logo

Cloud Security and Privacy

This research paper focuses on the security and privacy challenges associated with the migration of employee data to a shared services and cloud first environment in an Australian State Government. The paper analyzes existing security threats and risks to employee data, as well as new threats that may arise after the migration. It also examines the privacy threats and risks to the privacy of employee data and proposes preventive actions and contingency plans to mitigate these risks.

27 Pages5040 Words357 Views
   

Added on  2022-11-15

About This Document

This report discusses the security and privacy concerns related to cloud computing for the organization of DAS. It covers the existing and new security threats to employee data, their likelihood, impact, priority, preventive actions, and contingency plans. The severity of the identified risks and threats to security of the employee data is also discussed.

Cloud Security and Privacy

This research paper focuses on the security and privacy challenges associated with the migration of employee data to a shared services and cloud first environment in an Australian State Government. The paper analyzes existing security threats and risks to employee data, as well as new threats that may arise after the migration. It also examines the privacy threats and risks to the privacy of employee data and proposes preventive actions and contingency plans to mitigate these risks.

   Added on 2022-11-15

ShareRelated Documents
Running head: CLOUD SECURITY AND PRIVACY
Cloud Security and Privacy
Name of the Student
Name of the University
Author’s Note:
Cloud Security and Privacy_1
1
CLOUD SECURITY AND PRIVACY
Table of Contents
1. Introduction............................................................................................................................2
2. Security of Employee Data....................................................................................................2
3. Privacy of Employee Data...................................................................................................14
4. Digital Identity Issues..........................................................................................................21
5. Conclusion............................................................................................................................22
References................................................................................................................................23
Cloud Security and Privacy_2
2
CLOUD SECURITY AND PRIVACY
1. Introduction
The technology of cloud computing helps in on demand access of any computerized
system resource. It is done with no involvement of user management directly. Clouds consist
of few distinct functions, which could be distributed to any location from centralized users
(Baron et al., 2019). Clouds are limited to one single organization or enterprise for being
available to several companies. This technology relies on better sharing of resources for
achieving coherence in the business (Carlin & Curran, 2013). Due to the high availability of
the networks as well as low cost computers or storage devices, the cloud service providers
allow adoption of hardware virtualization or service oriented architectures.
Such services involve IaaS, SaaS and PaaS. There are three distinctive features of
cloud computing, which helps in differentiation it from the respective traditional web hosting.
There are several innovations within distributed computing and virtualization for the
improvised access to high speed Internet connection (Almorsy, Grundy & Müller, 2016).
Digital identities could be referred to as the body of information regarding any individual,
electronic device or even organization, which is existing online. The most unique identifiers
are responsible for detecting individuals as well as devices. Confidential information is
required to be secured and digital identities can easily secure this type of information without
much complexity (Ali, Khan & Vasilakos, 2015). DAS provides numerous products and
services to several Australian departments. Such services involve procurement, contractor
management, payroll, human resource management and many more. They are about to shift
to Shared Service approach for securing the confidential data of their employees and
customers. This report provides proper discussion about description of cloud security and
privacy for the organization of DAS with subsequent details such as risks and threats as well
as mitigation policies.
Cloud Security and Privacy_3
3
CLOUD SECURITY AND PRIVACY
2. Security of Employee Data
2.1 Existing security threats to Employee data
Data of employee is one of the most confidential and sensitive data in the entire
organization. Thus, it is needed to ensure that data security should be maintained under every
circumstance and there should not be any kind of discrepancy (Pearson, 2013). The data
could be easily and promptly hacked and due to such data loss, the HR databases would be
affected. The most significant risks, which will be possible towards the subsequent security
factor for data of employees regarding in house HR department. There are some of the major
existing security risks to the data of the employees. The main risks are:
S.
No
Security
Threat/Risk
Description
Likelihood
Impact
Priority
Preventive Actions Contingency
Plans
1. Denial of
Service or DoS
Attack, which is
related to the
security of the
data of
employees. It
occurs by
disrupting the
services of host
system.
Very
high
Very
high
Very
high
1. The first
preventive action for
DoS attack is
developing a
response planning
(Rong, Nguyen &
Jaatun, 2013). The
overall impact of the
total attack would be
effectively
minimized. The
major elements of
this type of response
1. The first
contingency plan
for DoS attack is
ensuring a fully-
fledged business
continuity policy
and it includes an
impact of the day
to day business.
There is an
unnecessary
overhead for this
plan and hence
Cloud Security and Privacy_4
4
CLOUD SECURITY AND PRIVACY
plan include systems
checklist, response
team, escalating
processes and list of
internal and external
contacts.
2. The second
effective preventive
action is securing the
network
infrastructure. It
could only be
achieved with the
help of several
multi-level
protection strategies
within place.
Advanced intrusion
prevention as well as
threat management
system is included in
this infrastructure.
reducing the
harmful
consequences of
this issue.
2. The second
effective
contingency plan
for DoS attack is
strategy for
turning common
devices and hence
preventing them
from tuning into
bots (Lin et al.,
2013). It is helpful
for fixing the
vulnerabilities in
an effective
manner.
2. Malware, which
could be
Low Low Low 1. The first and the
most effective
1. The first and the
foremost
Cloud Security and Privacy_5
5
CLOUD SECURITY AND PRIVACY
promptly
referred to the
malicious
software and is
designed for
causing all
kinds of
damages to
computerized
networks.
preventive action is
the installation of
anti-virus or
malware software. It
helps in keeping the
system completely
virus free.
2. Keeping the
current version of
operating system is
the second important
preventive action of
malware, which
issues the security
patches and fixes
security leak.
contingency plan
for malware
prevention is
communicating
the respective
method of entry.
This is done by
communicating
the findings for
avoidance of
infection (Yu et
al., 2013).
2. Blocking the
access of system
usage is the next
contingency plan
for malware.
3. Legitimate
Privilege
Abuse, which
occurs as soon
as users are
being granted
access
privileges of
Mediu
m
High Medium 1. Tracking the
permission changes
is the first
prevention strategy
for reducing the
impact of this issue.
2. Improving overall
system architecture
1. Successful
identification of
the privileged
users is the most
effective
contingency plan
for legitimate
privilege abuse.
Cloud Security and Privacy_6

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Cloud Security and Privacy Assignment 2022
|26
|5018
|14

Cloud Security and Privacy Assignment 2022
|18
|5246
|12

Cloud Security and Risk
|19
|5365
|373

Cloud Privacy and Security
|21
|6371
|142

Threats and Risks to the Digital Identities of Government Employees
|23
|5094
|679

Cloud Security - ITC 568 | Assignment
|12
|2975
|261