State unemployment numbers mask correct unemployment rate

State unemployment numbers mask correct unemployment rate

State unemployment numbers mask correct unemployment rate as they do not adjust for the number of individuals who have dropped out of the labor market.

State unemployment
State unemployment number do not reflect the number of people who have dropped out of the labor market.

In May 2016 there were 8 states with an unemployment rate of over 6% versus 7 in February 2016 with over 6% Unemployment. Alabama and Illinois have unemployment go up in the past 12 months as opposed to the other 4 states where unemployment levels have improved.

Order Salary SurveyDownload Selected PagesDownload Selected Pages

South Dakota and New Hampshire had the lowest jobless rates in May, 2.5 percent and 2.7 percent, respectively. The rate in Arkansas (3.8 percent) set a new series low. Alaska had the highest unemployment rate, 6.7 percent. In total, 16 states had unemployment rates significantly lower than the U.S. figure of 4.7 percent, 15 states and the District of Columbia had higher rates, and 19 states had rates that were not appreciably different from that of the nation.

Job Market grim for Information Technology professionals

 Job Market grim for Information Technology professionals

Job Market grim for Information Technology professionals as it is leading the way to fewer prospects for new jobs being created.  Just last month there were eight (8) states with unemployment rates in excess of 6%.  That along with the loss of 27,700 jobs makes many wonder if we are facing a possibility of a new recession.

US job market grim
8 states have unemployment in excess of 6% and that is with 94 million individuals who have have dropped out of the labor market making the true unemployment number closer to 13% – depression era levels,
 Job Market grim for Information Technology professionals
IT job market grim – Janco may revise its forecast for the IT job market to shrink if this trend continues.

Job Market grim for Information Technology professionals as 2016 fall behind 2015 in creating new IT jobs

IT Job Market growth is 57,300 worse in 2016 than 2015 as of May
If the loss of jobs continues at this rate all of the recovery achieved in the IT job market over the past several quarters could be lost.
Order Salary SurveyDownload Selected PagesDownload Selected Pages

IT Job Market Shrinks

Job Market Shrinks for IT Pros

IT Job market shrinks in May.  Approximately 27,700 jobs disappeared, with most of those jobs being related to telecommunications.

IT job market shrinks
IT jobs disappear – with 37,200 in the Telecommunications field

That along with a comparison with the number of IT jobs created in 2015 paints a fairly bleak picture.

IT job market growth slower than prior year
IT job creation fall behind 2015 levels – 57,300 fewer new jobs this year than last

There is an acceleration in the rate of slowdown in the IT Job Market. If this continues, as we think it will, there is a probability that there could potentially be a net decrease in the size of the IT Job Market in 2016. Janco has already lowered our best case forecast for net new IT jobs for the balance of this year and have reduced our prior forecast of 87,700 to 40,300.

This is the worst employment market in the past 15 years. Given that is the case why are H-1B visas continuing to be issued for IT professionals?

Foreign Assignments

Foreign Assignments Considerations

Foreign Assignments – Taking an overseas assignment can be a great career boost. There are some major issues that you need to consider.

Download Selected Pages

Taxes

The US is the only country in the world that taxes their citizens on their WORLDWIDE income. So even though you may earn every penny in other country on your local contract, the US wants to tax you for it. Fortunately there is a “foreign earned income tax” exclusion that you can apply for that will prevent the US from taxing you for the first $80,000 but above that value you will be taxed by both countries.

Keep a US address – find someone in your family who you can have all of your mail forwarded to and whose address you can use on your US tax forms.

Foreign Banking

The US requires that if you have a foreign bank account every year you must file a form with the Treasury Department to list all the foreign bank account numbers you own. Foreign branches of banks do not talk to their branches in the US. For all intents and purposes, they are totally different banks. You can wire money back and forth between your accounts (with associated fees), however it is easier to live with the separate accounts.

Moving

Have your movers come and estimate the volume of your household goods and then you get a feel for how much will fit in a new “smaller” place.

If you plan on coming back to the US, might leave any valuable goods (antiques, paintings, etc) with your family. Boats have been known to sink; containers have fallen off ships in bad weather, and while these items are insured, they could be lost forever.

Leave most of your electronics in the US. Your TV, stereo, microwave, washer/dryer, blender, even alarm clock, hair dryers, and telephones will not work on the power in many foreign countries.  The one exception is a DVD player – note your US DVDs will not work on an foreign DVD player as your DVDs are coded for the US.

Your goods will take 6-8 weeks to come from the US by boat – so be sure to negotiate into your contract that they put you into temporary housing or a hotel until your goods arrive and provide you with a car. I

Car and Driving

It is not cost effective to ship a car. Sell your car and buy a new one in your new country.

The US does not use the “international road signs” so you can find these on the Internet and study them before you arrive. Try to get your hands on an foreign countries’ driving manual before you arrive as the rules of the road are different in almost every country.

Bureaucracy

Getting a work permit, temporary resident’s visa, your driver’s license, and local ID in foreign country is a paperwork frenzy. Get as many of your personal documents together and organized up front (birth certificate, passport, immunizations, etc).

Networking

When you arrive in the foreign country typically you know virtually nobody. It is critical that you find a group of people soon after arriving. Type “Americans (country name)” into Goggle and find some local groups. These groups help you to meet other Americans who are in my exact same situation and who have already crossed the hurdles that you are just going over. These clubs often have “Newcomer” events that will welcome you to the area or subgroups (e.g. American Rotary, Mothers of Young Children, Retirees, Working Women’s Group, etc) that will help you almost immediately find other Americans in similar situations to yours.

Paperwork

Have a power of attorney and a will before you leave the US. Have an the attorney look into what could be done to make these documents legally recognizable in the foreign country.

Renting your Home in the US

You should find a fantastic property management company that does background checks (criminal) and credit checks on potential renters. Also, get the highest end rental insurance and fire insurance you can buy with replacement cost adjusted for inflation.

For a more complete presentation of these considerations go to http://goo.gl/8L4ICw.

10 best practices electronic meetings

10 best practices electronic meetings

10 best practices electronic meetings
Travel Off-Site Meeting Policy

10 best practices electronic meetings have been identified by Janco Associates, Inc.  They are:

  1. Have an agenda that is available to all attendees before the meeting
  2. Have a process to validate that the devices in use by users will work with the electronic meeting application
  3. Test the meeting technology with all attendees well in advance of the meeting
  4. Have a specific start time
  5. Be aware of time zones that meeting attendees will be in
  6. Have a dress code including background for meeting attendees to follow
  7. Send electronic invitation which require a confirmation and put the meeting in the electronic calendars of all attendees
  8. Have a common secure location where share documents are available to all attendees
  9. Record the meeting and comments for others to review if they are not able to attend
  10. After the meeting send a summary of the meeting including next steps, tasks assigned, and when the next follow-up meeting will take place.

Order PolicyDownload Selected Pages

CIOs investment in Infrastructure is on the rise

CIOs investment in Infrastructure is on the rise

CIOs investment in infrastructure is going up despite ongoing economic uncertainties.  They are investing in IT to improve operations, reduce costs, and enable strategies. IT budgets, hiring, and salaries are increasing slightly (see http://www.e-janco.com/Salary.htm) and CIOs are cautiously optimistic that this trend will continue into next year.

CIOs five (5) concerns are:

  1. Alignment of IT with the Business
  2. Security and Privacy
  3. Business Agility and Flexibility
  4. Business Productivity
  5. IT Time-to-Market / Speed of Delivery

CIOs five (5) largest IT investments are:

  • Big Data and Business Intelligence
  • Data Center Infrastructure
  • Enterprise Resource Planning
  • Application Software Development
  • Cloud Computing

CIO IT Infrastructure Policy Bundle (more info…) All of the policies below are included as individual MS Word files and a single PDF file. Electronic forms are all individual documents that are easily modifiable

  • Backup and Backup Retention Policy (more info…)
  • Blog and Personal Web Site Policy (more info…) Includes electronic Blog Compliance Agreement Form
  • BYOD Policy Template (more info…) Includes electronic BYOD Access and Use Agreement Form
  • Google Glass Policy Template (more info…) Includes electronic Google Glass Access and Use Agreement Form
  • Incident Communication Plan Policy (more info…) Updated to include social networks as a communication path
  • Internet, e-Mail, Social Networking, Mobile Device, Electronic Communications, and Record Retention Policy (more info…) Includes 5 electronic forms to aid in the quick deployment of this policy
  • Mobile Device Access and Use Policy (more info…)
  • Patch Management Policy (more info…)
  • Outsourcing and Cloud Based File Sharing Policy (more info…)
  • Physical and Virtual Security Policy (more info…)
  • Record Management, Retention, and Destruction Policy (more info…)
  • Sensitive Information Policy (more info…) HIPAA Compliant and includes electronic Sensitive Information Policy Compliance Agreement Form
  • Service Level Agreement (SLA) Policy Template with Metrics (more info…)
  • Social Networking Policy (more info…) Includes electronic form
  • Telecommuting Policy (more info…) Includes 3 electronic forms to help to effectively manage work at home staff
  • Text Messaging Sensitive and Confidential Information (more Info…)
  • Travel and Off-Site Meeting Policy (more info…)
  • IT Infrastructure Electronic Forms (more info…)

IT Infrastructure PoliciesDownload Selected Pages

10 best practices to retain millennials

10 best practices retain millennials

10 best practices retain millennials can be applied easily and favorable results will be seen quickly.

10 best practices retain millennials
10 best practices retain millennials
  1. Implement a mentoring programs – utilize social media to communicate frequently followed up with face to face time.
  2. Rotate work assignments to provide millennials with a broader range of exposure to the enterprise what is in store for them in the future
  3. Provide millennials with a flexible feed-back loop process so you know what their state of mind is. Minimize the chances for “unhappy” employees
  4. Give them time to develop their skills and career opportunities
  5. Encourage on-going education but technical and managerial.
  6. Define clear and achievable performance metrics so both you and they know what is expected
  7. Minimize stress and provide training to millennials on how to deal with stress.
  8. Balance work and personal time. Avoid situations where the 50-hour week is the norm
  9. Implement an open door policy and have managers, even the CIO, interact with all levels of employees. Manage by walking around and getting a feel for how everyone is doing.
  10. Provide opportunities for millennials to provide ideas and when one is implemented sound the praises of the employee.

Download Selected Pages

 

H-1B program adversely impacts IT pros

H-1B program adversely impacts IT pros

The H-1B program is adversely impacting IT pros and the US job market as a whole.  The idea of the program was to make easier to attract talented individuals to work in the US.  It has now gotten to the point that it is just like manufacturing that the US has lost by encouraging companies to do it for “less”.

Companies like Tata (from India) are hiring workers at low wages from third world countries, moving them to the US so that US workers can train them, and ultimately be displaced via off-shoring or outsourcing.

The latest data from the Department of Labor shows that over 75% off all jobs foreign workers are getting visas for are in what they call the IT occupation.

 

h-1b program IT job families 75% plus of the visa jobs
h-1b program IT job families

Looking at the data, in 2015 only 112,000 new IT jobs were created.  At the same time the over 400,000 visa applications were filed by corporations for foreign workers.  There is something wrong with this picture as all of these jobs are high paying ones and the foreign workers are taking these jobs a wages that are lower than domestic IT workers would be paid.

Growth in IT Job Market – near zero

Growth in IT Job Market – near zero

Growth in IT Job Market has come to a standstill. For the first four month of this year.  Each month this year the IT job market has not grown at all as compared to 2015.

IT job market growth slows to a 5-year low
Growth in IT Job Market

There are some new IT jobs that are continuing to be created.  However the number of this new jobs is small at best.

The CEO of Janco was quoted as saying, “There is an acceleration in the rate of slowdown in the IT Job Market.  If this continues, as we think it will, there is a probability that there could potentially be a net decrease in the size of the IT Job Market in 2016.  We will only be able to get visibility of that when we see one or two months of new data. However, we have already lowered our best case forecast for net new IT jobs for the balance of this year.”   He added, “Many companies are cutting back significantly on contractors and consultants.  That trend will continue until at least the 3rd quarter of this year.”

Order Salary SurveyDownload Selected Pages

Top 10 Technology Travel Tips – International

Top 10 Technology Travel Tips – International

Travel, Electronic, and Off-Site Meeting Policy
Top 10 Travel Tips

Top 10 Technology Travel Tips – When people traveling, especially internationally, not only is technology at risk but also sensitive personal and work information.  Below are 10 tips taken from Janco’s Travel, Electronic, and Off-Site Meeting Policy.

  1. If it’s not necessary, don’t travel with a computer or tablet.
  2. Whenever possible, arrange to use loaner laptops and handheld devices while traveling.
  3. If you are bringing a laptop with you, make sure you have the proper plug adapter.
  4. Install a host-based firewall, and configure it to deny all inbound connections.
  5. Disable file, printer sharing, and Bluetooth. Apply full disk encryption, picking a long, complex password
  6. Update all software immediately before travel.
  7. Always clear out browser cache before you leave.
  8. Backup your computer
  9. If you are bringing private data, not on a computer, copy the data onto an encrypted USB memory device
  10. Change the password for your accounts email, Gmail, Facebook, etc.
    1. Utilize complex passwords – Assume the workstation or medium will be lost or stolen.
    2. Memorize the password, or keep it in a secure location on your person.
    3. Password protect the login, and require the password after screen-saver.
    4. NEVER set browser to remember passwords.

Order Policy Download Selected Pages

SEnuke definition of poor service management

SEnuke definition of poor service management

SEnuke an adventure into poor service management.  We have  just spent a week of our lives working to get SEnuke – an SEO google search tool to work and have been frustrated beyond belief.

They came out with a new version that looked like the best thing since sliced bread.  Here are the problems that we encountered.

  1. Day 1 when when they launched the site was “down” in that you could not download the program.  The page said try back in 30 minutes.  It took a full day to get the download to work.
  2. When it installed, it did not uninstall the older version but left traces of it on so that “mysteriously” over the next week at times the older version executed confusing the heck out of me.
  3. The marketing material said that Captcha was included – however the SEnuke Captcha did not work for the better part of a week so that I had to purchase a service for that.
  4. When tried  purchasing Captcha, all of the listed companies did not work.  Links were to sites that were disable or not there.  In addition each of the sites had their own userids and passwords.  By the time that I was done shopping I have over 7 sets of them.
  5. The application was to create links and URLs.  It did not do that.  The help, which was via a blog forum, after two days told me I had to get the update.
  6. I got the update.  However, it could not be installed because it was classified as an UNSAFE publisher.  The certificate they had from GODADDY.com had been REVOKED.
  7. When I posted on the SEnuke forum the response I got was that I had to put an exclusion in my Norton.   I had already done that and even turned off Norton, but it still did not install.
  8. I posted that we would PAY for support to get it to work.  No response from them.

Considering they want close to $150 a month for their product it is not worth it.  Finally after almost a week of effort I cancelled the service and created this review of the product.

10 Steps to Implement Cloud SaaS

10 Steps to Implement Cloud SaaS

10 Steps to Implements Cloud SaaS
10 Steps to Implements Cloud SaaS

10 steps to implement cloud SaaS – As more CIO and other C-Level executives look have Software as a Service (SaaS) for interaction with their users, customers, suppliers, and markets there are some best practices that they should follow.

  1. Cloud How To Guide

    Evaluate the current capabilities of their IT infrastructure and application portfolio. Included in that an assessment of the competition and the state of opposing competitive solutions.

  2. Develop a roadmap with priorities for SaaS/cloud deployment. Establish who the drivers and owners of the SaaS process are.
  3. Establish clear governance that considers key stakeholders for cloud deployments. Include budgetary responsibility as well as for achieving stated goals.
  4. Develop metrics for performance and for measuring success in meeting cost and other deployment goals. Include a process for dissemination of the results in a timely manner
  5. Adopt vendor management practices to monitor SLA performance and define responsibilities.
  6. Provide active project management to keep implementation on time and on budget. Steering committees and SDM (System Development Methodology) need to be included in the mix.
  7. Plan for ongoing support, acquiring or training resources for the necessary skills, and address skills gaps. Budgets and associates service levels need to be defined before the SaaS development begins.
  8. Regularly evaluate performance and goals/metrics to ensure they are being met. Utilize every form of communication possible so the enterprise as a whole knows what the state of the SaaS activity is.
  9. Audit compliance with security and other standards and practices and privacy policies. Build compliance into the SaaS process.
  10. Ask suppliers to provide specific data and experience with cloud-to-cloud integration and performance.
Order Cloud Outsourcing Template  Download Selected Pages

10 Security Assessment Questions

10 Security Assessment Questions

Security Assessment and Compliance Management
Security Assessment and Compliance Management

Security Assessment Questions

  1. To stop a breach tomorrow, what does the enterprise need to differently today?
  2. Does the enterprise know if the company has been breached? How does it know?
  3. What assets are being protecting, what are they being protected from (i.e., theft, destruction, compromise), and who are they being protected them from (i.e. cybercriminals or insiders)?
  4. What risks does the enterprise face if it is breached (i.e., financial loss, reputation, regulatory fines, loss of competitive advantage)?
  5. Does the enterprise’s IT security implementation match the enterprise’s business-centric security policies?
  6. Are formal written policies, technical controls or both in place? Are they being followed?
  7. What is the enterprise’s security strategy for IoT?
  8. What is the enterprise’s security strategy for BYOD and “anywhere, anytime, any device” mobility?
  9. Does the enterprise have an incident response plan in place?
  10. What is the enterprise’s remediation process? Can the enterprise recover lost data and prevent a similar attack from happening again?

Security Compliance – Comprehensive, Detailed and Customizable for Your Business

The Security Compliance Policy and Audit Program bundle provides all the essential sections of a complete security manual and walks you through the creation of each step. Detailed language addressing more than a dozen security topics is included in 220 plus page Microsoft Word document, which you can modify as much or as little as you need to fit your business requirements. The template includes sections on critical topics like:

  • Risk analysis – Threat and Vulnerability Assessment via Electronic Forms
  • Staff member roles
  • Physical security
  • Electronic Communication (email / SmartPhones)
  • Blogs and Personal Web Sites
  • Facility design, construction and operations
  • Media and documentation
  • Data and software security
  • Network security
  • Internet and IT contingency planning
  • Insurance
  • Outsourced services
  • Waiver procedures
  • Incident reporting procedures
  • Access control guidelines
  • PCI DSS Audit Program as a separate document

Order Download Selected Pages

Top 10 Cloud SLA Best Practices identified by GAO

Top 10 Cloud SLA Best Practices identified by GAO

Cloud SLA Best Practices
Cloud SLA Best Practices

Top 10 Cloud SLA Best Practices are:

  1. Define SLA roles and responsibilities for the enterprise and cloud providers. These definitions should include,the persons responsible for oversight of the contract, audit, performance management, maintenance, and security.
  2. Define key terms. Include definitions for dates and performance. Define the performance measures of the cloud service, including who is responsible for measuring performance. These measures would include: the availability of the cloud service; the number of users that can access the cloud at any given time; and the response time for processing a customer transaction.
  3. Define specific identifiable metrics for performance by the cloud provider. Include who is responsible for measuring performance. Examples of such measures would include:
    SLA Best Practices
    SLA Best Practices
    • Level of service (e.g., service availability—duration the service is to be available to the enterprise).
    • Capacity and capability of cloud service (e.g., maximum number of users that can access the cloud at one time and ability of provider to expand services to more users).
    • Response time (e.g., how quickly cloud service provider systems process a transaction entered by the customer, response time for responding to service outages).
  4. Specify how and when the enterprise has access to its own data and networks. This includes how data and networks are to be managed and maintained throughout the duration of the SLA and transitioned back to the enterprise in case of exit/termination of service.
  5. Specify specific SLA infrastructure and requirements methodology:
    • How the cloud service provider will monitor performance and report results to the enterprise.
    • When and how the enterprise, via an audit, is to confirm performance of the cloud service provider.
  6. SLA DRP and Security for Cloud
    SLA DRP and Security for Cloud

    Provide for disaster recovery and continuity of operations planning and testing. Include how and when the cloud service provider is to report such failures and outages to the enterprise. In addition, how the provider will re-mediate such situations and mitigate the risks of such problems from recurring.

  7. Describe any applicable exception criteria when the cloud provider’s performance measures do not apply (e.g., during scheduled maintenance or updates).
  8. Specify metrics the cloud provider must meet in order to show it is meeting the enterprise’s security performance requirements for protecting data (e.g., clearly define who has access to the data and the protections in place to protect the enterprises’s data). Specify the security performance requirements that the service provider is to meet. This would include describing security performance metrics for protecting data, such as data reliability, data preservation, and data privacy. Clearly define the access rights of the cloud service provider and the enterprise as well as their respective responsibilities for securing the data, applications, and processes to meet all mandated requirements. Describe what would constitute a breach of security and how and when the service provider is to notify the enterprise when the requirements are not being met.
  9. Specify performance requirements and attributes defining how and when the cloud service provider is to notify the enterprise when security requirements are not being met (e.g., when there is a data breach).
  10. Specify a range of enforceable consequences, such as penalties, for non-compliance with SLA performance measures. Identify how such enforcement mechanisms would be imposed or exercised by the enterprise.

Documentation Security Compliance

Documentation is a key part of security compliance — here’s how to do it right

Compliance Management
Compliance Management – Documentation

Documentation Security Compliance – Maintaining security compliance is a multifaceted responsibility. It’s not enough to simply implement the required controls and enforce security policies. In order to remain fully compliant, businesses must thoroughly document their compliance efforts as well. Maintaining formal, written documentation of all compliance-related activities is a requirement of many regulatory guidelines, but all too often, it’s treated as an afterthought.

Order Compliance Kit

In many cases, compliance documentation is inadequate due to varying responsibilities. In many organizations, compliance efforts spread across departments and different individuals are responsible for various aspects of the security plan. As a result, documentation tends to be inconsistent at best, with varying standards and levels of detail. Unfortunately, such an approach to compliance can land your company in hot water should it ever be selected for a compliance audit.

Specific security compliance documentation standards vary by regulation (HIPAA has different requirements than PCI DSS, for instance) but there are some general best practices that you can follow to ensure that your compliance documentation is up-to-date and meets the requirements put forth for your organization.

Select the Right Manager

Security Documentation Job Descriptions Bundle
Security Documentation Job Descriptions

Even with a dedicated compliance department, many companies struggle with documentation. Regulatory requirements tend to be highly technical, and require writers with the technical expertise to develop them thoroughly and accurately. When the wrong individuals are tasked with creating compliance documentation, there is the potential for errors and omissions. If professional technical communicators are unavailable, establish specific standards for the creation of documentation for staff to follow, or consider outsourcing the project.

Understand the Requirements

The first step to managing compliance documentation is understanding what is required of your company and developing a consistent means of recording the necessary information. In general, this means:

  • Describing the specific requirement and how it relates to your business
  • Outlining the specific controls in place to meet that requirement
  • Listing the name and contact information for the person in charge of implementing the control
  • Designating the date that the control/documentation needs to be reviewed and/or updated

Many organizations implement a content management system specifically for the purpose of maintaining security compliance documentation. Doing so allows for information to be accessed and updated online in real time, without relying on paper copies. An efficient CMS allows for additional information to be imported as well; for instance, when you invest in a Cisco video conference system from KBZ, the information from training sessions completed by employees can be seamlessly added to the CMS, keeping records up-to-date.

Conduct Regular Audits

Security Audit Program
Security Audit Program

Compliance documentation is an ongoing process, and IT needs to schedule annual documentation reviews as part of their compliance activities. Ideally, reviews should not be conducted by those who have responsibility for specific security controls, but by other individuals who have knowledge of the controls and can identify gaps or other potential issues that need to be addressed when necessary. The annual documentation review should be focused on identifying required changes, as well as comparing the existing documentation to current regulations to ensure full compliance.

The best time to conduct documentation audits is in conjunction with your scheduled risk assessments. Most security regulations require regular risk assessments, with controls put in place in relation to the results of the assessment. Including a documentation review as a part of that process allows you to identify areas that need improvement or change, as well as activities that need to be added to your security controls.

Focus on the User

Finally, the most effective compliance documentation is user-focused, both in terms of employees who may need to access the information and regulators who will be auditing your efforts. While a focus on the technical aspects of the documentation is necessary, you also want to ensure that the documentation is usable. This means keeping it user-focused, easily accessible, and accurate. Nothing is more frustrating than attempting to find documentation that is hopelessly out-of-date or incorrect, so being user-friendly means committing to maintaining the most current documentation possible.

Failing to correctly maintain your security compliance documentation puts your company at risk for failing an audit, which could result in costly fines and other sanctions. A scattershot and disorganized approach to documenting your efforts is not adequate for anyone’s needs, and could leave your company vulnerable to security breaches in addition to regulatory infractions. By taking the time to develop a comprehensive and thorough approach to compliance documentation, you’ll save time and money in the long run.