10 Things to do to Increase Your Chance of Getting a Raise
Growth of IT job market continues to slow down and many companies are reducing target raises in their new budgets
What are the ways that IT Professionals can get an increase in compensation? The easiest way it to get promoted to a senior management position, but many technologists do not want to do that. Unfortunately, that is often the only avenue in many companies.
But what if you enjoy the technical aspects of the job and don’t want to move away from that? Here are some things you can do to boost your salary in the position you’re already in:
- Stay ahead of the crowd with technology – Be aware of what is new and what is hot. If you are the first one there with a technology or solution you will show your value. However you want to be able to apply the technology to a business issue
- Get a certification – With a certification you typically gain addition skills which have value if that is an area that your CIO is moving
- Use the latest technology and tools – Do not depend on your employer for everything. When the new technology comes out get it and use it.
- Provide peers with insight and training on your area of expertise – Share with others your insight and knowledge. When your manager sees you doing that it only increases your value in their eyes.
- Fit into the organization as a team player– Do not be a loner join in with other IT staff members and go out after work and have a relationship that goes beyond the office
- Be a focal point in your area of technical expertise – Create an on-line presence. Soup up your Facebook, Twitter, LinkedIn and social media presence with affiliations with some prestigious companies and technical organizations. Create your own blog in which you write about technical issues that you are an expert in. Contribute to on-line tech publications and blogs.
- Market your skills – Create a blog. Blogs not only showcase your knowledge, but search engines like the frequent stream of fresh content. Give speeches. You can do this in tech organizations that you belong to. Send speech topics to event organizers and maybe they’ll take you up on one.
- Network with IT Pros in other organizations that have the same technical responsibilities – This is also a great way to learn what is hot and what is not. In addition this can lead to learning what others in your field are getting paid
- Make users love you – Many tech pros consider it a good day if they don’t have to interact with anyone. But if you’re willing to help end-users with the software (addressing problems but also training them how to use it), you become the go-to person and your name that floats into conversations most often. Being the company expert on an application does make you more important.
- Keep your ear to the ground and listen to where the CIO and company are moving – If a company is moving into unknown territory (like the Cloud and BYOD), management will want to learn everything they can. If you’ are the person who can answer all the questions, you’ll become prominent on the radar screens, and thereby raising your professional profile.
10 Hiring Traps to Avoid
Far too many IT hires simply don’t work out. according to industry research, 46% of entry level hires do not make it past their first 18 months of employment, .And 22% of turnover occurs within the first 45 days on the job. These failures come at a high price: The cost of a bad hire can range from 1.5 to 3.5 times the salary of the job in question. Clearly, this is something you’d like to avoid.
But too many CIOs fall into the same, classic traps that keep them from making good recruitment decisions, according to Janco Associates. These mistakes demonstrate that optimal hiring practices require managers to walk a fine line. You can’t do it all on your own in interviewing and evaluating, for example. And, yet, over-delegating will hurt too. You want to come up with a system of measurables. But, then again, many necessary qualities are purely subjective calls. To help lend guidance, here’s Janco’s list of ten common mistakes made – and how to avoid them:
- You’re Too Dependent upon HR – HR doesn’t understand your department and/or hiring needs like you do.
- You Make Your Designated Department Hiring Manager Autonomous – No one person – even a trusted supervisor with a strong IT background – should call “all the shots” in who gets the job.
- You Fall into the “Pretty Face” Trap – Whether men or women, attractive people are associated with professional competence. But it ain’t necessarily so.
- You’re Easily Swayed by the Gift of Glib – Slick talkers will ace interviews. But charm alone won’t bring your IT projects in on time and within budget.
- You Accept Hypotheticals During Interviews – In discussing a candidate’s work, push them to come up with real challenges/solutions they’ve conquered.
- You Go on Interview Autopilot – Even if there are many applicants to bring in, you must conduct each conversation with an in-depth approach.
- You Fail to Make the Grade – Instead of simply jotting down overall impressions, give each interviewee a numerical rating or letter grade to establish a sense of rank.
- You Fore-go Collaboration – Group interviews and exchanging notes after one-on-ones is a sure way to gain a consensus of perspectives.
- You Try to Quantify Everything – Metrics alone can’t measure the total value of a potential employee. You need to cultivate a “good gut” that makes the right call after thorough screening, interviewing and reference checking.
- You Never Look Back – Instead of hiring people and moving on, evaluate how well your department has hired in the past to assess how to improve.
20 Most Common Words Used in Phishing Attacks
A new report from a cybersecurity company that analyzes how malicious files get past traditional defenses also includes a helpful list of the most common file names and extensions being used in phishing attacks.
If you order anything to be shipped, whether for work or home, be careful of where your confirmation and tracking e-mails come from. The Security company’s report says that, between the second half of 2011 and the first half of 2012, words related to shipping grew from 19.2 percent to 26.3 percent of phishing e-mails, with “label” and “invoice” being the most common.
Another tactic on the rise is sending e-mails that try to create a sense of urgency, which grew from 1.72 percent to 10.68 percent of the e-mails, the report said.
The 20 most common words in use in the first half of the year, and the percentage of phishing e-mails in which they appeared:
Security Breach on White House Nuclear Computer Data Base
White House sources partly confirmed that U.S. government computers — reportedly including systems used by the military for nuclear commands — were breached by Chinese hackers.
“This was a spear phishing attack against an unclassified network,” a White House official told FoxNews.com. “These types of attacks are not infrequent and we have mitigation measures in place.”
A law enforcement official who works with members of the White House Military Office confirmed the Chinese attack to FoxNews.com on Monday, but it remains unclear what information, if any, was taken or left behind.
“This White House Communications Agency guy opened an email he wasn’t supposed to open.”
Security incidents are rising at an alarming rate every year. As the complexity of the threats increases, so do the security measures required to protect networks and critical enterprise data. CIOs, Data center operators, network administrators, and other IT professionals need to comprehend the basics of security in order to safely deploy and manage data and networks.
Securing a typical business network and IT infrastructure demands an end-to-end approach with a firm grasp of vulnerabilities and associated protective measures. While such knowledge cannot stop all attempts at network incursion or system attack, it can empower IT professionals to eliminate general problems, greatly reduce potential damages, and quickly detect breaches. With the ever-increasing number and complexity of attacks, vigilant approaches to security in both large and small enterprises are a must. The Security Manual Template meets that requirement.
CIOs drive productivity
Looking ahead, managers and CIOs in particular have a focus on productivity. That not only applies to the IT staff but to all of the users of IT services. Here are a few things to take into consideration when trying to raise the level of productivity.
- Create a pleasant environment both in the office and the online environment
- Keep your employees and users happy
- Assign clear service levels, responsibilities and accountabilities
- Review all of your employee and user requirements and see they are met
- Communicate with everyone in coordinated way
- Encourage and motivate employees and users to work as a team
- Set realistic targets for what is to be accomplished
- Have clear plans in place and follow them
- Focus on results versus meetings and paperwork
- Train everyone – often even if repeated
CIO Role Defined Read On…
High Availability is when A machine that can immediately take over in case of a problem with the main machine with little down time, and no loss of data. Often this is an automated process. For this task many companies are using clustering software and storing your metadata and versioned files on shared storage. The metadata should be on a fast/local SAN and the versioned files can be on either SAN or NAS for this setup. Since the data is on shared storage that can be moved between the two nodes of a cluster, no replication is required, and fail over and fail back can easily be handled by the clustering software.
Disaster Recovery is something intended to take over in the event of a (surprise) disaster at the main site. Things like Recover Point Objective (RPO) and Recover Time Objective (RTO) come into the discussion and replication is definitely involved. There is an expected amount of data loss (RPO) expressed not in amount of data, but in an amount of time. For example, you might say that you expect to lose no more than one hour of transactions on your Perforce server if you fail over to the DR site. The RTO is how long you expect the it to take to get the server up and running at the DR site. That can be a longer period of time than the RPO since other factors are often involved like changing DNS entries, etc.
Data Center disaster recovery strategy – options
A critical component of a disaster recovery business continuity is the data center disaster recovery strategy — Hot Site, Warm Site, Mobile Facilities, Cold Site, Reciprocal Agreement, or Cloud — Which to choose and why
A hot site is a full or partial duplicate for a primary IT operation, including complete computer systems and near-real-time backups for systems, applications and data. In its most expensive form, mirroring software is used to keep a hot backup site and a primary site synchronized. They typically are duplicates of existing data centers.
A warm site is a hot site minus data replication. That is, a warm site offers access to space, utilities and equipment, but requires current backups be installed, and systems and services brought online to become operational. A warm site may be a complete duplicate of an original site, but will typically provide only a subset of mission-critical equipment, services and data.
An offshoot of a warm site is a mobile site that consists of trailers that are pre-configured to meet requirements and are flown in, moved by truck are set up in predetermined locations around the country where they can be activated during an emergency
Cold sites which are empty facilities, such as trailers, warehouses, open space in existing data centers specially equipped for emergency use; or simply empty buildings that are wired for power, communications and HVAC but are empty. The cost model for each is quite different.
The cloud does work well for some mission critical applications. This includes web hosting for public applications and corporate e-mail. Other applications can be run via the web but there would be serious security concerns for sensitive information.
Pandemics – an overview of how and why they occur every few years
Pandemics are a concern. According to Centers for Disease Control and Prevention (CDC), nearly 40,000 Americans die annually from seasonal flu. And most experts agree that the human race is long overdue for an influenza pandemic far more deadly than the H1N1 pandemic of 2009–2010. The threat from Mother Nature goes far beyond the flu. In disaster planning when a pandemic occurs the data center exists but people often are in separate locations. The Disaster Planning and Business Continuity Planning processes need to make the user and business operating experience is as similar as possible so that the work environment is the same in the remote site (often home) as in the office.
With the recent interest in pandemic and health emergencies like the West Nile Virus a greater number of companies are now starting to question if their disaster recovery and business continuity plans are up to the tasks they are designed for. With that in mind it might be good to understand how and why pandemics like the avian flu occur in cycles.
In the last 100 years there have been four major flu pandemics. They occurred in 1918 (over 50 million people died world wide), 1957, 1968, and 2009. The primary drive was antigenic drift or shift as the virus as just different enough so that the general population was not immune to it.
This drift or shift is why it is important for the general population to have a large enough group of individuals who get inoculated each year for the flu. As companies create their disaster recovery and business continuity plans one of the factors they need to include is a review of who is and who is not inoculated.
This is especially when look at overall potential coverage if such an event should occur.
Internet Costs are Too High – Open Market Makes US Costs Highest in the World
In his new book which covers communication and Internet costs, The Fine Print: How Big Companies Use ‘Plain English’ to Rob You Blind, Pulitzer Prize-winning reporter David Cay Johnston highlights these astounding facts:
- Americans pay four times as much as the French for an Internet triple-play package—phone, cable TV and Internet—at an average of $160 per month versus $38 per month.
- The French get global free calling and worldwide live television. Their Internet is also 10 times faster at downloading information and 20 times faster uploading it.
- America has gone from #1 in Internet speed (when we invented it) to 29th in the world and falling.
- Bulgaria is among the countries with faster Internet service.
- Americans pay 38 times as much as the Japanese for Internet data.
Since the mid-1970’s when Ma Bell was cited as holding a monopoly over phone service, Americans have been told more competition would lower their phone bill. But the promise of lower prices has actually led to higher prices, says Johnston.
The best companies, and their CIOs, recognize the importance of ready access to the right information to drive the right choices between different variables.
There will never be a time when IT directors can, but with the economic turmoil of today concerns are extremely high. On the security front, internal and external threats are on the increase, especially as the enterprise boundary continues to increase with the growth of mobile and wireless based applications. Keeping the business operating in the face of existing economic conditions, security threats, whether against the systems themselves, or against the business and the environment in which it operates is part of any CIO’s basic role.
The top ten concerns are:
- Budgets – Budgets have never been tighter. Since the dot com bubble burst where IT budgets were pared to the bone, organizations are striving to keep a really tight control over them, even though they still need innovative IT to keep ahead of the competition. Smart CIOs are seeing savings through standardization of the IT infrastructure so new systems can be financed without increasing budgets.
- Staffing – People are an organization’s most valuable asset. For CIO they are not only the most valuable, they are causing the most headaches as well. Recruiting, managing and training staff are the most pressing concerns for CIOs
- Security – Internal and external threats are on the increase, especially as enterprises continue to increase the growth of mobile and wireless based applications. Keeping the business operating in the face of threats, whether against the systems themselves, or against the business and the environment are a major component of CIO’s role.
- Compliance – Security and compliance work together for CIOs as many governance and compliance regulations were spawned from risk management and directly affect security. For many companies regulatory compliance is now part of everything they do. This has allowed the CIO to understand exactly what resources and processes an organization has and to increase efficiency and throughput as a result.
- Resource Management – Managing time and resources are a major concern for CIOs. Enterprise management now demands more efficient working. CIO now are now using more of their time and resources they used to spend on legacy maintenance on more produce to manage critically short supplies of resources.
- Infrastructure – Updating technology infrastructures and keeping the backbone of an organization’s IT up to date is another top concern for CIOs.
- Business Alignment – Keeping IT strategy in line with business strategy is something at which CIOs have become masters but it is still one of the areas that causes a lot of work and is resource heavy.
- Managing Users – CIOs must prioritize the needs of their users and customers. Dealing with users while improving the quality of service for users is a constant for all IT departments. More CIOs are putting metrics in place to see just how well they are doing. Excellent customer service and cost effectiveness in driving the business forward are the two overlying themes for many businesses. The aim is to lift the bar on customer service, on cost effectiveness and on the capabilities of service offerings and people.
- Managing Change – The fast moving pace of technological innovation means change is a guaranteed part of the CIO’s role. But the way they manage its effect on the business is more critical. Arguably, the most significant management issue that CIOs have to face this year is change management – business process change, changes in organizational cultures and how they affect people are very high on the CIO’s agenda.
- Organizational Politics – To manage change and integration effectively, CIOs need the support of their senior management team. The success of change management programs and the contribution IT can make to those depend heavily on the support and drive of senior managers. If the CIO lines of report – CEO, CFO or COO -understand the power of transformational IT investment and if a CIO can educate and communicate what is possible, IT should be a key enabler for business and process change. Many companies are going through massive change and integration programs, all of which need board support to succeed.
10 point checklist for disaster recovery
HR, Legal and Media Communications Disaster Recovery 10 Point Checklist
A list of 10 questions to rank how comprehensive your organization’s processes are around disaster recovery and business continuity plans.
- Is there a consistent security, safety, and HR approach across all service areas and lines of business?
- Is there a business continuity champion within
- Legal Department and
- Media Communications
- Do you regularly involve, brief, and train staff on the organization’s business continuity plans?
- Is a Social Media channel established?
- Has this been communicated to everyone with the enterprise?
- Have pre-approved messages been written for each stage of the recovery process?
- Do you have an enterprise information line or HR incident line?
- Have your response plans considered duty of care and reputational implications?
- Does your plan include cross-training of both in-house and out-house staff?
- Do you have a detail organization chart with job descriptions, role definitions, and responsibilities for all major and minor participants during the recovery process?
- Are responsibilities and succession planning defined in the plan?
- Is it clear how communication with staff will be handled?
- Does your plan cover common people-related impacts, such as unavailability of key players?
- Do you review all enterprise policies to consider whether they will hold up during a crisis?
- Have you considered how you will deal with staff with special needs requirements at any disaster recovery center or alternative site?
- Is all staff contact data, including next of kin, current? Is it updated at least quarterly or when there are staff changes?
- Do you have a process for locating staff to ensure that they are safe?
- Have you reviewed your travel and purchasing policies to accommodate the need for flexibility during and after an incident?
- Does your testing go beyond a regular disaster recovery – business continuity tests?
- Do you have sufficient flexibility in contracts to deal with the need for change of location, extended working hours or other changes to working terms and conditions?
- Do you have established methods for monitoring threats and receiving government advice, for example, for pandemics?
Score one point for each area and sub-point covered in your plan. Deduct one point if it is absent and score zero if you don’t know! Ranking Matrix scoring table:
- 0–15 points – Revisit your disaster recovery business continuity plan retest your plan on a quarterly basis.
- 16–20 points – Work on improving your plans implementation and retest your plan on a semi-annual basis
- 20+ points – Review and retest you plan at least on an annual basis
10 States Have Unemployment Rates over 9%
In the latest release of state unemployment rates there are 10 states which stand out because of their high levels. Included are states with large populations. This does not bode well since the number of jobs that need to be created in this states is very high. Included in this mix of states is California, New York, Illinois, New Jersey, and Michigan.
These states are offset somewhat by 11 other states that have levels lower than 6%. That is not to say that 6% is an acceptable unemployment level, however if it were there for the rest of the nation we would be out of the recession
In this environment hiring can be a challenge. Background checking and work history references are difficult at best. The job interview remains key to assessing the candidate’s fit. The job interview remains the tool you can use to get to know your candidate on a more personal basis. The job interview process helps other employees “own” the new employee who joins your organization.
Maximum Tolerable Period of Disruption
CIOs, CSO’s, BC Managers constantly will work to improve their restoration point objective (RPO) and also recovery time objectives (RTO) by means of performing fast, non-disruptive backups, in addition to by performing data rescue. All comprehensive data safety solutions involve many criteria and contingencies.
Here are examples of the things that can fail with your data as well as backup requirements that must be addressed:
- Accidental or malicious removal of critical data – Requirement that provides enable you to quickly and easily get back individual files and folders.
- Data that is displaced or corrupted over a period of time – Requirement to spin back individual records to renovate database corruptions. The ability to get back data from any previous moment in time, and have it as granular as is feasible.
- A crashed disk – Requirement to recoup a disk volume takes a different approach than recovering a single file, but it really should be done just as promptly, and with automation to help keep operational disruptions to the minimum.
- A server failure – Requirement to bring back operations when replacing a broken server may just be complicated by the desire to install different drivers within the new system if the hardware is not an exact match. It helps to get the capability to move the coating workload to a standby server (with completely different hardware) or virtual server while system is being exchanged or repaired.
- A local or local disaster – Requirement as you lose an entire company to fire, flood, and other disaster, have a newly released copy of your important info in another location that is certainly outside the disaster area.
- Remote offices and side branch offices – Requirement to undertake a process in place to with minimal technical assistance as remote and branch offices often would not have the luxury of experiencing an on-site technical resource to help you in backups and restores.
- Resource-intensive backup processes – Requirement frequent and even continuous backup which is not resource-intensive.
- Security breaches – Necessity to secure data. If moving data between internet websites, it needs to be protected from potential stability breaches. A breach involving data security, whether actual damage is complete or not, can be devastating towards your company’s reputation, as dozens of great enterprises and government agencies have found in recent years.
Cloud disaster recovery business continuity
When looking for cloud providers of Disaster Recovery and Business Continuity Services you need to establish that they will be there when you need them. Each of these factors should be included in your selection process.
- Has the provider done this before and does he have a team in place the deals just with disaster recovery and business continuity
- How do other customers conduct test of their disaster recovery business continuity plans
- How have other customers of your size activated their plans
- Is there sufficient capacity to handle multiple customers at the same time during an event
- How does the provider manage their capacity for computing, communication, and storage
- How is or will your remote access be achieved for your recovery processes
- What is their disaster recovery fail-over plan
- Data center(s) should be reviewed for security, location, redundancy and fire suppression
- Service level agreements need to be reviewed
- Staffing capabilities and availability needs to be reviewed.
Many companies now are including cloud disaster recovery process in their business continuity plans. Janco has found that disaster plans that include the cloud if done well will simplify and improve the success of the recovery process. Here are 10 things to have on your cloud DR checklist.
- Have multiple providers and validate that the physical location of the providers is significantly different than you primary facilities – That being done, have ways to connect to the provider when your facility is unavailable to your companyPrimary applications that need to work immediately are:
- Web sites
- Rank business application on importance — which ones and how soon they need to be available — DR plan should initially include contingencies only for those applications absolutely needed to keep the company running based on length of the outage
- Do not depend exclusively on electronic copies of software and data, maintain physical copies of critical applications and software – Do not forget about serial numbers and passwords without them you will not be able to operate.
- Have clear definition and contracts in place before the event which state vendor’s DR capabilities and promises. Know what provisions it has for disaster recovery and fail-over – and what the promise times for service restoration are.
- Test all mission-critical applications with vendors – Contracts and DR guarantees are not enough, plan for at least an annual test of the entire DR and fail-over procedure — use the vendor’s data center as if it were your own. Validate that your company will not be crowded out by a “more important” customer
- Utilize the cloud’s strengths including on-demand availability for compute, storage, networking, and technical support resources. Pay only for what you use.
- Leverage private cloud and tools with which you can quickly replicate operating systems and applications for purposes of DR and fail-over.
- Include redundant communications channels – in communications include multiple lines with a mix of data communication topologies to lessen your DR risk.
- Plan cloud DR for separate geographies – most enterprises are in multiple geographies should have cloud and data center DR and fail-over strategies that enable easy transitions to alternate sites in different geographical locations if a major catastrophe strikes a particular area.
- Have trained personnel and documentation at remote DR/fail-over sites – you want to have access to people who are knowledgeable in your systems at these sites so you can avoid flying people in.