Eight Top CIO Concerns for 2016: Research and Resources

Rapid business change combined with the increasing importance of technology across all aspects of business operations have raised the profile of the CIO role—as well as the challenges.

And with close to half of all current CIOs now in their 50s and 60s, the coming decade will see not just significant changes to this role, but also to the backgrounds and perspectives of the people coming into those jobs.

SIM 2016 IT trends studyThose are among the conclusions from the Society for Information Management‘s (SIM) IT Trends Study 2015.

Summarizing the report’s findings for InformationWeek, Jessica Davis writes that the report provides a “snapshot of (today’s) CIOs…(along with) insights into the technologies their organizations regard as essential today” and offers a close “look at what’s on the minds of these key executives.”

Continue reading “Eight Top CIO Concerns for 2016: Research and Resources”

Three Key Takeaways from the 2016 State of IT Report

As 2015 winds down, IT leaders and their teams are looking at internal needs and external conditions in formulating plans and setting budget priorities for the coming year.

The recently released 2016 State of IT Report from Spiceworks provides a wealth of information about how IT teams are formulating plans for the year ahead.

The report covers IT budgets, spending and staffing plans; the trends and concerns keeping IT pros up at night; and a look forward at technology adoption trends.

Among the abundance of facts and stats presented, here are three noteworthy findings, along with additional observations.

IT pros will “need to keep doing more… with less.” (Here’s one strategy to help.)

One of the key top-level conclusions reported by Spiceworks is: “IT pros don’t expect their IT staff to increase in 2016, which means they’ll need to keep doing more… with less.”

How IT can do more with less

At the same time, more than half of IT organizations say “end-user need” is a key purchase driver.

Continue reading “Three Key Takeaways from the 2016 State of IT Report”

Where Data Security Fits in Two-Speed IT

“Where does security fit in bi-modal IT departments?” asks Mary K. Pratt on CSO Online. She explores the question with IT leaders from a handful of organizations, opening her discussion by noting:

“The bi-modal idea has its benefits and its pitfalls but the determination seems to come down to the size of the enterprise. In the mid to smaller companies, there is not the luxury of splitting the security group out into subgroups. In the bigger companies the question becomes where do the security folks belong.”

Though the CIOs she speaks to take different approaches to managing bi-modal or two-speed IT, they generally agree on two points:

where security fits in 2-speed IT1) It’s best to perform both speeds or modes of IT–innovation and operations–in one centralized group, rather than two separate teams where the innovators “throw things over the wall” to operations as applications are developed.

In this structure, the same individuals work on both innovation initiatives and day-to-day operations tasks, though overall a greater share of time is spent on operations, and employees vary in how much time they spend on each type of work.

2) Security has become so important, as cyber threats have multiplied, that it must be baked into new projects, not added later as an afterthought. Ultimately though, security “should sit in operations.”

Continue reading “Where Data Security Fits in Two-Speed IT”

The CIO’s Role in Stellar Customer Experience – Hunter Muller

The role of the CIO has shifted dramatically in the past few years, from the traditional focus on “keeping the lights on” to playing a more strategic part in aligning IT with the business, as well as embracing trends like the consumerization of IT.

Yet in his new book The Big Shift in IT Leadership, author Hunter Muller “contends that many CIOs remain focused inward, only concerned with technology,” according to Anita Bruzzese on The Fast Track blog.

The Big Shift in IT Leadership: How Great CIOs Leverage the Power of Technology for Strategic Business Growth in the Customer-Centric EconomyAs Bruzzese writes, “The best CIOs, (Muller) says, know that results beat out technology. Having great technology doesn’t mean much if customers aren’t having a good user experience.”

Muller believes CIOs should not only contribute their expertise to efforts aimed at providing a great customer experience (for both internal and external “customers”), but to take a leadership role in this area.

He views IT leaders as uniquely positioned for this task, because CIOs “have total visibility across the organization,” and with that access, “have a golden opportunity to help develop innovative strategies and spur collaborations that will have a big impact on the organization’s overall success.”

Continue reading “The CIO’s Role in Stellar Customer Experience – Hunter Muller”

Data Breaches and Enterprise Information Security: A Better Response

From major retailers to news services to government agencies, headlines about major data breaches are now alarmingly common.

Of course, hacking is nothing new. Initially the province of underground hobbyists, hacking burst into public consciousness with the release of the 1983 movie War Games. Though it’s now quaintly nostalgic, clips from the film were actually shown in the U.S. Congress at the time as “a ‘realistic representation’ of the dangers of hacking,” and inspired passage of the Computer Fraud and Abuse Act (CFAA) within a year.

How to respond to data breachesToday, despite heightened awareness (and extensive investments in data protection technologies), the number and cost of data breaches continue to rise as foreign governments and cyber criminals seek to steal information for commercial and military advantage.

Continue reading “Data Breaches and Enterprise Information Security: A Better Response”

Five Ways to Use Process Automation to Prevent Corporate Data Breaches

The increasing sophistication of data thieves, proliferating number of potential breach points, and growing value of stolen data combined to drive the number and cost of data breaches to new highs last year. And the risks to enterprises continue to expand.

How automation can prevent data breachesBut despite the growing threats, many enterprises remain woefully unprepared—even after investing in IT security solutions. According to recent research from Lieberman Software reported in Infosecurity magazine, “69 percent of (IT professionals) do not feel they are using their IT security products to their full potential. As a result, a staggering 71 percent…believe this is putting their company, and possibly customers, at risk.”

Continue reading “Five Ways to Use Process Automation to Prevent Corporate Data Breaches”

How to Improve Enterprise Data Security AND Increase Efficiency

From serious breaches of customer data at Target, Home Depot and other major retailers to leaked private celebrity photos, data security issues seem to be everywhere in the news.

The circumstances and causes behind each intrusion vary. But the costs to business are substantial and nearly always include lost sales, legal expenses, and reduced customer confidence.

Improve data security and process efficiency with ERMAs the malicious exploits become more sophisticated, enterprises must constantly reassess their tools, policies and processes to keep sensitive information secure. In some instances, security improvements require significant new investments. But often, access—both digital and physical—can be made more secure while efficiency is simultaneously improved.

Frequently, organizations optimize security based on best practices within each functional area. This may (or may not) be effective, but from the perspective of the enterprise, it’s clearly not efficient.

A new white paper explains how enterprise request management (ERM) provides a a better approach to securing access, both to facilities and systems. An ERM strategy combines a single, centralized web portal for requesting any type of enterprise service with a workflow automation engine that orchestrates approvals, scheduling and fulfillment by communicating with and between in-place enterprise and department management and control systems.

In the ERM approach, all of information needed to arrange for specific security clearances for a new employee, contractor, or project team, is entered (and validated) only once. All back-end tasks (e.g., conducting background checks, setting up a corporate email account, printing a security badge) are automated per pre-defined rules and workflows.

The result is more accurate information, reduction or elimination of manual tasks, and reduced risk of any aspect of the secure access process being missed. Security and efficiency are both enhanced.

Download the new white paper, Safe and Sound: How Enterprise Request Management Improves Process Efficiency While Reducing Security Risks, to get the complete story.

10 Facts About Cloud Computing and BYOD Security (and What to Do With Them)

In just two years since the BYOD trend has taken off, the response from business and IT has shifted dramatically. In early 2012, most organizations were wary if not downright resistant to the idea of employee-owned devices in the workplace, viewing them as an annoyance at best and a major security risk at worst.

Now, a mere 24 months later, not only do 82% of companies permit the use of personal devices at the office, but “many firms around the world are mandating that employees bring their own products into the office to accomplish their work” according to CIO Insight.

CIO-BYOD-cloud-stats

 

In parallel with the embrace of BYOD, enterprises are also sanctioning much greater use of cloud-based services and applications. Per the recent survey of IT leaders cited by CIO Insight:

  • 84% of companies have employed cloud-based applications in their offices.
  • 63% of enterprises actually require IT decision-makers to evaluate web-based apps before selecting software.
  • This despite the fact that more than 40% of firms say they “can’t effectively manage identities and access management via the cloud.” (!)

The appeal of BYOD to companies is obvious: saving money. With BYOD, a business has no hardware costs; generally lower airtime costs (because these are often split with users); lower training costs (users know their own devices); and support costs generally no higher than before BYOD (thanks to improved cross-device support tools). It can also increase worker productivity.

But despite the significant progress that’s been made in addressing the causes of early business and IT apprehension, considerable security concerns remain. According to this study:

  • Just 40% of companies have a process for removing mission-critical data from an employee device after a firing or resignation.
  • More than half of companies have detected fired employees attempting to access company data or applications.
  • Only 54% of firms believe they can effectively revoke access to their entire IT infrastructure after an employee leaves.
  • 57% of companies say (employee- or company-owned) devices, containing sensitive information, have been lost.
  • More than eight in 10 companies believe employees are sharing passwords for cloud and corporate applications that contain sensitive data.
  • Consequently–over half of enterprises believe it is “just a matter of time” before another security breach happens.

Yikes! So what can companies do?

While security vulnerabilities are nearly impossible to eradicate completely, there are a number of steps companies can take today to reduce their exposure. These half-dozen recommendations are a start:

  • Make employees aware of security threats, and provide training on topics like how to create strong passwords, keep personal information separate from corporate data, and avoid device theft or loss.
  • Establish a proactive BYOD policy, and implement enterprise request management (ERM) to simplify device registration and remote installation of required software using third-party tools (as well as managing cloud computing resources).
  • Implement a remote wipe solution to disable the device or erase sensitive data in the event of device theft or loss.
  • Install software that creates separate partitions or data containers on employee devices, so that in the event of a firing or resignation, company data be remotely wiped from the device without deleting the ex-employees personal contacts, photos, text messages, etc.
  • Utilize an enterprise-grade cloud backup system so that data can be quickly recovered in the event of device loss or theft, or an employee leaving the company.
  • Use two-factor or three-factor authentication to help prevent employees from sharing passwords or device thieves from gaining access to corporate networks and data.

Despite the security risks posed by cloud computing and BYOD, there’s no turning back. The convenience, cost savings and productivity gains are too significant for enterprises to reverse course now, even if employees acquiesced to that (which except in rare cases, they won’t). Instead, employers need to keep abreast of new technologies and practices which will enable them to realize the benefits of BYOD and cloud computing, while progressively reducing associated security threats and compliance risks.

For more information:

– See how Kinetic Data products can help with BYOD management, security and compliance.

– Download the white paper, Enterprise Request Management: An Overview.

– Join the discussion in the Enterprise Request Management group on LinkedIn.