Newsletters
Home Up Next

 

July 20, 2009

Vol 2009 - Issue 8

 

IT Toolkits Newsletter 

 

IT Toolkits Newsletter
 

Security Weakness and Defects Identified

 

Top 5 Factors Impacting Security
 

 

IT Job Descriptions

IT Job DescriptionsSuccessful CIOs are utilizing sophisticated, aggressive hiring tactics to acquire the most desirable personnel wherever they may be, while at the same time putting extensive emphasis on retaining and developing internal talent. This is not easy given the current economic situation.  

Developing an adequate in-house talent pool demands more than a simple training program for employees' development. Establishing a strong, predictable internal talent pipeline requires:

  • Clarity of role and expected performance
  • Management of employees at every level
  • Guided training, education, and career planning
  • Assignment of eligible staff to the most exciting projects to motivate them and ensure a satisfying work experience..
Read on.....

In This Issue

Security Weakness and Defects Identified

Top Five Factors that Impact Security

 

IT Salary Data

 

Security Weakness and Defects Identified

Janco has review the detail results of 138 security audit programs conducted between September 15, 2008 and June 15, 2009 and identified the top eight defects mentioned in the audit reports.  
Security Weakness and Defects
 
Victor Janulaitis the CEO of Janco said, "We did not find a single company that had no security weaknesses or defects reported in their audit reports. The security weakness and defects Janco found were: 1 - Single level verification use on sensitive data (53%; 2 - public workstations connected into secure network (45%); 3 - Shared login used (25%); 4 - Client-side data validation only used for sensitive data(21%); 5 - Access point weak encryption (21%); 6 - Login not encrypted for sensitive data access (17%); 7 - Back-end encryption not utilized (12%); and 8 - Sever Management encryption not utilized (6%). 
 
The data was captured by reviewing the detail findings of the audit reports. If there was a single occurrence of the defect it was counted. Janulaitis added, "What was striking was that there are still over one quarter of all enterprises where users share logins. Interestingly, those enterprise that utilize double levels of verifications the number of shared logins drops to a value that is not statistically significant."

Read on.......                                                     Order $499 - $1,399


 

 

Top Five Factors that Impact Security

Security Policies & ProceduresEveryone talks about security, but it seems that security and data breaches are in the news more than ever. Janco has reviewed more than 100 instances of security and data breaches and found a number of core factors contributing to their occurrences:

  • Data volumes and velocity of change are increasing at an exponential rate. In many companies, data is so voluminous, so disorganized and dispersed so frequently that IT departments aren't sufficiently staffed to implement standard security standards.
  • IT departments are reactive, not proactive. IT departments tend to respond to problems after the fact versus identifying solutions before a problem occurs, largely due to a lack of resources.
  • Users do not want to change or add processes. There is a wariness toward deploying yet another set of rules and tasks to follow on each Smartphone, desktop and laptop that might add procedures, hog processor cycles, require frequent updates and slow down users as they try to do their jobs.
  • Complexity of security compliance. Devising and implementing a comprehensive, viable security policy may get in the way of traditional business practices, requiring the involvement of not just IT but also human resources, finance and legal teams, and business unit managers.
  • Addressing 20% of the problem versus 80%. Many companies focus on intentional data leakage. In reality, though, most data leakage occurs when there is a lapse and simple, proactive steps (such as enciphering sensitive files on laptops and ensuring that only authorized individuals access sensitive information) could have prevented the problem in the first place.

            Read on...          Order Security Policies and Procedures Template

 
 

1999 - 2009 Janco Associates, Inc. - ALL RIGHTS RESERVED  --  Revised: 06/16/09.