Security of Employee Data Question 2022
Analyzing the security and privacy threats to employee data in a shared services approach and after migrating to SaaS.
16 Pages5147 Words28 Views
Added on 2022-09-30
Security of Employee Data Question 2022
Analyzing the security and privacy threats to employee data in a shared services approach and after migrating to SaaS.
Added on 2022-09-30
ShareRelated Documents
Introduction:
1. Security of Employee Data
S.No Security
Threat/Risk
Description
Likelihood
Impact
Priority
Preventive Actions Contingency Plans
1. Data access risk H H H 1. Every customer must
deliberate and review
the processes as well as
polices which are
provided by Saas
provider
2. The company (DAS)
must check the terms as
well as conditions of Saas
provider
1. The company
should have proper
security so that
nobody can use the
critical data and the
data of the
organization without
the proper
permission or
authentication.
2. Instability VH M VH 1 The DAS company must
enquire about the SaaS
before investing their
money.
2 The company must
read all the policies
regarding the instability
issues before the data
leak occurs.
1 the data leak of the
company can be
prevented by
softwares that does
not give access to the
hackers and also
there should IT
trained people in the
company who can
stop these data
leakage.
3. Lack of
transparency
VL M M 1 The organization DAS
should communicate
with the Saas providers
regarding transparency
problems.
2 The company should
know the transparency of
the information to avoid
all security issues.
1 the deficiency of
the transparency in
the company is
prevented by
appropriate
communication
between the
individuals who
manage all the data
of the organization.
4. Identity theft VH L VH 1 The organization DAS
can prevent the issue of
identity theft by using
various security tools.
2 The company must pay
for the services for the
safety of its secret
information and the bank
accounts privacy.
1 Personality theft is
a primary security
issue in the company.
The place or the
cloud where the data
is kept must be
properly crypted with
a private key so that
there is no identity
1. Security of Employee Data
S.No Security
Threat/Risk
Description
Likelihood
Impact
Priority
Preventive Actions Contingency Plans
1. Data access risk H H H 1. Every customer must
deliberate and review
the processes as well as
polices which are
provided by Saas
provider
2. The company (DAS)
must check the terms as
well as conditions of Saas
provider
1. The company
should have proper
security so that
nobody can use the
critical data and the
data of the
organization without
the proper
permission or
authentication.
2. Instability VH M VH 1 The DAS company must
enquire about the SaaS
before investing their
money.
2 The company must
read all the policies
regarding the instability
issues before the data
leak occurs.
1 the data leak of the
company can be
prevented by
softwares that does
not give access to the
hackers and also
there should IT
trained people in the
company who can
stop these data
leakage.
3. Lack of
transparency
VL M M 1 The organization DAS
should communicate
with the Saas providers
regarding transparency
problems.
2 The company should
know the transparency of
the information to avoid
all security issues.
1 the deficiency of
the transparency in
the company is
prevented by
appropriate
communication
between the
individuals who
manage all the data
of the organization.
4. Identity theft VH L VH 1 The organization DAS
can prevent the issue of
identity theft by using
various security tools.
2 The company must pay
for the services for the
safety of its secret
information and the bank
accounts privacy.
1 Personality theft is
a primary security
issue in the company.
The place or the
cloud where the data
is kept must be
properly crypted with
a private key so that
there is no identity
threat.
5. Malware attacks M VH H 1 The DAS company must
stop the malware attacks
by proper security. The
malware can infect the
important data of the
company.
2 The system is secured
from malware attacks by
appropriate Saas which
protects the information
of the company in the
cloud.
1 The malware
attacks are also a
major security
concerns in the
company. The
malware attacks can
be prevented by
some security tools
and there should be
trained people who
can stop these
malware attacks so
that there is no loss
of data.
o Existing security threats to Employee data
Likelihood - VL, L, M, H, VH
Impact- - VL, L, M, H, VH
Priority- - VL, L, M, H, VH
Probability
Very High 4 2
High 1
Medium 5
Low
Very Low 3
Severity Very Low Low Medium High Very High
Explain issues
1. Data access risk: The data access risk is the primary concerns of the Department of the
Administrative services organization. If the organization does not have any proper security solutions
for the data and information then, anyone can access sensitive data and the company’s data which
can result in the loss of sensitive data. As this is a administration facility organization so there are
very important data. There should be rigid solutions for the unauthorised access of data which are
5. Malware attacks M VH H 1 The DAS company must
stop the malware attacks
by proper security. The
malware can infect the
important data of the
company.
2 The system is secured
from malware attacks by
appropriate Saas which
protects the information
of the company in the
cloud.
1 The malware
attacks are also a
major security
concerns in the
company. The
malware attacks can
be prevented by
some security tools
and there should be
trained people who
can stop these
malware attacks so
that there is no loss
of data.
o Existing security threats to Employee data
Likelihood - VL, L, M, H, VH
Impact- - VL, L, M, H, VH
Priority- - VL, L, M, H, VH
Probability
Very High 4 2
High 1
Medium 5
Low
Very Low 3
Severity Very Low Low Medium High Very High
Explain issues
1. Data access risk: The data access risk is the primary concerns of the Department of the
Administrative services organization. If the organization does not have any proper security solutions
for the data and information then, anyone can access sensitive data and the company’s data which
can result in the loss of sensitive data. As this is a administration facility organization so there are
very important data. There should be rigid solutions for the unauthorised access of data which are
generally done by the hacker (Kavis, 2014). There should be security tools and trained people to
stop the illegal access of data by the people outside the company.
2. Instability: Instability is also an essential security issue of the DAS organization. Instability means
leakage of data which is threat to the company (Sadiku et al., 2013 ). Leaking of valuable
information can force to the loss of the secret data that the administrative service company has
with themselves. The company should have proper solutions for the leakage of data. The
information leak can harm the company as the important data gets leaked. The leakage of the data
can be stopped by encryption of the data, lock down of the network, security of the endpoint and to
monitor the activity and the creativity of the data.
3. Lack of transparency: Less number of transparencies in the organization is also an important
security issue in the company. There should be transparencies between the organization and the
Saas providers they are opting for. There should also be transparency among the employees in the
company. Knowing the transparency of data is very important for the company (Tan, 2013). They can
access the data irrespective of the location of the data. If there are no transparencies of information,
the organizations are not able work with any kind of information. The major security problems
related to the transparency of data is information vulnerability. Vulnerability of information means
that the data can be leaked or hacked without the company knowing.
4. Identity theft: Identity theft is the preliminary issue for any company. Identity theft is a crime
where the hacker gets the important information about the company and the he can impersonate
someone else. For this the data must be properly crypted with private key in the cloud. The private
key must be with the director of the organization so that there should not be any unauthorized
access to the data which may lead to the identity theft of the company (Hashizume, 2013). The
person doing the identity theft of the company can impersonate some other company with the
information that he got from the DAS Company.
5. Malware attacks: Malware is usually a kind of malicious software that gets into the system of
other people without the knowledge of the person. The malware attack is also an essential concern
for the DAS organization. The malware enters the system of the organization without the knowledge
of the employee of the company and can steal important information from the system of the
company. There are different types of malware such as the spyware, ransomware and many more.
The spyware enters the system of the organization and spy on the works that the company is doing
(Wu et al., 2013). This can be mitigated by security software that can find the malicious software
once it enters the system of the company and then eliminate it. The company should have trained
professionals who can handle these type of attacks.
stop the illegal access of data by the people outside the company.
2. Instability: Instability is also an essential security issue of the DAS organization. Instability means
leakage of data which is threat to the company (Sadiku et al., 2013 ). Leaking of valuable
information can force to the loss of the secret data that the administrative service company has
with themselves. The company should have proper solutions for the leakage of data. The
information leak can harm the company as the important data gets leaked. The leakage of the data
can be stopped by encryption of the data, lock down of the network, security of the endpoint and to
monitor the activity and the creativity of the data.
3. Lack of transparency: Less number of transparencies in the organization is also an important
security issue in the company. There should be transparencies between the organization and the
Saas providers they are opting for. There should also be transparency among the employees in the
company. Knowing the transparency of data is very important for the company (Tan, 2013). They can
access the data irrespective of the location of the data. If there are no transparencies of information,
the organizations are not able work with any kind of information. The major security problems
related to the transparency of data is information vulnerability. Vulnerability of information means
that the data can be leaked or hacked without the company knowing.
4. Identity theft: Identity theft is the preliminary issue for any company. Identity theft is a crime
where the hacker gets the important information about the company and the he can impersonate
someone else. For this the data must be properly crypted with private key in the cloud. The private
key must be with the director of the organization so that there should not be any unauthorized
access to the data which may lead to the identity theft of the company (Hashizume, 2013). The
person doing the identity theft of the company can impersonate some other company with the
information that he got from the DAS Company.
5. Malware attacks: Malware is usually a kind of malicious software that gets into the system of
other people without the knowledge of the person. The malware attack is also an essential concern
for the DAS organization. The malware enters the system of the organization without the knowledge
of the employee of the company and can steal important information from the system of the
company. There are different types of malware such as the spyware, ransomware and many more.
The spyware enters the system of the organization and spy on the works that the company is doing
(Wu et al., 2013). This can be mitigated by security software that can find the malicious software
once it enters the system of the company and then eliminate it. The company should have trained
professionals who can handle these type of attacks.
o New Security Threat to Employee data (after moving to SaaS)
S.No New Security
Threat/Risk of
employee data
Description (after
moving to Saas)
Likelihood
Impact
Priority
Preventive Actions Contingency Plans
1. Immature
identification
management
M H VH 1. Utilization of protected
data connector of Google
in the DAS.
2. Utiliziing the cloud
data alliance in DAS.
1. Safety related to
the employee of DAS.
2. Plan for the
contact between to
employees in DAS.
2. Weak cloud
software
H VH VH Implementing the privacy
pole various types of the
software vendor by DAS.
Backup of the various
types of information
such as insurance.
3. Privacy issues o9f
the data
VH VH H The DAS organization can
implement the secrecy
problems associated with
cloud software.
The company named
DAS has a place to
keep the backup of
the cloud data.
4. Access from
everywhere
comprises risk
VH VH L The organization should
implement Web gateway
devices of Cisco.
The organization
should implement
generator.
5. Unknown data
location
VH H H DAS organization can
install the FISMA certified
Google Apps.
Data safety of the
employee can be
implemented.
10. Lack of the logging
and also the
control of the
monitoring of the
data
L L H DAS should install the
logging management and
the control of the
monitoring of employee
data.
Security of the data is
the primary concern
for the organization.
Likelihood - VL, L,M, H, VH Impact- - VL, L,M, H, VH Priority- - VL, L, M,H, VH
Explain issues
1.Immature identification management: The vendor the cloud services are not always provide the
genuine platforms with the services related to the identity that exist at the backside of the firewall of
the DAS company. There are a few number of the third party technologies that let the information
technology extends the access control that is based on the rolls into the cloud infrastructure with
the single sign-on. It is the filed that is still at the stage of the beginners. It is said by the data analyst
Chenxi Wang. Google has the platform named the secure data Connector that establishes the
secure connection between the data of the connector as well as the business application provided
by the Google. Unfortunately the discovery of the Saas has great effort for the generation of the
S.No New Security
Threat/Risk of
employee data
Description (after
moving to Saas)
Likelihood
Impact
Priority
Preventive Actions Contingency Plans
1. Immature
identification
management
M H VH 1. Utilization of protected
data connector of Google
in the DAS.
2. Utiliziing the cloud
data alliance in DAS.
1. Safety related to
the employee of DAS.
2. Plan for the
contact between to
employees in DAS.
2. Weak cloud
software
H VH VH Implementing the privacy
pole various types of the
software vendor by DAS.
Backup of the various
types of information
such as insurance.
3. Privacy issues o9f
the data
VH VH H The DAS organization can
implement the secrecy
problems associated with
cloud software.
The company named
DAS has a place to
keep the backup of
the cloud data.
4. Access from
everywhere
comprises risk
VH VH L The organization should
implement Web gateway
devices of Cisco.
The organization
should implement
generator.
5. Unknown data
location
VH H H DAS organization can
install the FISMA certified
Google Apps.
Data safety of the
employee can be
implemented.
10. Lack of the logging
and also the
control of the
monitoring of the
data
L L H DAS should install the
logging management and
the control of the
monitoring of employee
data.
Security of the data is
the primary concern
for the organization.
Likelihood - VL, L,M, H, VH Impact- - VL, L,M, H, VH Priority- - VL, L, M,H, VH
Explain issues
1.Immature identification management: The vendor the cloud services are not always provide the
genuine platforms with the services related to the identity that exist at the backside of the firewall of
the DAS company. There are a few number of the third party technologies that let the information
technology extends the access control that is based on the rolls into the cloud infrastructure with
the single sign-on. It is the filed that is still at the stage of the beginners. It is said by the data analyst
Chenxi Wang. Google has the platform named the secure data Connector that establishes the
secure connection between the data of the connector as well as the business application provided
by the Google. Unfortunately the discovery of the Saas has great effort for the generation of the
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Security of Employee Data Report 2022lg...
|15
|4031
|18
Security of Employee Data Assignment 2022lg...
|17
|5058
|16
Security and Privacy of Employee Data | Reportlg...
|34
|6311
|63
Security and Privacy of Employee Data - Deskliblg...
|25
|6301
|272
Cloud Security - ITC 568 | Assignmentlg...
|12
|2975
|261
Report | Cloud Computing in DASlg...
|22
|5610
|356