Job Interview and Hiring Guide includes Top 10 Hiring Best Practices as well as best practices for the interview candidate.
Top 10 Hiring Best Practices – the Interview id critical first step in building a world class organization. The Interview and Hiring Guide provides best practices that both the candidate and the entrerprise should follow.
In today’s employment market, it is critical to make every hire count. There is little room for error. It is crucial for senior-level leadership, human resources and hiring managers to all be on the same page and do the right things.
Top 10 Best Practices for the Hiring Process are:
Know how each job supports your organization’s key objectives
Consider both internal and external candidates for open positions.
Use objective evaluation criteria based on known outstanding performers in that job.
Ensure compensation is competitive, based on current market rates for the job.
Apply a consistent selection process to filling all positions.
Include key stakeholders in your employee selection process.
Train your interviewers in your employee selection process.
Give your interviewers guidance to help them probe deeper into a candidate’s suitability.
Review public social media accounts of all candidates.
Conduct comprehensive reference and background checks on job candidates.
Ensure that your orientation process helps new hires become productive faster.
CIO Infrastructure Policy Bundle Update 2019-02 now available
CIO IT Infrastructure Policy Bundle contains 20 full polices that are easily modified to meet an enterprise’s unique operation environment.
CIO Infrastructure Policy Bundle has just been updated. It inclues both the updated Record Classification, Management, Retention and Disposition Policy and the BYOD Access and Use Policy. This is all part of the annual review process which Janco is going through for its entire product like of CIO and IT Management tools to validate they meet all of the compliance, security and privacy mandates.
The policies are all part of the overall IT Governance Model. That model addresses the issues associated with the overall processes associated the design, developement, implementation , and ongoing operation of technology in the ever changing Internet based operational enviroment.
Currently, data classification is an area that CIOs need to address in light of GDPR and CaCPA.
Each of the polices in the CIO IT Infrastructure Policy Bundle can be acquired separately. See Policy offerings.
Blog and Personal Website Policy (revised 01/2019)
BYOD Access and Use Policy (revised 03/2019)
Mobile Device Access and Use Policy (revised 01/2019)
Physical and Virtual Server Security (revised 01/2019)
Record Classification, Management, Retention, and Disposition Policy (revised 03/2019)
Sensitive Information Policy (revised 1/2019)
Travel, Laptop, PDA and Off-Site Meeting Policy (revised 01/2019)
Updated in 2018 – Scheduled to be updated within the next three (3) months:
Backup and Backup Retention Policy
Google Glass Policy
Incident Communication Policy
Internet, Email, Social Networking, Mobile Device, and Electronic Communication Policy
Outsourcing and Cloud-Based File Sharing Policy
Patch Management Version Control
Privacy Compliance Policy
Service Level Agreement Policy including sample metrics
Social Networking Policy
Technology Acquisition Policy
Text Messaging Sensitive and Confidential Information
BYOD Best Practices to ensure the security of enterprise sensitive an confidential information
BYOD Best Practices – BYOD (Bring Your Own Device) now is standard practice for most individuals working for companies. Device include everything from laptop computer to tablets and smartphones. 10 Best Practices to secure BYODs – More employees and enterprise associates are bringing their own iPhones and tablets to the office. How sure are you that they are secure. While these oersonal devices are great for employee productivity, they can introduce security risks to your organization.
Implement a formal written BYOD policy that clearly states which devices and applications are supported.
Set up a locking password on each device. Integrate password usage with wipe the phone after x number of invalid tries. At the same time have a way to restore the phone if the phone is wiped.
Implement a phone locater on all SmartPhones. In the case of the iPhone use the “Find My Phone” application.
Protect the access point of your network so that only devices that meet your stringent security requirements are allowed access to you network and data.
Implement anti-virus where possible. In the case of iPhone there is not anti-virus. That means that you email service provider needs to do the scan BEFORE emails are sent to the device.
Manage authorized applications so the contact and other sensitive data is not extracted from the device by the applications.
Utilized data encryption on e-mails and enterprise data
Utilize the cloud as a back up source
Be wary of applications like QR coder readers. They can direct the user to sites that can take control of the device.
Monitor access and data usage by device and by user. Have processes in place that actively inform management of any potential ares were the network and data can be compromised.
CIO Management Tool Kit address all of the areas presented on this blog this past month. This is a complete set of tools that every top-level IT professionals from the CIO down needs to have.
Hot Topics February 2019 that had posts and comments. The CIO Management Tool Kit is a must have. It is the foundation for IT Managers who are “World Class” performers.
IT Job Market Growth – A look back at 2018 and prior years. IT Job Market growth exploded in 2018 with over 107,000 new jobs added.
Cloud Based ERP – Cloud based ERP,projects typically increase costs, take a long time to implement and require large and specialized staffs.
Top 10 Disaster Recovery Best Practices – Top 10 Disaster Recovery Best Practices as defined by over three decades of DR and BC practice by Janco Associates. Experience is based on having operated in earthquake zones, hurricanes, and terrorist attacks.
IT organization Building Process – Over the past three decades Janco Associates and its principles have created a set of 300 IT Job descriptions that are viewed by many as the industry standard. As a natural extension of that offering Janco has documented its IT job classification system.
Top 10 Net Neutrality Issues – Top 10 Net Neutrality advantages for the general public are all centered around the factor that without it the Internet will not longer be a universally accepted standard infrastructure.
CIO Posts from January 2019 – CIO Posts are those that we know are related to the management of the IT function and how they relate to what is important.
Top 10 Disaster Recovery Best Practices every organization needs to follow
DR / BC planning requires a robust program that is constantly updated and monitored
Top 10 Disaster Recovery Best Practices as defined by over three decades of DR and BC practice by Janco Associates. Experience is based on having operated in earthquake zones, hurricanes, and terrorist attacks.
Janco’s principles created the Disaster Recovery Plan that was implemented by Merrill Lynch (ML) on 911. The plan was activated within minutes of the attack and only 52 seconds of transactions were lost. The top 10 best practices that are followed in all DR/BC plans that have been created by us are.
Focus on operations – people and process that drive the enterprise are the primary issues that DR and BC are controllable. Implementing a planning and recovery environment is an ideal time to define an approach based on best practices that address the process and people issues effectively. In the case of ML the plan was activated in the computer room while the CIO was on a plane over the Atlantic.
Have at least one recovery site in place – Before an event there need to be plans in place for not only operation of computer but also for location of operations staff. Cloud managed computer operations can work when a disaster is in a limited ares. However it is is wide ranged like a hurricane the issues can be problematic.
Train everyone on how to execute the DR and BC – People are the front line when it comes to supporting the enterprise. A staff that has not been properly trained in the use of the DR and BC when an event occurs will we hindrance. Everyone must have the knowledge and skills to provide the right support. The primary focus is to reduce downtime, it also delivers better performance and a faster ROI through better and wiser use of IT assets.
Have a clear definition for declaring when a disaster or business interruption occurs that will set the DR and BC process into motion – There needs to be a clear processes for allocating resources based on their criticality and availability requirements. This will define the “rules of the road” for who does what and when while minimizing the factors that can negatively impact enterprise operations.
Integrate DRP and BCP with change management – Changes are inevitable in any sizable environment. It is difficult to keep up with the flood of new applications, technologies, and new tools. That is why it is essential to design, implement, and continuously improve change and configuration management processes.
Focus on addressing issues BEFORE they impact the enterprise – When you are aiming to operate at the speed of business, after-the-fact fixes do not make the grade. These days, you need to anticipate trouble and head it off before it happens. It is important to identify risks across people, process, and technology so that appropriate countermeasures can be implemented. You should also make sure that vendors provide an appropriate level of support including proactive features such as critical patch analysis and change management support.
Have an Incident Communications Plan in place – The incident communication plan should cover all interested parties from customers to employees and investors.
Validate that all technology is properly installed and configured right from the start – a technology solution that is properly implemented in terms of its hardware, firmware, and software will dramatically reduce problems and downtime in the future. Proper initial configuration can also save time and reduce issues with upgrades, hot patches, and other changes.
Monitor the processes and people to know what critical – many of today’s enterprises are experiencing a capacity crisis as they reach the limits of reduced budgets, older facilities and legacy infrastructures. Space is tight. Power and cooling resources are over-burdened. Implementing new solutions in inefficient environments may limit their ability to recover from an event. An assessment that examines and analyzes the enterprises environment’s capabilities and requirements can provide valuable information to help improve efficiency.
Test often – a DR BC plan is not a static document. Things change and new individuals are involved as staff changes.
Top 10 Net Neutrality advantages for the general public are all centered around the factor that without it the Internet will not longer be a universally accepted standard infrastructure.
Only way to keep the internet open for small to mid-sized companies.
If net neutrality is not made the basis for connectivity and access, the large companies like Google, Amazon and Twitter will have a complete monopoly in their markets. Also the large carriers like AT&T and Verizon will have no incentive to create better and faster access to the Internet.
Net Neutrality is a core requirement for IT Governance and Infrastructure definition.
Creates an open playing field.
With net neutrality in place, Internet Service Providers (ISP) have do not control what passes through the devices that are used by customers to access the Internet. This means an ISP under net neutrality cannot block access, change services, or alter the flow of data simply because there is something that goes on which they don’t like.
Remain as an international channel without governmental interference.
Recently whenever there has been civil unrest, governments have taken over or eliminated access. Without small players in the space, there can be no alternative sources for access. Add to that the recent moves by the Russian government to to close down all connectivity to the general Internet in “troubled political” situations will only be enhanced without net neutrality.
Innovation is encouraged and protected with the internet remains neutral. Big companies still have the same access as SMBs or freelancers and this allows everyone come with new and creative solutions. Just look at companies that started with a video and audio attached to door bells. Now and entire new segment of the security industry has been created with “self-service” security. No longer do companies like ADT have a monopoly on that sector of the industry.
Freedom of expression is fostered.
Blogs, services, businesses, and any website that can operate legally is able to do so and be available because of net neutrality. There isn’t any censorship available as long as the content being offered meets legal obligations. If illegal content is discovered, it can be immediately reported to law enforcement officials. Without this freedom of expression, it could become easier for illegal content, such as child pornography, to become more available. If a small ISP blocked access to all and approved of such a thing, it could hamper keeping our communities safe.
Illegal activities are monitored.
ISPs, are like utilities as they provide everyone with the services they need. For example , illegal file sharing, due to the fact that each ISP is treated as a regulated common carrier.
Unlimited data is available to everyone equally.
In the 1990s, internet users had a good time being online in AOL chat rooms or waiting 20 minutes for a cool website to load. Today, there are real-time video calls. Companies like Netflix providing legal streaming. YouTube has grown into an educational and entertainment network.
Income from internet uses has moved to a subscription base.
There are certain businesses and high-use individuals who consume large amounts of bandwidth every month. Entire industries have been created that generate revenue based on service provided not access. It is like the Interstate Highway System, everyone benefits.
Competition thrives. There are numerous online streaming services that offer live TV today: Hulu, PlayStation Vue, and Sling by Dish Network are just three examples. If a customer must choose Comcast as their ISP, then these streaming services could be given a lower priority because they are rival organizations. Comcast could choose to offer the highest speeds to the networks and services it owns and slow down the signals provided by the competition. This would effectively limit consumer choice.
Free internet access is Free.
When the internet becomes a place where profitability is the primary concern, the idea of providing free internet access to those who cannot afford it goes away. Providers could charge whatever they wanted and restrict access to whomever they please. This could lead to demographic discrimination, socioeconomic discrimination, or prioritize content to the wealthiest who are willing to pay high prices for the fastest data streams.
This is an ever evolving area as Net Neutrality is not in the area of political influence. Time will only tell what will happen.
CIOs Management Focus Janco conducted a survey of C-Level executives to get a clear understanding of what CIOs are focusing their management talents
AnyConnect Windows 10 An example of a best practice for patch management and version control. An issue arose after an update by a major vendor and how to implement a best practice to have a solution in place for a critical application.
This tool kit has been updated to meet all of the EU’s GDPR mandated requirement. In addition, it now reflects all of the requirements of the newly enacted California Privacy Act and contains the Privacy Compliance Policy with its associated electronic forms and job descriptions.
AnyConnect Windows 10 fails with the newest version of the VPN client software. After a windows update we encountered a problem when we wanted to connect to our VPN.
Patch management and version control policy needs to be reviewed in light of issues like AnyConnect Windows 10 failure.
The symptoms were the service was running on the client PC (Windows 10 Pro 64 bit) and when we went to run AnyConnect, the hour class would appear but we did not get the dialog to connect to the firewall. We also noticed there was a Microsoft update that occurred since the last time we used the program.
Based on suggestions from our provider, we uninstalled the current version the program, rebooted the client and reinstalled the current version. The same problem occurred as before. We searched the internet, including Cisco’s trouble shooting suggestions. We found no solution, rather we see that there were a number of instances where AnyConnect Windows 10 failed.
The problem did not exist before the update by windows. We then did the following to fix the problem.
Uninstalled the current version of the program
Rebooted the client with a power on and off
Installed a prior version that worked on the client
Ran the program and the dialog to set up the connection came up
The program did an automatic update to the current version
AnyConnect then worked
What caused the problem
We think that with the Microsoft update some registry entry or other setting was altered or removed. The re-installation of the program with the current version did not correct the issue. When we installed an earlier version the setting was correctly added or modified.
As a best practice, versions of programs and updates should be saved. With the constant updates by both hardware and software vendors the chance of a similar problem occurring are high. When it is time to solve a problem, the vendors often lack easily obtainable solutions. In our case when we talked to our providers help desk, their repsonse was that was an interesting problem and they would communicate it to Cisco if they saw several customers with the same problem. Ergo Cisco does not know the problem exists so they will not fix the offending software.