What has made the world more complex is the fact that organizations are now presented with three different platforms for their disaster recovery strategies: physical, virtual and cloud. Each platform has its own unique challenges and benefits. Some organizations will opt to keep purely physical, others will add virtualization while many will embrace all three.

Ultimately the success of any company's backup and DR is based on the availability of its systems and data and the impact that downtime has in terms of lost revenue and lost customers, regardless of the environment data and systems are held in. Using multiple different solutions to manage data across physical, virtual and cloud environments makes this process unnecessarily complicated and risks wasting valuable time and resources.

For most small to medium size businesses, a service's success is underpinned by its ability to deliver ease of use, cost effectiveness and flexibility, and by its ability to implement measures quickly enough to affect a near immediate positive impact. Both cloud services and virtualization can do this, so the future is bright. Managed in the right way, from one central, easy to use solution, they can offer businesses the ultimate backup and disaster recovery protection, ensuring that business continuity becomes easier to manage.

For IT managers, Janco encourages them to compare their backup and DR practices against their counterparts.

Every organization needs to identify and develop mobile security policies to be deployed which will provide adequate protection. The level of protection has to be aligned with the level of risk that your organization is willing to accept. These policies should ensure that the many regulatory or compliance concerns that might be applicable are addressed.

Only by a partnership of information technology (IT), human resource (HR), finance, and legal teams - working closely with your executive team and business unit managers - can determine the exact corporate liable and/or individual liable policy that best fits your company, meets its financial goals and objectives, and takes into account security, legal, regulatory, tax, or other requirements and considerations that may uniquely apply to your company and its operations.

Janco has found that consultants and contractors are starting to be hired again.

The salary survey is updated twice a year; once in January and then again in July. You can get a free copy of the full survey if you provide 10 valid data points and use a corporate email address. Free email accounts like gmail or yahoo do not qualify as we have no way to verify the accuracy of the data provided.

The report is updated twice a year, once in January and second time in July. The unemployment data on this page is updated at least once a month and is based on the Bureau of Labor Statistics data.

    

• iPhone and Tablet are here to stay
• CIO and IT department no longer are in control of how technology is used by you enterprise
• There will always be some downtime
• Systems will not be 100% compliant all of the time
• The cloud will not be the solution for all problems and will case new ones
• There will never be enough capital and staff to get what needs to be completed done
• The network has already been compromised
• Social networking use risks all of your company's secrets
• Users will always need your support even for technology that you have not implemented
• IT will continue to be viewed as a service organization
  

• Combine written content, usage, and retention policies with a Hosted Managed Email Archiving Service to ensure an organization's ability to preserve, locate, and produce legally valid email evidence. Unmanaged email and other record management solutiond can trigger financial, productivity, and legal issues for your organization when it a finds itself in a workplace lawsuit. The cost and time required to produce subpoenaed email, retain legal counsel, secure expert witnesses, mount a legal battle, and cover jury awards and settlements is ver costly. Best practices call for a proactive approach to email and business records management.
• Utilize a proven archiving technology to ensure forensic compliance. For example, by encrypting and archiving a copy of every business record and internal and external email sent or received and across the organization, a Hosted Managed Email Archiving Service solution guarantees that your email is secure and tamperproof. Nothing in your archive can be deleted or altered. Everything in your archive is legally compliant.
• Ensure that financial data and related documents are effectively protected from malware, viruses, and other malicious intruders - and are preserved in a legally compliant manner in order to  maximize SOX, GLBA, SEC, FINRA, and PCI DSS compliance. This includes having solutions in place to manage messaging threats and compling with regulatory requirements including Email Anti-Virus, Email Archiving, Email Continuity, and Email Content Control.
• Meet HIPAA requirements by using formal policies, employee training, and technology including email
  Archiving, Anti-Virus, Continuity, and Content Control Services to ensure compliant use of email to transmit and store HIPAA-regulated patient information.
• Safeguard personal or sensitive data whose transmission falls under state encryption laws or other privacy acts by deploying proven solutions that are designed to effectively identify personal information in any electronic transmission and, if necessary, block or encrypt the transmission.
• Reduce business and security risks associated with electronic communication by implementing a formal electronic communication policy that combines a written policy with employee training.

So rather than continually clicking the "Forget Your Password?" help link, folks are readily hiding login information around their computer station.

And given that there's little variety in those secret locations, "hiding" might be a stretch. The most common locations where folks hide their login info are:

• Under the keyboard
• Under the phone
• Under the mouse pad
• On the monitor
• In the top drawer
• Under the desk

The CIO is expected not only to provide the internal strategic focus in terms of the needs that exist within the business to support the mission of the company, but in many cases the CIO is asked to step up and be part of revenue generation for the company.  It is more about understanding the business and the strategic goals of the business - how technology can be applied in a cost-effective way that helps move the business forward.

The struggling U.S. economy had something to cheer about Friday as the U.S. Labor Department reported a drop in the unemployment rate, but the IT sector isn't benefitting.

Unemployment in November fell from 9 percent to 8.6 percent, the Labor Department's Bureau of Labor Statistics (BLS) announced, and nonfarm payroll employment rose by 120,000. That's the lowest unemployment rate in 2 1/2 years since March 2009, according to The Washington Post.

The government noted improvements in such industries as retail trade, leisure and hospitality, professional and business services, and health care.

The IT sector wasn't so fortunate: It lost 3,900 jobs, including 2,900 telecom positions, Janco Associates announced, citing BLS statistics. The IT sector lost 5,100 jobs in October, according to Janco Associates.

The study found a decline in the frequency of fraud over last year. Of the executives polled, 75 percent suffered some kind of fraud-related loss in the last 12 months, which is down from 88 percent the year prior.

However, fraud remains predominantly an inside job and insider jobs increased this year. The 2011 figures show that 60 percent of frauds are committed by insiders, up from 55 percent last year.

Keep in mind these are only the cases in which the perpetrator is known. And that translates into more concern among executives. Overall, fraud concerns among executives around the globe rose approximately 15 percent led by information theft and corruption and bribery. Half of all companies surveyed said they are moderately to highly vulnerable to information theft, up from 38 percent in 2010. IT complexity is the leading cause of increasing fraud exposure, cited by 36 percent of respondents compared with 28 percent last year.

Compared to just 10 years ago, more and more the value of a company is not contained in tangible things, it's contained in the company's ideas, and those ideas tend to live on information systems in the form of digital data. "

Indeed, information-based industries reported the highest incidence of theft of information and electronic data; including financial services (29 percent), technology, media and telecoms (29 percent), health care, pharmaceuticals and biotechnology (26 percent), and professional services (23 percent).

Roughly one in four companies were hit by physical theft of cash, assets and inventory or information theft, both down from 2010. Management conflict of interest (21 percent), vendor, supplier or procurement fraud (20 percent), and internal financial fraud (19 percent) all saw notable increases. The incidence of corruption and bribery nearly doubled over the past year from 10 to 19 percent.

The policies that Janco has created are a must have that every enterprise needs. They can all be accessed by going to the Policy Master Page or the individual policies can accessed directly by clicking on the links below.

The policies have just been updated to comply with all mandated requirements and include electronic forms that can be Emailed, filled out completely on the computer, routed and stored electronically. A totally solution that uses technology at its best.

• CIO IT Infrastructure Policy PDF (All of the policies below which come as individual MS Word files)
• Backup and Backup Retention Policy
• Blog and Personal Web Site Policy (Includes electronic Blog Compliance Agreement Form)
• Incident Communication Plan Policy (Updated to include social networks as a communication path)
• Internet, e-Mail, Social Networking, Mobile Device, Electronic Communications, and Record Retention Policy (Includes 5 electronic forms to aid in the quick deployment of this policy)
• Mobile Device Access and Use Policy
• Outsourcing Policy
• Record Management, Retention, and Destruction Policy
• Sensitive Information Policy (HIPAA Compliant and includes electronic Sensitive Information Policy Compliance Agreement Form)
• Service Level Agreement (SLA) Policy Template with Metrics
• Social Networking Policy
• Telecommuting Policy
• Travel and Off-Site Meeting Policy

With an increasing number of individually acquired smartphones, IT departments need to be defining their strategy for dealing with these devices. A process needs to be defined that is cost effective and helps CIOs manage the challenges of security, cost and IT control while balancing the needs of employees.

IT is losing control of smartphones and yet retaining all the accountability.

Other Individual Policies

All of the policies that are provided here are contained within one or more of the templates that are on this site. These policies have been added as individual documents in WORD format (WORD 2003 and WORD 2007) for those clients who just need this particular policy. All policies are Sarbanes-Oxley, HIPAA, PCI-DSS, and ISO compliant.

The policies have just been updated to comply with all mandated requirements and include electronic forms that can be Emailed, filled out completely on the computer, routed and stored electronically. A totally solution that uses technology at its best.

• CIO IT Infrastructure Policy PDF (All of the policies below which come as individual MS Word files)
• Backup and Backup Retention Policy
• Blog and Personal Web Site Policy (Includes electronic Blog Compliance Agreement Form)
• Incident Communication Plan Policy (Updated to include social networks as a communication path)
• Internet, e-Mail, Social Networking, Mobile Device, Electronic Communications, and Record Retention Policy (Includes 5 electronic forms to aid in the quick deployment of this policy)
• Mobile Device Access and Use Policy
• Outsourcing Policy
• Record Management, Retention, and Destruction Policy
• Sensitive Information Policy (HIPAA Compliant and includes electronic Sensitive Information Policy Compliance Agreement Form)
• Service Level Agreement (SLA) Policy Template with Metrics
• Social Networking Policy
• Telecommuting Policy
• Travel and Off-Site Meeting Policy

 Work-at-home offices, remote sites, and branch offices are increasingly at the front lines of business – they have the closest contact with customers and business partners and therefore can have a dramatic impact on the success of the business. Analysts estimate that there are more than four million remote offices in the United States alone. Many of these offices run autonomously from headquarters and are responsible for managing their own operations – including protecting and retaining the electronic information that they generate. Ignoring the protection and recovery needs of this remotely stored data is simply not an option.

Risks to data that need to be managed include:

• User Error
• Virus Attacks
• Disk/Server Failure
• Localized Disaster Events
• Regional Power and Network Outages

What is required is a set of robust procedures to manage these issues

• Backup and Backup Retention Policy
• Blog and Personal Web Site Policy (Includes electronic Blog Compliance Agreement Form)
• Incident Communication Plan Policy (Updated to include social networks as a communication path)
• Internet, e-Mail, Social Networking, Mobile Device, Electronic Communications, and Record Retention Policy (Includes 5 electronic forms to aid in the quick deployment of this policy)
• Mobile Device Access and Use Policy
• Outsourcing Policy
• Record Management, Retention, and Destruction Policy
• Sensitive Information Policy (HIPAA Compliant and includes electronic Sensitive Information Policy Compliance Agreement Form)
• Service Level Agreement (SLA) Policy Template with Metrics
• Social Networking Policy
• Telecommuting Policy
• Travel and Off-Site Meeting Policy

Taking a look into recruiting priorities, hiring managers' top requests are for a Java/J2EE or Java developer, .NET or .NET developer, business analysis, Sharepoint or Sharepoint developers and project managers.

New York topped the list of metro areas with the greatest number of IT jobs.  The Washington DC/Baltimore metro area placed second with Silicon Valley, Chicago and Los Angeles rounding out the top five.

The opportunity to tap into technology and use it to achieve a competitive advantage has never been greater. The new physics of IT offers a wormhole to a place -- and a performance level -- that couldn't have been imagined only a few years ago. However, laggards increasingly find themselves staring into a black hole of Industrial-Age thinking and a hopelessly outdated network infrastructure. They can easily become shackled by inflexible systems that limit their ability to innovate.

The situation isn't going to get any easier in the months and years ahead. Employees and customers increasingly dictate which technologies will be used and how they will be applied in the workplace. Social media streams and advanced analytics continue to transform the way data, information and knowledge are collected, stored and put to use. Meanwhile, unified communications, virtualization and cloud computing are upending legacy business and IT models. And, if all this isnÂ’t enough to cause severe motion sickness, security and governance, risk management and compliance challenges continue to increase.

• In a lawsuit filed with the Quebec Superior Court, a petitioner is looking to institute a class action on behalf of BlackBerry users affected by the outage. Petitioner contends that, despite the fact that the Respondent is responsible for BlackBerry users' loss of email, BBM, and/or Internet service for approximately one (1) and a half (1/2) days, it has not compensated consumers on a prorated basis for such loss of use," and, "...while knowing full well that BlackBerry users pay a monthly fee to their wireless service providers for data services and that they were deprived thereof." The lawsuit demands compensation for economic damages. Additionally, it claims that RIM's offer of free apps does not properly compensate BlackBerry users who have paid for services that they were unable to use.
• A man in California has filed a class-action lawsuit on behalf of all BlackBerry owners in the United States, arguing that the loss of BlackBerry service translated directly into lost revenue.

As RIM wrestled to contain the original outage, RIM co-CEOs insisted on a conference call with reporters that the company would work to regain customers' trust following the incident.

RIM began offering free BlackBerry apps to ease customer pain. The initial apps included games such as Sims 3 and N.O.V.A., along with Photo Editor Ultimate, iSpeech Translator Pro and Shazam Encore. The company promised more to come; in addition, enterprise customers were apparently eligible to receive a month of free technical support, and "current customers" a complimentary "one-month extension of their existing Technical Support contract."

The outages smacked RIM at a turbulent moment, with the company undergoing what its executives refer to as a transition period. In the face of declining revenues, RIM is betting big on an upcoming generation of QNX-based superphones that will apparently offer hardware and software parity with the company's higher-end competitors. Until those devices hit store shelves, RIM hopes that a new line of BlackBerry smartphones running BlackBerry 7 OS will help it retain market share, even as Google Android and Apple's iOS poise an increasing challenge to RIM's traditional user base.

   

The CIO has a responsibility to be a leader when it comes to cloud computing in the organization, so they need to make sure they are aware of, and actively involved in, all key cloud discussions and decisions. If not, the CIO may be the one asked to pick up the pieces if the business goes off the rails due to factors about which they were not clear. These are critical decisions that can generate both great risks and great rewards.

The problem is that operating systems do not natively offer a way to discriminate more granular privileged access: it's an all-or-nothing proposition. Therefore, a surprisingly large number of people can often wield incredible power within the native OS - much of which is unnecessary for each individual to fulfill his or her role. Privileged accounts can be used to bypass standard controls and authorization levels. A person with a privileged account often has unlimited access and may be able to inflict significant damage to networks, servers, applications and data.

To make matters worse, not only can too many administrators inflict damage, they may be able to work outside the network's identity management system and hide their actions. Most organizations face serious challenges in analysis and discovery of security breaches, both in real time and after the fact. They have problems finding out what went wrong, who did what and when they did it. This opens up a level of risk that has no place in a secure IT environment.

Reports of problems with the iOS 5 upgrade flooded Apple's support forum today. It's unclear why users are not able to upgrade, but the snafu may be due to swamped servers on Apple's end.

Users said they encountered installation errors near the tail end of the installation process, after iTunes downloaded the update and backed up the device.

iPhone and iPad owners reported a variety of error messages, and many said they had tried to upgrade to iOS 5 multiple times, from different computers running iTunes and to numerous devices, all without success.

Suggestions abounded on Apple's support forum about how to sidestep the errors and complete the upgrade, ranging from switching off the Mac's or Windows PC's firewall to deleting the existing backup.

In some cases, users said such suggestions had worked for them, but just as many -- if not more -- reported that they had not. A few people claimed that their attempts to upgrade to iOS 5 had "bricked" their iPhones, making them unusable.

• Creation and ongoing upkeep of a complete data map with a full accounting of all repositories, media and systems owned and controlled by the company.
  
• Retention of data subject to any legal or contractual obligations for the appropriate length of time in the appropriate manner.
  
• Retention of data with legitimate business value. Failure to retain and maintain access to useful data incurs litigation risk. On the other hand, retaining data that is not subject to any legal or contractual retention requirements can also be a liability, from both a monetary and litigation risk perspective.
  
• Authenticated access to data by people and systems. People or systems access to data needs to include proper authentication measures to ensure all data access is predictable, controlled and auditable.
  
• Tested and validated litigation hold procedures to ensure that any potentially responsive information is not deleted, overwritten or otherwise modified when a litigation or investigation occurs or is anticipated.
  
• Tested and validated procedures for the ongoing disposal of remaining data that is not subject to any of the preceding statements.

Employees suffer a variety of job repercussions for participating in work-life programs, even when their leaders insist they support the business value. The good news is that most employers around the globe avow support for family-friendly workplaces. The bad news is they are simultaneously penalizing those who actively strive to integrate work with their lives.

Findings include:

• Most employers feel that the ideal employee is available 24/7
• Most employers feel the most productive employees are those with limited personal commitments
• 93% of employers do not have metrics in place to measure the ROI of flexible work schedules
• 80% of employers offer some form of flexible scheduling and telecommuting to all staffers
• 79% of organizations that offer flexible work hours require core work hours when all employees should be working
• 56% of all companies have included fexible work schedules in thier disaster and business continuity plans
• 54% of employees on flexible schedules do not like their work assignments
• 53% of all organizations offer flexible work hours to all employees
• 52% of all organizations have compressed the work week to less than 5 day for some employees
• 42% of employees on flexible schedules have gotten negative performance reviews
• 40% of employees on flexible schedules feel they have been denied a promotion because of their work schedules

• The impact of new regulatory bodies and new regulations in North America and Europe will be the largest business driver of many business' strategy, operations, and technology.
• High credit losses and sovereign debt crises continue to slow job growth and consumer lending.
• Businesses need to invest in data, analytics, segmentation, and reporting to support both demand-generation strategies and risk management goals that will foster long-term, profitable growth.
• Businesses need to improve customer retention and relationship-pricing strategies for existing consumers.
• Businesses need more IT initiatives that support strategic cost takeout and revenue generation; these initiatives include online self-service, servicing, and collections; business process outsourcing, and platform-based lending.
• Future technologies requiring increased research (and some development) include mobile device-based business applications, social media marketing, and peer-to-peer lending.