ITC568 Cloud Privacy and Security
Question:
Task
After your successful engagement to develop privacy and personal data protection strategies for DAS, you have been engaged by the Department of Health (DoH) to advise on the development of privacy and data protection for CovidSafe users. DoH expect up to 16 million Australian mobile users to download and use this app. DoH have announced that they will be using a major U.S. based public cloud provider to host the CovidSafe data, but claim that the data will always be under Australian Government control.
You are to provide a report to DoH that:
1.Discusses the possible threats and risks to the security of user data on mobile phones, and in linked Cloud and financial accounts from the use of the CovidSafe app. (25 marks)
2.Discusses the possible threats to the privacy of a user's data, location and activities from the use of the CovidSafe app. (25 marks)
3.Discusses the issues of data sovereignty that may apply to the storage of CovidSafe data in U.S. based Cloud storage. (25 marks)
4.You are to recommend that DoH adopt:
a.Possible security controls that would prevent the loss or breach of user data, while still enabling effective tracking for COVID-19, and the reasons these controls will be effective. (10 marks)
b.Possible privacy controls to protect user privacy, particularly of data, location and activity, while still enabling effective tracking of COVID-19, and the reasons these controls will be effective. (5 marks)
c.Possible controls to ensure that the CovidSafe data remains under Australian data sovereignty and control, and the reasons these controls will be effective. (5 marks)
Your report should use the following heading structure:
1. Data and security risks
2.Privacy, location and activity issues
3.Data sovereignty issues
4.Recommendations:
a. Security controls
b. Privacy controls
c. Data sovereignty controls
Referencing is required in APA 7th ed. Format.
Q1. Existing threats and risks to security of user data
Comprehensive exploration of threats and risks to security of data for all three approaches that includes well thought out reasoning
Q2. Threats to privacy, location and activity data
Comprehensive exploration of threats and risks to privacy, location and activity data for all three approaches that includes well thought out reasoning
Q3. Threats to data sovereignty
Comprehensive exploration of the issues surrounding data sovereignty and control of data while stored in offshore storage that includes excellent discussion and reasoning
Q4a. Recommend: security controls
Comprehensive exploration of security controls for data for all approaches that includes excellent reasoning
Q4b. Recommend: privacy controls
Comprehensive exploration of privacy controls for data for all approaches that includes excellent reasoning
Q4c. Recommend: data sovereignty controls
Comprehensive exploration of data sovereignty controls for data that includes excellent reasoning
