by Jay Heiser | January 4, 2013 | 1 Comment
We’ve recently moved house, and my collection of books, many of them heavily marked up with multi-colored highlights, Post-Its, and bookmarks, remains something of a storage issue. Over the last several months, I’ve been experimenting with digital books on an iPad. There’s a lot to be said both for and against services like Amazon’s Kindle [...]
Category: Applications BCP/DR Cloud risk management Tags: contingency planning, continuity, DRM, ebooks, Kindle, PDF, rights management, standards
by Jay Heiser | May 13, 2011 | Comments Off
How much mental anguish is the result of ignorant accounting grads working for Big 4s, struggling to find SOX-relevancy, totally oblivious to the huge amount of HCI research that has been done on the topics of passwords, so ignorant to the history of computer security that they don’t recognize they are demanding the use of pre-network, pre-malware controls that were developed by mathematicians who were completely ignoring human factors.
Comments Off
Category: risk management security Tags: authentication, malware, passwords, security, Security-Summit-NA, slurping, sniffing attack, standards
by Jay Heiser | July 5, 2010 | 4 Comments
SAS 70 is a) not a certification, b) not a standard, and c) isn’t meant to be applied the way it is being applied now. To be fair, all service providers are under huge customer pressure to provide SAS 70, but instead of explaining their security, continuity, and recovery capabilities in more appropriate terms, most [...]
Category: Cloud IT Governance risk management security Vendor Contracts Tags: AICPA, certification, SAS 70, SAS70, standards
