CIO Areas of Interest

Disaster Recovery Planning, Job Descriptions, Salary Survey, Business Continuity, ITSM, SOA, Compliance, SOX, and HIPAA

The Janco News feed is an XML news feed that you can subscribe to and re-publish on your web site or blog. The only requirement that you need to meet is that the feed is included with no modifications and that the links within the feed are retained as is.

If you wish to subscribe to this news feed the options that you have are:

    • IT Standard News Feed - 30 items

      Cost of security breaches escilates

      May 26th, 2016

      Cost of security breaches escalates

      Cost of Security breachAttacks by malicious insiders arethe costliest to fix ($145,000), followed by denial of service ($127,000) and Web-based attacks ($96,000).

      The top 10 drivers of security shortcomings include:

      1. Insufficient funding for security
      2. Lack of commitment by senior executive management
      3. Lack of leadership in the security arena by the CIO
      4. Belief that the organization will not be targeted
      5. Lack of internal resources who are "security" experts
      6. Lack of an effective IT security strategy
      7. Lack of an action plan on how to implement a solution before an event
      8. Infrastructure for IT that does not easily lend itself to security implementation including complex and disjointed applications and data
      9. No central focus with the enterprise that focuses on security
      10. Lack of a good termination policy for employees and contractors
      Order Security ManualDownload Selected Pages
      - more info

      Privacy lost with new audio fingerprint tracking

      May 20th, 2016

      Privacy Lost

      It no longer is just the NSA, now some websites using audio fingerprinting for identifying and monitoring web users. A number of sites use the AudioContext API to identify an audio signal that reveals a unique browser and device combination.

      The method doesn't require access to a device's microphone, but rather relies on the way a signal is processed. The researchers, Using the AudioContext API to fingerprint does not collect sound played or recorded by your machine. An AudioContext fingerprint is a property of your machine's audio stack itself.
      In addition, researchers have found 715 of the top one million websites are using WebRTC to discover the local IP address of users. Most of these are third-party trackers.

      Order Sensitive Information PolicyDownload Selected Pages

      - more info

      WYOD a top concern of C-Level executives

      May 2nd, 2016

      WYOD a top concern of C-Level executives

      Anyone can purchase a wearable device.  If there is an open wi-fi connection that the device can map to sensitive personal and enterprise infromation is at risk. 

      Rules and policies need to be put in place to mitigate this risk.  The question is where to start.  Janco has answered that in its wearable device policy template.  It includes robust rules on wearable devices.  In addition, it provides a specifice road map to be followed when developing a strategy on how to deal with this new potential threat.

      Wearable Device Policy - It is 17 pages in length. It contains everything that an enterprise needs to implement a functioning and compliant Wearable Devices device and use process. Included are forms defining the mobile device environment.

       Download Selected Pages

      Read on...


      - more info

      Record Management, Retention, and Destruction Policy

      April 28th, 2016

      Records ManagementThe volume of documents within organization is exploding, managing these documents is a real and pressing challenge. If your organization is like many others, paper documents, emails, faxes, PDFs, CAD and other office documents are left unmanaged and stored in filing cabinets, on file servers or on desktop PCs around the office. This exposes your organization to compliance risks, service delays, cost overruns and a host of other challenges.

      Record Management Policy Download Selected Pages

      Today, software solutions are available that combine document and records management capabilities into a single, complete offering. These solutions enable you to reduce the time, cost and complexity of storing and accessing your documents throughout the information lifecycle. They also give you the power to improve access to critical documents, enhance customer service and operational efficiency - all while reducing risks and addressing compliance demands.

      - more info

      Contract terms for outsource agreemeents

      April 8th, 2016

      Contract terms for outsource agreementsContract terms for outsource agreemeents

      Specific contractual provisions to minimize cyber risk in outsourcing contracts are:

      • Setting security standards for the vendor;
      • Restricting on subcontracting;
      • Employee related protections, such as background checks and training; 
      • Security testing;
      • Security audits;
      • Security incident reporting and investigation;
      • Data retention and use restrictions;
      • Customer data access rights; and
      • Vendor liability for cyber incidents.

      Reasons Why CIOs Recommend Outsourcing

      Order Cloud Outsourcing Template  Download Selected Pages

      - more info