by Jay Heiser | January 9, 2013 | 1 Comment
Today’s library user takes electronic catalogs for granted. Being able to remotely search the contents of a library is not only convenient, but it also allows for a tighter integration between the lending practices—you can see if a book is loaned out. During a period of several decades, a number of service firms made very [...]
Category: Applications risk management Tags: annotations, metadata
by Jay Heiser | January 4, 2013 | 1 Comment
We’ve recently moved house, and my collection of books, many of them heavily marked up with multi-colored highlights, Post-Its, and bookmarks, remains something of a storage issue. Over the last several months, I’ve been experimenting with digital books on an iPad. There’s a lot to be said both for and against services like Amazon’s Kindle [...]
Category: Applications BCP/DR Cloud risk management Tags: contingency planning, continuity, DRM, ebooks, Kindle, PDF, rights management, standards
by Jay Heiser | August 13, 2012 | 2 Comments
Has anyone ever created a web-based application that wasn’t flaky and prone to data loss? Every time Facebook comes out with some new functionality, the entire service gets slower, and harder to use. I’m not sure that there could be a more efficient way to lose text as it is entered than by trying to [...]
Category: Applications Tags: client server, HTML5, malware, reliability, www
by Jay Heiser | November 9, 2011 | 1 Comment
In the olden days, the business viability of your local book store had absolutely no impact on your ability to read whatever you might have bought from them. In the digital world, your continued ability to use rights-managed content, be it music, video, or books, is completely dependent upon the willingness and ability of a service to support it on your device.
Category: Applications Cloud risk management security Tags: DRM, rights management, vendor lockin
by Jay Heiser | November 2, 2011 | 1 Comment
Its easy to imagine a smallish procurement shop in which the only person to have been sent a warning was on a 2-week vacation, and won’t get around to reading about it until it is several days too late to download their only copy of several years worth of past and current purchasing data.
Category: Applications Cloud risk management Tags: cloud failure, continuity, data loss, disaster recovery, outsourcing, recovery, SaaS, vendor lockin, vendor viability
by Jay Heiser | September 29, 2011 | 1 Comment
What good is a fresh password if it is sitting on top of stale security technology? The history of computer security suggests that attention to the code is at least as important as operational processes.
Category: Applications Cloud IT Governance risk management security Tags: history, history of security, security history, security testing
by Jay Heiser | July 5, 2011 | 1 Comment
I get a never-ending stream of questions that usually amounts to something like “What control tasks do I need to do to be sure that this SaaS service we are going to use will be adequately secure?” Unfortunately, at this point in time, SaaS providers offer relatively little support for enterprise control over anything. Assuming that the [...]
Category: Applications Cloud IAM IT Governance risk management security Vendor Contracts Tags: backups, BCP/DR, Cloud, cloud security, continuity, disaster recovery, information security, malware, phishing, Trojan horse, vendor risk
by Jay Heiser | June 30, 2010 | 4 Comments
Ideally, there would be no sensitive data in email, or it would be encrypted. Email is an unsafe, and unreliable service, and it leaks like a sieve. It was never meant to be ‘secure’, and it is not. While careful administration and reliable technology can protect stored email from unauthorized access, hacking into PST files [...]
Category: Applications Cloud risk management security Vendor Contracts Tags: 25999, 27001, certification, email, SaaS, SAS70, security
