades for high in demand positions. The IT Job Family Classification & Pay Grade System is shortcut created by Janco which has worked for many organizations.

The Professional Family has three (3) levels: Technologist (Level I), Supervisor (Level II), and Manager (Level III). Using that framework, we defined the System Analyst Class to include 5 specific job titles - System Analyst I (entry level ) though System Analyst V (Supervisor to Entry Level Manager). With some analysis Janco defined and created five detail job descriptions for those positions and applied them to the Professional Family.

Read On  Order Classification Pay Grade System  Download Selected Pages


- System Analyst Pay grades need to be fair and reflect market positions


FCC fines ISP $750,000

FCC fines ISP $750,000

he FCC's Enforcement Division found that at five conventions across the U.S., the Smart City network sent coded messages called de-authentication frames to devices connected to personal hotspots, such as those created by smartphones.

These messages were sent to Wi-Fi base stations to terminate connections. The FCC said that Smart City was trying to force users to pay its $80 daily fee for Internet connectivity.

"It is unacceptable for any company to charge consumers exorbitant fees to access the Internet while at the same time blocking them from using their own personal Wi-Fi hotspots to access the Internet," said the chief of the FCC's Enforcement Bureau.

Order Mobile computing policy bundleDownload Mobility Bundle Table of Contents
- FCC fines ISP $750,000


CIOs and Cybersecurity Awareness

WFH increases CIO cybersecurity awareness

Top 10 Best Practices "World Class" CIOs follow include:WFH Security Best Practices

  1. Scan Network for Layer Vulnerabilities .
  2. Isolate executables from critical system resources
  3. Implement and manage a Patch Management / Version Control Policy
  4. Maintain a configuration management process
  5. Monitor and prevent internet activity with known un-trusted networks
    and devices
  6. Regularly scan internal and external applications
  7. Control WiFi usage and look for employees venturing to other WiFi networks  
  8. Monitor web traffic and install application level firewalls
  9. Conduct penetration testing which is not to be confused with vulnerability scanning
    methods of attack that could be used to compromise your networks. 
  10. Manage identities in a customer environment provides peace of mind that access is granted as needed

Read on Order Security Manual Template

- CIOs and Cybersecurity Awareness


10 Step Security Implementation

Enterprise are challenged to meet compliance requirements for security as the number of threats increase

10 step security implementation process10 step security implementation process that Janco has utilized successfully in hundreds of organizations includes:

  1. Make security an executive directive
  2. Implement clear security guidelines
  3. Provide specifics for security compliance.
  4. Enforce that everyone follows the rules 
  5. Provide formal training program -
  6. Communicate Security
  7. Monitor security compliance 
  8. Establish security compliance metrics
  9. Provide security compliance feedback
  10. Audit security with a third party

Read on Order Security Manual Template Download sample

- 10 Step Security Implementation


Why move to the Cloud and Outsource

How to Guide for Cloud Processing and Outsourcing provides EVERYTHING that is needed to select a vendor, enter into an agreement, and manage the relationship

Move to Cloud and OutsourcingThe journey to the cloud for many organizations begins with a mandate to get out of the data center business. Focusing on the growth of the business and aiming to shed increasing infrastructure costs, the CIOs make the strategic decision to migrate to the cloud.

An aggressive timeline typcally are set to migrate systems to the cloud and shut down related servers and storage in the data center. There are many pitfalls and successes in this journey.  They can result in significant advantages to the organization with this move.

- Why move to the Cloud and Outsource