by Jay Heiser | August 25, 2011 | Comments Off
Tuesday afternoon, I was using my cell phone on a conference call when my chair started hopping up and down. I never lost my phone connections, but text messages were delayed and even an hour after the quake, co-workers were reporting difficulties in phoning me. Unsurprisingly after such an unusual event, people wanted to talk [...]
Comments Off
Category: risk management Tags: BCP/DR, continuity, emergency preparedness
by Jay Heiser | July 5, 2011 | 1 Comment
I get a never-ending stream of questions that usually amounts to something like “What control tasks do I need to do to be sure that this SaaS service we are going to use will be adequately secure?” Unfortunately, at this point in time, SaaS providers offer relatively little support for enterprise control over anything. Assuming that the [...]
Category: Applications Cloud IAM IT Governance risk management security Vendor Contracts Tags: backups, BCP/DR, Cloud, cloud security, continuity, disaster recovery, information security, malware, phishing, Trojan horse, vendor risk
by Jay Heiser | May 30, 2011 | Comments Off
The Commonwealth of Virginia has recently announced that they have settled up with their service provider, Northrup Grumman, over an incident last year that apparently brought down 3/4 of state applications, resulted in the loss of a several days worth of drivers license photos, and forced state offices to open on weekends. Compensation to the state, [...]
Comments Off
Category: Cloud risk management Tags: backups, BCP/DR, continuity, critical infrastructure, disaster recovery, risk management, Security-Summit-NA, storage
by Jay Heiser | May 9, 2011 | Comments Off
Is it really possible that a single attack can simultaneously impact 100,000,000 people? Multi-tenancy truly gives new significance to concerns about monoculture risk.
Comments Off
Category: Cloud IT Governance risk management security Tags: backups, BCP/DR, Cloud, cloud security, continuity, critical infrastructure, disaster recovery, risk assessment, risk management, security, Security-Summit-NA
by Jay Heiser | May 6, 2011 | Comments Off
It is easier to build a nuclear bomb shelter than it is to anticipate every stroke of the software butterfly’s wing that might cascade into a cloud data storm.
Comments Off
Category: Cloud risk management Tags: backups, BCP/DR, Cloud, cloud security, failure mode, recovery, resiliance, Security-Summit-NA
by Jay Heiser | December 9, 2010 | Comments Off
Wikileaks has become the world’s most visible and newsworthy user of cloud computing. Its current situation provides some useful enterprise lessons on the unique attributes of digital information. 1) Digital data is very fragile: Even within something as simple as a PC filesystem, a digital file doesn’t exist as a single contiguous body of information. [...]
Comments Off
Category: Cloud security Tags: Amazon, backups, BCP/DR, cloud security, Google, information persistence, replication, Wikileaks
