CIO - Productivity Kit
IT and Internet Job Descriptions -- Disaster Recovery Template -- IT Service Management Template -- Sensitive Information Policy -- Salary Survey -- Security Template
The CIO productivity kit Standard edition contains
- 273 job descriptions in MS WORD .docx format
- Current IT Salary Survey for US and Canada (by city) PDF
- IT Infrastructure, Strategy, and Charter Template in MS WORD .docx format
- Disaster Recovery Template which is Sarbanes Oxley compliant in MS WORD .docx format
- Security Template which is Sarbanes Oxley and ISO 27000 compliant in MS WORD .docx format
- IT Service Management Template (Change Management, Help Desk, and Service Requests) in MS WORD .docx format
- Sensitive Information Policy (Protect Credit Card Card and Personal Information) in MS WORD .docx format
The CIO productivity kit Metric edition contains
- Practical Guide for Cloud Outsourcing in MS WORD .docx format
- Metrics for Internet and IT (metric kit) in MS WORD .docx format
- Service Level Policy Agreement Policy Template (metric kit) in MS WORD .docx format
Disaster Recovery Template (DRP)
The Disaster Recovery Plan template (DRP) can be used for any enterprise. DRP Template is sent to you via e-mail in WORD and/or PDF format. Included is a Business Impact Questionnaire as well as a full Job Description for theDisaster Recovery Manager
The plan is 178 pages and includes everything needed to customize the Internet and Information Technology Security Manual to fit your specific requirement. The electronic document includes proven written text and examples for your security plan.
The Internet and IT Position Descriptions are in Word for Windows format (.docx). Includes positions from CIO and CTO to Wireless and Metrics Managers. All of the positions in the book have been created to reflect the technology world of today.
The Metrics for the Internet and Information Technology HandiGuide® is over 320 pages, defines 540 objective metrics, and contains 83 metric reports that show over 240 objective metrics.
The Service Level Agreement Policy Template is a nine page policy for a single application, It defines specific SLAs and metrics that are both internally and externally focused. The sample contain over 70 possible metrics presented graphically in PDF format.
IT Salary Survey
The Janco Associates, Inc. survey draws on data collected throughout the year (data as of January 2011) by extensive internet-based and completed survey forms sent to businesses throughout the United States and Canada. Our database contains over 85,000 data points.
CIO - CTO - CSO News
Over 1/3 of IT pros do work from homeJune 24th, 2016
Over 1/3 of IT pros do work from home
38 percent of workers in management, business, and financial operationsmore info
occupations, and 35 percent of those employed in professional and related occupations,did some or all of their work from home on days they worked, according to the U.S. Bureau of Labor Statistics. Workers employed in other occupations were less likely to work from home on days they worked.
Importance of infrastructure policies and a focused security program is criticalJune 17th, 2016
The digital landscape today is now open to increased cyber-attacks. The increase in frequency of attacks need a well-developed set of infrastructure procedures and a focused security program. IT pros need a focused awareness to bolster their security policies and practices as the foundational structure of an overall risk-management strategy.
Cyber-attacks cannot be prevented but with concentrated awareness and efforts, organizations can arm their customers, partners, and employees with safeguard measures require focused awareness to bolster their security policies and practices as the foundational structure of an overall risk-management strategy. Cyber-attacks cannot be prevented but with concentrated awareness and efforts, organizations can arm their customers, partners, and employees with safeguard measures.more info
Microsoft’s browsers are getting ready to bite the dustJune 1st, 2016
Microsofts browsers are getting ready to bite the dust
Back in November 2015, IE accounted for more than half of the global browser user share. Currently, IE and Edge combined to account for 38.7% of the global user share.
In the last six months alone, IE -- a bucket into which Net Applications also throws in Windows 10's Edge -- has lost 11.4 percentage points, an unprecedented decline for any browser at any point in the last 11 years.more info
Cost of security breaches escilatesMay 26th, 2016
Cost of security breaches escalates
The top 10 drivers of security shortcomings include:
- Insufficient funding for security
- Lack of commitment by senior executive management
- Lack of leadership in the security arena by the CIO
- Belief that the organization will not be targeted
- Lack of internal resources who are "security" experts
- Lack of an effective IT security strategy
- Lack of an action plan on how to implement a solution before an event
- Infrastructure for IT that does not easily lend itself to security implementation including complex and disjointed applications and data
- No central focus with the enterprise that focuses on security
- Lack of a good termination policy for employees and contractors
Privacy lost with new audio fingerprint trackingMay 20th, 2016
It no longer is just the NSA, now some websites using audio fingerprinting for identifying and monitoring web users. A number of sites use the AudioContext API to identify an audio signal that reveals a unique browser and device combination.
The method doesn't require access to a device's microphone, but rather relies on the way a signal is processed. The researchers, Using the AudioContext API to fingerprint does not collect sound played or recorded by your machine. An AudioContext fingerprint is a property of your machine's audio stack itself.more info
In addition, researchers have found 715 of the top one million websites are using WebRTC to discover the local IP address of users. Most of these are third-party trackers.
WYOD a top concern of C-Level executivesMay 2nd, 2016
WYOD a top concern of C-Level executives
Anyone can purchase a wearable device. If there is an open wi-fi connection that the device can map to sensitive personal and enterprise infromation is at risk.
Rules and policies need to be put in place to mitigate this risk. The question is where to start. Janco has answered that in its wearable device policy template. It includes robust rules on wearable devices. In addition, it provides a specifice road map to be followed when developing a strategy on how to deal with this new potential threat.
Wearable Device Policy - It is 17 pages in length. It contains everything that an enterprise needs to implement a functioning and compliant Wearable Devices device and use process. Included are forms defining the mobile device environment.
- more info
Record Management, Retention, and Destruction PolicyApril 28th, 2016
The volume of documents within organization is exploding, managing these documents is a real and pressing challenge. If your organization is like many others, paper documents, emails, faxes, PDFs, CAD and other office documents are left unmanaged and stored in filing cabinets, on file servers or on desktop PCs around the office. This exposes your organization to compliance risks, service delays, cost overruns and a host of other challenges.
Today, software solutions are available that combine document and records management capabilities into a single, complete offering. These solutions enable you to reduce the time, cost and complexity of storing and accessing your documents throughout the information lifecycle. They also give you the power to improve access to critical documents, enhance customer service and operational efficiency - all while reducing risks and addressing compliance demands.- more info
Contract terms for outsource agreemeentsApril 8th, 2016
Specific contractual provisions to minimize cyber risk in outsourcing contracts are:
- Setting security standards for the vendor;
- Restricting on subcontracting;
- Employee related protections, such as background checks and training;
- Security testing;
- Security audits;
- Security incident reporting and investigation;
- Data retention and use restrictions;
- Customer data access rights; and
- Vendor liability for cyber incidents.
Ten tips to protect your sensitive personal informationMarch 30th, 2016
- Monitor credit reports
- Never provide personal information over public Wi-Fi
- Protect your password
- Don't use the same password on all accounts
- Never store passwords on your computer
- Watch out for phishing emails
- If you do receive a suspicious-sounding email, contact your service provider directly
- Take physical precautions
- Shred bills, credit offers, and expired credit cards
- Layer your cybersecurity
Credit card chip usage expandingMarch 23rd, 2016
Credit card chip usage expanding
Credit card chip usage improves the security landscape. Some key facts that you need to understand are:
- Credit card chips reduce counterfeit card fraud: Countries that have been using chip cards for many years have seen significant reductions in counterfeit card fraud. In the UK, for example, counterfeit card losses have been reduced by 70%.
- An increased number of chip cards in consumers' possession: over 400 million chip cards have been issued in the U.S. as of the end of 2015.
- Majority of all retail outlets now accept chip cards: almost 90% of all travel, entertainment, and high cost retail operations accepts chip cards
Things that physical credit card sites need to do to minimize transaction costs are:
- Swipe and insert: Always make sure to swipe or insert cards whenever possible. Manually keying in card information can cause a higher interchange rate for the transaction.
- Daily settlement: Settle transactions each day. If you routinely settle transactions more than 24 hours after they are authorized.
- Get accurate customer information: For online transactions validate customers' billing and address information is entered correctly.