1. Embrace BYOD.
Here's a trend that you can't beat so you might as well join: Employees bringing their own mobile devices to work. Seventy percent of IT organizations are either supporting BYOD now or will be within the next 12 months, according to a recent Gartner survey. "Of the 70% of organizations that want to do BYOD, at least half are not ready," says Dionisio Zumerle, a principal research analyst at Gartner. "You need to change the way you think about security and the way you enable security in the organization. You can't just say to the users 'Please behave' and hope for the best." Zumerle recommends CIOs deploy mobile device management (MDM) or an alternative called Dual-Persona software to allow companies to control employee-owned mobile devices and keep corporate data secure. "Having a mobile security policy that is well designed first on paper is fundamental and can be enforced through MDM or some other software," Zumerle says. "Enforcing passwords, locking devices and remotely wiping devices gives you a level of security that is close to what you would have on a PC...You need to find a way to secure the devices that you don't own." (For more on where BYOD is headed, read "The cloud will make BYOD a non-issue ...eventually.")
2. Strengthen your IT bench.
It may seem counter-intuitive to IT executives trying to retain their best developers and project managers, but employees who are trained and certified in emerging technologies usually choose to stay with the organization that paid for their training. "If you train and certify your IT staff, you will keep them," promises Terry Erdle, CompTIA's executive vice president for skills certification. "Training is the No.1 thing that causes your best-in-class IT professionals to stay, and that is because their company invested in them." Erdle recommends that CIOs provide training and certification to about a third of their IT staff each year so that the entire team's skills are current. Popular certification programs for 2013 include cloud and mobile computing, cybersecurity and project management. "Teams that receive training operate better, are more motivated, have fewer quality issues with customers, and their efficiency goes up," Erdle says. "Project teams that are certified tend to hit milestones on time and reach other success metrics more frequently than teams that are not certified."