IT Salaries Rise

IT Salaries Rise

In 2015 IT Salaries will increase across the board for IT Pros.  In preliminary results of Janco Associates 2015 IT Salary survey they have found that all levels of IT Professionals and in all sizes if IT organizations salaries are going up.  The big winners are the executive levels of IT in mid-sized organizations.

Historic versus current salaries IT Professionals

IT Salaries are on rising

IT compensation for all IT Professionals has increased by 2.85% in the last 12 months. Between January 2014 and January 2015 the total mean compensation for all IT Professionals has increased from $79,674 to $81,948. This puts overall compensation back at the levels they were at in January 2008 and 2007.  In mid-sized enterprises, the mean total compensation for all positions has increased by 4.11% from $76,198 to $79,333.

Much of the rise is due to the fact that the number of IT Pros that are required is up. In 2014 the IT job market grew by 112,800 versus 74,900 and 62,500 in 2013 and 2012 respectively according to the Bureau of Labor Statistics (BLS).

IT Job Market Growth

The 2015 Salary Survey will be released by the end of January.

Salary Survey Job Descriptions IT Job Families IT Hiring Kit Interview Guide

Order Salary Survey  Provide Salary Data  Free Salary Survey

 

Posted in Career | Tagged , , , , | Leave a comment

Security is a pipe-dream

Security is a pipe-dream,  few enterprises are fully protected from events that have occurred in the past several months.

Not many CIOs and CSOs feel they have 100% of their security risks covered. In a recent survey that was published in NetworkWorld:

  • 55% said that was the case
  • 40% said they hope the had all of their security bases covered
  • 6% said that they did

With only 6% saying they had all of their bases covered there is lot of room for security hackers and data breachers to attack the systems in place.

Now that we know that a security breach may occur, how sure are these same CIOs and CSOs that they will be able to react in time. The first step is detection that a hack or breach has occurred. In another survey by Janco Associates we found that in midsized and large enterprises:

  • 35% had a detection solution in place and they automatically quarantined the server(s)
  • 43% had a detection solution in place but had to “manually” quarantine the server(s)
  • 23% had to “manually” put the server(s) offline when they found out they had a problem

When you put these two sets of data together, you conclude that less than 2% of enterprises are protected adequately enough to prevent a major security hack or breach occurring.

Disaster Recovery / Business Continuity &
Security Template Bundle

ISO 27000, Sarbanes-Oxley, and HIPAA Compliant
PCI-DSS Compliant

Order DRP BCP SecuritySample DRP Security Manual

Experts Agree You Should Update Your Plan Annually

Security is a critical concern during the recovery process

It goes without saying that every company, regardless of size, needs a concise business continuity plan in case of an emergency. If you don’t have a disaster recovery plan or haven’t updated yours recently, now is the time to take this critical step to protect your business.

Posted in Disaster Recovery, Infrastructure, Security & Compliance | Tagged , , , , , , , | Leave a comment

Top 6 cyber attack threats

Top 6 cyber attack  threats

The top 6 threats that CSOs need to address as attackers conspire to take down applications and steal data. These treats focus on data center infrastructure. (See also How to Manage Cyber Attacks)  Storing the most valuable and most visible assets in your organization –  web, DNS, database, and email servers – data centers have become the number one target of cyber criminals, hacktivists and state-sponsored attackers. The threats are:

  1. DDoS Attacks
  2. Web Application Attacks
  3. DNS Infrastructure
  4. SSL-Induced Security Blind Spots
  5. Brute Force
  6. Weak Authentication

CIOs and CSOs start the management process before the cyber attack occurs

Cyber attackCyber-attacks are now an everyday event and it is only a matter of time before your company faces one if it has not already. Cyber criminals are ubiquitous and attacks will continue despite our resolute attempts to stop them – even organizations with the best defenses in place are not immune. CIOs and CSOs need to accept these risks as fact and be prepared to respond quickly and effectively.
Managing cyber breaches starts before the breach occurs

Order Security TemplateTable of Contents

Posted in Infrastructure, Security & Compliance | Tagged , , , , , | Leave a comment

Mobile Devices are how many start and end the day

Mobile Devices are in many bedrooms

How did you start your day today? How did you end your day yesterday? For many, starting or ending our day involves connecting in some way with a mobile application. In 2014, the number of Internet users worldwide has reached nearly 30 billion. While the majority of these users connect via fixed-line to a PC, the growth of mobile- and cloud-based solutions has skyrocketed. Industry experts estimate that mobile-only users (no laptop, no desktop) will hit 1 billion next year.

  • Mobility Policy Bundle (more info…) All of the policies below are included as individual MS Word files and a single PDF file. Electronic forms are all individual documents that are easily modifiable
    • BYOD Policy Template (more info…) Includes electronic BYOD Access and Use Agreement Form
    • Mobile Device Access and Use Policy (more info…)
    • Record Management, Retention, and Destruction Policy (more info…)
    • Social Networking Policy (more info…) Includes electronic form
    • Telecommuting Policy (more info…) Includes 3 electronic forms to help to effectively manage work at home staff
    • Travel and Off-Site Meeting Policy (more info…)
Order

Posted in Infrastructure, Policies & Procedures | Tagged , , , | Leave a comment

Best Articles of 2014 – CIO Challenges addressed

Top 10 Best Articles of 2014

Best Articles of 2014 – Janco in a review of the best articles and top 10 lists of this year, Janco highlights the role of the CIO and the challenges that the CIO faces.  Include in this years winners are:

Best articles of 2014

  1. A CIO’s guide to IT portfolio management
  2. Top 10 Manager Best Practices
  3. Top 10 Challenges faced by IT Project Managers
  4. Ten Best Practices to Hire and Retain World Class Creative IT Professionals
  5. Top 10 CIO Staffing Issues
  6. What does it take to become a CIO or CTO of a Fortune 100 company?
  7. ID Badges Challenge for CIOs
  8. Mobile Application Must Haves for the CIO
  9. Top 10 Interview Best Practices
  10. Internet of Things (IoT) Challenges
Posted in Career, Infrastructure, Job Descriptions, Policies & Procedures, Security & Compliance | Tagged , , , , , , | Leave a comment

Top 10 CIO concerns

Top 10 CIO concerns for the New Year

Top 10 CIO concerns – Janco Associates has just completed an informal survey of 75 CIOs and developed a list of the top 10 concerns they have and will be the their driving forces for the next several months.

  1. Innovation and competitive edge over others in the same market
  2. Meeting management’s IT Portfolio alignment needs
  3. Security and privacy while meeting records management requirements
  4. Operational adaptability of IT infrastructure
  5. Improved productivity
  6. Simplified SDM to more rapidly deploy IT products and services
  7. Impact of market and business changes
  8. Controls and compliance cost improvements
  9. Staffing of talent for the newest technology
  10. Ways to generate revenue with IT technology deployments

Outsourcing TemplateHow to Guide for
Cloud Processing and Outsourcing

ISO Compliant – Including ISO 31000

Order Cloud Outsourcing Template    Sample Cloud Outsourcing Contract

“How to Guide for Cloud Processing and Outsourcing provides EVERYTHING that is needed to select a vendor, enter into an agreement, and manage the relationship,” says a CIO of a Fortune 100 company.

Posted in Career, Infrastructure, Policies & Procedures, Security & Compliance | Tagged , , , , , , | Leave a comment

10 steps to World Class IT portfolio management

10 steps to World Class IT portfolio management

IT Portfolio Management is key to the success of every CIO and IT organization.  Janco Associates has found that many world class CIOs all follow these basic steps.

  1. Create an inventory of all business oriented applications
  2. Establish cost to run applications
  3. Collaborate with business units to determine value of applications
  4. Track investments costs and returns in concise reports that can easily be compared and contrasted.
  5. Identifying the relationship between investment performance and business projections and objectives, across time.
  6. Develop annual ROI summary and review with business units
  7. Make specific business and technology recommendations to maintain a healthy balance within the portfolio.
  8. Adjust portfolio based on newly available data and technologies
  9. Make long term strategic recommendations and establish a baseline budget based on performance and established objectives
  10. Identifying new investment opportunities that could fit into the established portfolio and the wider aims of the business

You can get all of Janco’s templates in its IT Management Suite. When you do that you save over $2,500 and when implemented your enterprise is positioned to have a “WORLD CLASS” Information Technology function. You will be in compliance with all mandated requirements including all US and International requirements.

Posted in Career, Infrastructure, Policies & Procedures | Tagged , , , , | Leave a comment

IT Compensation up as CIOs are hiring

IT Compensation up as CIOs  turn on hiring spigot

IT Compensation up – Janco has just analyzed the latest Labor Department (BLS) data and interviewed almost 100 CIOs finds that hiring of IT Pros is on the upswing.

IT job market improves - hiring up

The three month moving average for IT job market growth trend for IT Professionals is up for the first time in several months.

Data is as of July 2014.

  • IT compensation for all IT Professionals has increased by 0.33% in the last 12 months.
  • CIOs compensation has stayed flat in larger companies and increased in smaller and mid-sized companies in the past 12 months.  The mean compensation for CIOs in large enterprises is now $182,645 (up 0.24%) and $168,214 (an increase of 1.52%) in mid-sized enterprises.
  • Positions in highest demand are all associated with the quality control, BYOD implementation, and service level improvement.
  • Over the long term IT executives have fared better in mid-sized companies than large companies.
  • IT Job growth has slowed. In 2013 the IT job market grew by 36,500 (January thru May) versus 32,200 in 2014 according to the Bureau of Labor Statistics (BLS) — at the same time not all of the IT jobs lost in the recession have not been recovered.
  • Lay-offs seem to have tapered off, however some companies continue to cut the size of the IT organizations.
  • Cost control is still the rule of the day; however we have seen an increase in the number of “part-timers” and contractors who are focused on particular critical projects.  This has resulted in few IT Pros getting health coverage
  • On shore outsourcing has peaked and companies are looking to bring IT operations back into their direct control and reduce operating costs.
  • Mandated requirements for records management systems and electronic medical records have increased the demand for quality control staff and custodians (librarians) of mechanized records.
  • Companies are continuing to refine the benefits provided to full time IT professionals. Though benefits such as health care are available to 80%, IT professionals are now paying a greater portion of that cost.

Salary Survey Job Descriptions IT Job Families IT Hiring Kit Interview Guide

Order Salary Survey    Free Salary Survey

 

Posted in Career, Job Descriptions | Tagged , , | Leave a comment

Container Based Applications is the next big deal

Container Based Applications is the next big deal

The next major shift in the IT infrastructure market is here – container based applications. Historically, 10 years ago virtualization, currently public cloud, and now Containers are changing the way users interact with the Internet.

Containers are the next logical step beyond virtualization. Where virtualization slices a server up into many virtual machines, containers can run on top of bare system to allow many applications to run autonomously. It’s an additional layer of abstraction that can make applications portable across public and private clouds. Containers basically wrap an application to make them portable.

Containers with platform and infrastructure may be a big deal. The change today is limited to new application development. We are a few years from existing applications being rebuilt for containers, or from enterprises moving well-running applications into smaller containers, but for new web-scale applications development, the future is containers.

  • CIO IT Infrastructure Policy Bundle (more info…) All of the policies below are included as individual MS Word files and a single PDF file. Electronic forms are all individual documents that are easily modifiable
    • Backup and Backup Retention Policy (more info…)
    • Blog and Personal Web Site Policy (more info…) Includes electronic Blog Compliance Agreement Form
    • BYOD Policy Template (more info…) Includes electronic BYOD Access and Use Agreement Form
    • Google Glass Policy Template (more info…) Includes electronic Google Glass Access and Use Agreement Form
    • Incident Communication Plan Policy (more info…) Updated to include social networks as a communication path
    • Internet, e-Mail, Social Networking, Mobile Device, Electronic Communications, and Record Retention Policy (more info…) Includes 5 electronic forms to aid in the quick deployment of this policy
    • Mobile Device Access and Use Policy (more info…)
    • Patch Management Policy (more info…)
    • Outsourcing and Cloud Based File Sharing Policy (more info…)
    • Physical and Virtual Security Policy (more info…)
    • Record Management, Retention, and Destruction Policy (more info…)
    • Sensitive Information Policy (more info…) HIPAA Compliant and includes electronic Sensitive Information Policy Compliance Agreement Form
    • Service Level Agreement (SLA) Policy Template with Metrics (more info…)
    • Social Networking Policy (more info…) Includes electronic form
    • Telecommuting Policy (more info…) Includes 3 electronic forms to help to effectively manage work at home staff
    • Text Messaging Sensitive and Confidential Information (more Info…)
    • Travel and Off-Site Meeting Policy (more info…)
    • IT Infrastructure Electronic Forms (more info…)

IT Infrastructure PoliciesInfrastructure Policy Sample

Posted in Career, Infrastructure, Policies & Procedures, Security & Compliance | Tagged , , , , , | Leave a comment

IT Job Families are being reviewed by many CIOs

IT Job Families are being reviewed by many CIOs

IT Job Families – As the economy starts to turn around CIOs are beginning to look at hiring more IT pros.  In the process of doing that the are looking at the documentation they have for the positions that they need to fill.  Many CIOs are finding that the existing job descriptions and “pay grades” are not where they should be.

To that end Janco has created a CIO HR and Staffing Management Kit which address the shortfalls of many of the CIOs HR infrastructure.  The Kit contains:

  • Over 260 full IT Job Descriptions which have recently been updated to meet all of the latest technological and mandated requirements
  • IT Job Families Classification system which is focused at hiring, promotion planning, and compensation setting.
  • Interview and Hiring Guide with tools to aid in creating an process which accelerates the recruiting and hiring of the right IT Professionals
  • Latest IT Salary Survey with data from over 500 organizations in North America.
Job DescriptionsIT Job FamiliesInterview GuideIT Hiring Kit

 

Posted in Career, Infrastructure, Job Descriptions | Tagged , , , , | Leave a comment

Chief Digital Officer now is need in enterprises to leverage digital data

Chief Digital Officer (CDO) now is needed to leverage digital strategy

Chief Digital Officer’s (CDO) time is now. CIOs understand that digital is central to their business and career success. World Class CIOs are focusing on the digital footprint of their customers, products, and competitors. New competitive advantages will be based on digital operations and insights.

Digital business promises to convergence people, business, and things and will disrupt existing business models. While 75% of all CIOs and business executives say their company has a digital strategy, only 15% believe that their company has the skills and capabilities to execute on that strategy. A piecemeal strategy of bolting on digital channels or methods is no longer sufficient.

CDO – Chief Digital Officer

The CDO is not only a digital expert, but also a seasoned general manager
Chief Digital Officer CDO

The requirement for ‘powerful digital leadership’ to drive strategy and execution is a necessity. But how many leaders really have experience in this? Is this learning on the go, or is it about having a CDO and team that has a totally digital focus.

Is there an ideal way to navigate through this journey and also connect better with industries and companies? The CIO and CDO are in excellent positions to help the enterprise decide which approach(es) it should take to manage total digitization.

Posted in Career, Infrastructure | Tagged , , , , | Leave a comment

HIPAA Omnibus Update

HIPAA Omnibus Update

The HIPAA Omnibus Update rules contain a number of changes to HIPAA Privacy, Security, and Breach Notification rules. Recently patient rights under HIPAA have been expanded to include several new rights of access: mental health records, electronic copies of records and laboratory test results. These changes must be respected by every covered entity and business associate to stay in compliance with the HIPAA rules through modifications to policies and procedures.

HIPAA Omnibus update

Not only the compliance rules but the enforcement rules have also changed. Now with the new four-tier violation schedule the mandatory fines for willful neglect of compliance starts at $10,000 even if the problem is corrected within 30 days of discovery. Violations that are not promptly corrected carry mandatory minimum fines starting at $50,000.

Compliance Process

Posted in Infrastructure, Policies & Procedures, Security & Compliance | Tagged , , , , | Leave a comment

IT Job Market Improves

Computer Science and IT Job Market Improve in September

IT job market improved in September as 13,200 new IT jobs were added. For 2014 there have been 69,000 jobs added

IT Job Market – Recent data from the BLS that was analyzed by Janco shows that the job market has improved slightly.  That was the plus side.  On a negative note there were over 70,000 computer science majors that graduated from US universities but only 69,000 IT jobs were added during the same period.

Given we are at the end of a several year contraction of the job market, it is not a good sign that there are so many entry level IT and computer science professionals.

Salary Survey Job Descriptions IT Hiring Kit Interview Guide

Order Salary Survey    Free Salary Survey

 

 

Posted in Career, Infrastructure | Tagged , , | Leave a comment

Security spending cut as attacks rise

Companies are cutting back on security spending as attacks are on the rise

Companies report that cyber-security attacks are on the rise — up 48% in 2013 but spending on information security down by 4% during the same period. Small companies have been cutting their security budgets according to the latest Global State of Information Security Survey.

This is the first drop in security spending in four years. Security spending in small companies (less than $100 million in revenue) fell by 20%, while at medium and large businesses they increased 5%.

Regardless of company size, security spending as a percentage of total IT budget has leveled off at 3.8% and shows no signs of increasing.

Order Security Spending ManualSample DRP

Recent high-profile hacker attacks on large and small corporations have highlighted their vulnerabilities. According to industry experts, in 2013 the number of reported security incidents increased 48% to 42.8 million, the equivalent of almost 120,000 attacks a day. The average cost of managing and mitigating breaches is now $2.7 million per incident.

At the same time, the average information security budget declined this year to $4.1 million, from $4.3 million in 2013.

 

Posted in Infrastructure, Security & Compliance | Tagged , , , | Leave a comment

ISO 31000 Compliance – Risk Management

ISO 31000 Compliance – Risk Management

Cloud processing and outsourcing add external risks to a business’ operation. The International Standards Organization (ISO) has implemented a new standard for risk management which needs to be considered when embarking on a cloud processing and/or outsourcing initiative.

ISO 31000 provides principles, framework and a process for managing risk. It can be used by any organization regardless of its size, activity or sector. Using ISO 31000 can help organizations increase the likelihood of achieving objectives, improve the identification of opportunities and threats and effectively allocate and use resources for risk treatment.

However, ISO 31000 cannot be used for certification purposes, but does provide guidance for internal or external audit programs. Organizations using it can compare their risk management practices with an internationally recognized benchmark, providing sound principles for effective management and corporate governance.

A risk management policy should include the following sections:

  • Risk management and internal control objectives
  • Statement of the attitude of the organization to risk
  • Description of the risk aware culture or control environment
  • Level and nature of risk that is acceptable
  • Risk management organization including policies and procedures
  • Details of procedures for risk recognition and ranking
  • List of documentation for analyzing and reporting risk
  • Risk mitigation requirements and control mechanisms
  • Allocation of risk management roles and responsibilities
  • Risk management training topics and priorities
  • Criteria for monitoring and benchmarking of risks
  • Allocation of appropriate resources to risk management
  • Risk activities and risk priorities for the coming year
ISO 31000 Compliance

Posted in Infrastructure, Policies & Procedures, Security & Compliance | Tagged , , , , , , | Leave a comment
%d bloggers like this: