by Jay Heiser | January 4, 2013 | 1 Comment
We’ve recently moved house, and my collection of books, many of them heavily marked up with multi-colored highlights, Post-Its, and bookmarks, remains something of a storage issue. Over the last several months, I’ve been experimenting with digital books on an iPad. There’s a lot to be said both for and against services like Amazon’s Kindle [...]
Category: Applications BCP/DR Cloud risk management Tags: contingency planning, continuity, DRM, ebooks, Kindle, PDF, rights management, standards
by Jay Heiser | February 15, 2012 | Comments Off
Other than some analysis and speculation about how the takedown changed traffic patterns without actually reducing global piracy, and regular reports about the legal status of Kim Dotcom, the Megaupload drama hasn’t provided much in the way of news for a couple of weeks. On the theory that putting the string ‘Megaupload’ into the title of [...]
Comments Off
Category: Cloud risk management Vendor Contracts Tags: continuity, recovery, SaaS escrow
by Jay Heiser | November 17, 2011 | 2 Comments
An SLA from a public cloud service promising some sort of recoverability is a crow feather, clutched in the trunk of the enterprise elephant, providing them the false courage to be willing to fly in the public cloud.
Category: Cloud risk management Vendor Contracts Tags: continuity, contract, Dumbo, feather, recovery, SLA
by Jay Heiser | November 2, 2011 | 1 Comment
Its easy to imagine a smallish procurement shop in which the only person to have been sent a warning was on a 2-week vacation, and won’t get around to reading about it until it is several days too late to download their only copy of several years worth of past and current purchasing data.
Category: Applications Cloud risk management Tags: cloud failure, continuity, data loss, disaster recovery, outsourcing, recovery, SaaS, vendor lockin, vendor viability
by Jay Heiser | August 25, 2011 | Comments Off
Tuesday afternoon, I was using my cell phone on a conference call when my chair started hopping up and down. I never lost my phone connections, but text messages were delayed and even an hour after the quake, co-workers were reporting difficulties in phoning me. Unsurprisingly after such an unusual event, people wanted to talk [...]
Comments Off
Category: risk management Tags: BCP/DR, continuity, emergency preparedness
by Jay Heiser | July 5, 2011 | 1 Comment
I get a never-ending stream of questions that usually amounts to something like “What control tasks do I need to do to be sure that this SaaS service we are going to use will be adequately secure?” Unfortunately, at this point in time, SaaS providers offer relatively little support for enterprise control over anything. Assuming that the [...]
Category: Applications Cloud IAM IT Governance risk management security Vendor Contracts Tags: backups, BCP/DR, Cloud, cloud security, continuity, disaster recovery, information security, malware, phishing, Trojan horse, vendor risk
by Jay Heiser | May 30, 2011 | Comments Off
The Commonwealth of Virginia has recently announced that they have settled up with their service provider, Northrup Grumman, over an incident last year that apparently brought down 3/4 of state applications, resulted in the loss of a several days worth of drivers license photos, and forced state offices to open on weekends. Compensation to the state, [...]
Comments Off
Category: Cloud risk management Tags: backups, BCP/DR, continuity, critical infrastructure, disaster recovery, risk management, Security-Summit-NA, storage
by Jay Heiser | May 23, 2011 | 1 Comment
Its not surprising that as a technology approaches the top of the Hype Cycle, some of the vendors turn their Spin Cycle up to 11, which means there are going to be some disappointed buyers, especially those with high expectations for data encryption, and data recovery.
Category: Cloud IT Governance risk management security Vendor Contracts Tags: Cloud, cloud security, continuity, disaster recovery, information security, infosec, outsourcing, risk management, security, Security-Summit-NA, vendor risk
by Jay Heiser | May 10, 2011 | 1 Comment
Commercial cloud computing raises two significant disaster recovery issues: What is the cloud provider’s ability to recover their own services? What is the enterprise’s ability to obtain an alternative to a vendor that can’t recover themselves? To the extent that cloud computing actually exists, and actually is a new model, we have to consider that [...]
Category: Cloud risk management security Tags: Cloud, cloud security, continuity, disaster recovery, Security-Summit-NA
by Jay Heiser | May 9, 2011 | Comments Off
Is it really possible that a single attack can simultaneously impact 100,000,000 people? Multi-tenancy truly gives new significance to concerns about monoculture risk.
Comments Off
Category: Cloud IT Governance risk management security Tags: backups, BCP/DR, Cloud, cloud security, continuity, critical infrastructure, disaster recovery, risk assessment, risk management, security, Security-Summit-NA
