Spam Policy
Note: Of course legitimate, individually-sent
employment, business and personal inquiries are not considered spam.
This domain does not accept unsolicited email
messages (spam) from commercial, political or non-profit
entities. By sending a spam message to this domain, you authorize us
to do the following:
- File a complaint with your upstream internet
service provider
- File a complaint with your web host provider
- File complaints with your payment processor,
merchant services provider, DNS-provider and any and all other
providers you use to do business online
- Post your email to the newsgroup
news.admin.net-abuse.sightings
- Forward your email to spam@ftc.gov
- Forward your investing-related email to
enforcement@sec.gov
- Test your sending server as an open relay
- Report your mail server and web server to any
and all blacklists, blocklists, spam filters, etc we choose
- Post comments regarding your spamming to
alexa.com, epinions.com, bizrate.com, USENET and any other media
we choose, in any manner we choose, along with your actual
identity, address, telephone number and any other information we
choose including, but not limited to spam complaints, "call this
spammer" messages, etc.
- Send unlimited quantities of email to the
email address listed in your message, the WHOIS contacts for
your domain, your personal email, your business email, the
administrative contacts of your sending mail server, the
administrative contacts of your web host provider and any other
email addresses in any way connected with your spamming
activities
- Place a bandwidth-protest on your site
involving continuous downloads of data
- Bill you a $500 processing fee for each piece
of spam sent to this domain. Failure to pay will result in our
taking you to small claims court and/or forwarding the claim to
a collections agency
- Call any phone number or fax number posted
within your spam message
Sending email to an address within this domain
constitutes your acceptance of these terms.
|
Latest News
BYOD improves productivity
05/17/2012 -
 The latest results from a quarterly survey of IT
decision makers shows that a significant number of companies with tablets
deployed are seeing productivity gains tied directly to their use.
In the survey of over a thousand IT decision-makers, 74% indicated that using
tablet computers and smartphones led to an increase in productivity in their
organization while 25% of those said it has led to a significant increase. In
addition, half of those surveyed said they felt the use of tablets and
smartphones has led to cost savings in their organization.
Addressing the so-called BYOD (Bring
Your Own Device) trend, 64% of the IT decision-makers at large businesses
reported that consumer technology adoption has led to cost savings, while 42%
said they experienced significant cost savings.
-
more information
Mobile devices put a strain on help desk staff
05/12/2012 -
IT Help desks need to focus more of their resources
handling mobile computing. Even though remote access is only available to
one third of mobile workers and instant messaging is only available to one
quarter, CIOs need to consider new technologies when providing support to
workers who do not have ready access to in-person support options. Policies and
performance metrics are a must.
Documenting a clear set of IT policies is a resource-intensive process for
CIO and their staffs due to the research and writing time involved. And once
policies are created, the next step is to communicate and gain acceptance for
those policies throughout the organization. Wouldn't it be nice to start with
boiler plate templates that require only minor customizing?
-
more information
Meeting productivity improvement
04/29/2012 -
Ideas to improve meeting productivity 
- Have agendas with goals objectives. It's considered bad business manners
to send a meeting request without providing an agenda. When calling a meeting
focus agenda on expressly stating the goal(s) of the meeting.
- Replace the default 60-minute meeting time slot with a 20-minute meeting
unit. For some inexplicable reason, people seem to naturally default to 60
minutes as the amount of time needed for a meeting. And while that may be the
case in certain circumstances, it should not be the default position. In place
of a 60-minute default time slot, adopt the 20-minute meeting unit. If a
particular topic needs more time than that, it is up to the meeting organizer
to convince the participants that two (or three, or four) meeting units of 20
minutes are necessary.
- Have people stand during meeting. It is too easy to "waste time"
when everyone is sitting.
- Orient the meeting toward follow-ups and actions. Meetings produce lots of
ideas and discussion. That's wonderful. But the real purpose of most meetings
is to agree on next steps and actions. Keep a focus on targeted actions and
your meetings will be productive. Allow them to become discussion forums for
"important issues," and they will feel long and painful.
 
Labor Force Participation Rate at Lowest Level in over 40 Years
04/15/2012 -
The BLS data shows that the participation rate in the job market is at levels
that have not been seen since the 1970's. In March of 2012 the work force
participation percentage of all employees (male and female) was at 63.8%
according to the BLS data.
Assuming that there is a significant downsizing of the
military and there are no new programs to get jobs for soldiers coming home
then the true unemployment levels will not go down for some
time.
-
more information
Mobile device usage improves productivity
04/11/2012 -
Today's most productive employees are not tied to a desk, an office, or a
location. They are mobile. And your companyÂ’s IT strategy has to be ready to
support them with easy, reliable, 24/7 access to the business information they
need, from anywhere in the world, across a broad range of communication devices.
 
Mobile contentmanagement increases user productivity, ramps up customer
engagement, enhances customer service, maximizes collaboration and drives more
effective business decision-making.
-
more information
Disaster planning state of the art solutions
04/03/2012 -
 Not all disaster recovery
applications are created equal. There are three main methods for providing
backup for virtual environments in the industry today. Understanding how these
methods impact your environment as a whole, is key to making sound decisions
when choosing the correct application for your business.
In our Disaster Recovery
Planning Template Janco presents:
- Review these methods to compare and contrast the impact on the environment
- Strategies
- See how each method effects the backup window and storage and the MTPOD
(Maximum
Tolerable Period of Recovery)
- Present state of the art solutions to the global body of knowledge
for DR/BC, including current international standards and best
practices.
-
more information
EU Proposes New Security Requirements
03/30/2012 -
EU proposed the replacement of Data Protection Directive 95/46, an
important component of EU privacy and human rights law under which organizations
in both the public and private sector have been operating for thirteen years.
It would reduce bureaucratic compliance requirements for many organizations
and provide a single set of compliance laws across Europe. At the same time, it
would impose a greater responsibility on organizations to protect against and
acknowledge data breaches, introducing stiffer penalties for organizations that
fall short of the legal requirements. This would be no bad thing. Senior
management need to act to stop the flow of sensitive information that is leaking
out of organizations. The right information policies and procedures need to be
in place. All too often, it seems that organizations are mopping the floor after
the leak.
In particular, the draft EU proposal includes four requirements that would,
if adopted, have a far-reaching impact on all organizations that do business in
Europe.
- A mandatory notification of breaches. This recommends that both the
relevant Data Protection Authorities (DPAs) - [in the UK's case this would be
the ICO] - and all affected individuals have to be notified within
24 hours of a data security breach, including unauthorised destruction or
loss. The data protection authorities must be notified even in the absence of
any risk of harm to data.
This requirement raises a number of important
questions including the need for data breach thresholds: does this requirement
apply to the loss of a single record, for example, and would there be a longer
time limit if the data breach involved the loss of millions of customer
records? It also raises the question as to whether public and private sector
organizations would be able and indeed willing, to self-regulate.
- All public sector organizations, and private sector organizations with
more than 250 employees, to have a named data protection officer. This could
have significant resource, training and recruitment implications for many
organizations. One option could be to add the responsibility to the remit of
an appropriately skilled employee.
- Regulatory authorities would have powers to impose fines of up 1 million
Euros - or two percent of turnover for private sector
organizations - for failures to comply with the regulation. That
the EU is prepared to authorise this level of punishment highlights just how
seriously data protection is to be taken.
- Give individuals the 'right to be forgotten'. In essence, it states that
individuals should have greater control over their data and be allowed to
demand the removal or deletion of personal records from any organization that
holds them. If adopted, this requirement would have immense resource
implications for organizations and could be time-consuming and complex to
implement, particularly where it relates to the fast-moving world of social
media. However, the small print suggests that this right is a 'qualified'
one.
-
more information
Proposed new manadated compliance for executive and CIO compensation
03/13/2012 -
An entirely new and potentially more invasive accounting-related influence on
executive compensation (including CIOs), in the form of proposed amendments to
Public Company Accounting Oversight Board (PCAOB) auditing standards. If
adopted, the proposed amendments could spur corporate auditors to force changes
to compensation programs due to unacceptable risks of material misstatement, an
increased risk of fraud, or both.
Executive compensation
is not a new area for the PCAOB. Auditing Standard No. 12, "Identifying and
Assessing Risks of Material Misstatement," currently states that "the auditor
should consider performing . . . procedures and the extent to which the
procedures should be performed [to] obtain an understanding of compensation
arrangements with senior management, including incentive compensation
arrangements, changes or adjustments to those arrangements, and special
bonuses."
The increased scrutiny would not be limited to just reviewing more documents.
The proposed amendments also would require the auditors to consider contacting
persons who are involved in executive-compensation decisions but not in
financial audits - such as the compensation committee chair, the outside
compensation consultant, and human-resources personnel - to better
understand the company's executive-compensation structure. Auditing procedures
would also target the authorization and approval process for executive
perquisites and reimbursement arrangements.
-
more information
Security breaches can go un-detected for a lomg time
03/01/2012 -
Over 90 percent of data
breaches are the result of external attacks and almost 60 percent of
organizations discovered them months or years later, Verizon said in a report
released at the RSA security conference.
According to the report, the use of default or stolen credentials was one of
the primary methods that attackers used to gain access to data in 2011. Some
organized crime groups have automated their attacks to scan for very specific
ports, like those for remote desktop, pcAnywhere and similar products, and then
they try to log in with common or stolen passwords.
This problem is common with small businesses that outsource the
administration of their IT systems to third parties who offer remote support.
These organizations should implement some type of access control for remotely
accessible systems, like restricting which IPs are allowed to connect to
them.
Web-based attacks like SQL injection have a lower frequency and didn't even
make the top 10 list on the annual report that will be published later this
year, Baker said. The rate of SQL injection attacks is usually much higher for
financial services organizations.
Janco's Security
Manual for the Internet and Information Technology is over 240 pages in
length. The template is compliant with ISO 27000 (formerly ISO 17799),
Sarbanes-Oxley, Patriot Act and HIPAA and includes a PCI DSS Audit program.
One problem that doesn't seem to improve from year to year has to do with breach discovery. It takes
the majority of organizations months to discover a breach and some of them even
take years.
-
more information
Cybersecurity now a CEO concern
02/27/2012 -
Cybersecurity is not
just an IT issue; that is not how your adversaries are looking at it. Using IT
happens to be the way they get into networks. Technology is only one aspect.
Organizations need to look at it as a foreign intelligence collection effort.
Bottom line, cybersecurity needs to be top-down driven, from the head of the
agency or a CEO on down. Only then will the enterprise be adequately protected.
-
more information
Disaster Planning budget discussion
02/22/2012 -
Points that need to be included in any discussion of disaster
planning budgets:
- There's nothing more important to the business than its data
- The DR investment protects the enterprise from everyday
disruptions
- Is the current DR plan in compliance with new privacy laws
- Stakeholders won't invest in the business without a DR plan
- A weather disaster could be heading to your enterprise's way
- It's not a matter of if, but when an IT catastrophe will strike
- New DR advances make it more affordable than you think
- Outsourcing DR can save you time and money
Disaster Recovery Planning (DRP)
template can be used by any size enterprise. The template and supporting
material have been updated to be Sarbanes-Oxley compliant. The Disaster Recovery Planning Documentation
comes as a Word document with electronic forms.
-
more information
Feds to cut IT spending
02/14/2012 -
 The current administration has proposed a
slight decrease in federal IT spending in 2013, with many of its funded projects
aimed at realizing further savings down the road.
Overall, the budget calls for spending $78.8 billion, a 1.2 percent decrease
from 2012.
The Defense Department takes the biggest hit overall, with a drop of 3.6
percent, which more than offsets a 1.1 percent gain in civilian agencies.
Many of the IT projects highlighted in the proposed budget received support
because of their potential to improve the efficiency of agency operations by
modernizing and enhancing existing systems. The budget also highlights ongoing
efforts to save money through data center consolidation and cloud computing.
One idea is to create a “data center marketplace,” in which agencies in need
of new computing power can be steered toward unused capacity available within
government.
-
more information
Training supervisors on supporting staff improves productivity
02/09/2012 -
The demand to improve productivity
has created a workplace environment of intense competition and increased
stress for many. Paradoxically, these conditions often stymie organizational
efforts to become more efficient and effective.
A new study offers a way to improve worker productivity - training
direct supervisors to provide support. While it may seem a common-sense notion,
many employers do not train supervisors on the necessity of support or on
techniques to provide assistance.
In earlier studies, scholars have shown stress at the workplace (due to high
job demands and low control) can cause workers to develop psychological strain
that translates into physiological symptoms, such as headaches, stomach aches
and fatigue.
When the boss offers support in the form of, for example, a lightened work
load or stress management training, it is more likely to keep the worker from
taking sick leave. This is because the worker feels more inclined to reciprocate
the supportive treatment by keeping their work effort high.
Researchers determined that co-worker support early on, when the employee
begins to experience workday stress, plays a role in reducing the physical
effects of stress, thereby reducing the likelihood of even developing the need
for sickness absence.
-
more information
H-1B discriminates against US IT workers
02/03/2012 -
H-1B workers are better educated than U.S. born workers and earn more. The
report by two economists at the non-partisan Public Policy Institute of
California, found that, on average, H-1B workers are about 10 years younger than
U.S. born workers.
The report's findings concerning pay indirectly challenge beliefs about the
H-1B program held by its backers. In a recent column in the Financial
Times, it was argued that restrictions on the H-1B program protect "many high
earners from skilled migrant competitors." He called the H-1B program "a subsidy
for the wealthy," meaning well-paid IT workers.
But according to this study, the conclusion U.S. IT workers are a "privileged
elite is wrong." The study found that the average annual earnings of H-1B
workers are about 10% higher than the average annual earnings of U.S. workers,
after adjustments for age, occupation and education.
The study is drawing reaction from those who see current H-1B policies as a
detriment to U.S. workers.
-
more information
Anonymous implements social media hacks
01/28/2012 -
Anonymous distributed links to specially crafted Web pages via its Twitter
feed which was re-tweeted widely, and links also popped up on Internet Relay
Chat rooms, Facebook, Tumblr and other social networking sites. Some of the
links led to PasteHTML.com, a site that looks a little like the popular
text-sharing site Pastebin frequently used by Anonymous to issue statements. A
variation of this method allowed users to type in the IP address of target Web
servers before the JavaScript code began executing.
 
Most of the links were obscured using URL shortening services such as bit.ly.
Several Anonymous Twitter accounts have thousands of followers, and some gained
"hundreds of thousands of new fans overnight" during the course of the campaign,
according to Cluley.
The new method appears to have helped knock Universal Music and other sites
offline during last week's Megaupload-revenge attacks
-
more information
FedRAMP to drive cloud solution providers
01/14/2012 -
 The Federal CIO Council released the security control
requirements for the Federal Risk and Authorization Management Program (FedRAMP)
- the new, innovative IT risk management program created to foster the adoption
of cloud computing by the Federal government. FedRAMP provides a standardized
approach to the security authorization process for cloud products and services,
adopting requirements agreed upon by all Federal agencies and approved by the
FedRAMP Joint Authorization Board (JAB). The security controls baseline is the
basis for FedRAMPÂ’sstandardized approach to the security authorization process
for cloud products and services. The release of the FedRAMP controls is the
critical first step that to successfully launching FedRAMP.
  FedRAMPÂ’s unified risk management process will evaluate IT services offered
by vendors on behalf of Federal agencies, saving agencies from conducting their
own risk management programs. By reducing duplicative risk management efforts,
FedRAMP will enable Federal agencies to focus their evaluations of IT services
on their agencyÂ’s specific needs, as well as their privacy and security
requirements. In the coming month, GSA will release the FedRAMP Concept of
Operations, further detailing the processes for Federal agencies and CSPs to
meet FedRAMP requirements.
-
more information
IT job descriptions updated to meet all compliance requirements
01/07/2012 -
Internet and Information Technology Position Descriptions
HandiGuide ®
243 Job Descriptions and Organization Charts Sensitive Information
Policy Compliance Agreement
The IT job descriptions contained within the Internet and Information
Technology Position Descriptions HandiGuide® were completed in 2012
and contains over 700 pages; in a new easy to read format; and, includes sample organization charts, a job
progression matrix, and 243 Internet and Information Technology (IT) job
descriptions. The book also addresses Fair Labor Standards and the
ADA, and sexual harassment. Each job description meets ADA standards and
the position description is delivered in electronic format - word which is
editable and PDF which is printed.
More...
-
more information
Security ignored by younger employees
12/20/2011 -
Employees aged 18-30 tend to have lax attitudes about computer security and
are more likely than their older ounterparts to ignore IT policies, according to
a recent Cisco report.
About 61 percent of young employees surveyed by Cisco researchers feel
corporate IT security isn't their responsibility and should be handled by their
employer or the device manufacturer, the researchers wrote in the third
installation of Cisco's "Connected World Technology" report. "Young employees"
in this report included 1,400 college students polled between the ages of 18 and
23 and 1,400 professionals polled under the age of 30.
Seven out of 10 young employees polled also frequently ignore IT policies and
67 percent feel the IT policies on social media and device usage are outdated
and need to be modified to "address real-life demands for more work
flexibility," according to Cisco. The younger workforce has "different"
expectations of what should be allowed at work, and over time these policies and
restrictions may become a deciding factor in where they choose to work.
The Security Manual for the Internet and Information Technology is over 240
pages in length. The template is compliant with ISO 27000 (formerly ISO
17799), Sarbanes-Oxley, Patriot Act and HIPAA and includes a PCI DSS Audit
program. All versions of the Security Manual template include both the Business
& IT Impact Questionnaire and the Threat & Vulnerability Assessment Tool
(both were redesigned to address Sarbanes Oxley compliance). In
addition, the Security Manual Template PREMIUM Edition contains 16 detail job
descriptions that apply specifically to security and Sarbanes
Oxley.
-
more information
Security risk from easy access to user logon information
11/11/2011 -
Users have dozens of logins and passwords spread out across an equal number
of sites and applications and it's no wonder the average user tends to forget
their secret info. Even with a tried and true system for generating memorable
but complex passwords, the formula could easily fall apart if you just can't
remember it.
So rather than continually clicking the "Forget Your Password?" help link,
folks are readily hiding login information around their computer station.
And given that there's little variety in those secret locations, "hiding"
might be a stretch. Typically user passwords was somewhere on their desk in one
of these easy-to-find locations.
The most common locations where folks hide their login information are:
- Under the keyboard
- Under the phone
- Under the mouse pad
- On the monitor
- In the top drawer
- Under the desk
In other words, you're not doing yourself any favors if your entire system is
compromised by a casual, passing glance from someone outside your office
window.
Instead of the highly visible Post-It note on the monitor, Janco Associats
recommends secure password aggregators to keep your login information
secure.
-
more information
Is the death knell for Adobe Flash sounding
11/09/2011 -
Adobe Systems is ending development of its Flash plug-ins for mobile
browsers, the company confirmed today. Instead, Adobe will focus on HTML5 and,
to a lesser extent, its AIR runtime environment. Adobe says it will work on
tools that convert Flash content and apps to HTML5 and AIR versions for use on
mobile, rather than continue to develop its mobile Flash Player.
At the same time there continue to be reported problems with Adobe Flash with
IE in the 64 bit environment along with the frustration of users with the Adobe
Update process.
Adobe has been working on mobile Flash for years, but shipped an Android
version only a year ago and on both HP WebOS and the RIM BlackBerry PlayBook
tablet this summer. Apple has adamantly refused to allow Flash on iOS over
performance concerns (though it does allow AIR), and Flash has also not appeared
in the BlackBerry smartphone OS or in Microsoft's Windows Phone 7 despite
Adobe's promises to do so.
-
more information
How to terminate an employee
11/07/2011 -
When you are going to terminate an employee and have prepared property then
you should follow these best practices. Terminations are one of the most
difficult personnel issues managers have to deal with; it's easy to bungle them.
Avoiding the following pitfalls will reduce your risk of a wrongful termination
lawsuit.
Plan for the termination meeting - Winging a
meeting with an employee you are firing is a bad idea. If you don't prepare what
you're going to say to the employee, you could speak out of turn, and your
comments could be the basis for a lawsuit.
- What they're going to say during the meeting
- What's going to happen after the meeting
- Whether the employee will be allowed to collect his belongings from his
desk, or whether the company will pack them up and send them to him
- If the employee has company files at home, the manger needs to figure out
how to get those files
- Have in hand the employee's final paycheck and include pay for any unused
vacation
- Provide the employee with a COBRA notice so he knows how much it will cost
to continue his health insurance.
Planning the details of the termination helps demonstrate respect for the
employee. It shows you care enough about the employee to think about the
questions and issues the employee will face.
Have two people present in the meeting other than the individual
being fired. That way if you end up in litigation, it's not
one person's word against the other. It's better to have a second person from
the company who can indicate exactly what was said.
Be serious and do not joke about what is going to happen and do
not treat it like a cattle call. Some employers who have to do
large layoffs round up employees like cattle in a conference room and tell them
all at once that they're getting pink slips. This disrespectful tactic breeds
ill will among the affected employees toward their former employer.
Get to the point quickly - Managers should never
start a meeting with an employee in which they're going to be terminated with
pleasantries. It's cruel to mislead the person about the conversation," she
says. Instead, managers should cut to the chase. "We're meeting today because
your position has been eliminated' or 'because we need to let you go.'"
- If the termination is due to the employee's poor performance, managers
should have a line and stick to it, such as, 'We've discussed your performance
several times. This job is no longer a good fit.'
- If the employee is part of a layoff motivated by economic or financial
circumstances, it's best to say something simple such as, 'Your employment is
being terminated due to a necessary reduction in force. The reason we have to
do a reduction in force is because of the tough economic climate,' and leave
it at that.
Be truthful about the reason for the
termination Managers who feel badly about having to lay off
staff will sometimes try to soften the blow to the employee during the
termination meeting. The manager might say, "We have to cut you, but it has
nothing to do with your performance. You were a great employee, but I need to
let you go, and it's completely and solely related to cost reasons".
Such
non-truths become problematic when the decision to lay off the employee was in
fact performance related. If that individual decides to file a lawsuit alleging
he was fired because of his age, the company will respond to the claim by
saying, 'You weren't fired for your age. You were fired because your performance
was the lowest among the people we chose.Â’ The plaintiff will in turn respond,
'During my termination meeting, you told me my performance was great and that it
had nothing to do with the reason for my termination.' That alone can make an
employer liable.
Do not broadcast the termination news over social
media. Today there are lawsuits and legal claims related to updates
managers have posted to Facebook, Twitter or LinkedIn, in which they disclose
details of employee terminations.
Offer employees a severance agreement in return for a release of
all legal claims It helps the employee because it aids in their
transition and doesn't preclude them from seeking unemployment insurance. From
the employer's perspective, the severance agreements are important because the
employee will release the employer of all claims related to or arising out of
the employment -- if they accept the severance package. That will take
care of tort claims, contract claims, discrimination claims and wrongful
termination claims.
-
more information
Core network security protection best practices
10/28/2011 -
Network security basic protection rules:
- Don't grant your users local administrator rights. This is cumbersome, but
it ensures that the local hash database resists compromise, keeping other
users' hashes away from prying eyes.
- Use domain administrator credentials only on machines with domain
controller roles installed. Use delegated administrator accounts with fewer
rights to perform privileged actions on other machines like client computers
and member servers.
- Don't grant junior administrators local administrator rights on servers.
Avoid granting anyone local administrator access on servers.
- Consider setting up a whitelist of known-good applications. For some
organizations, this is a trivial task, but it will prevent the operation of
the utilities used in attacks and any other utilities that may come out
to make this attack easier to execute.
- Never use the domain administrator account to grant privileges to service
accounts.
-
more information
Service-Oriented Architecture and IT Service Management Are Keys To Success in the Recovery
10/16/2011 -
SOA and ITSM drive success and productivity
One
bad customer experience can cost you that customer for life. Hospitality,
travel, retail, healthcare, and financial services are especially prone to
losing customers who have a negative experience. It does not take much for a
customer to decide that you and your company are not worth his time, effort, or
money.
 
Customers
like to feel loved, and they are turned off very quickly when they sense that
you do not care about the pain they are feeling. Even if you cannot help them
because the situation is beyond your control, acknowledge that you understand
both the situation and their frustration.
 No
customer wants the person serving her to be distracted or preoccupied. Ever go
to the local mall and try to get help from a teenager focused more on texting
her friends than helping you find what youÂ’re looking for? On the other hand,
being too focused can be a bad thing. Have you ever asked an innocent question
out of curiosity and then found yourself stuck for an eternity while a customer
support person hunts endlessly for an answer? This person is likely so focused
on getting the answer that he does not realize that you really do not care that
much about it and would rather not wait for an answer to an inessential
question. Be sure your people understand the degree of focus required for the
job.
Even
if the employee has the right skill set and experience, his odds of being
successful and remaining on the job are low if his core behaviors and tendencies
do not line up with those needed for success in that particular role. This is
especially true for customer-facing roles in which your frontline employees act
as extensions of your brand and heavily influence the customer experience.
-
more information
Security for mobile devices is a major issue for CIOs
10/15/2011 -
 With the proliferation
of smartphones and tablets, workers can now process business emails,
produce work content, and conduct meetings straight from these
devices. They can also perform personal financial transactions, shop
online, and even file our taxes with the IRS from the same device and at the
same time. Mobile devices are the future credit cards and identity carriers, as
well as our portals into the digital world.
This trend is driving more organizations to support personally owned devices
in the work environment, allowing employees anytime, anywhere access to business
resources. In North America And Europe more than 50% of firms support
employee-owned mobile and smartphones. This empowered workforce uses groundswell
technologies such as mobile devices to drive increased productivity, innovation,
and improved customer services.
The business tasks both IT operations and security professionals with making
sense of the complexities of supporting personal devices in the corporate
environment. Depending on the industry that you are in, consumerization can
present challenges to your security, compliance, and legal requirements.
Determining what these challenges are is the first step when crafting a strategy
to manage these new endpoints in your corporate network.
-
more information
Data governance and record managment objectives
10/10/2011 -
The objective of for records management and data governance falls into three
major areas:
-
 Finding
out what's in place. Organizations have historically had a rather
laid-back approach to data governance, in large part because the (relatively
primitive) native security controls havenÂ’t offered any other option. Moving
forward, a critical first step is to find out exactly whatÂ’s in place to begin
with.
- Minimizing IT's role as gatekeeper. Because the IT
team has historically been the only group of people who could modify resource
access permissions, theyÂ’ve been thrust into the role of deciding who
permissions are given to. ThatÂ’s inappropriate, since IT rarely has the
information needed to properly govern access to resources. While IT may
continue to be responsible for implementing access controls, moving forward we
need to remove them from the role of actually governing, and instead put that
burden on the people within the organization who actually own the data.
- Improving consistency. Inconsistent application of
permissions and inconsistent configuration of file servers are leading
contributors to downtime, lost productivity, security breaches and more.
Organizations seek to create a single, consistently configured and
consistently governed environment that provides users with access to exactly
the resources they need - no more and no less. An example would be during a
merger when bringing in another directory and permission system very similar
to the existing.
-
more information
|
|
