by Jay Heiser | November 2, 2011 | 1 Comment
Its easy to imagine a smallish procurement shop in which the only person to have been sent a warning was on a 2-week vacation, and won’t get around to reading about it until it is several days too late to download their only copy of several years worth of past and current purchasing data.
Category: Applications Cloud risk management Tags: cloud failure, continuity, data loss, disaster recovery, outsourcing, recovery, SaaS, vendor lockin, vendor viability
by Jay Heiser | May 23, 2011 | 1 Comment
Its not surprising that as a technology approaches the top of the Hype Cycle, some of the vendors turn their Spin Cycle up to 11, which means there are going to be some disappointed buyers, especially those with high expectations for data encryption, and data recovery.
Category: Cloud IT Governance risk management security Vendor Contracts Tags: Cloud, cloud security, continuity, disaster recovery, information security, infosec, outsourcing, risk management, security, Security-Summit-NA, vendor risk
by Jay Heiser | May 11, 2011 | Comments Off
Your company will usually do whatever it needs to do to survive—so will your supplier. They are not marching to your music, they are not heading towards the same goal line, they are not thinking your thoughts, and their ultimate loyalty is to themselves, not to you.
Comments Off
Category: Cloud risk management Vendor Contracts Tags: contracts, outsourcing, Security-Summit-NA, service providers, sourcing, vendor lockin, vendor risk
by Jay Heiser | April 4, 2011 | Comments Off
Can there be anyone left in America who hasn’t received at least one notification from a bank or merchant that A) their data was leaked and B) it was Epsilon’s fault. Why is it important that the affected consumers know that a service provider was responsible? Is that necessary information for customers trying to determine [...]
Comments Off
Category: risk management security Tags: liability, outsourcing, service provider
by Jay Heiser | March 19, 2010 | Comments Off
I’ve recently become aware of several incidents of client data being lost because their service provider administrators had managed to infect their administrative workstations with malware. If your service provider were to suffer an embarassing failure like that, would they tell you? Before allowing an outsider to have privileged access to any of your systems, [...]
Comments Off
Category: risk management security Tags: administrative privilege, administrator risks, infection, malware, notification, outsourcing, security, service provider risks
