Jay Heiser

A member of the Gartner Blog Network

Entries Categorized as 'Cloud'


Doctor, it hurts when I do this

by Jay Heiser  |  August 4, 2014  |  2 Comments

C: we are concerned about putting our email into the cloud. J: why? C: Somebody might look at it.  J: Somebody can already look at it, even when you do host your email server in house.  SMTP is a data leakage protocol, that isn’t designed to secure your data, but is intended to disseminate it […]

2 Comments »

Category: Cloud IT Governance risk management security     Tags: ,

Cloud sabotaged, all your data is permanently lost

by Jay Heiser  |  June 19, 2014  |  1 Comment

Code Spaces, a vendor that claimed to provide secure Source Code hosting and project management support, has just been forced to admit to their customers that they’ve been sabotaged by a cyber extortionist, and they probably cannot fully recover.   They put all their hopes, and all their customers’ data, into a single cloud, and it burst.  […]

1 Comment »

Category: Cloud IT Governance risk management security     Tags:

Unknown unknowns in the Cloud

by Jay Heiser  |  April 8, 2014  |  5 Comments

Its too bad that Dick Cheney’s awkward little epistemological speech has been so thoroughly politicized, turning an important risk management principle into an opportunity for derision.  Intelligence analysts, and IT analysts, need to be acutely aware of the limits of their knowledge, especially when making decisions about the how to take advantage of public cloud services. […]

5 Comments »

Category: Cloud IT Governance risk management security     Tags:

Summer of Cloud Incidents

by Jay Heiser  |  September 25, 2013  |  2 Comments

Although the actual events took place at widely varying times, the summer of 2013 has witnessed the public release of 3 major ‘inappropriate use of the cloud’ incidents. On July 28, Oregon Health & Science University (OHSU) felt compelled to notify 3,044 patients that while there was no reason to believe that their data had […]

2 Comments »

Category: Cloud IT Governance     Tags: , , ,

You have 2 weeks to pickup your cloud

by Jay Heiser  |  September 18, 2013  |  1 Comment

You’ve got 2 weeks to get several Petabytes of data from a dissipating cloud. Will you get it all back safely? Hundreds of Nirvanix customers are asking themselves that question right now. Although their web site remains blissfully mum about this unfortunate development, The Wall Street Journal is only one of several media organizations reporting […]

1 Comment »

Category: Cloud risk management security     Tags:

The Dilemma that is Cloud

by Jay Heiser  |  June 3, 2013  |  1 Comment

Life in the cloud would be so much easier if there were only some sort of ‘cloud risk seal of approval’.  Most public cloud services seem to offer a reasonable risk proposition, but its extremely difficult to provide defensible evidence of this. A comprehensive and well-accepted ‘standard’ would go a long way towards bridging this […]

1 Comment »

Category: Cloud security     Tags: , ,

We say no because that’s what you ask us to say

by Jay Heiser  |  March 28, 2013  |  Comments Off

We’ve riffed for years on the distinction between “Dr. No” and “Mr/Ms Yes”, but many enterprises continue to back the security professional into the awkward far corner of the Business Prevention Department.  If the risk assessor is going to be blamed for security failures, then that person is always going to be motivated to make […]

Comments Off

Category: Cloud IT Governance risk management security     Tags: ,

Cruise Ships and Cloud Computing

by Jay Heiser  |  February 15, 2013  |  1 Comment

As 4,200 disgruntled holiday goers, trapped on the ironically named cruise ship Triumph, finally end their 5 day ordeal, it serves as a reminder that the eggs can have more stake in the state of the basket than the basket holder does. From the point of view of the cruise line, each booked up ship […]

1 Comment »

Category: Cloud risk management     Tags: , , , , , ,

That Christmas Kindle has Strings Attached

by Jay Heiser  |  January 4, 2013  |  1 Comment

We’ve recently moved house, and my collection of books, many of them heavily marked up with multi-colored highlights, Post-Its, and bookmarks, remains something of a storage issue.  Over the last several months, I’ve been experimenting with digital books on an iPad.  There’s a lot to be said both for and against services like Amazon’s Kindle […]

1 Comment »

Category: Applications BCP/DR Cloud risk management     Tags: , , , , , , ,

Peter G. Neumann on Cloud Risks

by Jay Heiser  |  November 28, 2012  |  1 Comment

Anyone with a stake in the overall success of cloud computing should take a few minutes to read the recent NYT interview with Peter G. Neumann, a highly-respected computer security researcher who, now entering his 9th decade, continues to do ground breaking work on digital reliability. Commercial cloud computing creates new levels of urgency for […]

1 Comment »

Category: BCP/DR Cloud risk management security     Tags: , , ,