Jay Heiser

A member of the Gartner Blog Network

Entries Tagged as 'Cloud'


Summer of Cloud Incidents

by Jay Heiser  |  September 25, 2013  |  2 Comments

Although the actual events took place at widely varying times, the summer of 2013 has witnessed the public release of 3 major ‘inappropriate use of the cloud’ incidents. On July 28, Oregon Health & Science University (OHSU) felt compelled to notify 3,044 patients that while there was no reason to believe that their data had [...]

2 Comments »

Category: Cloud IT Governance     Tags: , , ,

SaaS is a Simon Says World

by Jay Heiser  |  April 26, 2012  |  Comments Off

When you buy SaaS, you get what is written on the box.  Well, you get what is written on the virtual box. That text may consist of page after page of dense legalese that puts a higher level of emphasis on what you do NOT get than what you DO get.   Consumer-oriented agreements often amount [...]

Comments Off

Category: Cloud IT Governance Policy risk management security Vendor Contracts     Tags: , , , , , ,

MegaCosts for Maintaining MegaUpload

by Jay Heiser  |  April 16, 2012  |  Comments Off

Sometimes when you spend a week on vacation, you like to leave work behind, so I was a little bit surprised during my morning coffee last week to hear an NPR story on MegaUpload. They managed to find someone who, through explainable circumstances, had lost all other copies of his valuable files, leaving the inaccessible [...]

Comments Off

Category: Cloud risk management     Tags: , ,

Megaupload is world’s biggest hot potato

by Jay Heiser  |  February 3, 2012  |  1 Comment

The dozens of petabytes of Megaupload data belonging to millions of Internet users is manifesting itself as a giant hot potato, currently burning a cashflow and PR hole into the bottom lines of several global hosting firms.

1 Comment »

Category: Cloud risk management security     Tags: ,

Megaupload’s Black Swan Song

by Jay Heiser  |  February 1, 2012  |  Comments Off

Last November, Gartner analyst Richard Hunter and I published research entitled ‘Black Swans’ Are Sure to Fly in the Public Cloud.  Based on ideas popularized by Nassim Nicholas Taleb (The Black Swan: The Impact of the Highly Improbable, Random House, 2007), we strongly urged the users of cloud-based services to plan for the possibility of ”severe failure with [...]

Comments Off

Category: Cloud risk management security     Tags: ,

Mega Retrieval

by Jay Heiser  |  January 31, 2012  |  Comments Off

Leverage and scale are two of the most fascinating aspects of Cloud Computing. In one fell swoop, the US Department of Justice burst Megaupload’s cloud, sending a loud anti-piracy message.

Comments Off

Category: Cloud security     Tags: ,

How much of your data is lost at Megaupload?

by Jay Heiser  |  January 30, 2012  |  4 Comments

It is almost certainly the case that individuals within thousands of organizations, having decided that Megaupload was a useful service, had uploaded corporate data into it. If that data wasn’t backed up, it is probably gone for good.

4 Comments »

Category: Cloud security     Tags: ,

Scooters & flashlights means your data is secure with us

by Jay Heiser  |  October 10, 2011  |  1 Comment

I ask you to take a silent moment to try to visualize the sort of infosec security failure that would be solved with scooters.

1 Comment »

Category: Cloud risk management security     Tags: , , , ,

You’ll guarantee that cloud, won’t you?

by Jay Heiser  |  October 5, 2011  |  1 Comment

The truth of the matter is that the provider actually has no idea of the likelihood of a loss event within their own offering. If a failure occurred, it could impact all of their customers simultaneously. No cloud service provider has enough cash on hand to cover that portfolio risk, and they can’t find any insurer willing to underwrite it.

1 Comment »

Category: Cloud risk management security     Tags: , , ,

Are you the SaaS Scapegoat?

by Jay Heiser  |  July 5, 2011  |  1 Comment

I get a never-ending stream of questions that usually amounts to something like “What control tasks do I need to do to be sure that this SaaS service we are going to use will be adequately secure?” Unfortunately, at this point in time, SaaS providers offer relatively little support for enterprise control over anything.  Assuming that the [...]

1 Comment »

Category: Applications Cloud IAM IT Governance risk management security Vendor Contracts     Tags: , , , , , , , , , ,