Tool Kits -- CIO CTO Tools
IT-ToolKits.com is the resource site for Information Technology management. This site contains the Information Technology and management infrastructure tools that the CIO, CSO, and CFO can use for Sarbanes Oxley, Disaster Recovery, Security, Job Descriptions, IT Service Management, Change Control, Help Desk, Service Requests, SLAs - Service Level Agreements, and Metrics. Site includes Browser and Operating System Market Share White Paper and IT Salary Survey Data.
Disaster Recovery Templates are Sarbanes Oxley compliant and the Disaster Recovery Template is included in the Sarbanes Oxley Compliance Kit
IT-Toolkits.com supports a wide range of industries and enterprises of all sizes. Our clients include over 2,500 premier corporations from around the world, including over 250 of the Fortune 500.
Staffing Issues for CIO concern
Staffing Issues the CIO Needs to be Aware of
Overseeing staffing, a hat that many CIOs wear, may mean having to make crucial decisions about hiring and policy, performance management and discipline, and employee terminations.
Five employment law issues should be on the radar of CIOs who oversee the staffing function.
- State and Local Wage and Hour Laws - Laws governing hours of work and payment of wages are a leading source of employee claims.
- Federal, State, and Local Leave Laws - Similarly, different states and cities may have medical leave and paid sick-time laws that differ significantly from what CIOs are familiar with under federal law or the law in the the company's headquarters state.
- Independent Contractors - Claims by individual contractors alleging that they were misclassified and should have been treated as employees are now very common.
- Separation Agreements - Using a one-size-fits-all separation agreement may result in paying an employee severance pay and not getting an enforceable release of all legal claims in return.
- Using Contracts to Protect Business Info and Customer Relationships - CIOs of growth companies may need to be responsible for evaluating whether the company is taking the steps to ensure that, if necessary, restrictive employee contracts will be enforced by courts to the greatest possible extent.
Poor Network Control Policies
Security Manual Template and Compliance Tools
Its way too cheap and easy to download a free FTP tool off the Internet, or even use a command-line for those savvy computer users. Plain FTP is sent in the clear across the network, prime for a man-in-the-middle attack or to assist bad actors with a data breach. Organizations that use plain FTP open themselves up to attack, giving intruders free reign in their network.
Not Keeping Systems and Software Up to Date
Microsoft and other software organizations release frequent updates. They dont release these updates out of the goodness of their hearts; they do it because security holes were found in their code, in Java, or in OpenSSL, and they need to patch the software. Not keeping systems and software up to date is just shooting yourself in the foot. Its worth the temporary annoyance to make your data a little more secure. This includes keeping certificates current.
Not Knowing Whats Happening on Your Network
If you are monitoring whats coming into and going out of your network, as well as who is connecting and when, thats a big step in controlling your network. Also, if you have multiple systems to manage, its much easier to get a clear picture of what is going on if all of the data is monitored in one location. You should include in your security policy a requirement for periodic reports, email alerts, and other real-time indicators of activity on the network.more info
VPNs are not the endall for security
VPN Security an Issue that needs to be addressed
It is a common belief that the best way to protect one's privacy online is to use a VPN (virtual private network). VPNs theoretically let you use the public internet as if you were on a private network. They let you hide and encrypt your online activity, even from your own ISP. And they enable you to spoof your location, so you can say you're going online in another city or country.more info
However, a recent study found that an alarmingly high number of VPN services offered through Android apps violate your privacy, rather than protect it.
Email Privacy Act would require more warrants
Email Privacy Act would require more warrants by police
A bill reintroduced in the U.S. House of Representatives would require law enforcement agencies to get a warrant before they poke around users emails and other communications in the cloud that are older than 180 days.
If the Email Privacy Act becomes law, government agencies will have to obtain a warrant based on a showing of probable cause to compel service providers to disclose emails and other electronic communications of Americans, regardless of the age of the mails or the means of storage. In the original version of the legislation, the government also had to notify the person whose account is disclosed, along with a copy of the search warrant and other information, within a stipulated period.more info
Tech focus of new administration job creation and repatriation of profits
2017 Tech focus of new administration job creation and repatriation of profits
Job creation for American workers, international trade barriers, U.S. trade and access to the Chinese market, lower taxes, repatriation of profits held overseas, improving U.S. physical and digital infrastructure, cybersecurity, protecting intellectual property rights, government software, technology in education, improved vocational training, reducing government bureaucracy and greater accountability in the government procurement process.
The repatriation of profits has been a hot-button issue, with U.S. tech companies unwilling to bring back profits held overseas because they would have to pay U.S. taxes. New administration signaled some sympathy for corporations by describing the taxes as "prohibitive."
- more info