Securing Higher Grades Costing Your Pocket? Book Your Assignment at The Lowest Price Now!

ITC568 Cloud Privacy And Security Management

tag 0 Download9 Pages 2,221 Words tag Add in library Click this icon and make it bookmark in your library to refer it later. GOT IT
  • Course Code: ITC568
  • University: Charles Sturt University
  • Country: Australia

Question:

Discuss About The Risk Perception And Risk Management In Cloud Computing.

 

Answer:

Introduction

The Cloud computing system is the most dynamic and advanced networking system in this era of digitalisation that allows the users to operate the data and information in a virtual storage based system with customised accessibility and encryptions. However the security and privacy of the cloud networking holds the authenticity and the efficiency of the cloud network (awsstatic.com., 2018). This report presents a risk assessment plan for a community based charity regarding their changes in cloud based operation and service utility. The aim of this paper is to guide the HR area of the organisation in order to develop a sustainable privacy and security policy list while collaborating with a third party vendor for SaaS cloud service.

At the initial stage, the paper has found some essential treats and security factors regarding information transaction of HR Database. There the potential issues after the migration to SaaS application have been analysed. The privacy consideration of the 500 employees has been also taken into consideration where the result of any hazard has been also discussed. The security compliance of digital identity system and the operation and location SaaS service provider have been also examined. Moreover, the risk analysis report has been delivered a data sensitivity analysis by considering the HR operation of the charity has been presented with ethical and legal compliances it order to migrate the system to SaaS third party operator safely.

 

Body:

Because of  the huge geographical distance between the vendor operation of SaaS cloud and the charity organisation, there will be potential issues before as well as after the migration to SaaS application. Within these vulnerable issues, the security, privacy and ethical considerations are the major components of the risk and treats assessment.

Security of Employee Data

In existing cloud server of the community based charity organisation contains 50 x86 and 64 bit server based on the Windows Server 2008 R2 to handle the file processing, database handling storing service. The type of physical networking based intranet system comprise of many physical risks, such as data loss due to physical damage, broken server efficiency due to operational glitch, distorted indexing system due to lack of updated synchronisations (Owasp.org., 2018). In the existing networking system of the charity company, the Personal Identity Information or PII data of clients is connected under the supervision of the “on-premises” intranet system. The existing Identification handling is mostly depended on the 10 Red Hat Enterprise Linux 5 servers. Apart from that, the existing system is not compatible for advanced DBMS operation and SQL server inscription that can create significant boundaries in networking capability.

After the migration to the SaaS service provider the data control and security operation will highly vulnerable due to the amount of dependency on encryption policy and strategy of the service provider.  In other words if a attacker can have access on the cloud operation of the vendor company, the HR and other Database of the charity organisation will be also exposed to the hacker. In this case, the data will be transferred in multi-duplex connection between California and India. Therefore, the transmitted data package could be incomplete, deleted or redundant due to the server issues in the data transition traffic (nsw.gov.au., 2018). The following table will explain the severity of the risks and threat to Security of employee data due to the migration:

Threat

Risk

Severity

Unauthorised Use of CSP

On-demand self service provisioning can enable the cloud service provider to use CSP without consent of client IT (Shadow IT) which also is a subject under the ethical considerations of cloud network

Low

API vulnerability

Exposure of CSP to the service provider can cause the loss of Internet-Accessible Management APIs

Medium

Unauthorised surveillance of Hackers

Since the data will be stored and operated in another location, the hackers can break the peer to peer transaction system and scan the entire data packages and encryptions

High

Table 1: Security assessment table

Source: (Created by author)

 


The following matrix represents the severity of the security factor due to the migration from in-house network system to SaaS cloud based system. The attached numerical representations represents the weight of the  Impact and security factors respectively:

Overall Security Risk Severity

Impact

HIGH(2)

Unauthorised Use of CSP

Unauthorised surveillance of Hackers

LOW (1)

API vulnerability

 

 

LOW (1)

HIGH(2)

 

Likelihood

From the Risk Severity assessment matrix it is clear that Unauthorised surveillance of Hackers can cause the severity index of 4. Therefore, for security issues it would be the cheif concern of the charity organisation. Unauthorised Use of CSP scored 2 in the severity level where the API vulnerability has only 1 level of severity.

Privacy of Employee Data 

The existing intranet operation of the organisation could have minimum privacy issue due to the self dependent network model which is also called “on-premises” networking system. In this system the breach of data security system through external hacker can only effect the privacy of the organisational HR database and Auditing system. The organisation is using 10 Red Hat Enterprise Linux 5 servers to service public facing Web pages, which is a high secure and advanced server system for outwards server operations, such as official website auditing, social page developing, virtual forum management and others.

After the migration, there are some additional issues that can occur due to the change in data operational environment and third party file handling methods. The compatibility of the existing database structure and indexing system and the new SaaS based cloud operator or service provider should be taken into account to avoid such risks (nist.gov., 2018).

From figure 1 it has been clear that in SaaS cloud service contract the user has the minimum amount of control on the core operation and execution on the cloud system and the utilities. Moreover the significant risk that can have an huge impact is the lower Data Governance which can cause unexpected delay in further change management or other operational changes (Almorsy, Grundy & Müller, 2016). The following table will explain the severity of the risks and threat to privacy of employee data due to the migration:

Threat

Risk

Severity

Dependent Cloud security on service provider

If the server of service provider is hacked then the organisational data will also be exposed to the attacker

Low

Less visibility and governance

Lose control on security monitoring system and operational delay

Medium

Vendor-Lock and data loss

After the end of contract or dismissal can cause temporary or permanent data lock on organisation’s cloud storage

High

Table 3: Privacy assessment table

Source: (Created by author)

 


The following matrix represents the severity of the privacy factors due to the migration rom in house network system to SaaS cloud based system. The attached numerical representations represents the weight of the  Impact and security factors respectively :

Overall Privacy Risk Severity

Impact

HIGH (2)

Vendor-Lock and data loss

 

LOW (1)

Dependent Cloud security on service provider

Less visibility and governance

 

LOW (1)

HIGH (2)

 

Likelihood

From the Risk Severity assessment matrix it is clear that there is no serious issues that can cause the severity index of 4. Vendor-Lock and data loss and Less visibility and governance scored 2 in the severity level where the Dependent Cloud security on service provider has only 1 level of severity. Therefore, for the privacy of the HR data base the charity organisation has to be highly concerned about the Vendor-Lock and data loss issues and Less visibility and governance issues.

Digital Identity Issues 

As per the decision of the management, each employee will use individual charity digital ID to authenticate in the cloud network for HR and Performance management system. In case of any failure in index management and database crash the details of PII records can be lost permanently (Rittinghouse & Ransome, 2016). Internally the digital ID will be generated by the charity's Active Directory instance and will be available for log-in to internal authentication and authorisation in vendor provided SaaS service. Therefore, after generating the ID the authentication details will be sent to the SaaS service provider, which is again can initiate third party surveillance on id. The following table describes the risks and threats associated with the PII and Digital identity issue in for migrating SaaS cloud system:

Threat

Risk

Severity

Unauthorised surveillance on end to end connectivity

During the PII database transfer to the vendor company the details can be accessed by any unauthorised entity

High

Vendor-Lock

After the termination of contract the vender company can temporary lock the PII access

High

Table 1: PII issues assessment table

Source: (Created by author)

 

Provider Solution Issues 

Employee database and PII will be uploaded from the charity daily at 12:00 AEST. The data will be transmitted from California, USA to the Bangalore, India. the  During the PII database and the HR database transition from the charity to the cloud service provider, which is situated in India, the organisation must confirm the end to end encryption is secure and out of reach for any external surveillance system (Hashizume et al., 2013). The performance management information is another essential data packages that will be transferred in this end to end connection where the data required to be verified by terminal security server. Any failures of data transmission or incomplete transmission due to server problem and security boundaries by national server security several dilemmas can be occur.

Threat

Risk

Severity

Data loss and incomplete transition

PII data or information can be loosed or incomplete due to server issues causing repeated login failure of authorised user

Moderate

 

Cyber security Server authentication failure

Due to the Cyber security authentication in international data transaction, some encrypted data can blocked

Low

Data Sensitivity 

Data sensitivity refers the type of the data and to what extent the data is sensitive for the company and the society as well. The initial ethical issues of the charity organisations have been considered as the privacy section. Being a charity organisation, they operate large amount of confidential data about the donor, receiver and the agencies (Beloglazov, Abawajy & Buyya, 2012). All this information is strongly related to HR database and the resource allocation system of HR management. Sometimes, the cloud service provider uses the client’s information for partial business and promotional activity, which is also known as shadow IT as discussed earlier. Therefore, in order to prevent these safety and security breaches the charity and the SaaS vendor both should follow the WofG (Whole of Government) data protection regulations and compliances (Fernando, Loke & Rahayu, 2013). The WofG uses a Authorisation Kit known as ATO to protect the ethical issues and concerns of both client as well as host side.

Conclusion 

From the above discussion it is clear that the security and privacy of the cloud networking holds the authenticity and the efficiency of the cloud network. The above report presented a risk assessment plan for a community based charity regarding their changes in cloud based operation and service utility for a charity organisation situated in California, USA. Due to the huge geographical distance between the vendor operation of SaaS cloud and the charity organisation, there will be potential issues before as well as after the migration to SaaS application. The security, privacy and ethical considerations are the major components of the risk and treats assessment.

From the above analysis and risk assessment, it has been found that the charity organisation should ensure the end to end data encryption within the vendor and the community server. The server protocol must be the major concern of this issue. As per the Security Risk Severity assessment matrix Unauthorised surveillance of Hackers can cause the severity index should be the chief concern of the charity organisation. On the other hand, according to the Privacy Risk Severity assessment matrix, the charity organisation of California should be careful about Vendor-Lock and data loss as well as the Less visibility and governance before and after the agreement with the vendor company. 

 

References: 

Almorsy, M., Grundy, J., & Müller, I. (2016). An analysis of the cloud computing security problem. arXiv preprint arXiv:1609.01107.

awsstatic.com. (2018). AWS_Risk_and_Compliance_Whitepaper, Retrieved from https://d0.awsstatic.com/whitepapers/compliance/AWS_Risk_and_Compliance_Whitepaper.pdf

Beloglazov, A., Abawajy, J., & Buyya, R. (2012). Energy-aware resource allocation heuristics for efficient management of data centers for cloud computing. Future generation computer systems, 28(5), 755-768.

Brender, N., & Markov, I. (2013). Risk perception and risk management in cloud computing: Results from a case study of Swiss companies. International journal of information management, 33(5), 726-733.

Fernando, N., Loke, S. W., & Rahayu, W. (2013). Mobile cloud computing: A survey. Future generation computer systems, 29(1), 84-106.

Hashizume, K., Rosado, D. G., Fernández-Medina, E., & Fernandez, E. B. (2013). An analysis of security issues for cloud computing. Journal of internet services and applications, 4(1), 5.

nist.gov. (2018). Risk Management Framework: Quick Start Guides - Risk Management | CSRC. Retrieved from https://csrc.nist.gov/projects/risk-management/risk-management-framework-quick-start-guides

nsw.gov.au. (2018). Cloud Service Policy and Guidelines, Retrieved from https://arp.nsw.gov.au/sites/default/files/Cloud%20Services%20Policy%20and%20Guidelines.pdf

 Owasp.org. (2018). OWASP Risk Rating Methodology - OWASP. Retrieved from https://www.owasp.org/index.php/OWASP_Risk_Rating_Methodology

Rittinghouse, J. W., & Ransome, J. F. (2016). Cloud computing: implementation, management, and security. CRC press.

OR

Cite This Work

To export a reference to this article please select a referencing stye below:

My Assignment Help. (2019). Cloud Privacy And Security Management. Retrieved from https://myassignmenthelp.com/free-samples/itc568-cloud-privacy-and-security-management.

"Cloud Privacy And Security Management." My Assignment Help, 2019, https://myassignmenthelp.com/free-samples/itc568-cloud-privacy-and-security-management.

My Assignment Help (2019) Cloud Privacy And Security Management [Online]. Available from: https://myassignmenthelp.com/free-samples/itc568-cloud-privacy-and-security-management
[Accessed 12 December 2019].

My Assignment Help. 'Cloud Privacy And Security Management' (My Assignment Help, 2019) <https://myassignmenthelp.com/free-samples/itc568-cloud-privacy-and-security-management> accessed 12 December 2019.

My Assignment Help. Cloud Privacy And Security Management [Internet]. My Assignment Help. 2019 [cited 12 December 2019]. Available from: https://myassignmenthelp.com/free-samples/itc568-cloud-privacy-and-security-management.


Essays are best done by us as we have with us native essayists with over 6+ years of writing experience in different domains. After all experience speaks in the form of seasoned writing and insightful summaries. Cause and Effect Essays are encountered by students in all the classes till Post grad levels. Hire our essay experts to get the best topic for cause and effect essays. We analyse all the causes and cite their effects with multiple examples. Proper essay structure, great essay outline and efficient linking of points are some of the positives in our booty.

Latest HRM Samples

HRMT20028 Organisational Change Management Term 2

Download : 0 | Pages : 8
  • Course Code: HRMT20028
  • University: CQ University
  • Country: Australia

Answer: Introduction Organizational change refers to the processes that are related to the changing processes that are involved within the various cultural factors, procedures, processes, strategies and the technologies that are related to the organizational performances (Lozano, Nummert & Ceulemans, 2016). The organizational changes further take into consideration the various factors that are related to the effects of the concerned ...

Read More arrow

BUHRM5912:Human Resource Management

Download : 0 | Pages : 12

Answer: Introduction Human Resource is the essential assets as it is considered as one of the strengths of the organization. In order to deal with the challenges related to technology, knowledge, and altering trends in the worldwide economy require effective human resource management (Hendry, 2012). As businesses restructure to attain competitive advantage, human resources perform a major role in supporting businesses to deal with the changin...

Read More arrow

NP201-Issues Within The Hotel And Hospitality Industry

Download : 1 | Pages : 10

Answer: Introduction The purpose of the following report is to discuss the several issues within the hotel and hospitality industry. The organization chosen for this report is the Enzo’s Cucina hotel. The several aspects of the organization will be discussed in this section indeed. The various issues that will be discussed are the strategic goals and structure of the organization, communication in the organization, the proper leadership...

Read More arrow

ACT305 Corporate Accounting

Download : 0 | Pages : 13
  • Course Code: ACT305
  • University: Charles Darwin University
  • Country: Australia

Answer: Introduction The below case study of leadership, cultural & performance changes problems are about the association of Meat Pack. This association is owned by a family that deals in making the food. It has its headquarters in Sydney, Australia. This organisation has around 27 years of experience in the production of the meat industry which also includes various areas such as preparing the meals fresh soups and etc. Meat Pack also run...

Read More arrow

5RMT Reward Management

Download : 0 | Pages : 18

Answer: Introduction  The notion of employee motivation has gained a significant amount of prominence within the modern business world and it is directly related to the aspect of the job productivity of the employees (Shields et al. 2015). Furthermore, the lacuna of the majority of the business enterprises of the modern era is to gain an enhanced amount of profit and the employees by virtue of being the building entities of these enterpr...

Read More arrow
Next
watch

Save Time & improve Grades

Just share your requirements and get customized solutions on time.

question
We will use e-mail only for:

arrow Communication regarding your orders

arrow To send you invoices, and other billing info

arrow To provide you with information of offers and other benefits

1,162,585

Orders

4.9/5

Overall Rating

5,051

Experts

Our Amazing Features

delivery

On Time Delivery

Our writers make sure that all orders are submitted, prior to the deadline.

work

Plagiarism Free Work

Using reliable plagiarism detection software, Turnitin.com.We only provide customized 100 percent original papers.

time

24 X 7 Live Help

Feel free to contact our assignment writing services any time via phone, email or live chat.

subject

Services For All Subjects

Our writers can provide you professional writing assistance on any subject at any level.

price

Best Price Guarantee

Our best price guarantee ensures that the features we offer cannot be matched by any of the competitors.

Our Experts

Assignment writing guide
student rating student rating student rating student rating student rating 5/5

154 Order Completed

97% Response Time

Harold Alderete

PhD in Economics

London, United Kingdom

Hire Me
Assignment writing guide
student rating student rating student rating student rating student rating 5/5

529 Order Completed

95% Response Time

Ivan Blank

PhD in Functional Human Biology

Wellington, New Zealand

Hire Me
Assignment writing guide
student rating student rating student rating student rating student rating 5/5

134 Order Completed

95% Response Time

Thomas Nelson

MS in Information Systems Technology with Specialization in Database Administration

New Jersey, United States

Hire Me
Assignment writing guide
student rating student rating student rating student rating student rating 5/5

234 Order Completed

100% Response Time

Samantha Ji

PhD in Chemistry with Specialization in Organic

Singapore, Singapore

Hire Me

FREE Tools

plagiarism

Plagiarism Checker

Get all your documents checked for plagiarism or duplicacy with us.

essay

Essay Typer

Get different kinds of essays typed in minutes with clicks.

edit

GPA Calculator

Calculate your semester grades and cumulative GPa with our GPA Calculator.

referencing

Chemical Equation Balancer

Balance any chemical equation in minutes just by entering the formula.

calculator

Word Counter & Page Calculator

Calculate the number of words and number of pages of all your academic documents.

Refer Just 5 Friends to Earn More than $2000

Check your estimated earning as per your ability

1

1

1

Your Approx Earning

Live Review

Our Mission Client Satisfaction

The project was well organized and I got good grade. I could understand clearly and follow what the expert did.

flag

User Id: 186794 - 12 Dec 2019

Australia

student rating student rating student rating student rating student rating

Was a very fast response as usual and I am very happy with my mark. Thank you so much

flag

User Id: 348363 - 12 Dec 2019

Australia

student rating student rating student rating student rating student rating

You are the best. You provided exactly what I need. The expert who did the work is a great. Thank you very much.

flag

User Id: 298410 - 12 Dec 2019

Australia

student rating student rating student rating student rating student rating

I got HD in my one assignment that I bought from here. Very happy and surely gonna need help from you guys for the next time too.

flag

User Id: 311195 - 12 Dec 2019

Australia

student rating student rating student rating student rating student rating
Have any Query?