Jay Heiser

A member of the Gartner Blog Network

Jay Heiser
Research VP
6 years at Gartner
24 years IT industry

Jay Heiser is a research vice president specializing in the areas of IT risk management and compliance, security policy and organization, forensics, and investigation. Current research areas include cloud and SaaS computing risk and control, technologies and processes for the secure sharing of data… Read Full Bio

Coverage Areas:

Cloud sabotaged, all your data is permanently lost

by Jay Heiser  |  June 19, 2014  |  1 Comment

Code Spaces, a vendor that claimed to provide secure Source Code hosting and project management support, has just been forced to admit to their customers that they’ve been sabotaged by a cyber extortionist, and they probably cannot fully recover.   They put all their hopes, and all their customers’ data, into a single cloud, and it burst. 

While not an especially large service provider, the remains of their site on the Wayback machine mentions a number of blue chip clients.  I have to wonder how many Code Spaces customers didn’t bother to keep a copy of their code somewhere else.

At the time of this writing, Code Spaces has an explanation, with the unhappy news  As such at this point in time we have no alternative but to cease trading and concentrate on supporting our affected customers in exporting any remaining data they have left with us.

Business failure and client data loss are always unhappy events.  It is particularly distressing when it happens to a cloud-based service that advertises “redundant, high specification servers with guaranteed uptime and availability.”   Guarantees are empty paper when the data is permanently gone because the vendor failed to adequately protect it from hackers, and failed to adequately back it up.  And if a vendor is no longer financially viable, service levels and contracts become moot.

As I stress in my latest research note, Everything You Know About SaaS Security is Wrong, the users of cloud services need to take responsibility for the care and feeding of their own data.

1 Comment »

Category: Cloud IT Governance risk management security     Tags:

1 response so far ↓