Electronic Forms are released by Janco

Electronic Forms are now available for download

Electronic FormsJanco Associates has just released its 100 IT Infrastructure Electronic Forms .  Victor Janulaitis the CEO of Janco Associates, Inc. said, “Over 1,000 companies in over 120 countries have selected the Janco’s CIO IT infrastructure Policy Bundle with electronic forms.” He added, “Forms include all areas of IT including Disaster Recovery/Business Continuity, IT Service Management, Records Management, Records Retention, Safety Program and Threat/Risk Assessment.”

The CEO added, “Many of the best features  are that they comply with US state and federal mandates, EU requirements, and ISO standards.  Best practices are followed on all of the forms product.”

The Infrastructure Electronic Forms are delivered electronically and comes as an easily modifiable Microsoft WORD and PDF documents.  They include everything needed to implement a seamless electronic document management system which works on Smartphones, tablets, and desktops.  The forms can be acquired with Janco’s CIO IT Infrastructure Policy bundle or a as a standalone item.  Janco also offers and subscription update service for 12 or 24 months.

The CEO said, “Enterprises around the world are moving away from paper files to electronic ones.  CIO who are on the top of their games have already started this implementation.  It will only be a short time until electronic forms will be a best practice.

OrderDownload Selected Pages

Top 10 steps to an effective IT organization

Top 10 rules of the road for CIOs when creating IT organizations

Top 10 rules of the road for CIOs as they build a modern IT function.  The organizational structure must support the goals of the organization and be consistent with its culture and capabilities. Well-defined reporting structures are based on the IT and business direction; take into account organizational barriers; and consider the effect of combining or separating the functions that are targeted for change.

Order CIO Job Description
  1. Limit the span of control for professional staff that report directly to the CIO – The number of direct reports should be limited to between 5 to 7 direct reports of professional resources.
  2. Minimize the depth of the organization from the CIO to the technologists (developers and planners) from the CIO to the staff doing the work.
  3. Parallel the overall IT organizational structure to the operating structure of the enterprise
  4. Create career paths for IT specialists into enterprise operational functions
  5. Have an operational management, quality control, and customer service function that can provide direct feedback to the CIO.
  6. Integrate strategic planning, security, and business continuity planning into the overall organizational management processes
  7. Create positions within the organization which non-IT professionals can take to create bridges to enterprise operations and productivity
  8. Integrate human resource planning and training with the corporate human resources group
  9. Create an industry relations function that looks at what competitors are doing with technology
  10. Build bridges to independent IT functions within operational units to keep abreast with what pragmatic technology solutions they are building independent of the CIO’s organization.

 CIO CTO Role

Top 10 tips improve social networking security

Top 10 tips and best practices to improve social networking security

Top 10 tips improve social networking security – These best practices will improve social networking security and protect the enterprise’s social networking reputation.

  1. Educate employees – Educating employees of best practices can help improve the overall security of the business. Awareness through seminars, workshops, and other programs help educate how attackers use social media to target a brand via individual employees.
  2. Have employees use different passwords for different system – Encourage users to have multiple unique passwords. This can be support by implementing a cloud based password management system.
  3. Mandate strong passwords – Make it a requirement to have unique strong passwords.
  4. Have employees change passwords regularly – One every three or four months communicate with employees to tell them it is time to change their passwords.
  5. Do not share accounts – For social accounts that represent the enterprise only have one user per each and the linking e-mail account should be one that is in the enterprise domain and will remain with the enterprise in case the employee leaves or is terminated
  6. Implement two factor authentication – Many of the larger social networks provide two-factor authentication, commonly in the form of a code sent to their smartphone or email each time a new device or browser attempts to login to the account.
  7. Educate employees to NOT open email attachments or go to links where the originator is not known – Stress the practices of carefully reviewing URL links before clicking to make sure the company and site name are spelled correctly. Cybercriminals will often blast out links that are very similar to a real address adding, subtracting or rewording parts to differentiate them.
  8. Utilize antivirus and security software – . No matter how careful a user is, there’s always the risk of accidentally engaging with a malicious link – and just one unfortunate click can lead to months of recovery time.
  9. Don’t friend people you do not know – Companies should encourage employees to thoroughly vet a friend request before hitting “accept”. They should check to see if other colleagues are also connected to the account. If the account seems suspicious or you don’t know the individual, ignore or report the user, and refrain from clicking on any links they may have sent.
  10. Validate and verify – just because it is on the Internet does not make it true.

Order Policy Download Selected Pages

Top 10 Smartphone Features to be added

Top 10 Smartphone Features to be added

Top 10 Smartphone features to be added in the next new devices.

  1. New designs: Samsung looking at a folding smartphone, Apple face lift to phone hardware and core application
  2. Faster processors: Qualcomm has announced the Snapdragon 835, which could be installed in some premium Android smartphones from top mobile companies. Some may opt for Mediatek’s Helio X30, which has 10 CPU cores
  3. Virtual reality: It’ll be possible to plug handsets into Google’s DayDream View VR headset to watch movies, play games, or roam VR worlds.
  4. Improved LTE: LTE speeds will get a serious boost with new modem technologies. Smartphones like the Galaxy S7 and Apple’s iPhone 7 can download data over LTE networks at a maximum speed of 600Mbps (bits per second), and upload data at 150Mbps.
  5. USB port upgrade: USB-C will replace the aging micro-USB 2.0 ports in Android handsets. USB-C is extremely versatile — beyond charging, it can be used to connect mobile devices to high-definition monitors, headphones, flash drives, and external storage devices.
  6. More Wireless Audio (Bluetooth): This means the extra headache of buying and recharging wireless headsets, but getting rid of the headphone jack could result in thinner and lighter handsets with better battery life.
  7. Quicker charging: Smartphones will charge much faster with USB-C cables, which can carry more power to a battery.
  8. Smarter phones: Augmented reality smartphones can recognize objects, map out rooms, and present relevant information about objects in sight on a handset’s screen. Smartphones can already recognize images and speech recognition via online services, but deep-learning enhancements could bring those capabilities offline.
  9. Faster Bluetooth: Bluetooth 5 wireless upgrade which will have two times the speed and four times the range of its predecessor
  10. More Removable Storage – Currently, internal storage tops out at 256GB and SD storage at 512GB, but SanDisk this year showed a prototype 1TB SD card.

IT Infrastructure Policies and Procedures

One of the best ways to communicate and understand a company and its operating culture is through its policies. Designing and writing policy and communicating it effectively is an essential skill for professionals to have. By having policy carefully developed and communicated, employees will clearly know what the organization expects from them, the degree of control and independence they will have, and what the benefits and consequences are in regard to adhering to policy.

IT Infrastructure PoliciesDownload Selected Pages

ERP Job Descriptions

ERP – Enterprise Resource Planning Job Description Bundle Released

Job DescriptionsJanco has just released 15 Enterprise Resource Planning Job Descriptions in its ERP Job Description Bundle.  In Janco’s continuing efforts to make IT recruiting efforts easier, they have released this set of ERP job descriptions.  Victor Janulaitis, the CEO of Janco said, “As CIOs continue to look into the future with mobile computing, BYOD, and social networking the demand for ERP technologists is on the rise.  The 15 job descriptions included in this bundle have been created with these new requirements in mind.”

The ERP bundle contains 3 to 5 page detail job descriptions for 15 job positions including following specific ERP positions : Project Manager – ERP,   Business Analyst,   Data Architect,  Decision Support Analyst, ERP – Developer,   Functional Lead,  Infrastructure Administrator,  Master Data Analyst,  Process Owner,  Security Administrator,  Security Analyst,  Subject Matter Expert,  Team Lead, Technical Lead,  and  Trainer.   These job descriptions are fully compatible with all mandated requirements and have been updated with ISO and security compliance requirements in mind.

The CEO said, “CIO in organizations of all sizes have infrastructure they need to manage, increasing cost pressures and uncertainty in the market, at the same time they are focused on growth agendas, whatever they may be. CIOs have to leverage technology in a more effective and efficient manner to allow that to happen.  That is the driver behind the increased demand for ERP.” He added, “With the project increase in staffing in the new year, many CIOs are looking to increase staffing in ERP.  With these standardized job descriptions the recruiting process should be much easier. “

In addition to the ERP job description bundle, Janco has bundles position description bundles for eCommere, Enterprise Architecture, IT Service Management, Disaster Recovery / Business Continuity, Security, Metrics / Service Level Agreements, and a model mid-size IT organization in addition to the full set of 244 job descriptions.  More information is available on its web site www.e-janco.com on https://www.e-janco.com/jobdescriptions.html .

IT Hiring Kit Salary Survey ITInterview Guide Job Descriptions

Walmart denies hack occurred

14,600 emails addresses and passwords posted – Walmart denies hack occurred

Walmart denies hack occurred
Incident Communication Plan

Walmart denies hack occurred after email address and passwords were posted.   – Over 14,600 email addresses and plain-text passwords associated with Sam’s Club’s online store were dumped on Pastebin, a text sharing site. Walmart denied a hack occurred.

The title of the password dump said that the accounts listed belonged to the retail giant. The company which has over 650 locations across the US and tens of millions of members.

Walmart said “.. looked into this issue and there is no indication of a breach of our systems. It is most likely a result of one of the past breaches of other companies’ systems. Because customers often use the same usernames and passwords on various sites, bad actors will typically test the credentials they obtain across many popular sites. Unfortunately, this is an industry-wide issue,” said a Walmart spokesperson.

Order PolicySample Policy

That is no way to inspire confidence in the security of an enterprise’s website.

To survive an incident such as a business interruption, security breach, or a product recall, organizations need more than a successful communication strategy – they need an incident communication plan.

The overall objectives of a incident communications plan should be established at the outset. The objectives should be agreed upon, well understood, and publicized. For example, will the primary objective of the communications plan be for communications only to employees, and only during a disaster? Or is the intent to advise customers of interruptions to service? Or is it for investors and stockholders? Or regulatory agencies? Or is it some combination of these?

New York Security Compliance

New York Security Compliance Mandates added

New York Security Compliance – The State of New York announced a series of new rules strengthening cybersecurity requirements for financial firms. This is the latest in a series of announcement aimed at protecting clients, consumers and financial entities from the “ever-growing threat of cyber-attacks.

New York Security ComplianceThe Governor of New York said, “New York, the financial capital of the world, is leading the nation in taking decisive action to protect consumers and our financial system from … state-sponsored organizations, global terrorist networks, and other criminal enterprises.” Even if your firm isn’t directly subject to these new regulations, it’s safe to assume that this approach will be rapidly adopted by similar regulatory bodies domestically and around the world.

The current draft calls for the “encryption of all nonpublic information held or transmitted”, but because they tie it tightly to access control, acceptable usage policy, and data retention. Simple encryption won’t be enough to comply with the New York mandates.

To comply with New York Security Compliance mandates CFOs, CIOs, and CSOs, and firms should:

  • Implement more dynamic ways to protect data. Enterprises will need to deploy more dynamic forms of data protection that extend beyond their current systems. When the requirement for encryption and data-loss protection spans not just records and managed systems, but anywhere data can travel, traditional means of encryption and monitoring are scale able. Organizations will need to enforce granular limitations on access privileges, implement new audit systems to document data governance, and be able to remotely apply data disposition and destruction rules.
  • Tie access control and privilege management to identity. In a complex technology ecosystem, it’s no longer feasible to define access and privilege at the system, device, or perimeter. Identity is the one attribute that crosses on-premises, cloud, and un-managed services, and provides a consistent way to set, audit, and control access to confidential information. Ultimately, encryption, access controls, and data-in-use protections must persist independent of the kinds of data protected, where it’s stored, or how it’s shared.
  • Prioritize solutions to balance simplicity and security. Too often, risk and security teams have simply added new solutions to their portfolio in response to regulations and enforcement. Unfortunately, this has often created a complex, hard-to-navigate forest of tools, hurdles, and collaboration dead-ends for employees. The downside of that is it creates incentives for otherwise well-intentioned people to avoid following policy, increasing the risk of a material breach.
  • Make audit a primary concern. In the past, the requirement for an audit trail on data access was seen as an add-on. In the worst case, it was an afterthought, something built last as a reaction to risk and compliance needs. But, by thinking differently about this rich trove of data, you can improve your visibility into data use and your ability to identify dangerous behavior in advance. In many cases, you will be able to proactively stop data loss before it happens. With a strategy that protects data directly, by deploying identity-driven access controls and dynamic permissions, you can use the data from each user interaction to build a better picture of where data is traveling, and to whom.
  • Take a more dynamic approach to data protection. Adhere to mandates and be ready to tell any auditor about your enterprises ability to protect the confidentiality, integrity, and availability of your enterprise’s information.

Order Security ManualDownload Selected Pages

10 Point Checklist DR Power Requirements

10 Point Checklist DR Power Requirements

10 point checklist DR power requirements in Janco’s Disaster Recovery Business Continuity template.  The checklist addresses the issues associated with power after an event disrupts availability. It is:

  1. Electricity, water, broken wires do not mix.  Before anything else, validate that the power source and power distribution systems are dry and functional before power is turned on.10 Point Checklist DR Power Requirements
  2. Understand the minimum power requirements to be operational.   Have a clear understanding of a facility’s critical loads.
  3. Have an adequate fuel supply to operate backup power sources. Make smart fuel and technology choices, considering things such as if natural gas pipeline service were to be disrupted in your community. Make sure that you have sufficient fuel storage capacity on-site for an extended outage.
  4. Set reasonable response times for standby generator.  Frequent outages of a few seconds, a few minutes, or more, can have significant cost implications for businesses. While some other generators take up to two minutes to engage, diesel-powered generators are uniquely able to provide full load power within 10 seconds of a grid outage.
  5. Maintain your equipment and test it operations. Standby generators should be exercised periodically to ensure they will operate as designed in the event of an outage.
  6. Understand your environment and geography.  Even the best generators won’t work underwater when subjected to extreme flooding.  Check unit location for protection from flooding and ensure you use the proper gauge extension cord.
  7. Set up generators in an “open environment”. Use generators or other gasoline or charcoal-burning devices such as heaters in an open area or outside near an open window. Carbon monoxide fumes can build up and poison people.
  8. Quarterly review your load.  Know when there are any new demands or critical circuits to protect.  If you’ve added new computers or other power-hungry devices, consider updating switchgear.
  9. Meet all mandated compliance requirements. Make sure you have the proper permits and records on operations.
  10. Optionally contract for a rental power source.  Consider a rental generator power for use in the event of an extended outage.
Order Disaster Plan TemplateOrder Disaster Plan TemplateDisaster Plan Sample

10 step security

10 step security for third party access to enterprise systems

10 Setps for security in cloud Security plan10 step security for 3rd party access to enterprise systems are a must with the increased use of internet processing and use by day to day business operations.

Security and compliance are key to maintaining control of sensitive and confidential information. All of the product offerings of Janco are geared towards proving tools to help C-Level executives and top IT professionals maintain the privacy of its users and enterprise data.

Order Security ManualDownload Selected Pages

  1. Create an asset inventory and tracking to reduce the risk of network-connected assets being out of compliance with policy.
  2. Understand the cloud-based environment where all users are considered remote, and apply controls similar to how they have historically provided access to third parties.
  3. Make changes in how the organization manages and controls these various user-types by incorporating concepts such as zero-trust, network abstraction, extended identity validation and full-session recording to effectively reduce the overall risk and isolate any potential impact caused by third parties or remote user actions.
  4. Define a plan which meets the requirements for external contractors, employees, and B2B entities.
  5. Coordinate third party access plan in conjunction with their business units and develop a solid communications plan.
  6. Create rules for access using the appropriate level of controls commensurate with their given risk profiles, to include: isolation/segmentation, encryption, and federation integrations.
  7. Establish access points and rules for data availability to third parties
  8. Invest in ways to authenticate third-party users beyond simple username and password.
  9. Define metrics which address compliance variances and risks, and build an end-to-end security and risk view for the entire enterprise.
  10. Create a reporting system which track access, access violations, downloads and total usage. This should be real-time and have assigned individuals monitor and report and deviations.

Order Cloud Outsourcing TemplateDownload Selected Pages

Digital Brand Manager – Technology skills required for many mainstream roles

Digital Brand Manager hot new job

Digital Brand Manager commands a $130K to $140K starting salary

The Digital Brand Manager is responsible for the total digital image that a brand and/or enterprise presents to the outside world. They develop, implement and managing branding and marketing campaigns that promote a company and its products and/or services. He or she plays a major role in enhancing brand awareness within the digital and social networking space as well as driving website traffic and acquiring leads/customers.

As such is responsible for digital consumer experiences across the entire enterprise and its operations. The Digital Brand Manager helps a company drive growth in its brands and product lines by converting traditional physical brand management process to social media ones, and over-sees the rapidly changing digital sectors like mobile applications, social media and Internet based marketing. The Digital Band Manager is responsible for executing and evolving the enterprise’s Social Media Strategy based on performance & emerging company/consumer needs. This includes but is not limited to: channel roles, content strategy, and Social Persona Development.

Janco has created a full job description that is over 1,700 words and 6 plus pages.

The Digital Brand Manager also identifies and evaluates new digital technologies and uses Web analytics tools to measure site traffic to better optimize marketing campaigns, email marketing, social media and display and search advertising.

Order digital brand manager job description

 

 

H-1B Makes up for poor educational system

H-1B Makes up for poor educational system

H-1B Makes up for poor educational system< according to industry leaders.

Android beats Apple in application development war

Android beats Apple in application development war

Android beats Apple in application development war — Android is increasing its lead for developers, eroding the long-standing maxim of creating apps for “iPhone first.”

Career Planning Template
Career Planning

The Developer Economics: State of the Developer Nation Q3 2016 reports Android now has a whopping 79 percent “mindshare” among mobile developers, the highest for any platform the company has measured since it began its quarterly surveys back in 2010. The record comes as the mindshare for iOS has consistently tracked at 51 percent to 55 percent since 2013 (although that figure rises to 61 percent for professional developers).

Download Selected Pages

More important, perhaps, almost half (47 percent) of professional developers now consider Android their primary platform, up seven points in just six months. Apple, meanwhile, is going in the opposite direction. The number of mobile developers who consider iOS their primary platform dropped eight points, from 39 percent to 31 percent.

Both in an individual’s personal career planning and an enterprise’s staffing, promotion and compensation it is important to have benchmarks on the levels that individuals are at. To that end, one of the best objective ways to meet this goal is to have formal job descriptions and clear paths for promotion and compensation.

Top 10 Wearable Issues

Top 10 Wearable Issues

Top 10 Wearable Issues – Over 33% of all organizations surveyed by Janco have revealed they have more than 5,000 connected devices. Add to that, Cisco predicts there will be more than 600 million wearable devices in use by 2020.

These facts present a set of challenges for CIOs and IT enterprises of all sizes.

  1. Easy physical access to Data
  2. Records management, retention, and destruction
  3. Business continuity is significantly more complex
  4. Photos, Videos and Audio can be captured without anyone knowing it
  5. Instant access to outside Wi-Fi and cellular systems facilitates rapid dissemination
  6. Insecure wireless connectivity
  7. Lack of encryption
  8. Lack of formal policies with limited regulation or compliance –
  9. Software and Firmware version control
  10. Current MDM Policies Don’t Cover Wearables

Read On…

Top 10 Wearable Issues Download Selected Pages

Top 10 Security Predictions

Top 10 Security Predictions

Top 10 Security Predictions – Many organizations fail to realize the benefits of security information management due to the often exhaustive financial and human resource costs of implementing and maintaining the software. However, Janco’s’ Security Manual Template – the industry standard – provides the infrastructure tools to manage security, make smarter security decisions and respond faster to security incidents and compliance requests within days of implementation.

Top 10 Security Predictions from Janco Associates are:

  1. Over the next several years almost all of vulnerabilities exploited by hackers will continue to be ones known by security and IT professionals for at least one year.

    Top 10 Security Predictions
    Top 10 Security Predictions
  2. Robotics will take over many security operations. China will lead the way with 30-40K students training in universities with this technology. US will lag for several years.
  3. Shadow IT will be responsible for over one third of attacks experienced by enterprises.
  4. The need to prevent data breaches from public clouds will drive many organizations to develop data security governance programs.
  5. Over the long term enterprises engaged in application development will secure applications by adopting application security self-testing, self-diagnosing and self-protection technologies.
  6. Future cloud-based providers will include network firewall, secure web gateway (SWG) and web application firewall (WAF) platforms in their offerings.
  7. Identity as a service (IDaaS) implementations the focus of several new companies.
  8. Use of passwords and tokens in will drop 55%, due to the introduction of bio-metrics.
  9. A majority of IoT device manufacturers will not be able to address threats from weak authentication practices.
  10. More than 25% of identified enterprise attacks will involve IoT.

Order Security ManualDownload Selected Pages

10 best practices electronic meetings

10 best practices electronic meetings

10 best practices electronic meetings
Travel Off-Site Meeting Policy

10 best practices electronic meetings have been identified by Janco Associates, Inc.  They are:

  1. Have an agenda that is available to all attendees before the meeting
  2. Have a process to validate that the devices in use by users will work with the electronic meeting application
  3. Test the meeting technology with all attendees well in advance of the meeting
  4. Have a specific start time
  5. Be aware of time zones that meeting attendees will be in
  6. Have a dress code including background for meeting attendees to follow
  7. Send electronic invitation which require a confirmation and put the meeting in the electronic calendars of all attendees
  8. Have a common secure location where share documents are available to all attendees
  9. Record the meeting and comments for others to review if they are not able to attend
  10. After the meeting send a summary of the meeting including next steps, tasks assigned, and when the next follow-up meeting will take place.

Order PolicyDownload Selected Pages