M. Victor Janulaitis is the founder and CEO of Janco Associates. His focus and that of the firm is the management and support of IT professionals improving infrastructure. His expertise is in organizational infrastructure, security, cost control, disaster recovery business continuity; information privacy; and staff development.
IT Hiring Kit Update has just been released. It contains the lastest IT Salary Survey, the 2019 version of the Interview and Hiring Guide, and job descriptions. The kit comes in 4 editions – Standard, Silver, Gold and Platinum. Each of the job descriptions is between 2 to 8 pages in length.
The recent update includes a number of best practice definitions to facilitate recruiting. The best practices provide a proven methodology for how the recruitng process can be streamlined to maximize the productivity of the recruiting staff and increase the likelihood that only fully qualified candidates are screened , interviewed, and recruited.
IT Hiring Kit Update components all have been updated with the last few weeks. As the IT Job Market continues to tighten now is the time to get this must have kit.
The kit comes with 30 days of free update service. In addition, update subscription service can be purchased along with the core offering. The options are for one or two years of service.
The CTO of a Fortune 10 organization based out of New Year who has reviewed the latest version of the kit said that he was “… going to make the IT Hiring Kit a standard for all of the recruiting managers and CIO in the divisions of his company.” That is high praise indeed.
With the added components all available in eReader format, this kit is portable and mobile to address the everchanging technology environment. For example all of the job descriptions can be viewed on tablets and smartphones. With that option the need for paper copies is minimized.
PCMatic Support Poor at Best, when you have an issue they have no user forum, no real knowledge base to query, no on-line chat, nor a tech support phone number.
We tried the Pro version of PCMatic and found it an interesting solution to the protection arena.
When we had a problem with another program and added to the white list. That did not make any difference. That we found strange. Let me explain.
PCMatic Support should implement polices on Patch Management, version control, and service desk support.
We could install the other program (DriverSupport.com) and add it to the white list. All went well until a reboot was required. PCMatic just REMOVED the whitelisted program. We sent 3 help requests that respond with ROBOTIC canned answers that do not answer the question of how to get around the issue.
There is NO link to a follow-up area, there is NO phone number listed of who I can talk to, and there is NO user forum where I can ask if another user has solved the problem. The only solution that I have is to request a refund.
This is the WORST customer service we have seen yet in the virus protection arena. PcMactic prides itself as being all U.S. made and suppported. They might as well be in India, at least there someone will talk to you.
AVOID THIS PRODUCT IT IS NOT WORTH THE TIME TO MAKE IT WORK. They should spend more on technical support and less on TV ads
Top 10 Interview Best Practices – In every employment market, candidates need to say yes when they are offering a position. It is up to the company and its recruiters to create an environment that will assure that when they provide an offer it is accepted.
Top 10 List
Here are the top 10 things that recruiters need to do when they are hiring.
Top 10 Interview Best Practices is just one of the many tools contained in the Interview and Hiring Guide
Make the right first impression. Job candidates know to put their best foot forward, but companies in hiring mode can forget to do the same. That includes everything from seeing that the office receptionist greets the candidate and treats them with respect, to company employees smiling and saying hello as the candidate walks to and from the interview. Creating a recruitment-friendly atmosphere is the job of the whole company. You should never underestimate how important a compelling company culture is to the overall hiring process.
Have a complete and accurate job description. If the position is not clear to the hiring manager, they will not be able to explain it to the candidate. The description should have a good summary that is posted or placed in the ad in addition to the full one which would be understood before the interview starts.
Have the candidate review the job description before the interview. if the candidate knows the roles and responsibilities of the position they will be much more likely to provide a better picture of how they could fill the role.
Communicate to the candidate what the interview will entail. Let the candidate know that they will be spending x time in the interview. If there is any testing of any sort they should be aware of that especially if there is a personality or physiological testing process.
Be prompt. if the interview is scheduled for 3:00, start it at that time. Have a replacement interviewer ready in case the scheduled recruiter is called away for any reason.
Allow no interruptions. Focus on the candidate. Turn off your cell phone and email notifications. Put your office line on Do Not Disturb. Do not have anything between you and the candidate like a computer display.
Prepare for the interview. Know who the candidate is and have a set of questions ready to be asked.
Have materials to be provided to the candidate available. If the recruiter is going to provide any materials see that it is on hand. Put a post-it note on the materials with the candidate’s name on the materials. That will show the candidate that they were important enough to cause the company to have materials pre-prepared.
Be enthusiastic. he recruiter should be positive and enthusiastic not only about the job that is being filled but also about the company.
Provide a set of next steps at the end of the interview. Tell the candidate what will happen next and when. Do not take too long to decide on hiring or removing from consideration and or schedule a follow-up interview.
Chief Compliance Officer Job Description Just Updated
Chief Compliance Officer Job Description is critical in the recruiting process for an effective CCO. The individual must have a broad vision and perspective. Additional skills enable him/her to function in the ‘global’ regulatory environment. This requires that they consider many key factors to ensure the success of the compliance management processes.
C-Level executives are continuously looking for help in preventing fraud and protecting sensitive information. The fact that key corporate executives carry personal liability in the event of non-compliance virtually ensures compliance to be a key initiative in any large organizations.
Role of CCO
The Chief Compliance Officer oversees the Corporate Compliance Program, functioning as an independent and objective body that reviews and evaluates compliance issues/concerns within the organization. The position ensures the Board of Directors, management and employees are in compliance with the rules and regulations of regulatory agencies, that company policies and procedures are being followed, and that behavior in the organization meets the company’s Standards of Conduct.
Janco’ detail CCO job description provides afocus on these key factors. It offers a strategic and top-down view of this important new function. It defines how the CCO can materially assist the enterprise in establishing a function with an aggregate view of Governance, Risk Management and Compliance. They need to replace the highly fractionated structure that was typical of previous risk and compliance functions that functioned at mainly the tactical and operational level.
The job description is 2,000 words in length and takes up six packed pages of job requiurements.
Compliance Management Team
The Compliance Management Team serves as the focal point for compliance activities. The team typically is composed of persons of high integrity, having other duties that are not in conflict with the compliance goals.
Coordination and communication are the key functions of the Compliance Management with regard to planning, implementing, and monitoring the compliance program.
Blockchain Job Description for developers is now available for download. Janco has identified 25 specific accounatabilities and responsibilities. The job description is over 3 pages in length is almost 1,000 words.
The Blockchain Developer is responsible for developing innovative solutions to challenging problems. This includes command and control as well as high integrity solutions. The individual performs complex analysis, design, development, testing, and debugging of computer software. Scope includes distinct product hardware or technical service lines of businesses. They perform software design, operating architecture integration, and computer system selection. In addition they operate on multiple systems and apply knowledge of one or more platforms and programming languages.
Over 25 specific accountabilities are defined in the job descrtiption. Below are 5 of them:
Blockchain Job Description is over 3 single-spaced pages and almost 1,000 words in leght. It, along with over 300 other IT releated job descriptions are available for immediate download
Design groundbreaking software products with an eye toward compliance.
The subject-matter expert (SME) for the Blockchain applications including a knowledge of the top partners that make up our Blockchain segment globally.
Own the execution of the strategic plan for each market segment, which includes aligning with partner development managers who manage our top technology and consulting partners focused on Blockchain, maximizing influenced revenue driven with and through partners
Working with partner development managers, build C-level relationships with our top partners and generate interest in new programs focused on DevOps/Tools
Represent the partner strategy for Blockchain to our internal and external stakeholders including the sales teams as well as media coverage and industry events focused on the Blockchain segment
The full list are contained in the job description which can be purchased separately or with the full set of IT job descriptions.
Top 10 Security Management rules are defined in Janco’s Security Manual Template.
Top 10 Reputation Management Rules are defined in detail in Janco’s Security Manual Template.
Without constant vigilance, your company is vulnerable to attack. The first step to take is to assess your current security stance, then make a plan to increase security with proper best practices and technologies.
Top ten commandments of security management for CSOs, CIOs, and IT Managers
Limit access to information to those who need to have it. People can’t misuse information that they don’t have.
Conduct frequent and deep security audits. Identify who has access to what – and how their actions could weaken the protection of valuable data/information.
Set limits to information access. Do not exclude all information from access – data exclusion locks down access. Limits set authorizations so specific people can do specific things under specific circumstances.
Limit administrative rights to as few individuals as possible. Very few individuals need them to do their jobs.
Ignore organizational hierarchy when setting access capabilities. Access and authorization should be based upon responsibilities, not position.
Make Security Invisible. Minimize extra commands, screens, pop-ups for employees; if an action is allowed, just let it happen.
Analyze Security End back doors. Compliance logs reveal threat patterns, and show how security steps are hurting productivity.
Monitor information access and updates. User-initiated application information updates can invite vulnerabilities.
Educate everyone on security policies and procedures. The more that people know about the rules the better
Make security best practices the watch word for everyone. IT and the general workforce must address the constantly changing nature of security breaches.
Security Manual Template
Security Policies and Procedures Manual for the Internet and Information Technology is over over 230 pages in length. All versions of the Security Manual template include both the Business & IT Impact Questionnaire and the Threat & Vulnerability Assessment Tool (both were redesigned to address GDPR, CaCPA, ISO, Sarbanes Oxley and CobiT compliance).
GDPR Compliance is at risk with 3rd Party providers
GDPR Compliance Management is more complex with the increased use of 3rd Party providers
Security and GDPR Compliance risks from third parties are on the rise. A security compliance study found that 56 percent of companies admitted to a security incident caused by a third party.
With GDPR now in place, security of third-party vendors and consultants is more important than ever. Their security failure will impact your company and could result in a breach of your data.
So how do you approach third-party security in a GDPR world? The first step is to know who your vendors are and other outsiders with access to your network. These tiers are based on the level and volume of data they have access to, determining which are the most critical. Companies need to know who has any access to their data and get an accurate understanding of exactly what information they can access, why, and how often. With this information in hand, you can then develop an accurate response plan.
GDPR compliance plans should also take into consideration all of your third-party vendors. Thus, when establishing a dedicated Data Privacy Officer (DPO), that person will help the company meet GDPR requirements and should keep tabs on third-party practices and data systems as they affect your business. Lunetta added:
To support the DPO with additional expertise on making decisions such as, “We need X solution to address Y compliance/security requirement,” it’s imperative for IT security teams to conduct regular self-assessments for uncovering gaps and determining options for remediating them.
Some tips for ensuring that your third parties are staying in GDPR compliance:
Address cybersecurity governance because while it’s one thing to invest in security solutions that help address personal data protection, it’s another to use them in a manner that is also GDPR-compliant.
Access Policy Governance – Having robust access controls isn’t good enough to comply with GDPR. Instead, you also need a set of policies that can be defined, implemented and enforced around how your enterprise controls access to personal data.
Pay attention to privileged. Users, such as systems administrators, can circumvent standard controls inside of an application or a database. Identify those users, establish governance controls, and implement enforcement mechanisms through technology solutions such as network access control.
U.S. Job Market continues to improve. There now are 36 states (including the District of Columbia) that have an unemployment rate that is 4.0% or lower. That is one more state than in the prior month.
U,S. Job Market – the unemployment rate continues to hover around 3.8% to 4.0%. The current rate is the lowest it has been in several years.
Looking at the data for individual states for a year to year comparison, the picture is even brighter.
Only two states of the states with low unemployment rates, have higher unemployment rates this than last. Those are Coloarado and Hawaii.
Hawai was at such a low rate last year that the shortage of workers slowed the economy there. The fact that it is an island only magnifies the issues it has to deal with when it low unemploymnent and high unemployment.
Janco continues to monitor the U.S. Job Market and the IT Job Market continually. To see this analysis as it is updated look at the Employment Data on Janco’s main web site.
10 Point Power Checklist Disaster Recovery and Business Continuity
10 point power checklist that adddresses the issues associated with power after an event that disrupts a network, availability of power to recover and run the network often is critical.
10 Point Power Checklist Disaster Recovery and Business Continuity needs to be incorporated into the disaster recovery – business continuity plan. The Disaster Recovery Business Continuity template contains many checklists and best practices to follow. The checklist includes:
Electricity, water, broken wires do not mix. Review all electrical and plumbing plans in detail.
Understand the minimum power requirements to be operational.
Have an adequate fuel supply to operate backup power sources. If the outage lasts for more than 30 days will the faciulity be ale to continue operations.
Set reasonable response times for standby generator.
Maintain your equipment and test it operations. Test at least once a quarter and review supplies on hand.
Understand your environment and geography.
Set up generators in an “open environment”. Carbon monoxide fumes can build up and poison people.