Women CIOs comprise over 20% of all CIO roles

Women CIOs  hold over 20% of all CIO roles according to data analyzed by Janco Associates

Women CIOs – In the process of capturing public data on CIO compensation, Janco has found that well over 1 out of 5 CIOs is a women.

Women CIOs and other C-Level positions

According to the CEO of Janco Associates, at least two thirds of large public companies doing CIO searches require the recruiter to include women in the candidate pool. Further, when “all else is equal”, between a male candidate and a female one, companies are tending to choose the latter specifically to enhance the diversity of perspectives on the management team.

Unfortunately, even with this data, there are still too few women in senior, experienced roles to populate the candidate pools of all diversity-minded companies. So it’s not enough to decide at the CIO level to hire a woman. The relevant decisions must be made and opportunities offered earlier, at the developmental stage of potential finance leaders.

Companies need to provide more mentors who can share wisdom about things like where to invest time and ways to be motivated.

For those with leadership potential who prioritize family and stability over always making the best career move, the path to the C-suite may be inherently more difficult in CEO and finance than in other functions, like IT and human resources.

10 point DR power checklist

10 point DR power checklist defined in Janco DR/BC Template

10 point DR power checklist — After an event that disrupts a network, availability of power to recover and run the network often is critical.  Below is a 10 item check list of what to consider in your disaster recovery – business continuity plan.

  1. Electricity, water, broken wires do not mix.  Before anything else validate that the power source and power distribution systems are dry and functional before power is turned on.
  2. Understand the minimum power requirements to be operational.   Have a clear understanding of a facility’s critical loads.
  3. Have an adequate fuel supply to operate backup power sources. Make smart fuel and technology choices, considering things such as if natural gas pipeline service were to be disrupted in your community. Make sure that you have sufficient fuel storage capacity onsite for an extended outage.
  4. Set reasonable response times for standby generator.  Frequent outages of a few seconds, a few minutes, or more, can have significant cost implications for businesses. While some other generators take up to two minutes to engage, diesel-powered generators are uniquely able to provide full load power within 10 seconds of a grid outage.
  5. Maintain your equipment and test it operations. Standby generators should be exercised periodically to ensure they will operate as designed in the event of an outage.
  6. Understand your environment and geography.  Even the best generators won’t work underwater when subjected to extreme flooding.  Check unit location for protection from flooding and ensure you use the proper gauge extension cord.
  7. Set up generators in an “open environment”. Use generators or other gasoline or charcoal-burning devices such as heaters in an open area or outside near an open window. Carbon monoxide fumes can build up and poison people.
  8. Quarterly review your load.  Know when there are any new demands or critical circuits to protect.  If you’ve added new computers or other power-hungry devices, consider updating switchgear.
  9. Meet all mandated compliance requirements. Make sure you have the proper permits and records on operations.
  10. Optionally contract for a rental power source.  Consider a rental generator power for use in the event of an extended outage.

Order Disaster Plan TemplateOrder Disaster Plan TemplateDisaster Plan Sample

Top 10 WYOD Best Practices

Top 10 WYOD Best Practices expand beyond BYOD

Tio 10 WYOD Best Practices - Policy
WYOD Policy that address all of the issues generated by this technology.

Top 10 WYOD Best Practices – Employees bringing their own smartphones into the workplace started the BYOD trend requiring enterprises to deal with the serious security implications that come from these devices. The decision for employees to wear their own device (WYOD), such as an apple watch that can link to your Wi-Fi; capture audio, video and data; store; and transmit poses similar problems for IT departments.  Employees and individuals outside of the enterprise can use these devices, sometimes discretely, to access and share business content.

This puts corporate data and infrastructure at risk, and reinforces the need for IT managers to focus on securing the content, rather than the device that’s in use. Wearable devices simply add another level of access and security concern to what we’ve already seen with the BYOD trend.

Here are top 10 best practices for WYOD:

  1. Have a strategy for how, when and why WYOD devices can be used
  2. Implement an acceptable use policy
  3. Identify the connectivity options that are available to both internal and external users
  4. Approved devices should be easily connected to the available secure access points
  5. Define a management process for the WYOD devices
  6. Plan for the activity WYOD devices will add to the network
  7. Make collaboration tools a priority
  8. Secure the end points and isolate sensitive/confidential information and locations
  9. Be prepared for little to no advance notice on upgrades
  10. Formalize your 7 x 24 support

For more information on this go to WYOD Policy.

IT Job Market to expand

IT Job Market to expand as CIO and CFO confidence is high

Year to year comparisons show IT Jobs increased at double the rate of 2017 – Janco’s forecast of 136,500 new IT jobs stays firm

Information Technology job market spiked up with double the number new jobs in January of this year versus January of last year.  The CEO of Janco Associates said, “This increased demand for Information Technology professions remains firm with more hiring on tap for at least the next several months.  From our conversations with many CIOs, CFOs, and CEOs we feel this is the start of a boom in demand for IT professionals. Janco’s forecast of 136,500 new Information Technology jobs for 2017 is on track with 11,800 new jobs added in January. ”

Projected IT job market growth
Janco forecasts that over 124,700 new Information Technology Jobs will be added in the remaining 11 months of 2017
YTD IT Job Market growth
January 2017 had double he number of Information Technology jobs created than January 2016
Order Salary SurveyDownload Selected PagesDownload Selected Pages

Walmart denies hack occurred

14,600 emails addresses and passwords posted – Walmart denies hack occurred

Walmart denies hack occurred
Incident Communication Plan

Walmart denies hack occurred after email address and passwords were posted.   – Over 14,600 email addresses and plain-text passwords associated with Sam’s Club’s online store were dumped on Pastebin, a text sharing site. Walmart denied a hack occurred.

The title of the password dump said that the accounts listed belonged to the retail giant. The company which has over 650 locations across the US and tens of millions of members.

Walmart said “.. looked into this issue and there is no indication of a breach of our systems. It is most likely a result of one of the past breaches of other companies’ systems. Because customers often use the same usernames and passwords on various sites, bad actors will typically test the credentials they obtain across many popular sites. Unfortunately, this is an industry-wide issue,” said a Walmart spokesperson.

Order PolicySample Policy

That is no way to inspire confidence in the security of an enterprise’s website.

To survive an incident such as a business interruption, security breach, or a product recall, organizations need more than a successful communication strategy – they need an incident communication plan.

The overall objectives of a incident communications plan should be established at the outset. The objectives should be agreed upon, well understood, and publicized. For example, will the primary objective of the communications plan be for communications only to employees, and only during a disaster? Or is the intent to advise customers of interruptions to service? Or is it for investors and stockholders? Or regulatory agencies? Or is it some combination of these?

eReader versions of the DR Plan and IT Job Descriptions

eReader version of DR/BC Plan and IT Job Descriptions – 273 jobs

eReader version of DR Plan and IT Job Descriptions have just been released by Janco.  Both of these offering now can be put in an enterprise’s catalog of electronic documents which can be shared across the network.

eReader books by Janco
eReader books by Janco

The .epub version can be read by most (if not all mobile devices) including iPad, Surface, generic tablets, SmartPhones, and computer desktops.  With this step forward a great collaboration tool is now in the hands of individuals who can review, write notes on, share, and utilize as a handy set of reference tools.

The eReader version are fully indexed, have a hot link table of contents and meet industry standards for mobility.

Over the course of the next several months Janco will be adding .ePub options to most of its product line.  Products that are next in line for this include.

Order Sensitive Information Policy

10 Point Checklist DR Power Requirements

10 Point Checklist DR Power Requirements

10 point checklist DR power requirements in Janco’s Disaster Recovery Business Continuity template.  The checklist addresses the issues associated with power after an event disrupts availability. It is:

  1. Electricity, water, broken wires do not mix.  Before anything else, validate that the power source and power distribution systems are dry and functional before power is turned on.10 Point Checklist DR Power Requirements
  2. Understand the minimum power requirements to be operational.   Have a clear understanding of a facility’s critical loads.
  3. Have an adequate fuel supply to operate backup power sources. Make smart fuel and technology choices, considering things such as if natural gas pipeline service were to be disrupted in your community. Make sure that you have sufficient fuel storage capacity on-site for an extended outage.
  4. Set reasonable response times for standby generator.  Frequent outages of a few seconds, a few minutes, or more, can have significant cost implications for businesses. While some other generators take up to two minutes to engage, diesel-powered generators are uniquely able to provide full load power within 10 seconds of a grid outage.
  5. Maintain your equipment and test it operations. Standby generators should be exercised periodically to ensure they will operate as designed in the event of an outage.
  6. Understand your environment and geography.  Even the best generators won’t work underwater when subjected to extreme flooding.  Check unit location for protection from flooding and ensure you use the proper gauge extension cord.
  7. Set up generators in an “open environment”. Use generators or other gasoline or charcoal-burning devices such as heaters in an open area or outside near an open window. Carbon monoxide fumes can build up and poison people.
  8. Quarterly review your load.  Know when there are any new demands or critical circuits to protect.  If you’ve added new computers or other power-hungry devices, consider updating switchgear.
  9. Meet all mandated compliance requirements. Make sure you have the proper permits and records on operations.
  10. Optionally contract for a rental power source.  Consider a rental generator power for use in the event of an extended outage.
Order Disaster Plan TemplateOrder Disaster Plan TemplateDisaster Plan Sample

10 step security

10 step security for third party access to enterprise systems

10 Setps for security in cloud Security plan10 step security for 3rd party access to enterprise systems are a must with the increased use of internet processing and use by day to day business operations.

Security and compliance are key to maintaining control of sensitive and confidential information. All of the product offerings of Janco are geared towards proving tools to help C-Level executives and top IT professionals maintain the privacy of its users and enterprise data.

Order Security ManualDownload Selected Pages

  1. Create an asset inventory and tracking to reduce the risk of network-connected assets being out of compliance with policy.
  2. Understand the cloud-based environment where all users are considered remote, and apply controls similar to how they have historically provided access to third parties.
  3. Make changes in how the organization manages and controls these various user-types by incorporating concepts such as zero-trust, network abstraction, extended identity validation and full-session recording to effectively reduce the overall risk and isolate any potential impact caused by third parties or remote user actions.
  4. Define a plan which meets the requirements for external contractors, employees, and B2B entities.
  5. Coordinate third party access plan in conjunction with their business units and develop a solid communications plan.
  6. Create rules for access using the appropriate level of controls commensurate with their given risk profiles, to include: isolation/segmentation, encryption, and federation integrations.
  7. Establish access points and rules for data availability to third parties
  8. Invest in ways to authenticate third-party users beyond simple username and password.
  9. Define metrics which address compliance variances and risks, and build an end-to-end security and risk view for the entire enterprise.
  10. Create a reporting system which track access, access violations, downloads and total usage. This should be real-time and have assigned individuals monitor and report and deviations.

Order Cloud Outsourcing TemplateDownload Selected Pages

Digital Brand Manager – Technology skills required for many mainstream roles

Digital Brand Manager hot new job

Digital Brand Manager commands a $130K to $140K starting salary

The Digital Brand Manager is responsible for the total digital image that a brand and/or enterprise presents to the outside world. They develop, implement and managing branding and marketing campaigns that promote a company and its products and/or services. He or she plays a major role in enhancing brand awareness within the digital and social networking space as well as driving website traffic and acquiring leads/customers.

As such is responsible for digital consumer experiences across the entire enterprise and its operations. The Digital Brand Manager helps a company drive growth in its brands and product lines by converting traditional physical brand management process to social media ones, and over-sees the rapidly changing digital sectors like mobile applications, social media and Internet based marketing. The Digital Band Manager is responsible for executing and evolving the enterprise’s Social Media Strategy based on performance & emerging company/consumer needs. This includes but is not limited to: channel roles, content strategy, and Social Persona Development.

Janco has created a full job description that is over 1,700 words and 6 plus pages.

The Digital Brand Manager also identifies and evaluates new digital technologies and uses Web analytics tools to measure site traffic to better optimize marketing campaigns, email marketing, social media and display and search advertising.

Order digital brand manager job description

 

 

Top 10 Wearable Issues

Top 10 Wearable Issues

Top 10 Wearable Issues – Over 33% of all organizations surveyed by Janco have revealed they have more than 5,000 connected devices. Add to that, Cisco predicts there will be more than 600 million wearable devices in use by 2020.

These facts present a set of challenges for CIOs and IT enterprises of all sizes.

  1. Easy physical access to Data
  2. Records management, retention, and destruction
  3. Business continuity is significantly more complex
  4. Photos, Videos and Audio can be captured without anyone knowing it
  5. Instant access to outside Wi-Fi and cellular systems facilitates rapid dissemination
  6. Insecure wireless connectivity
  7. Lack of encryption
  8. Lack of formal policies with limited regulation or compliance –
  9. Software and Firmware version control
  10. Current MDM Policies Don’t Cover Wearables

Read On…

Top 10 Wearable Issues Download Selected Pages

CIOs investment in Infrastructure is on the rise

CIOs investment in Infrastructure is on the rise

CIOs investment in infrastructure is going up despite ongoing economic uncertainties.  They are investing in IT to improve operations, reduce costs, and enable strategies. IT budgets, hiring, and salaries are increasing slightly (see http://www.e-janco.com/Salary.htm) and CIOs are cautiously optimistic that this trend will continue into next year.

CIOs five (5) concerns are:

  1. Alignment of IT with the Business
  2. Security and Privacy
  3. Business Agility and Flexibility
  4. Business Productivity
  5. IT Time-to-Market / Speed of Delivery

CIOs five (5) largest IT investments are:

  • Big Data and Business Intelligence
  • Data Center Infrastructure
  • Enterprise Resource Planning
  • Application Software Development
  • Cloud Computing

CIO IT Infrastructure Policy Bundle (more info…) All of the policies below are included as individual MS Word files and a single PDF file. Electronic forms are all individual documents that are easily modifiable

  • Backup and Backup Retention Policy (more info…)
  • Blog and Personal Web Site Policy (more info…) Includes electronic Blog Compliance Agreement Form
  • BYOD Policy Template (more info…) Includes electronic BYOD Access and Use Agreement Form
  • Google Glass Policy Template (more info…) Includes electronic Google Glass Access and Use Agreement Form
  • Incident Communication Plan Policy (more info…) Updated to include social networks as a communication path
  • Internet, e-Mail, Social Networking, Mobile Device, Electronic Communications, and Record Retention Policy (more info…) Includes 5 electronic forms to aid in the quick deployment of this policy
  • Mobile Device Access and Use Policy (more info…)
  • Patch Management Policy (more info…)
  • Outsourcing and Cloud Based File Sharing Policy (more info…)
  • Physical and Virtual Security Policy (more info…)
  • Record Management, Retention, and Destruction Policy (more info…)
  • Sensitive Information Policy (more info…) HIPAA Compliant and includes electronic Sensitive Information Policy Compliance Agreement Form
  • Service Level Agreement (SLA) Policy Template with Metrics (more info…)
  • Social Networking Policy (more info…) Includes electronic form
  • Telecommuting Policy (more info…) Includes 3 electronic forms to help to effectively manage work at home staff
  • Text Messaging Sensitive and Confidential Information (more Info…)
  • Travel and Off-Site Meeting Policy (more info…)
  • IT Infrastructure Electronic Forms (more info…)

IT Infrastructure PoliciesDownload Selected Pages

10 best practices to retain millennials

10 best practices retain millennials

10 best practices retain millennials can be applied easily and favorable results will be seen quickly.

10 best practices retain millennials
10 best practices retain millennials
  1. Implement a mentoring programs – utilize social media to communicate frequently followed up with face to face time.
  2. Rotate work assignments to provide millennials with a broader range of exposure to the enterprise what is in store for them in the future
  3. Provide millennials with a flexible feed-back loop process so you know what their state of mind is. Minimize the chances for “unhappy” employees
  4. Give them time to develop their skills and career opportunities
  5. Encourage on-going education but technical and managerial.
  6. Define clear and achievable performance metrics so both you and they know what is expected
  7. Minimize stress and provide training to millennials on how to deal with stress.
  8. Balance work and personal time. Avoid situations where the 50-hour week is the norm
  9. Implement an open door policy and have managers, even the CIO, interact with all levels of employees. Manage by walking around and getting a feel for how everyone is doing.
  10. Provide opportunities for millennials to provide ideas and when one is implemented sound the praises of the employee.

Download Selected Pages

 

Growth in IT Job Market – near zero

Growth in IT Job Market – near zero

Growth in IT Job Market has come to a standstill. For the first four month of this year.  Each month this year the IT job market has not grown at all as compared to 2015.

IT job market growth slows to a 5-year low
Growth in IT Job Market

There are some new IT jobs that are continuing to be created.  However the number of this new jobs is small at best.

The CEO of Janco was quoted as saying, “There is an acceleration in the rate of slowdown in the IT Job Market.  If this continues, as we think it will, there is a probability that there could potentially be a net decrease in the size of the IT Job Market in 2016.  We will only be able to get visibility of that when we see one or two months of new data. However, we have already lowered our best case forecast for net new IT jobs for the balance of this year.”   He added, “Many companies are cutting back significantly on contractors and consultants.  That trend will continue until at least the 3rd quarter of this year.”

Order Salary SurveyDownload Selected Pages

SEnuke definition of poor service management

SEnuke definition of poor service management

SEnuke an adventure into poor service management.  We have  just spent a week of our lives working to get SEnuke – an SEO google search tool to work and have been frustrated beyond belief.

They came out with a new version that looked like the best thing since sliced bread.  Here are the problems that we encountered.

  1. Day 1 when when they launched the site was “down” in that you could not download the program.  The page said try back in 30 minutes.  It took a full day to get the download to work.
  2. When it installed, it did not uninstall the older version but left traces of it on so that “mysteriously” over the next week at times the older version executed confusing the heck out of me.
  3. The marketing material said that Captcha was included – however the SEnuke Captcha did not work for the better part of a week so that I had to purchase a service for that.
  4. When tried  purchasing Captcha, all of the listed companies did not work.  Links were to sites that were disable or not there.  In addition each of the sites had their own userids and passwords.  By the time that I was done shopping I have over 7 sets of them.
  5. The application was to create links and URLs.  It did not do that.  The help, which was via a blog forum, after two days told me I had to get the update.
  6. I got the update.  However, it could not be installed because it was classified as an UNSAFE publisher.  The certificate they had from GODADDY.com had been REVOKED.
  7. When I posted on the SEnuke forum the response I got was that I had to put an exclusion in my Norton.   I had already done that and even turned off Norton, but it still did not install.
  8. I posted that we would PAY for support to get it to work.  No response from them.

Considering they want close to $150 a month for their product it is not worth it.  Finally after almost a week of effort I cancelled the service and created this review of the product.

10 Steps to Implement Cloud SaaS

10 Steps to Implement Cloud SaaS

10 Steps to Implements Cloud SaaS
10 Steps to Implements Cloud SaaS

10 steps to implement cloud SaaS – As more CIO and other C-Level executives look have Software as a Service (SaaS) for interaction with their users, customers, suppliers, and markets there are some best practices that they should follow.

  1. Cloud How To Guide

    Evaluate the current capabilities of their IT infrastructure and application portfolio. Included in that an assessment of the competition and the state of opposing competitive solutions.

  2. Develop a roadmap with priorities for SaaS/cloud deployment. Establish who the drivers and owners of the SaaS process are.
  3. Establish clear governance that considers key stakeholders for cloud deployments. Include budgetary responsibility as well as for achieving stated goals.
  4. Develop metrics for performance and for measuring success in meeting cost and other deployment goals. Include a process for dissemination of the results in a timely manner
  5. Adopt vendor management practices to monitor SLA performance and define responsibilities.
  6. Provide active project management to keep implementation on time and on budget. Steering committees and SDM (System Development Methodology) need to be included in the mix.
  7. Plan for ongoing support, acquiring or training resources for the necessary skills, and address skills gaps. Budgets and associates service levels need to be defined before the SaaS development begins.
  8. Regularly evaluate performance and goals/metrics to ensure they are being met. Utilize every form of communication possible so the enterprise as a whole knows what the state of the SaaS activity is.
  9. Audit compliance with security and other standards and practices and privacy policies. Build compliance into the SaaS process.
  10. Ask suppliers to provide specific data and experience with cloud-to-cloud integration and performance.
Order Cloud Outsourcing Template  Download Selected Pages