10 Things To Avoid In Your Resume

10 Things To Avoid In Your Resume

10 Things To Avoid in your Resume – Your resume is the primary general marketing tool that you have. Here are the 10 things that your need to avoid:

  1. Resume that is too long – Most resume readers will just look at the top 1/3rd of a resume in the first screen and many of them will “throw out” the multi-page documents.  That is especially true of mid-level and senior level managers.  Keep your total resume to 2 pages or less.
  2. Resume that does not represent you in the best first impression – Everything that the physical or electronic resume does is visual make sure that the resume looks good.  There is your chance for a first impression and it need to be good.
  3. Resume that is not structured well – On first glance if  a resume looks cluttered or is just a long set of words which is “difficult” to get a quick image of a candidate can be excluded by the resume reader. Bullets, limited bold text, and a summary at the top are key directions to take.
  4. Resume that contains spelling errors – If you make this mistake you often will not even be phone screened.  This error is direct path to the circular file.
  5. Resume that contains grammatical and tense errors – This is just as bad as spelling errors in the minds of many resume screeners.  Do not user complex sentences and avoid starting with prepositions.
  6. Resume that does not agree with your “social profile” – Recruiters now look at social media and their network of other professionals and you resume needs to be in agreement with what the rest of the world see about.
  7. Resume that contains a photo – Do not include anything that shows your age, race, or appearance.  You could be excluded from an interview for being “too old” or “too young” or other non related factor.
  8. Resume that is not 100%  accurate –  Everything needs to be truthful and accurate.  Not matter what the factor is there should be no grey areas or out right “lies” in the resume.  Those will come back to bite you.
  9. Resume that is the same for each job and company – With word processors and email you should at least have a custom cover letter that address the “specific” job or company that you are sending the resume to.
  10. Not following up – If you do not hear back from a company and have sent a resume in, it is a must to follow up and see if the job is still open or if there is another position that you might be able to fill.
IT Hiring IT Job Descriptions IT Salary Survey IT Salary Survey Job Descriptions
Order IT Hiring Kit
Posted in Career, Job Descriptions | Tagged , , , | Leave a comment

Top 10 Reasons Why Security Breaches Occur

Top 10 Reasons Why Security Breaches Occur

Security Policies

With all of the concerns about security breaches, still one out of ten CIOs and CFOs feel they do not have an adequate security strategy in place and are reactive when an incident does occur. Many of them find out, the hard way, that the cost to react to an event is significantly greater than it would have been to implement an adequate solution before hand.

The top 10 drivers of security shortcomings include:

  1. Insufficient funding for security
  2. Lack of commitment by senior executive management
  3. Lack of leadership in the security arena by the CIO
  4. Belief that the organization will not be targeted
  5. Lack of internal resources who are “security” experts
  6. Lack of an effective IT security strategy
  7. Lack of an action plan on how to implement a solution before an event
  8. Infrastructure for IT that does not easily lend itself to security implementation including complex and disjointed applications and data
  9. No central focus with the enterprise that focuses on security
  10. Lack of a good termination policy for employees and contractors

In a review of over 200 incidents we have found the frequency of these types of breach losses to be as depicted in the chart below:

Order Security ManualSample DRP
Posted in Security & Compliance | Tagged , , , , , , | Leave a comment

CIO responsibilities

CIO Responsibilities

CIO responsibilities – The Chief Information Officer (CIO) and Chief Technology Officer (CTO) traditional responsibilities has been expanded to be have major value added component. There are seven (7) responsibilities the CIO and CTO have are:

  1. Strategy and Planning
  2. Control
  3. Service
  4. Risk Management
  5. Business Processes
  6. Strategic IT Initiatives
  7. Enterprise Infrastructure and Applications

Chief Information Officer – Chief Technology Officer

Order CIO Job Description

The traditional roles include the following:

  • Define, update, and Implement IT Strategy
  • Manage IT across the enterprise
  • Align IT team with enterprise performance objectives
  • Control performance objectives
  • Control overall technology budget
  • Acquire software/hardware
  • Select, manage, and control IT providers
  • Align IT risk management with IT productive objectives
  • Defer to enterprise operational requirements
  • Follow IT System Development Methodology (SDM)
  • Plan and manage strategic IT initiatives
  • Manage application portfolio
  • Manage IT projects
  • Define standards and architecture
  • Coordinate (consolidate) IT processes across the enterprise

The value added r0les include:

  • Align IT objectives and programs to enterprise objectives and strategies
  • Coordinate IT across the enterprise
  • Define metrics based on overall business objectives
  • Report performance status
  • Coordinate overall technology budget
  • Maximize mix of in house versus outsourced services
  • Establish strategic service provider partnerships
  • Align IT risk management with enterprise-wide risk management
  • Optimize and design enterprise process
  • Define and adjust IT standards and technologies
  • Shift decisions to enterprise operations
  • Include business process executive in IT governance
  • Optimize cost of services through a mix of internal and external sources
  • Coordinate security and compliance

The table below summarizes the roles by area of responsibility

Cio Role

 

Posted in Career, Job Descriptions | Tagged , , , | Leave a comment

10 actions to protect data assets

10 actions to protect data assets

10 actions to protect data assets — Janco has found that more than 90% of all data breaches affecting 500 or more individuals are caused by an organizations’ own employees, not hackers. Since ninety percent of an organization’s data breaches are due to “friendly fire” – the mistakes and transgressions of the business’s own employees and business associates CIOs and CSOs need to take a leadership position in managing this. By taking specific actions, a company can greatly reduce the likelihood of these internal breaches – both the careless mistakes and the malicious acts.

Here are 10 actions that a CIO or CSO can take are:

  1. Instill on all employees that they are the first line of defense when it comes to data protection and data security.
  2. Develop and implement specific policies and procedures regarding the handling of proprietary or sensitive information. Have employees sign an acknowledgement form indicating that they have read the policies and understand their responsibilities.
  3. Validate that the policies and procedures meet all industry and mandate compliance requirements.
  4. Improve training and require all employees to take. Many organizations think that a general 30-minute online information-security training followed by 10 questions is sufficient for employees to know what they should do in a given situation. However, the lack of specificity to their own responsibilities opens the possibility of unintentional exposure of, or unauthorized access to, protected information.
  5. Maintain a tight control on all data assets and ensure only the minimum necessary access to the information. Organizations need to take the time to assess the functions or roles in the organization that need access to confidential information, and to document the process for initiating and terminating that access. The most damaging impact on an organization can be caused by a disgruntled employee who is terminated from the organization, yet his or her access to information is not cut off in a timely fashion.
  6. Require all passwords be changed frequently and not be repeated.
  7. Communicate, enforce and apply consistent sanctions for information privacy or security violations. If there is no punishment for accessing or sharing information, people are more apt to do so. For example, rural hospitals and health plans have significant problems with employees snooping into medical records of colleagues, ex-partners, and others in the community. Larger hospitals and rehab centers have to address the improper snooping into the medical records of celebrities and prominent public figures.  An organization can suffer significant financial and reputational damage if steps aren’t taken when bad behavior occurs.
  8. Monitor employee activity both on PCs and mobile devices. Doing so ensures appropriate access and can unearth any unusual activity. Take the time to review or randomly sample usage reports to identify any potential problems early and initiate remediation activities.
  9. Ensure adequate oversight or governance of information security programs. This is necessary to evaluate the causes of security or privacy incidents, apply consistent sanctions, monitor training activities, provide resources for mitigation and remediation of impermissible disclosures, and make information security part of the organization’s culture.
  10. Have independent 3rd parties test the data protection and data security compliance practices.

Security PoliciesSecurity Policies – Procedures – Audit Tools

Posted in Infrastructure, Security & Compliance | Tagged , , , , , , , | Leave a comment

Top 10 CIO Concerns

Top 10 CIO Concerns

Top 10 CIO Concerns – With the changing economy and improved outlook for IT spending, Janco has identified the top  10 CIO concerns.

Order CIO Job Description

The top 10 concerns are:

  1. Security – as more instances of cyber-attacks are identified CIOs are well aware that their jobs are at risk if this occurs under their watch,.
  2. Cloud Computing – This is the new hidden IT that is driving many new applications and is not under the complete control of the CIO and IT organization.
  3. Infrastructure – No longer are those interacting with the data and systems in a single location utilizing standard hardware and software. Records management, retention and destruction as well as version control are just a few of the areas that CIOs need to manage and control.
  4. Consolidation – Islands of data and computing continue to exist as new technologies are implemented. Redundancy leads to disparate information and needs to be resolved.
  5. Big Data – As data is consolidated it needs to be analyzed more quickly so that decision making within the enterprise is improved.
  6. Automation – Traditional functions are now being eliminated and automation needs to take placed which will meet the strategic objectives of the enterprise.
  7. Mobile Computing – BYOD and mobile applications are where users are looking for support in order to improve their bottom line results.
  8. Staff Retention – During the past few years that has not been an issue but now with an improved IT job market staff will leave.
  9. Social Networks – This is the wave of the future and needs to be managed more effectively.
  10. Succession Planning – Not only for the CIO role but for all of the other key roles within the IT functions. Job family definition is now a priority.
Posted in Career, Infrastructure, Job Descriptions | Tagged , , , , , , , | Leave a comment

Disaster Recovery Backup Solution

Disaster Recovery Backup

Disaster Recovery Backup and Backup Retention Policy Template

CIOs and IT Managers need to consider mandated compliance requirements

Disaster Recovery Backup Solution – Just added Best Practices for Backup, Cloud Backup and Mobile Device Backup. IT organizations of all sizes contend with a growing data footprint with more data to manage, protect, and preserve for longer periods of time. Online primary storage, has focus a on fast low latency, reliable access to data while near-line secondary storage has a focus on low cost and high capacity.

Disaster Recovery BackupQuestion that need to be answered are:

  • Is our data safe in transit and at rest?
  • What prevents hackers from gaining access to our data?
  • Is our data properly handled, stored, and deleted?
  • Who can access our data?
  • What are the benchmark measurements?
  • Is our data backup strategy compliant?
  • Will our recovery be successful?

 

 

Posted in Disaster Recovery, Policies & Procedures | Tagged , , , | Leave a comment

Malware – mobile devices are reasonably safe from them

Malware mobile devices are reasonably safe from them

Malware mobile devices are reasonably safe from those attacks based on a number of reviews of malware attacks.  Typically new malware attacks are only in play for a week and after that fewer than 2% go on for more than 30 days.

Malware mobile devices
That is not to say that malware will continue to be a non-issue.  With the new move to mobile devices we expect this profile to change and malware as well as other attacks to become more common, extensive and pervasive.
CIOs and CSOs will need to watch this closely.  This is especially with the new changes that Google is putting in place for it ranking systems and adding focus on mobile sites that are responsive.
Posted in Infrastructure, Security & Compliance | Tagged , , , , | Leave a comment

ISMS 10 reasons why CIOs should implement ISMS

ISMS 10 reasons why CIOs should implement

ISMS – 10 reasons why — Some CIOs believe that their companies do not need a formal Information Security Management System (ISMS) because they already have security policies and procedures along with controls in place or are deploying other technologies to protect their enterprises from cyber-attacks.

Order Security ManualTable of Contents

Security ManualHowever here are ten reasons CIOs should implement an ISMS in their enterprises:

  1. An ISMS includes people, processes and IT systems, acknowledging that information security is not just about software, but depends on the effectiveness of organizational infrastructure, processes, and the people who manage and follow them.
  2. An ISMS provides standard set of terms and communication methods for everyone to be educated in.
  3. An ISMS helps enterprises to coordinate all security efforts (both electronic and physical) coherently, consistently and cost-effectively.
  4. An ISMS provides enterprises with a systematic approach to managing risks and enables enterprises to make informed decisions on security investments.
  5. An ISMS can be integrated with other management system standards (e.g. ISO 22301, ISO 9001, ISO 14001, etc.) ensuring an effective approach to corporate governance.
  6. An ISMS creates better work practices that support business goals by asserting roles and processes that have to be clearly attributed and adhered to.
  7. An ISMS requires ongoing maintenance and continual improvement, which ensures that policies and procedures are kept up to date, resulting in better protection for your sensitive information.
  8. An ISMS gives enterprises credibility with staff, clients, suppliers, customers, and partner organizations, and demonstrates due diligence.
  9. An ISMS helps enterprises comply with corporate governance requirements.
  10. An ISMS can be formally assessed and certified against ISO 27001, bringing additional benefits such as demonstrable credentials, customer assurance and competitive advantage.
Posted in Infrastructure, Policies & Procedures, Security & Compliance | Tagged , , , , | Leave a comment

Technology Leadership – IT job market grows to exceed dot com head count

Technology leadership will be lacking in the next few years

Technology Leadership — IT job market size now exceeds the total IT job market size of the dot com bubble.  It took over 15 to get back to that level.  In the meantime the US has lost its control of IT technology market with the advance of outsourcing and H-1B visa programs.

IT Job Market finally back to 2000 levels — It took 15 years to recover from dot com bubble

Technology Leadership

I propose that this will be shown in the lack of “seasoned” IT Pros who do not exist that will have 10 – 15  years of experience and are 35 to 45 years old.  Does that matter?

Yes, it does because those are the individuals that will be the leaders and innovates who will drive enterprises in the next decade.  Without a significant number of those individuals to drive the next generation of technology, the US may not be in a position to have the ability to drive IT technology to the next step.

Salary Survey Job Descriptions IT Job Families IT Hiring Kit Interview Guide

Order Salary Survey    Free Salary Survey
Posted in Career, Infrastructure, Job Descriptions | Tagged , , , | Leave a comment

The importance of up to date telecommunications and the businessmen and women making that possible globally

The importance of up to date telecommunications and the businessmen and women making that possible globally

Security PoliciesIt is impossible to compete in the modern global marketplace without access to a reliable telecommunications infrastructure. Ever since the first mail services made doing business outside one’s local area possible, speed of communications has been a crucial factor in business efficiency and trade, and today this is more the case than ever. With Western countries dominating the market in telecommunications products and services themselves, and prices in developing countries pitched far higher, it is a difficult gap to close, but all around the world there are bold individuals working to do it anyway.

Sudan

Now rapidly stabilizing after separating from its troubled southern neighbor, Sudan is undergoing a communications revolution. It’s one of several African countries to benefit from the focused investment of Mo Ibrahim, founder of Celtel International, who believes in communications as a tool for change and has worked with the UN’s Broadband Commission for Digital Development to help get unconnected groups of people onto the internet.

Afghanistan

In a troubled country like Afghanistan, economic growth and political stability go hand in hand. As Ehsanollah Bayat’s page shows, his company, Afghan Wireless, is working to make that happen. Bringing together the expertise of his Florida-based company, Telephone Systems International, with the organizational capacity of the Afghan government, it is providing affordable mobile phone based services that are helping small businesses to get up and going or expand their reach, as well as connecting communities.

Mexico

Although Mexico City is home to some very successful companies making extensive use of telecommunications, in rural areas of the country the service is often poor, limiting opportunities for local residents. Former government Undersecretary for Communications Gabriela Hernandez is working to change that, heading up the national branch of General Electric and, through this, playing a crucial role in infrastructure investment and access to technology.

Malaysia

Malaysia’s striking geography presents unique communications challenges, with mobile technology an obvious choice given the need to communicate affordably between islands, but with mountains interfering with signal. Fortunately, innovative entrepreneur Tatparanandam Ananda Krishnan is there to work on the problem. Famous for his work in organizing the original Live Aid concert, he owns three communications satellites that are making all the difference.

China

Like Mexico, China is a country with powerful economic centers, but many people living in rural areas are effectively cut off by poor communications infrastructure. Sun Yafang is the woman setting out to change that. A humble technician who has risen through the ranks, she now chairs Huawei and has significantly increased its efficiency in the production of telecommunications equipment, making it available in a quantity and at a price that can enable real change.

Investment in telecommunications is one of the best ways to boost any national economy, with research from southern Africa suggesting a direct link between phone access per capita and economic growth potential. Other factors may ultimately be needed to make growth happen, but telecommunications are a crucial element no country can afford to ignore.


Order Security Manual
Sample DRP

Posted in Infrastructure, Security & Compliance | Leave a comment

Security Threats – Protecting Enterprise Infrastructure

Security Threats – Protecting Enterprise Infrastructure

Security Policies

In the first half of the 2013 fiscal year, the US Department of Homeland Security’s responded to more than 200 incidents.  53 percent of the incidents were in the energy and utility sector — many of them sponsored by states such as China.

As attacks become more sophisticated and digital control systems increase in complexity and levels of automation, it is increasingly difficult to prevent threats from impacting the operation of critical infrastructure.

Order Security ManualSample DRP

Security balancing act

The costs of implementing a stricter policy need to be weighed against the potential costs that could result from the failure of a weaker policy. These costs include purchasing a security solution, implementing this security solution, and finally managing and maintaining the solution. Initial costs often include the physical infrastructure necessary to deploy the solution, such as servers, kiosks and networks, as well as the consulting services that are often required to implement the solution correctly.

Security Threats

Defining acceptable media and content

Defining a portable media and content strategy is key to a secure data workflow policy. When developing a secure data workflow policy, organizations should first define what types of portable media are acceptable and how they can be used.

Designing secure data workflows

The best security policies have multiple layers of protection, to guard against many types of threats, both known and unknown. This defense-in-depth strategy will minimize the risk of any one threat getting past all of the security layers.

A secure data workflow should leverage threat protection methods including:

  • User authentication and source verification: Prevent unauthorized users or sources from bringing in data and facilitate logging for future auditing;
  • File type analysis and filtering: Prevent risky file types from entering the facility, including files that have spoofed extensions
  • Multiple anti-malware engine scanning: Detect threats that are known by any of the many commercial anti-malware engines, and leverage many varying heuristic algorithms to detect zero-day attacks;
  • Document sanitation: Further protect against unknown threats by using sanitation methods to strip potential threats out of documents and images.

Order Security ManualSample DRP

Posted in Security & Compliance | Tagged , , , , , , | Leave a comment

CIO Role – 3 Ways CIOs Can Win People Over

CIO Role – 3 Ways CIOs Can Win People Over

CIO Role – CIOs who are committed to advancing their roles—and having a broader impact on the business—need to develop their skills surrounding the company’s number-one asset: people. Being perceived as a pure technologist, whether deserved or not, is hardly a path to advancement.

IT Job DescriptionsCIO Role – CTO Responsibilities

Chief Information Officer – Chief Technology Officer

Order CIO Job Description

There are several ways CIOs can position themselves to enhance their interaction with their fellow C-Level executives:

  1. Participate in meetings outside of IT. One CIO, frustrated that her colleagues perceived the IT function as brimming with no-sayers, requested that members of her team be invited to meetings outside of IT, so as to supply their own viewpoint. As IT folks joined technology and sales teams on an ongoing basis, they not only expanded their own scope but also broadened the others’ understanding of what IT actually does. In doing so, they helped groomed themselves for other positions. In one case, a IT executive lost one of her top performers to the sales team—and even prodded the person to take the job by promising to keep a IT position open, just in case.
  2. Figure out how to create value for other functional areas. At some companies, others perceive IT as a function whose members are only interested in tracking project status—whether that is useful or not. Rather than emailing technology-packed reports to colleagues, try playing the internal marketer and ask other functional leaders what kind of report would be most helpful to them. Engaging in a face-to-face dialogue will help restore the human element to your working relationship.
  3. Help demystify IT. Having joined a company as a CIO, one executive kept hearing the same refrain: “I don’t really know what IT does.” Those who did suggest they understood the role of IT typically ventured a textbook definition that was more suited to data processing of the late 1980s. To reduce the mystery that surrounded his role, the CIO sent out a company-wide e-mail inviting all employees to join him for a brown-bag lunch on the first Thursday of every month. After six months, he regularly drew a large crowd. He used the meetings to speak candidly about the factors that impact the bottom line, and to find ways he could help support his colleagues. The dialogue not only lifted his function’s profile—other C-Suite executives soon started following his lead.
Posted in Career, Job Descriptions | Tagged , , , | Leave a comment

Privacy is a thing of the past

Privacy is a thing of the past

When we look at the world as it is today, it is easy to see that privacy is no longer a reality no matter where you are in the world

Order Sensitive Information PolicySensitive Information policy

BYOD guidelines are just being defined, but one warning must rise above the din: never, ever, try to gain unauthorized access to an employee’s pri…

Articles Archives Register CIO Roundtable Company Who we are Customers Downloads Advertizing Rate Sheet TestimonialsPrivacy Payment Options Terms and Conditions Return Policy Site Map Blog Top 10 Lists BYOD

URL: http://www.e-janco.com/Press/2013/20130510-BYOD-Policy.html

Compliance Mandates – Security Manual Template Version 8.0 Released

Articles Archives Register CIO Roundtable Company Who we are Customers Downloads Advertizing Rate Sheet TestimonialsPrivacy Payment Options Terms and Conditions Return Policy Site Map Blog Top 10 Lists Compliance

URL: http://www.e-janco.com/Newsletters/2010/Compliance_Newsletter_100726.htm

Companies should also weigh the vulnerabilities associated with various cloud computing service and deployment models

Articles Archives Register CIO Roundtable Company Who we are Customers Downloads Advertizing Rate Sheet TestimonialsPrivacy Payment Options Terms and Conditions Return Policy Site Map Blog Top 10 Lists Cloud

URL: http://www.e-janco.com/CloudSecurity.htm

Posted in Infrastructure, Security & Compliance | Tagged , , | Leave a comment

10 steps Disaster Plan Testing

10 step Disaster Plan Testing

10 step Disaster Plan Testing

10 step Disaster Plan Testing – Almost every organization has a disaster recovery and business continuity plan on the shelf.  The question that every CIO needs to have answered is will the plan work?

To that end we have defined and documented a testing process that will ensure that a DR/BC plan will work when it is needed after a disaster or business interruption occurs.

The 10 steps are:

  1. Identify people who will participate in the test
  2. Identify the enterprise operations that will be teste
  3. Train people before the test
  4. Establish test objectives
  5. Select test type
    1. A walkthrough
    2. A desktop
    3. A timed desktop
    4. Live or real time
  6. Document the test plan
  7. Manage pretest administration
  8. Conduct the test
  9. Do a post-test review of successes and failure – implement changes the test
  10. Schedule the next test

Each of these steps is discussed in detail in the Disaster Recovery Business Continuity Template.

 Order Disaster Plan TemplateDisaster Plan Sample

Disaster Recovery Business Continuity Plan Template

The Disaster Recovery Business Continuity template has been purchase by over 2,500 enterprise world wide in both the public and private sectors. To see the distribution of our customer base click here.

Disaster Recovery Security Cloud DRP Security Incident Communication Policy Security Audit Program
 Order Disaster Plan TemplateDisaster Plan SampleDR BC History
Posted in Disaster Recovery | Tagged , , , , | Leave a comment

Recruiting IT Pros Harder Now

Recruiting IT Pros Harder Now

Recruiting T Pros now is much more difficult.  Given that the good news is that unemployment rate dipped to 5.5% – the bad news is that CIO are now having a harder time finding experienced IT Pros.  In industries ranging from retail to health care to business services, CIOs would be well-advised to look back at how they recruited and retained workers in 2005, when the unemployment rate landed at 5.1%.

Suggestions for keeping a mindset of abundance in an era of scarcity:

  • Focus advertising dollars for targeting job-hunters. CIS need to advertise on the Internet, not only on job boards and social media but also using banner ads, which appear when someone is searching for an IT position.
  • Communicate you are a quality employer. Make the impression that you are a quality firm both in your office to your web presence. You want to work for a place that’s successful and physical and virtual presence are important.
  • Offer benefits that matter most to employees. Health insurance is a big deal to people, it hurts the bottom line in the short term. However IT Pros are more likely to come -and stay – if he or she doesn’t have to switch insurance plans every six months.

IT Hiring Kit – The must have tool kit for organizations and mangers who are looking to build a quality IT function. For more information go to http://www.e-janco.com/ITHirePack.htm.

IT Hiring IT Job Descriptions IT Salary SurveyIT Salary SurveyJob Descriptions
Order IT Hiring Kit
Posted in Career, Infrastructure, Job Descriptions | Tagged , , , | Leave a comment
%d bloggers like this: