logo

Cloud Security - ITC 568 | Assignment

12 Pages2975 Words261 Views
   

Charles Sturt University

   

Cloud Security and Privacy (ITC 568)

   

Added on  2020-03-07

About This Document

ITC 568 - The assignment talks about Cloud Security and discusses the following topics - security of employee data, the severity of risk, and threat to the security and privacy of employee data. The paper also talks about solution architectures implied in security and policy issues, digital identity issues, and data sensitivity.

Cloud Security - ITC 568 | Assignment

   

Charles Sturt University

   

Cloud Security and Privacy (ITC 568)

   Added on 2020-03-07

ShareRelated Documents
Running head: Cloud SecurityCloud SecurityName of the studentName of the UniversityAuthor Note
Cloud Security - ITC 568 | Assignment_1
CLOUD SECURITYTable of ContentsIntroduction:..........................................................................................................................................2Security of Employee Data.................................................................................................................2New Security Threat to Employee data(after moving to SaaS)..............................................................4Severity of risk and threat to security employee data.......................................................................5Privacy of Employee Data......................................................................................................................5Existing privacy threats and risks to the privacy of employee data...................................................5Severity of risk and threat toprivacy employee data........................................................................7Digital Identity Issues.............................................................................................................................8Provider Solution Issues and why?........................................................................................................8Solution Architecture including security and Privacy.............................................................................9Data Sensitivity......................................................................................................................................9Conclusion:..........................................................................................................................................10References:..........................................................................................................................................11
Cloud Security - ITC 568 | Assignment_2
CLOUD SECURITYIntroduction:Department of Administrative Service (DAS) is delivering various services for the different departments of the state government in Australia. The data centre of the department of DAS is delivering the services for the department.A new service provider is being introduced to DAS to implement new program in the system that is Software as a Service (Saas) which is a centrally hosted licensing model and software delivery. A team has been introduced to deliver a risk management program that will identify the threats and risks to the privacy and security of data of employee working in DAS. A severity matrix have also been proposed to validate which risk is most critical, which needs least consideration and which can cause medium impact to the privacy and security of the employees of DAS. Security of Employee Data S.NoSecurity Threat/Risk DescriptionLikelihoodImpactPriorityPreventive ActionsContingency PlansStudent1R1.Non-existent Security ArchitectureVLVHVHAppropriate Personnel for designing security architecture (Sun, 2012). Consult third party to motivate IT team.R2.Un-patched Client Side applications and softwareMVHVHImplementing robust patch management programRegularly update security softwareR3.Phishing and Spear PhishingHHMDAS should install professional enterprise level.DAS should provide regular training to the employee towards internet security.R4.Internet Web sitesMHMUpdate firewall and antivirusInstalling new antivirusR5.Poor ConfigurationLVHVHDAS should implement configuration management policy for hardware connecting to the internet.Implementing Network Access Control Solution.Student2R6.Mobile DevicesLLVLMobile devices should be kept personally and protected from other users.Encryption of the data stored in mobiledevices.R7.Cloud ComputingVHHVHDAS should insure that the SaaS application offered by service Reviewing whether the offered application applicable
Cloud Security - ITC 568 | Assignment_3
CLOUD SECURITYprovider is effectively accomplice with the information security system requirements of DAS.with privacy acts and Family Education Rights.Student3R8. Removable MediaHVHMDisabling “auto run” feature of the system.Train users and employees to scan before using any external device.R9. BotnetsVHHHDAS should implement strong security architectAnalysing the data sent over the internet (Asghari, Eeten & Bauer, 2015).Implementation of holistic approach to the data security.R10.Zero-day AttacksHHHImplement highly experienced IT.DAS should keep abreast of less software patches.oExisting security threats to Employee dataLikelihood - VL, L, M, H, VHImpact- - VL, L, M, H, VHPriority- - VL, L, M, H, VHExplain issues 1.Non-existent of Security Architecture in the system of an organization: Insufficient network protection can result in the vulnerability of data, software and hardware which can result the expose and loss of information by malicious software, hacking and viruses.2.Un-patched Client Side Software and Applications: Malicious attackers can take the benefit of the systems that are running old versions of the software which are being installed in that system.3.Phishing and Spear Phishing (target attacks): Unauthorized users or hackers can use malicious codes in the emails and gain access to the personal information of the employees or the organization (Sood & Enbody, 2013).4.Internet Web sites: Browsing web pages may also contain malicious codes which can be helpful for the hackers or unauthorized person in manipulating or exploring the data saved in the database.5.Poor Configuration Management: Any computer system connected to the internet can be a prey to malicious activities if it does not follow the configuration management policy and becomes vulnerable to the data loss threats.
Cloud Security - ITC 568 | Assignment_4

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Security and Privacy of Employee Data | Report
|34
|6311
|63

Report | Cloud Computing in DAS
|22
|5610
|356

Security of Employee Data Report 2022
|15
|4031
|18

Security of Employee Data Assignment 2022
|17
|5058
|16

Security of Employee Data Question 2022
|16
|5147
|28

Security and Privacy of Employee Data - Desklib
|25
|6301
|272