Latest news of interest from the CIO's primary news feed

Disaster Recovery Planning, Job Descriptions, Salary Survey, Business Continuity, ITSM, SOA, Compliance, SOX, and HIPAA

The Janco News feed is an XML news feed that you can subscribe to and re-publish on your web site or blog. The only requirement that you need to meet is that the feed is included with no modifications and that the links within the feed are retained as is.

If you wish to subscribe to this news feed the options that you have are:

    • IT Standard News Feed - 30 items

    • How to keep safe on the Internet while being productive

      Keeping data safe and secureSecurity Tools to keep you safe

      Security and compliance are key to maintaining control of sensitive and confidential information. Keeping safe and productive online requires smart decision-making and just the right preventive measures to fit the level of risk you can live with.

      Read on SecurityOrder Security ManualDownload Selected Security Manual  Pages

      - more info

      Chinese have a more secure version of Windows 10

      Security and Privacy are the core of the Chinese version of Windows 10

      Security and PrivacySecurity and Privacy are key to a Chinese government-approved version of Windows 10. It was developed in partnership with the Chinese technology and defense company China Electronics Technology Group Corp (CETC).

      This version strips telemetry and data collection from Windows; thus, in a bit of irony, the Chinese Government-mandated edition is the only version of Windows since XP (or Windows 7 before updates/patches) that respects the privacy rights of its users and is not, as of today, a data-collection machine.

      Read on SecurityOrder Security ManualDownload Selected Security Manual  Pages 

      - more info

      Net Neutrality and cost of Internet in the US

      Anti Net-Neutrality will raise the cost of Internet

      Net-Netrality will raise costs of InternetIf the services providers have their way, the cost of internet and data usae will skyrocket.  Currently:

      • Americans pay four times as much as the French for an Internet triple-play package - phone, cable TV and Internet - at an average of $160 per month versus $38 per month.
      • The French get global free calling and worldwide live television. Their Internet is also 10 times faster at downloading information and 20 times faster uploading it.
      • America has gone from #1 in Internet speed (when we invented it) to 29th in the world and falling.
      • Bulgaria is among the countries with faster Internet service.
      • Americans pay 38 times as much as the Japanese for Internet data.
      Order IT Infrastructure Architecture Download Selected Pages
      - more info

      Security Architect is a hot new job

      How to get value out of your enterprise's infrastructure with a Security Architect

      Job DescriptionsWith all of the recent cyber-attacks and ransomware hack, there now is a hot new job.  The Security Architect is responsible for maintaining the security of an enterprise¬ís computer and application systems. They must anticipate all of the moves and tactics that hackers will use to try and gain unauthorized access to the enterprise's data and application resources. They must stay current with the latest developments in the arena of security and mandated compliance.

      The job description for this hot new role has just been released by Janco and 

      Read on...

      Order Security Architect Job Description

      - more info

      Focus of new federal cybersecurity order clarified

      Security Policies - Procedures - Audit Tools

      CybersecurityFocus of new presidential cybersecuritry order is:  

      • Protect federal networks using the NIST Framework
      • Mandate federal IT to move to the cloud
      • Centralize federal IT as one enterprise network

      Read on SecurityOrder Security ManualDownload Selected Security Manual  Pages

      - more info

      Updated Patch Management - Version Control Policy Template Released

      New with Version of Patch Management - Version Control focus on DevOps

      DevOps is the way to build, test and maintain applications and systems.  To that end, patch management and version control are key.  The lastest update of that policy template now included three (3) key job descriptions:  Manager Change Control, Change Control Supervisor, and Change Control Analyst.

      Also included in this update aree ten (10) best practices for security compliance and patch management.

      Order Patch Management PolicyDownload Version control Selected Pages


      - more info

      IoT makes everything more complex including DR and BC

      IoT - Almost half of companies that had to activate their DR/BC plans were able to do it with limited difficulty

      IoT- DR and BC concernsThe internet of things (IoT) is in a very bright spotlight. Not only because of recent security breaches, but because of the way it has completely iniltrated our lives not only through our smart phones, but through our smart TVs, smart refrigerators, smart thermostats, and every other smart device you can think of. And all of these things are likely to be in our workplaces as well.

      All Business Continuity Disaster Recovery Planning efforts need to encompass how IoT devices will communicate, where they will go and how they will keep doing their jobs. The details can vary greatly, depending on the size and scope of a company and the way it does business.

      Order Disaster Recovery Business Continuity Template Download Selected Pages  Disaster Recovery Business Continuity Template

      - more info

      Hackers target non-chip magnetic credit card readers

      CIOs are challenged with data security and protection as hackers target non-chip magnetic credit card readers in retail outlets, restuarants and bars. 

      Chip readersStolen credit and debit cards are on the rise at U.S. restaurants where older magnetic stripe cards are in use instead of more secure chip cards. The number of attacks on e-commerace sites is on the rise.

      Most breaches are from users whose cards were read by magnetic stripe credit and debit cards at payment terminals -- not chip readers. Mag-stripe cards rely on an older and less secure payment technology than do the newer chip cards. U.S. banks and card networks like Visa, MasterCard and other card companies have been giving customers new cards embedded with smart chips in recent years, although the U.S. is one of the last countries to convert to chip card technology.

      Nearly all chip cards also have magnetic stripes containing card data, which are still vulnerable to hackers who can strip the data with special counterfeit readers. Even PIN and chip is vulnerable to internal breaches.

      The best defense for companies is to utilize point-to-point encryption of data and not to store sensitive data. The migration from swipe cards to PIN and chip and further to point to point encrypted (P2PE) solutions must be a priority. Unfortunately, P2PE solutions are not widely available and can be costly.

      Order Security PoliciesDownload Selected Pages

      - more info