Get Instant Help From 5000+ Experts For
question

Writing: Get your essay and assignment written from scratch by PhD expert

Rewriting: Paraphrase or rewrite your friend's essay with similar meaning at reduced cost

Editing:Proofread your work by experts and improve grade at Lowest cost

And Improve Your Grades
myassignmenthelp.com
loader
Phone no. Missing!

Enter phone no. to receive critical updates and urgent messages !

Attach file

Error goes here

Files Missing!

Please upload all relevant files for quick & complete assistance.

Guaranteed Higher Grade!
Free Quote
wave

Why Cloud Services?

You are the principal consultant for a community based Charity. The Charity is involved in locating and providing accommodation, mental health services, training and support services to disadvantaged people in the community.


The Charity currently runs a small data centre that has some 50 x86 64 bit servers running mainly Windows Server 2008 R2 for desktop services, database and file services. It also has 10 Red Hat Enterprise Linux 5 servers to service public facing Web pages, Web services and support.

The Charity is considering joining a community cloud provided by a public cloud vendor in order to provide a number of applications to all 500 support staff and administrative users. A small number of the Charity’s applications are mission critical and the data that those applications use is both confidential and time sensitive.


The community cloud would also be used to store the Charity’s 200TB of data. The data would be held in a SaaS database run by the public cloud vendor. The Charity’s data contains a considerable amount of confidential information about the people to whom the Charity provides services.

The Charity collects PII data on the clients who use its services so that it can assist them to manage their different service requirements. This PII data also includes holding some digital identity data for some of the more disadvantaged clients, particularly if they also have mental health issues.

The cloud vendor has made a presentation to management that indicates that operational costs will drop dramatically if the cloud model is adopted. However, the Board of the Charity is concerned with the privacy and security of the data that it holds on the people that it provides services to in the community. It is concerned that a data breach may cause considerable damage to substantially disadvantaged people in the community.

The charity has also decided to:


Purchase a HR and personnel management application from a US based company that provides a SaaS application.
The application will provide the charity with a HR suite that will provide a complete HR suite which will also include performance management. The application provider has advised that the company’s main database is in California, with a replica in Dublin, Ireland. However, all data processing, configuration, maintenance, updates and feature releases are provided from the application provider’s processing centre in Bangalore, India.


Employee data will be uploaded from DAS daily at 12:00 AEST. This will be processed in Bangalore before being loaded into the main provider database.

Privacy and Security Threats

Employees can access their HR and Performance Management information through a link placed on the charity intranet. Each employee will use their internal charity digital ID to authenticate to the HR and Performance management system. The internal digital ID is generated by the charity’s Active Directory Instance and is used for internal authentication and authorisation.


Move the the charity payroll to a COTS (Commercial Off The Shelf) application that it will manage in a public cloud;

This application will provide the Charity with the suite of tools necessary to process and manage payrolls for all agencies within DAS. The application provider has advised that their software is distributed throughout the AWS cloud with instances in US East, US West, Europe, Asia Pacific, China and South America.


All configuration, maintenance, updates and feature releases are provided from the provider’s offices in San Francisco, Beijing, Singapore, Mumbai and Dublin.


The provider does not do any additional processing of data entered into the application.

The charity payroll staff may access the payroll application through a SSO (Single Sign On) link to a secure URL. Authentication is made using the user’s charity ID credentials. Each authorised user’s authentication credentials are uploaded to the application to allow them to logon and access the payroll.


Data is uploaded to the application by the charity's payroll staff for each agency staff member, but can also be uploaded in bulk using a CSV file. CSV files are uploaded using an upload link in the application.


Completed payroll files are sent to the appropriate banking institutions through a secure link provided by each bank.

Regular transaction and audit reports for each agency are available to the charity's payroll staff.

Move the charity Intranet into a Microsoft SharePoint PaaS platform so that it can provide Intranet services to all users in the charity no matter where they are located.


This solution will provide the charity with the ability to provide Intranet services to all users with each charity location having its own site within the overall structure.

The PaaS offering has been chosen as it gives the charity administrators the ability to configure the sites for all separate charity locations, and still allow users to access any of those individual sites.


The application provider has advised that their software is distributed throughout the Azure cloud with instances in US East, US West, Europe, Asia Pacific, China and Australia.

Privacy Strategy


It is proposed that users will be able to access the platform through an SSO (Single Sign On) link to the platform portal. Authentication will be made using the user’s charity ID credentials . The charity will need to use Active Directory Federated Services (ADFS) to federate to an Azure AD.


The Board asks that you prepare a report that proposes appropriate privacy and security policies for the Charity’s data.

1.Privacy strategy for personal data.

Comprehensive development of policy covering all aspects listed in the task, with excellent discussion of threats and risks to privacy of data

Detailed development of policy covering most aspects listed in the task, with good discussion of threats and risks to privacy of data

Adequate development of policy covering some aspects listed in the task, with some discussion of threats and risks to privacy of data

Incomplete or inadequate development of policy covering few aspects listed in the task, with little or no discussion of threats and risks to privacy of data

2.Recommended privacy controls

Comprehensive evaluation and matching of privacy threats with controls showing excellent logical analysis

Thorough evaluation and matching of privacy threats with controls showing proficient logical analysis

Detailed evaluation and matching of privacy threats with controls showing good logical analysis

Incomplete or inadequate evaluation and matching of privacy threats with few controls and little or no logical analysis

3. Personal data protection strategy

Comprehensive development of policy covering all aspects listed in the task, with excellent analysis of protection of data

Incomplete or inadequate development of policy covering few aspects listed in the task, with little or no analysis of protection of data

4. Recommended data protection controls.

Comprehensive evaluation and matching of data protection threats with controls showing excellent logical analysis

Thorough evaluation and matching of data protection threats with controls showing proficient logical analysis

Detailed evaluation and matching of data protection threats with controls showing good logical analysis

Adequate evaluation and matching of data protection threats with controls showing satisfactory logical analysis

Incomplete or inadequate evaluation and matching of data protection threats with few controls and little or no logical analysis

5.Quality of Wiki or forum interaction

Proactively initiates and facilitates discussion, explicitly using appropriate strategies and tools.

Initiates and facilitates discussion using appropriate strategies and tools.

Evidence that there is a planned strategy to engage with peers in the forums.

Some evidence of responding to questions or topics on the discussion forum.

Why Cloud Services?

Technology is driving the growth of different industries today and hence is being massively adopted to enhance the operations and productivity. Several technologies are offering their services in enhancing the operations and the productivity and one of them is the cloud services. Cloud services is the technology which enables the users to share, storing and processing of data without buying the necessary equipment. The processes are done by renting the necessary equipment from the cloud service vendors. The cloud service vendors offer cloud services generally in three forms namely IaaS (Infrastructure as a Service), SaaS (Software as a Service) and PaaS (Platform as a Service). The most well-established cloud service providers are AWS (Amazon Web Services), Microsoft Azure, IBM Cloud, Google Cloud Platform, Red Hat and others.

Cloud services are equipped by the organisations because it enables the organisations to focus on increasing their productivity rather than focusing on the managing and expanding the organisational resources. The cloud services offer scalability, expandability, reliability, flexibility, saving of physical space and several other benefits that are limited by buying or renting of equipment through physical means. It also saves the organisational resources that includes financial, human and other core resources. Furthermore, several other benefits are offered by the cloud services and hence, it is entertaining its position as one of the most dominant technologies in existence. However, the subject is not flawless and suffers from certain challenges that is restraining the mass adoption of services. The most prominent challenge that is restraining the leveraging of the technology are the privacy and security threat that are associated with it. The reason for the security and privacy threats is the association of the cloud services with the internet. The association of the service with the internet makes it vulnerable to cyber-attacks and in the process threatening the sustainability of the organisation. However, the threat in discussion could be mitigated through adoption of suitable tools and techniques. The discussed report aims at offering potential measures to ensure the data and privacy protection for a community based Charity that is planning to migrate its services and data to cloud services.

The organisation in consideration is a community based charity that is focused on providing services to the disadvantaged individuals of the community. 500 staffs and administrative users are associated with the organisation and all the digital functionality is maintained from a small data centre. The charity is planning to the move their services to the cloud service to offer its stakeholders with a number of applications. The organisation has a data of 200 TB and a considerable number of applications are mission critical. The data that are used in the above-discussed applications are time sensitive and confidential. Hence, the charity is concerned with the privacy and protection of the data. The report in discussion is aimed at answering the data p4rivacy and protection concern of the charity. To address the concerns of the charity the report will present a data privacy strategy that will account for several crucial factors. The factors are the personal information (PI) along with its use, disclosure, security & accessing, collection & management of the solicited PI, digital identity’s use & security along with quality & correction of PI. The paper will also discuss the potential control measures that could enable the organisation to control any privacy violations. Another prominent discussion of the paper will be over the strategy for the data protection that will include the protection, de-identification, security and archiving of PI. Furthermore, use of the personal digital identities will also be a matter of discussion within the strategy before focusing on the control recommendations to mitigate the existing security threats and implementation of the data protection strategy. The report will be summarised to state the key aspects of discussion as part of the conclusion. A reference list has also been attached to cite reference to the sources of inspiration for the discussed paper.

Privacy and Security Threats

The discussed section is aimed at discussing the privacy strategy proposal that will ensure the privacy of the organisation. It has been divided into sub-sections to enhance the understanding of the proposed strategy and how it is going to ensure that the privacy of the data stays intact.

The charity is greatly concerned about their data because of the major security & privacy vulnerabilities that cloud services has been exposed to in the past and in the present. Furthermore, the confidentiality and mission critical nature of data deems the need for a high quality of strategy. To attain a high level of privacy for the data, the first step would be to ensure the safety of the personal data and it could be attained by controlling and managing the data with adequate attention. Several tools and techniques are made available by the cloud service researchers and providers to ensure the safety of the subject and its associates. The adoption of the discussed tools and techniques would ensure the privacy of personal information by restricting the cyber malefactors from entering the domain of personal date. Some of the measures that could assist the charity in attaining privacy for its personal data includes:

Limiting the credentials accessibilitywould ensure that the only persons authorised to access the data are using it and no external factors or entity is trespassing the data domain. It can be attained by making the applications or services that grants access to the data password protected. Furthermore, the password should be standardised in nature and not just a series of letters or numbers to prevent attacks such as brute force. Another notable measure would be change the password at a regular interval so that it does not get exposed and stays time sensitive. Two-step authentication and similar other major advancements in limiting the credentials could also be adopted to further enhance the security.

Security of the accessing portis another major action that would ensure that the personal data’s privacy is maintained and is managed adequately. An uncompromised and secure accessing port & tools that includes the browser, devices, application and others will ensure the safety of data for the charity. The discussed measure will restrict any malicious activity while enabling the change of controlling and managing of the personal data.

The next step of the strategy is to have a balanced and reliable PI. The discussed measure could be attained by collecting and managing of solicited of the PI with adequate attention. The above discussed measure could be attained by adopting certain simple but efficient measures. The measures in discussion that could ensure that the data of or for the charity are collected and managed while maintaining the privacy, includes

Privacy Strategy

Collection of datafrom a trusted source is of crucial importance to solicited PI. The data collected from trusted sources are even easily managed and hence deems attention. The above mentioned statements could be supported by the fact that collection and management of the solicited PI is only possible in the condition that all the requirements have been fulfilled. Furthermore, before collection and management of the PI, need of the data needs to be ensured along with their relation to the actions and functions.

Data filtrationis another potential measure that is capable of offering efficient and comfortable collection and management of solicited PI. The discussed measure is needed to ensure that the data is free from any unnecessary and corrupted data that may compromise the security of the data and its owner. The filtration of data should also take account of the management portion to amplify the reliability.

Retesting or reviewing of the filtered data is another major step that out ensure the validity of the data. The discussed measure is aimed at reviewing the collected data to measure its suitability with the needs so that the useful data could be utilised and the remaining should be disposed through a safe practice.

Using and disclosure of the personal information is another major need for the charity because they hold particular type of data that are crucial for the mission. Hence, it is also one of the needs that must be taken into account to ensure that the proposed privacy strategy is adequate and capable of fulfilling its designated duty. The most prominent measure to ensure a safe practice for using and disclosure of the personal data is to limit the accessibility to the data to only the authorized individuals and entities. The discussed measure could be attained by adopting the following discussed measures:

Time sensitive login &logging out is one of the most basic approach to ensure the privacy as well as the security of the data.  Logging into an account opens up the data that may be confidential to the enhance the threat of data theft. Furthermore, leaving the account unattended for long not only attracts foreign attacks but also could witness ambush from internal source. Non-authorised users of the organisation may get access to the data that they are restricted from and hence, it becomes of great importance that the account is logged out when it is not in use. Adoption of measures that would automatically log out the user if the account is not used for a specified time would further mitigate the privacy concern of data. Additionally, it could also be ensured that the user of the systems could only access the services and data at particular time period to upgrade the privacy security of the data to a new height.

Control Measures

Systems accessibility should also be limited to ensure a high level of security for the data and its privacy. The discussed measure will limit the number of users for the system which will limit the expansion of the organisational information. Additionally, providing a unique logging credential to each of the authorised user will restrict the data theft or data manipulation. Passwords, two-step authentication, biometric scanning and other prominent protection measures could be adopted to limit the system accessibility.

Digital identity is defined as a base of information in context to an organisation, individual or electronic device that is present online. It offers many prominent advantage to the organisation, thus making it desirable, however, it is not immune to challenges of security & privacy and is a consequence of its presence of a network. The presence over the network deems need for secure methods for the accessibility of digital identities. The digital identity in consideration here refers to the identity of the charity and its stakeholders.  However, adopting minor measures could ensure the safety of the identities. Hence, the list below discusses the use and security of the digital identities.

Security is the most prominent benefit offered by the digital identities. However, as stated above it is not immune to the cyber threats. Hence, implementation of adequate security tools and techniques could mitigate the threat. The security techniques include the password protection, use of secure devices, limited sharing of credentials and other prominent measures.

Data integrity is another major benefit that is offered by the technology in discussion. It refers to the consistency, completeness and accuracy of the stored data and is considered as one of the core components of the data security. The discussed technology will enable the charity to maintain a high level of data integrity.

Speed is another major benefit that is offered to the user on adoption of the digital identities. The process carried out through or with assistance of the discussed technology are high at speed.

Anonymity is also one of the benefits offered by the discussed IT offering. Using the digital identity, the users can maintain their anonymity by providing non-relevant or less relevant information about them while accessing an online service. However, it should be noted that the discussed benefit could prove to be unethical in nature, if it is used for an illicit act.

Simplicity of the digital identities also needs to be taken in account to discuss its benefits and uses. Ease of operation and implementation makes it one of the most desirable technologies.

Data Protection Strategy

As stated in the discussion above that the technology in discussion is not immune to security and privacy threats and hence, before adoption of the discussed technology, the charity should ensure to adopt adequate safety measures to protect the privacy.  

Personal information of an individual or organisation is the most crucial details and should be provided with adequate security measures because if the data is leaked or compromised it will have a long term effect. The effect will not be limited to shorter period because the personal details could be analyzed to identify necessary details of the user even if they have changed their credentials or even opened a new account. It will expose them to a continuous cyber threats and could also extend to the real-world, if the details are realized on online platform. Hence, the discussed part of the strategy is of great importance. The measures that could ensue the safety of the personal data includes

Security and monitoring tools & techniques are the most prominent tool to counter the threat of personal data in discussion. The tools in discussion is not limited to the protection of data but extends to the protection of the devices that are associated with the data. Anti-viruses and other monitoring & security tools for the systems; Encrypted storing of data and other prominent measures could ensure the safety of the personal data.

Protected credentials to the access port through which the personal data could be accessed should be password protected and the login of the port should be time sensitive. As the charity is planning to adopt the cloud, hence, each access point for the services and applications should be protected with password. Adopting of two-step authentication or tokens and other measures could further enhance the security of the personal data and its privacy.

Blocking of sources that may release explicit or malicious contents. The development of technology has made the cyber malefactors to adopt disruptive techniques to attack the user. One of those ways is through deploying botnet by use of malicious links or emails and other means. Hence, it is advised that charity should adopt pop-up blocking tools so that no explicit or malicious object affects the system and the data. It will prevent the phishing attacks and offer privacy for the data.

Several other measures such as data and security audits, upgrading of security tools, limiting access and other prominent techniques could be deployed by the charity to prevent any violation of privacy by exposing the personal data to cyber threats.

Digital Identity Safety Measures

The word personal in personal data defines the confidentiality of the data and hence, it should be ensured that the accessibility of the data is limited to the user only. Furthermore, in case of an organisation, the accessing capability should only be offered to the officials who needs it for their actions and activities along with the owners and other reliable stakeholders. Several researches work has been done to devise ways to restrict the accessing of the data and they have revealed many potential measures. The most prominent measures that could ensure a safe practice for accessing of the personal data has been listed as follows:

Limited accessto the data can prove to a measure contribution to the security of the data. The users of the personal data should be provided with access to only those data that are relevant for their action and operation. Charity has a staff base of 500 and monitoring all of them for their accessibility of organisation’s personal information is not viable and hence, the limited action of data will ensure the operations of the organisation are intact along with the safety of the data. Furthermore, the organisation should also ensure that the only users who have access to organisation’s personal data are not misusing it for their personal gain. The above-discussed measure could be adopted by managing and controlling the accessing of the data accessibility nodes.

Secure systems are another major measure that could ensure that the personal information accessing is secure and ethical, in the process ensuring that no privacy violation is done. It would prevent installation of botnets or malicious tools which will prevent remote accessing of the data. Furthermore, keeping the system credential protected would also ensure that no unsanctioned user is trespassing the confidential data domain. It should also be ensured that the password, pin or any other means of protection used to protect the system are standardised.

Regular auditing will assist the administrator to understand the systems that had been used to access the personal data and if any unauthorised system or user is identified then an urgent and strict action can be taken to mitigate the threat. It will also cite the vulnerabilities of the security measures adopted for securing the accessing ports. The vulnerabilities could then be mitigated by adopting disruptive tools and techniques.

Secure communication channel is also a crucial need that would restrict the accessing of personal information by any cyber malefactor. An insecure communication channel is vulnerable to many attacks and hence, it is recommended that the stakeholders of charity should restrict themselves from using any public Wi-Fi or other insecure communication channel to communicate with the cloud services. Furthermore, the organisation should also adopt adequate measures to ensure that the communication channel used by the organisational stakeholders are secure and in the process omit the threats for its data privacy by accessing of the personal information.

Conclusion

The discussed measures along with other secure methods depending upon the environment of the charity will ensure that the personal information are accessed securely without compromising on the privacy of the data.

Information of an entity is not limited only to the current use but is also responsible for the sustainability of the entity. The above stated statement could be supported by the fact that strategic planning, adoption of new technologies and other major changes in the organisation are done based on the information. Hence, the quality of the information should be high and it should also be correct in nature. Therefore, it is recommended that the charity should focus on the quality and correctness of their 200 TB data before they store it on the cloud services. Undertaking the recommended measure will enable the organisation to remove all the unnecessary information and will even safe the storage on the cloud platform which in the process will save renting cost of the storage over the cloud. The accessibility of the information will also get a boost because the storage will only hold the necessary data and that too will be limited in size. Furthermore, storing the data in a library formatting over the cloud will also be beneficial for the accessibility of the personal information.

 Another notable measure that should be adopted is to ensure that the data that is being migrated to the cloud platform is correct. The charity might have some data that may be crucial but incorrect which will impact the quality of the data adversely. Therefore, it is of great significance that the data that is being migrated over the cloud is correct. If any incorrect data is to be migrated over the cloud then, before migration, the data should be corrected to prevent any challenge for future operations. Data auditing could be adopted to attain high quality and correct data.

The discussed section is aimed at discussing the privacy threat that the charity may be exposed to due to migration to the cloud infrastructure. The section will detail the threats and the strategies to mitigate them. Furthermore, the strategy to implement them will also be provided with adequate attention so that the mitigation tools and techniques could be leveraged. The discussion has been divided in to two sub-sections, the first discussed threat and their mitigation strategy while the next would offer the mitigation strategy.

The risks that are crucial for the privacy of the data has been listed below along with the strategies that are capable of mitigating them.

References

Malware are the most prominent challenge for the privacy of the data. The cyber malefactors install malicious objects into the system of the users that authorise them the access to the data. The discussed attack is aimed at disrupting the user’s actions and operation by use of their data. The threat has been stated as most crucial because once the malware is installed into the system, it is can replicate itself and further continue to pose threat to the privacy of the system.

The discussed threat could be mitigated by different methods and the most prominent of them is tools that can prevent the malicious objects to cite impact on the system. Antivirus tools are the most basic measure to protect the system and the data from malicious activities. The discussed tool mitigates the malicious impact by detecting malware presence and neutralising them. Furthermore, the discussed tool is also capable of restricting the malwares from entering the data domain. Firewalls are another measures that are capable of mitigating the privacy threat posed by malwares. The discussed tool holds the capability to block the malicious objects from entering the system. In other words, the tool in discussion acts as a barrier which detects the malicious codes and restricts them from entering the data zone.

The mitigation strategy for the malware included adoption of anti-virus tools and firewall. The anti-virus could be bought and installed easily into system, however, it should be ensured that the anti-virus is updated and are bought from reliable vendors. Similarly, firewalls can also be easily installed into the system by buying it. However, the configuration of the firewall should be cited with adequate attention so that it does not hamper the general operations of the system in attempts of protecting it.

DDoS (Distributed Denial of Services) is the most widely used cyber-attack and pose prominent threat to the data owner. The discussed threat increases the traffic in the communication channel that connects the user and the cloud service providers which blocks the user from accessing their data and services. The denial of services to the user is then utilised by the cyber malefactor and they gain access to the data threatening the privacy of the data. However, it should be noted that the discussed attack is not capable of comprising on the data but paves way for other attacks to comprise the privacy of the data. The reason for the prominence that the discussed attack entertains is because the user does not even realise the attack, they believe that it is a network error and it provides the malefactor with the opportunity to further violate the data privacy.

As stated above the discussed attack attains its objective by increasing the traffic in the network and hence, it could be mitigated by increasing the bandwidth of the server. Increase in the bandwidth of the server will enable the network to pave way for more traffic that would disrupt the plans of the malefactors to block the authenticated user out of the network. Furthermore, a resilient architecture is also capable of providing its support in mitigating the threat of the DDoS. It can be attained by distributing the data centre into separate sections that are located at different geographically distant positions. The cloud services offer such services and the charity could equip its benefits. Hardware also plays a major role in mitigating the discussed threat however, as the charity is planning to adopt cloud services which denies the usability of hardware in the discussed scenario.

The solution to DDoS includes increasing of the bandwidth which could be done by buying more from the service provider. It may be high on the budget of the organisation but will mitigate the threat of DDoS. The architecture can be made resilient by spreading the servers at different locations in different networks.

PI leakage is also a notable challenge that needs to be taken into account. The data could be leaked by any means that includes the cyber-attack, data breach, hacks or even due to internal factors. Hence, it becomes of great significance that the users protect their data even on the cloud platform. The below discussed measures could assist the users in attaining the discussed feat.

Data Encryption is one of the most viable techniques for adoption to protect the data privacy. The encryption will ensure that even if the data is leaked no one could read or alter the data. In the discussed measure the data are encoded into a cipher data that could only be accessed by the encryption key that is owned by the user. It should also be ensured that the data are encrypted at every stage of their cloud life be it in the resting stage or the motion stage. Standard password is also a measure that could ensure the safety of the data. The data should be password protected and if it is standard in nature then the attacks such as brute attack have very little chance of being success. Furthermore, the threats of brute force and other similar attacks could be mitigated by periodically changing the passwords. As stated above, the data leakage on the cloud could also happen due to internal fault and it could be mitigated by training the employees with adequate use of the cloud services and prevent them from falling to any phishing attack. The internal threat could also be mitigated by setting permissions for accessibility and alteration of the data.  Physical fault at the data centre are another prominent cause for data leakage and could be mitigated by backing up the data.

The implementation of data leakage mitigation strategy deems need for encryption of the data. The data can be encrypted through two different means symmetric and asymmetric key algorithm. Symmetric key algorithm encrypts the data in such a fashion that the encryption key and the decryption key are identical in nature. While asymmetric key algorithm uses different keys for encrypting and decrypting of the data. Based upon the needs of the organisation they could adopt any measure. The authentication of the data accessibility could be ensured by using standardised password, two factor authentication, digital signatures and other means. Furthermore, the employees could be trained by conducting training sessions. Firewalls could be used for setting up the permission for the use of data.

Identity theft is also a major challenge for the privacy of the data because it offers the whole control to the intruder. As part of threat the intruder acts as the user and gains access and control of the data. The identity of the users could be stolen by compromising the system of the user through different means. To compromise the user’s system, the malefactors send malicious links or mails which when opened by the user sends the users data to them. Hence, mitigation of the discussed threat is of great importance.

Standardised password is the most common measure for avoiding the discussed threat which could be further amplified by adopting two-factor authentication and other advanced security measures. Another notable measure would be not letting the system getting compromised or availing the details to the malefactors. Not clicking on the malicious links or mails could ensure that the user does not authorises the malefactor to pretend as them. Training the team of the charity in maintaining a standardised password and not clicking on the malicious links and mails could be done to ensure the security from the identity theft.

Data lossrefers to the condition where the data becomes unusable for the user. It may be due to any reasons such as data corruption, deletion or becoming unreadable. The cause for data loss could be n number of things such as accidental deletion, malicious attacks, service provider outage, rogue applications, employee departure and several others. The ‘n’ number of reasons for the cloud loss makes it one of the most prominent threat for the data over the cloud.

Encryption, password protection and backing up of data are the most prominent measures that could ensure the safety of data against the threat of data loss.

The implementation measures discussed for the mitigation strategy of data loss are in sync with the strategy for the prevention of data leakage and could be adopted. The measures in discussion are encryption, backup, password protection and others.

Data protection is also one of the most crucial needs for charity because it is moving its services to the cloud which poses major threats to the security of the data. The discussed section is aimed at detailing the components of the strategy that is recommended for data protection of the charity. The following sub-sections have discussed the components of the strategy and the threats that are applicable on it.

Personal data is one of the most crucial factor for the sustainable future of the organisation and hence, it security is one of the most prominent needs. However, cloud services that the charity is planning to migrates its data and operation over, pose major threat to the data due to its association with the internet which further amplifies the need for data protection. The protection of data is challenged by multiple factors that includes both the internal and external threat. The external threat refers to the cyber malefactors while the internal threats refers to the stakeholder associated risks and the system associated risks. The following measures are able to offer its services for the data protection.

Authentication is one of the basics but most widely adopted approach for the protection of the data. Passwords, facial recognition, biometric scanning and others should be associated with the data which will offer protection from internal threats and will also mitigate the threat from external sources.

Secured system is also one of the basic needs to offer security for the users and their data. A strong and secure system will make it very difficult for the trespassers to steal or manipulate with the data. The discussed measure will prevent installation of any malicious object and will even prevent the user from accessing any such content that may prove to be a threat for the system and data. Further registering the devices on which the data and services will be accessed will double the security of the system

Authorized access to the data and system is one of the most crucial need because it not only protects the data but also prevents its potential misuse. The case with disclosure of personal data is similar because if it is exposed, the strategic planning and other needful information of the organisation may get revealed effecting its sustainability. The following discussed measures are capable of assuring authorized accessing and disclosure of the data.

Installation of firewall will prevent unauthorised user from unethically access the data.

Antivirus will also offer its services in maintaining the discussed needs of the organisation.

Limited accessibility will also prove to crucial in ensuring the discussed measure.

De-identification is the process that ensures that the system is free from the threat of identity identification from any cybercriminal. Personal data are the most powerful resource for an organisation and if it is identified by an external source it may pose threat to the future of the organisation and making it necessary to adopt measure to de-identify the personal information. Several measures are available to ensure de-identification of personal data and that includes.

Security and monitoring toolssuch as firewalls and antivirus will prevent the cybercriminal from identifying the personal data.

Adoption of security policies that has been provided by the service providers and the governing entities. The policies state the use, storage, accessibility and other significant data operations.

Other measures such as encryption, protected data and others could also offer its services in keeping the personal data de-identified.

Digital identity is defined as a base of information in context to an organisation, individual or electronic device that is present online. It offers many prominent advantage to the organisation, thus making it desirable, however, it is not immune to challenges of security & privacy and is a consequence of its presence of a network. The presence over the network deems need for secure methods for the accessibility of digital identities. The digital identity in consideration here refers to the identity of the charity and its stakeholders.  However, adopting minor measures could ensure the safety of the identities. Hence, the list below discusses the use and security of the digital identities.

Security is the most prominent benefit offered by the digital identities. However, as stated above it is not immune to the cyber threats. Hence, implementation of adequate security tools and techniques could mitigate the threat. The security techniques include the password protection, use of secure devices, limited sharing of credentials and other prominent measures.

Data integrity is another major benefit that is offered by the technology in discussion. It refers to the consistency, completeness and accuracy of the stored data and is considered as one of the core components of the data security. The discussed technology will enable the charity to maintain a high level of data integrity.

Speed is another major benefit that is offered to the user on adoption of the digital identities. The process carried out through or with assistance of the discussed technology are high at speed.

Anonymity is also one of the benefits offered by the discussed IT offering. Using the digital identity, the users can maintain their anonymity by providing non-relevant or less relevant information about them while accessing an online service. However, it should be noted that the discussed benefit could prove to be unethical in nature, if it is used for an illicit act.

Simplicity of the digital identities also needs to be taken in account to discuss its benefits and uses. Ease of operation and implementation makes it one of the most desirable technologies.

As stated in the discussion above that the technology in discussion is not immune to security threats and hence, before adoption of the discussed technology, the charity should ensure to adopt adequate safety measures to protect the data.  

Personal information of an individual or organisation is the most crucial details and should be provided with adequate security measures because if the data is leaked or compromised it will have a long term effect. The effect will not be limited to shorter period because the personal details could be analyzed to identify necessary details of the user even if they have changed their credentials or even opened a new account. It will expose them to a continuous cyber threats and could also extend to the real-world, if the details are realized on online platform. Hence, the discussed part of the strategy is of great importance. The measures that could ensue the safety of the personal data includes

Security and monitoring tools & techniques are the most prominent tool to counter the threat of personal data in discussion. The tools in discussion is not limited to the protection of data but extends to the protection of the devices that are associated with the data. Anti-viruses and other monitoring & security tools for the systems; Encrypted storing of data and other prominent measures could ensure the safety of the personal data.Protected credentials to the access port through which the personal data could be accessed should be password protected and the login of the port should be time sensitive. As the charity is planning to adopt the cloud, hence, each access point for the services and applications should be protected with password. Adopting of two-step authentication or tokens and other measures could further enhance the security of the personal data.

Blocking of sources that may release explicit or malicious contents. The development of technology has made the cyber malefactors to adopt disruptive techniques to attack the user. One of those ways is through deploying botnet by use of malicious links or emails and other means. Hence, it is advised that charity should adopt pop-up blocking tools so that no explicit or malicious object affects the system and the data. It will prevent the phishing attacks and offer protection for the data.

Several other measures such as data and security audits, upgrading of security tools, limiting access and other prominent techniques could be deployed by the charity to prevent any violation of privacy by exposing the personal data to cyber threats.

Archiving of data refers to the long term retention of the data. The archive holds the data which are not used on a frequent basis but are viable for the future use. The archiving of the data may also lead to optimization of the data for its protection and data regulation policy compliance. It also offers cost and effort efficient which is a desirable factor for the organisation. Hence, it can be stated that archiving of the personal data offers integrity and confidentiality of the data while protecting them from threat like data lost with a resource friendly approach. Therefore, it should be on one of the to-do-list of the charity.

The discussed section is aimed at detailing the controls that is capable of offering its services in protecting the data of the charity.

One of the most challenging factor for the data is protection against eavesdropping. The threat in discussion refers to the stalking of the data by sniffing on it. The discussed threat does not compromise or manipulate the data but can identify the content of information which can then be manually replicated posing a challenge.

The discussed threat could be mitigated by encrypting the data which restricts the eavesdropper from identifying the data and its content. The data can be encrypted through two different means symmetric and asymmetric key algorithm. Symmetric key algorithm encrypts the data in such a fashion that the encryption key and the decryption key are identical in nature. While asymmetric key algorithm uses different keys for encrypting and decrypting of the data.

Similar to the above discussed attack, interception of message is another major threat where the malefactor compromises the data during its transmission. Hackers intercept the data during it transmission and alters its content before it reaches its destination.

Encrypted transmission is one of the potential solution that could be adopted to mitigate the threat in discussion. Furthermore, a secure communication channel could also offer its services in mitigating the discussed threat. Firewalls can be utilised to secure the process of transmission which will behave as a barrier and prevent any malicious object from entering the system or communication channel.

The encryption of the data could be done by the methods that has been discussed for the above strategy. While, firewalls can be easily installed into the system by buying it. However, the configuration of the firewall should be cited with adequate attention so that it does not hamper the general operations of the system in attempts of protecting it.

Data lossrefers to the condition where the data becomes unusable for the user. It may be due to any reasons such as data corruption, deletion or becoming unreadable. The cause for data loss could be n number of things such as accidental deletion, malicious attacks, service provider outage, rogue applications, employee departure and several others. The ‘n’ number of reasons for the cloud loss makes it one of the most prominent threat for the data over the cloud.

Encryption, password protection and backing up of data are the most prominent measures that could ensure the safety of data against the threat of data loss. Another notable measure is periodic maintenance of the data storage. It will ensure that the data storage devices are free from any flaws and in the process will ensure the protection of data. Upgrading of the architecture could also prove to be crucial because it will ensure that the storage is ready to cope up with the disruptive challenges that cybercriminals may pose.

The implementation measures discussed for the mitigation strategy of data loss are in sync with the strategy for the prevention of data leakage and could be adopted. The measures in discussion are encryption, backup, password protection and others. As charity is moving its services to cloud, they do not have to worry about upgrading the architecture or its maintenance because the cloud vendors consider it as their own duty.

Similar to eavesdropping, Man-in-the-middle attack aims at determining the content of data rather than manipulating it. However, unlike eavesdropping the discussed attack is carried out during the transmission stage of the data and not in the static state.

The solution for the discussed threat lays with encryption which acts the same as for other threats and could similarly be implemented. However, another potential solution for the discussed threat if Virtual Private Network (VPN) that enable a protected transmission of data by developing a private route in the public communication channel. The implementation of VPN may pose some challenge because of the difficulty but is vital for the protection. The first step of implementation is configuration of the remote server followed by providing of the IP address, completing the implementation. The discussed Implementation measure may look difficult but is crucial for the data protection and hence, charity should have a VPN because of its mission critical data.

DDoS (Distributed Denial of Services) is the most widely used cyber-attack and pose prominent threat to the data owner. The discussed threat increases the traffic in the communication channel that connects the user and the cloud service providers which blocks the user from accessing their data and services. The denial of services to the user is then utilised by the cyber malefactor and the data does not reach the designated spot. The reason for the prominence that the discussed attack entertains is because the user does not even realise the attack, they believe that it is a network error and it provides the malefactor with the opportunity to further violate the data privacy.

As stated above the discussed attack attains its objective by increasing the traffic in the network and hence, it could be mitigated by increasing the bandwidth of the server. Increase in the bandwidth of the server will enable the network to pave way for more traffic that would disrupt the plans of the malefactors to block the authenticated user out of the network. Furthermore, a resilient architecture is also capable of providing its support in mitigating the threat of the DDoS. It can be attained by distributing the data centre into separate sections that are located at different geographically distant positions. The cloud services offer such services and the charity could equip its benefits. Hardware also plays a major role in mitigating the discussed threat however, as the charity is planning to adopt cloud services which denies the usability of hardware in the discussed scenario.

The solution to DDoS includes increasing of the bandwidth which could be done by buying more from the service provider. It may be high on the budget of the organisation but will mitigate the threat of DDoS. The architecture can be made resilient by spreading the servers at different locations in different networks.

Ahmad, R. W., Gani, A., Hamid, S. H. A., Shiraz, M., Yousafzai, A., & Xia, F. (2015). A survey on virtual machine migration and server consolidation frameworks for cloud data centers. Journal of Network and Computer Applications, 52, 11-25.

Arockiam, L., & Monikandan, S. (2013). Data security and privacy in cloud storage using hybrid symmetric encryption algorithm. International Journal of Advanced Research in Computer and Communication Engineering, 2(8), 3064-3070.

Arockiam, L., & Monikandan, S. (2013). Data security and privacy in cloud storage using hybrid symmetric encryption algorithm. International Journal of Advanced Research in Computer and Communication Engineering, 2(8), 3064-3070.

Batini, C., & Scannapieco, M. (2016). Data and information quality. Cham, Switzerland: Springer International Publishing. Google Scholar.

Beck, E. N. (2015). The invisible digital identity: Assemblages in digital networks. Computers and Composition, 35, 125-140.

Blocki, J., & Datta, A. (2016, June). CASH: A cost asymmetric secure hash algorithm for optimal password protection. In Computer Security Foundations Symposium (CSF), 2016 IEEE 29th (pp. 371-386). IEEE.

Cai, L., & Zhu, Y. (2015). The challenges of data quality and data quality assessment in the big data era. Data Science Journal, 14.

Cao, N., Wang, C., Li, M., Ren, K., & Lou, W. (2014). Privacy-preserving multi-keyword ranked search over encrypted cloud data. IEEE Transactions on parallel and distributed systems, 25(1), 222-233.

Chen, H. C., & Lee, P. P. (2014). Enabling data integrity protection in regenerating-coding-based cloud storage: Theory and implementation. IEEE transactions on parallel and distributed systems, 25(2), 407-416.

Conejero, J., Burnap, P., Rana, O., & Morgan, J. (2013, June). Scaling archived social media data analysis using a hadoop cloud. In Cloud Computing (CLOUD), 2013 IEEE Sixth International Conference on (pp. 685-692). IEEE.

Cummings, R. G. (2014). The Case against Access to Decendents' E-mail: Password Protection as an Exercise of the Right to Destroy. Minn. JL Sci. & Tech., 15, 897.

Danezis, G., Domingo-Ferrer, J., Hansen, M., Hoepman, J. H., Metayer, D. L., Tirtea, R., & Schiffner, S. (2015). Privacy and Data Protection by Design-from policy to engineering. arXiv preprint arXiv:1501.03726.

Grassi, P. A., Garcia, M. E., & Fenton, J. L. (2017). Digital identity guidelines. NIST Special Publication, 800, 63-3.

Hamdare, S., Nagpurkar, V., & Mittal, J. (2014). Securing SMS based one time password technique from man in the middle attack. arXiv preprint arXiv:1405.4828.

Hashem, I. A. T., Yaqoob, I., Anuar, N. B., Mokhtar, S., Gani, A., & Khan, S. U. (2015). The rise of “big data” on cloud computing: Review and open research issues. Information Systems, 47, 98-115.

Hashizume, K., Rosado, D. G., Fernández-Medina, E., & Fernandez, E. B. (2013). An analysis of security issues for cloud computing. Journal of internet services and applications, 4(1), 5.

Jing, P. (2014). A new model of data protection on cloud storage. Journal of Networks, 9(3), 666.

Jung, T., Li, X. Y., Wan, Z., & Wan, M. (2013, April). Privacy preserving cloud data access with multi-authorities. In INFOCOM, 2013 Proceedings IEEE (pp. 2625-2633). IEEE.

Kahn, M. G., Callahan, T. J., Barnard, J., Bauck, A. E., Brown, J., Davidson, B. N., ... & Liaw, S. T. (2016). A harmonized data quality assessment terminology and framework for the secondary use of electronic health record data. Egems, 4(1).

Kao, Y. W., Huang, K. Y., Gu, H. Z., & Yuan, S. M. (2013). uCloud: a user-centric key management scheme for cloud data protection. IET Information Security, 7(2), 144-154.

Kertesz, A., & Varadi, S. (2014). Legal aspects of data protection in cloud federations. In Security, Privacy and Trust in Cloud Systems (pp. 433-455). Springer, Berlin, Heidelberg.

Khan, A. N., Kiah, M. M., Khan, S. U., & Madani, S. A. (2013). Towards secure mobile cloud computing: A survey. Future Generation Computer Systems, 29(5), 1278-1299.

Kshetri, N. (2013). Privacy and security issues in cloud computing: The role of institutions and institutional evolution. Telecommunications Policy, 37(4-5), 372-386.

Nguyen, K. T., Laurent, M., & Oualha, N. (2015). Survey on secure communication protocols for the Internet of Things. Ad Hoc Networks, 32, 17-31.

Pearson, S. (2013). Privacy, security and trust in cloud computing. In Privacy and Security for Cloud Computing (pp. 3-42). Springer, London.

Rewagad, P., & Pawar, Y. (2013, April). Use of digital signature with diffie hellman key exchange and AES encryption algorithm to enhance data security in cloud computing. In Communication Systems and Network Technologies (CSNT), 2013 International Conference on (pp. 437-439). IEEE.

Rodrigues, J. J., De La Torre, I., Fernández, G., & López-Coronado, M. (2013). Analysis of the security and privacy requirements of cloud-based electronic health records systems. Journal of medical Internet research, 15(8).

Sen, J. (2014). Security and privacy issues in cloud computing. In Architectures and protocols for secure information technology infrastructures (pp. 1-45). IGI Global.

Shaikh, N., & Shrimali, V. (2016). Disaster Recovery Plan: Automating Backup Process for Library Databases.

Sun, Y., Zhang, J., Xiong, Y., & Zhu, G. (2014). Data security and privacy in cloud computing. International Journal of Distributed Sensor Networks, 10(7), 190903.

Suo, H., Liu, Z., Wan, J., & Zhou, K. (2013, July). Security and privacy in mobile cloud computing. In Wireless Communications and Mobile Computing Conference (IWCMC), 2013 9th International (pp. 655-659). IEEE.

Wang, B., Li, B., & Li, H. (2014). Oruta: Privacy-preserving public auditing for shared data in the cloud. IEEE transactions on cloud computing, 2(1), 43-56.

Wang, B., Yu, S., Lou, W., & Hou, Y. T. (2014, April). Privacy-preserving multi-keyword fuzzy search over encrypted data in the cloud. In INFOCOM, 2014 Proceedings IEEE (pp. 2112-2120). IEEE.

Wei, L., Zhu, H., Cao, Z., Dong, X., Jia, W., Chen, Y., & Vasilakos, A. V. (2014). Security and privacy for storage and computation in cloud computing. Information Sciences, 258, 371-386.

Williams, S., Fleming, S., Lundqvist, K., & Parslow, P. (2013). This is me: Digital identity and reputation on the internet. In Digital identity and social media (pp. 104-117). IGI Global.

Winkler, A. T. (2013). Password Protection and Self-Incrimination: Applying the Fifth Amendment Privilege in the Technological Era. Rutgers Computer & Tech. LJ, 39, 194.

Xiao, Z., & Xiao, Y. (2013). Security and privacy in cloud computing. IEEE Communications Surveys & Tutorials, 15(2), 843-859.

Zaveri, A., Rula, A., Maurino, A., Pietrobon, R., Lehmann, J., & Auer, S. (2016). Quality assessment for linked data: A survey. Semantic Web, 7(1), 63-93.

Zhang, L., Wu, C., Li, Z., Guo, C., Chen, M., & Lau, F. C. (2013). Moving big data to the cloud: An online cost-minimizing approach. IEEE Journal on Selected Areas in Communications, 31(12), 2710-2721.

Zou, Y., Wang, X., & Shen, W. (2013, June). Intercept probability analysis of cooperative wireless networks with best relay selection in the presence of eavesdropping attack. In Communications (ICC), 2013 IEEE International Conference on (pp. 2183-2187). IEEE.

All the team member has made their contribution in the development of the personal data privacy strategy and the personal data protection strategies. The contribution of all the team members has been stated below individually.

Name of the Student: Student 1

My contribution in development of the personal data privacy and protection strategy was identification of the threats. I was given the responsibility to identify the threat which I attain by reviewing different articles that are available online.

According to me the need data is a very important aspect for the development and progress of any organisation and so data should be protected. Moreover, if the privacy of the data is violated it will impact the future strategies of the organisation and hence needs protection.

Name of the Student: Student 2

My contribution in development of the personal data privacy and protection strategy was detailing of the identified threat. The detailing of threats would enable the readers to better understand the threat and how they could impact the data privacy and protection.

My reason for the development of privacy and data protection policy is that data is one of the most vital resource of an organisation that contributes to the organisation’s success and as cloud is based on internet the chances of data compromising is high and thus the need for the strategy to protect the data.

Name of the Student: Student 3

My contribution in development of the personal data privacy and protection strategy was identification of the mitigating strategies. Based on the types of threats I looked for the mitigation strategies.

According to me the development of privacy and data protection policies is to prevent the illegal and unethical activities that may be carried out if the data is compromised.

Name of the Student: Student 4

Based on the identified threats, their impact and their mitigation strategy, I determined and detailed the implementation strategy for the mitigation strategies.

As the proposed privacy and data protection policies is aimed for a charity services where the data can enable or disable the impact of services on the disadvantaged people. Hence it becomes greatly important to protect the data to ensure positive impact of the services on the people in discussion.

Cite This Work

To export a reference to this article please select a referencing stye below:

My Assignment Help. (2021). Privacy And Protection Strategy For Cloud Services Essay.. Retrieved from https://myassignmenthelp.com/free-samples/itc568-cloud-privacy-and-security/data-and-privacy-protection.html.

"Privacy And Protection Strategy For Cloud Services Essay.." My Assignment Help, 2021, https://myassignmenthelp.com/free-samples/itc568-cloud-privacy-and-security/data-and-privacy-protection.html.

My Assignment Help (2021) Privacy And Protection Strategy For Cloud Services Essay. [Online]. Available from: https://myassignmenthelp.com/free-samples/itc568-cloud-privacy-and-security/data-and-privacy-protection.html
[Accessed 24 December 2024].

My Assignment Help. 'Privacy And Protection Strategy For Cloud Services Essay.' (My Assignment Help, 2021) <https://myassignmenthelp.com/free-samples/itc568-cloud-privacy-and-security/data-and-privacy-protection.html> accessed 24 December 2024.

My Assignment Help. Privacy And Protection Strategy For Cloud Services Essay. [Internet]. My Assignment Help. 2021 [cited 24 December 2024]. Available from: https://myassignmenthelp.com/free-samples/itc568-cloud-privacy-and-security/data-and-privacy-protection.html.

Get instant help from 5000+ experts for
question

Writing: Get your essay and assignment written from scratch by PhD expert

Rewriting: Paraphrase or rewrite your friend's essay with similar meaning at reduced cost

Editing: Proofread your work by experts and improve grade at Lowest cost

loader
250 words
Phone no. Missing!

Enter phone no. to receive critical updates and urgent messages !

Attach file

Error goes here

Files Missing!

Please upload all relevant files for quick & complete assistance.

Plagiarism checker
Verify originality of an essay
essay
Generate unique essays in a jiffy
Plagiarism checker
Cite sources with ease
support
close