by Jay Heiser | February 2, 2011 | 1 Comment
Flickr account holder Mirco Wilhelm was shocked to learn that Flickr had accidentally deleted his account, and apparently lacks the ability to restore his 4000 photographs to their site. This was of course not his primary storage area for 5 years of photographic effort. His account only contained lower resolution copies of work that he [...]
Category: risk management security Uncategorized Tags: continuity, disaster recovery
by Jay Heiser | March 3, 2010 | Comments Off
By Jay Heiser and Carsten Casper, with Terry Allan Hicks A new court ruling on data retention practices in Germany is getting a lot of attention from the media, and from some Gartner clients. On Tuesday, 2 March, the German Federal Constitutional Court overturned a three-year-old law that required telecommunications providers and Internet service providers [...]
Comments Off
Category: Uncategorized Tags: communications laws, government authority, politics, privacy, regulations, regulatory compliance, state power, surveillance, telecommunications
by Jay Heiser | February 26, 2010 | Comments Off
YouTube has arguably seen far too many ‘remixes’ of a dramatic scene from the WWII flick “Downfall” (Der Untergang), but this new one, “Hitler and Cloud Computing,” hits the cloudsec nail right on the head. Thanks to Gunnar Peterson and Marcus Ranum.
Comments Off
Category: Uncategorized Tags: Cloud, cloud computing risks, cloud computing security
by Jay Heiser | February 24, 2010 | 1 Comment
I’m concerned that we’re going to legally mandate the application of last century’s standards and practices (SAS 70, FISMA, etc) to new computing models that we have only begun to understand. I’m in favor of revisiting the US privacy regulations, but it would be premature to apply them to cloud computing in any highly specific way. Commercial and goverment entities that want to store PII in unproven multi-tenanted services should be held accountable if that experiment fails.
Category: Uncategorized Tags: Cloud, PII, privacy, privacy regulation, regulation, regulatory compliance, risk assessment, security, US Congress
by Jay Heiser | February 9, 2010 | Comments Off
A man walks into a physician’s office and says “Doctor, it hurts when I use my computer.” The physician replies, “then don’t use your computer.” A dumb old joke or a wise observation on human nature? I receive several calls a week from people looking for the best practices on managing cloud computing security and [...]
Comments Off
Category: Uncategorized Tags: Cloud, cloud security, information security, infosec, risk assessment, risk management
by Jay Heiser | February 8, 2010 | Comments Off
I really do not want to see some new Department of Internet Security closing examining my privates every time I take a flight on the Internet.
Comments Off
Category: Uncategorized Tags: congress, cyber security, cyberczar, information security, infosec, Internet security, politics, regulation, security
by Jay Heiser | January 25, 2010 | 1 Comment
As part of their corporate philosophy of introducing children to real life, several years ago, a German toymaker introduced a whimsical toy to help preschool jet-setters cope with the realities of post 9/11 travel. When my wife tracked down one of Playmobil’s more controversial toys on eBay for my Christmas present, she couldn’t have known [...]
Category: Uncategorized Tags: information security, risk management
