Jay Heiser

A member of the Gartner Blog Network

Entries Tagged as 'cloud security'


Are you the SaaS Scapegoat?

by Jay Heiser  |  July 5, 2011  |  1 Comment

I get a never-ending stream of questions that usually amounts to something like “What control tasks do I need to do to be sure that this SaaS service we are going to use will be adequately secure?” Unfortunately, at this point in time, SaaS providers offer relatively little support for enterprise control over anything.  Assuming that the [...]

1 Comment »

Category: Applications Cloud IAM IT Governance risk management security Vendor Contracts     Tags: , , , , , , , , , ,

SaaS Translation: What your Service Provider REALLY Means

by Jay Heiser  |  May 23, 2011  |  1 Comment

Its not surprising that as a technology approaches the top of the Hype Cycle, some of the vendors turn their Spin Cycle up to 11, which means there are going to be some disappointed buyers, especially those with high expectations for data encryption, and data recovery.

1 Comment »

Category: Cloud IT Governance risk management security Vendor Contracts     Tags: , , , , , , , , , ,

How long does it take to reboot a cloud?

by Jay Heiser  |  May 10, 2011  |  1 Comment

Commercial cloud  computing raises two significant disaster recovery issues: What is the cloud provider’s ability to recover their own services? What is the enterprise’s ability to obtain an alternative to a vendor that can’t recover themselves? To the extent that cloud computing actually exists, and actually is a new model, we have to consider that [...]

1 Comment »

Category: Cloud risk management security     Tags: , , , ,

Diversity is nature’s way of managing portfolio risk

by Jay Heiser  |  May 9, 2011  |  Comments Off

Is it really possible that a single attack can simultaneously impact 100,000,000 people? Multi-tenancy truly gives new significance to concerns about monoculture risk.

Comments Off

Category: Cloud IT Governance risk management security     Tags: , , , , , , , , , ,

Butterfly Wings and Nuclear Bombs

by Jay Heiser  |  May 6, 2011  |  Comments Off

It is easier to build a nuclear bomb shelter than it is to anticipate every stroke of the software butterfly’s wing that might cascade into a cloud data storm.

Comments Off

Category: Cloud risk management     Tags: , , , , , , ,

Harry Potter, Egg Baskets and Cloud Computing

by Jay Heiser  |  May 5, 2011  |  1 Comment

The final book in the Harry Potter series would have been an extremely short one if Voldemort had chosen to place all his eggs into a single basket.

1 Comment »

Category: Cloud risk management security     Tags: , , , ,

Is ‘the cloud’ part of our critical infrastructure?

by Jay Heiser  |  February 10, 2011  |  2 Comments

“What would be the social/economic/national/global impact of an incident that affected all the customers of a major provider?”

2 Comments »

Category: Cloud risk management security Strategic Planning     Tags: , , , , , , , ,

Sticky Wikis

by Jay Heiser  |  December 9, 2010  |  Comments Off

Wikileaks has become the world’s most visible and newsworthy user of cloud computing.  Its current situation provides some useful enterprise lessons on the unique attributes of digital information. 1) Digital data is very fragile: Even within something as simple as a PC filesystem, a digital file doesn’t exist as a single contiguous body of information. [...]

Comments Off

Category: Cloud security     Tags: , , , , , , ,

Its 11PM, do you know where your data is?

by Jay Heiser  |  April 7, 2010  |  1 Comment

Every evening for several decades, a number of American television stations announced that it was 10pm, and asked the public service question “Do you know where your children are?”  Anyone using a cloud computing service should be asking the same question about their data. Over the next few months, I’m going to be researching an [...]

1 Comment »

Category: Cloud risk management     Tags: , , , , ,

If you can’t stand the heat, get your cloud out of the kitchen

by Jay Heiser  |  February 9, 2010  |  Comments Off

A man walks into a physician’s office and says “Doctor, it hurts when I use my computer.” The physician replies, “then don’t use your computer.” A dumb old joke or a wise observation on human nature?  I receive several calls a week from people looking for the best practices on managing cloud computing security and [...]

Comments Off

Category: Uncategorized     Tags: , , , , ,