Cloud Computing Security Risks and Mitigation
VerifiedAdded on 2020/04/07
|17
|4474
|196
AI Summary
This assignment delves into the crucial topic of security risks associated with cloud computing. It requires you to thoroughly examine potential threats to data and systems within cloud environments. Furthermore, you must propose and analyze effective mitigation strategies that businesses can implement to safeguard their data and operations in the cloud.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: ACADEMICS FOR ACADEMICS CASE STUDY
Academics For Academics Case Study
Name of the Student
Name of the University
Author’s Note:
Academics For Academics Case Study
Name of the Student
Name of the University
Author’s Note:
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1
ACADEMICS FOR ACADEMICS CASE STUDY
Executive Summary
The main objective of this report is to understand the basic concept of the case study of
Academics For Academics or A4A. It is a non-governmental organization or commonly known
as NGO. This non-governmental organization has its head office in Sydney and its branch office
in Singapore. The projects and the activities of this organization are sponsored by the donations
that come from public. A4A has a team of total ten members. Out of these six members are
present in Sydney office, whereas, the rest four members are present in the Singapore office. The
main job of this organization is to help the private and the public colleges and universities in
Southeast Asia and Australia. The information is stored in an information system. The aim of
this report is to identify the security risks that are probable for the information system and to
manage those risks and threats.
ACADEMICS FOR ACADEMICS CASE STUDY
Executive Summary
The main objective of this report is to understand the basic concept of the case study of
Academics For Academics or A4A. It is a non-governmental organization or commonly known
as NGO. This non-governmental organization has its head office in Sydney and its branch office
in Singapore. The projects and the activities of this organization are sponsored by the donations
that come from public. A4A has a team of total ten members. Out of these six members are
present in Sydney office, whereas, the rest four members are present in the Singapore office. The
main job of this organization is to help the private and the public colleges and universities in
Southeast Asia and Australia. The information is stored in an information system. The aim of
this report is to identify the security risks that are probable for the information system and to
manage those risks and threats.
2
ACADEMICS FOR ACADEMICS CASE STUDY
Table of Contents
Introduction......................................................................................................................................3
Discussion........................................................................................................................................4
Academics For Academics..........................................................................................................4
Information Security Risks..........................................................................................................5
Management of Security Risks....................................................................................................9
Assumptions..................................................................................................................................11
Conclusion.....................................................................................................................................12
References......................................................................................................................................14
ACADEMICS FOR ACADEMICS CASE STUDY
Table of Contents
Introduction......................................................................................................................................3
Discussion........................................................................................................................................4
Academics For Academics..........................................................................................................4
Information Security Risks..........................................................................................................5
Management of Security Risks....................................................................................................9
Assumptions..................................................................................................................................11
Conclusion.....................................................................................................................................12
References......................................................................................................................................14
3
ACADEMICS FOR ACADEMICS CASE STUDY
Introduction
A recognized and popular Non-Governmental Organization or NGO namely Academics
For Academics or A4A has the head office in Sydney and its branch office in Singapore. The
funds of all the activities projects of this particular organization mainly come from public
donations (Fleischmann et al. 2014). They do not sponsor any money from themselves. This non-
governmental organization has a team of total ten staff members. The Sydney office has six staff
members amongst the ten and the rest four members are present in the office of Singapore. In
spite of working in two different locations, which are Sydney and Singapore, all the ten staff
members’ together work as a team to obtain the organizational goals and objectives. This
Academics For Academic was established for helping all the small private and public colleges
and universities in Southeast Asia and Australia (Awadh and Alyahya 2013). These universities,
who want to receive the services of A4A have to register themselves and become members of
A4A. This organization has to store their confidential information in the information system.
However, this information system can have many security risks and data breaches.
The following report outlines a brief description on the case study of Academics For
Academics or A4A. This non-governmental organization has all the confidential data and
information stored and kept in their information security system. This information security
system helps them to manipulate, retrieve and store information easily and quickly (Vaccaro et
al. 2012). The report provides a discussion on the probable security risks and the ways to
mitigate or manage these risks. These risks can be extremely harmful for any organization and
their information security system. However, these risks can be controlled by certain measures.
ACADEMICS FOR ACADEMICS CASE STUDY
Introduction
A recognized and popular Non-Governmental Organization or NGO namely Academics
For Academics or A4A has the head office in Sydney and its branch office in Singapore. The
funds of all the activities projects of this particular organization mainly come from public
donations (Fleischmann et al. 2014). They do not sponsor any money from themselves. This non-
governmental organization has a team of total ten staff members. The Sydney office has six staff
members amongst the ten and the rest four members are present in the office of Singapore. In
spite of working in two different locations, which are Sydney and Singapore, all the ten staff
members’ together work as a team to obtain the organizational goals and objectives. This
Academics For Academic was established for helping all the small private and public colleges
and universities in Southeast Asia and Australia (Awadh and Alyahya 2013). These universities,
who want to receive the services of A4A have to register themselves and become members of
A4A. This organization has to store their confidential information in the information system.
However, this information system can have many security risks and data breaches.
The following report outlines a brief description on the case study of Academics For
Academics or A4A. This non-governmental organization has all the confidential data and
information stored and kept in their information security system. This information security
system helps them to manipulate, retrieve and store information easily and quickly (Vaccaro et
al. 2012). The report provides a discussion on the probable security risks and the ways to
mitigate or manage these risks. These risks can be extremely harmful for any organization and
their information security system. However, these risks can be controlled by certain measures.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4
ACADEMICS FOR ACADEMICS CASE STUDY
The report also gives suitable assumptions on the management of data breaches. The description
of the above discussion is given in the following paragraphs.
Discussion
Academics For Academics
Academics For Academics or A4A is a popular and recognized non-governmental
organization or commonly known as NGO. This was established in the previous year. This non-
governmental organization has its head office in Sydney and its branch office in Singapore. The
projects and the activities of this organization are sponsored by the donations that come from
public. A4A has a team of total ten members (Andres et al. 2012). Out of these six members are
present in Sydney office, whereas, the rest four members are present in the Singapore office.
This organization was established for helping all the smaller public and private colleges and
universities that are present in Southeast Asia and Australia. The private colleges and
universities, who are interested in getting the services of A4A, have to register themselves and
thus become the member colleges and universities of A4A (Awadh and Alyahya 2013).
Moreover, the experienced professionals, who are interested in giving voluntary services for any
member college or university, they can also register themselves with Academics For Academics.
The voluntary services include supervision of any research project or development of curriculum
or simply teaching any subject to the students. The organization will hire these people and they
become the members of A4A (Kotlar and De Massis 2013). The organization will then give short
term and interim assignments for a given period of time. The members get several advantages or
benefits from the organization like meals, accommodation, travel and medical expenses. Since,
this is a globally recognized organization; all the members should get these benefits from it. The
ACADEMICS FOR ACADEMICS CASE STUDY
The report also gives suitable assumptions on the management of data breaches. The description
of the above discussion is given in the following paragraphs.
Discussion
Academics For Academics
Academics For Academics or A4A is a popular and recognized non-governmental
organization or commonly known as NGO. This was established in the previous year. This non-
governmental organization has its head office in Sydney and its branch office in Singapore. The
projects and the activities of this organization are sponsored by the donations that come from
public. A4A has a team of total ten members (Andres et al. 2012). Out of these six members are
present in Sydney office, whereas, the rest four members are present in the Singapore office.
This organization was established for helping all the smaller public and private colleges and
universities that are present in Southeast Asia and Australia. The private colleges and
universities, who are interested in getting the services of A4A, have to register themselves and
thus become the member colleges and universities of A4A (Awadh and Alyahya 2013).
Moreover, the experienced professionals, who are interested in giving voluntary services for any
member college or university, they can also register themselves with Academics For Academics.
The voluntary services include supervision of any research project or development of curriculum
or simply teaching any subject to the students. The organization will hire these people and they
become the members of A4A (Kotlar and De Massis 2013). The organization will then give short
term and interim assignments for a given period of time. The members get several advantages or
benefits from the organization like meals, accommodation, travel and medical expenses. Since,
this is a globally recognized organization; all the members should get these benefits from it. The
5
ACADEMICS FOR ACADEMICS CASE STUDY
moment the members are recruited, they will do their jobs at the particular institution. However,
there is one major condition for this job (Fleischmann et al. 2014). All the confidential
information, excluding the examinations, marked assignments and the personal emails will the
property of the member institutions and Academics For Academics. All the confidential
information will be stored and managed by the organization’s security information system
irrespective of the location the member is working (Sessa and London 2015). It is verified and
guaranteed that all the information is secured in their system.
Information Security Risks
The information security system of Academics For Academics or A4A stores all the
confidential data and information regarding their projects and activities (Ackermann et al.,
2012). The information security is the practice of detecting and protecting all the unauthorized
access, modification, alteration, utilization, inspection, disclosure, recording and destruction of
all the information. This information should be secured so that any information security risks or
data breaches do not attack the system (He 2012). The Academics For Academics can have
several information security risks. The probable security risks of information system are as
follows:
i) Malicious Code or Software: This is one of the most dangerous and common security
threat or risk for an information system (Creese et al. 2012). This type of threat is nothing but a
code or software that is injected in a system by an intruder or hacker for infecting the system.
The code or software is malicious in nature and it can easily replicate itself once present in the
system. This code or software is commonly known as virus. The main problem of this software
or code is that it completely formats the entire system and all the confidential data and
ACADEMICS FOR ACADEMICS CASE STUDY
moment the members are recruited, they will do their jobs at the particular institution. However,
there is one major condition for this job (Fleischmann et al. 2014). All the confidential
information, excluding the examinations, marked assignments and the personal emails will the
property of the member institutions and Academics For Academics. All the confidential
information will be stored and managed by the organization’s security information system
irrespective of the location the member is working (Sessa and London 2015). It is verified and
guaranteed that all the information is secured in their system.
Information Security Risks
The information security system of Academics For Academics or A4A stores all the
confidential data and information regarding their projects and activities (Ackermann et al.,
2012). The information security is the practice of detecting and protecting all the unauthorized
access, modification, alteration, utilization, inspection, disclosure, recording and destruction of
all the information. This information should be secured so that any information security risks or
data breaches do not attack the system (He 2012). The Academics For Academics can have
several information security risks. The probable security risks of information system are as
follows:
i) Malicious Code or Software: This is one of the most dangerous and common security
threat or risk for an information system (Creese et al. 2012). This type of threat is nothing but a
code or software that is injected in a system by an intruder or hacker for infecting the system.
The code or software is malicious in nature and it can easily replicate itself once present in the
system. This code or software is commonly known as virus. The main problem of this software
or code is that it completely formats the entire system and all the confidential data and
6
ACADEMICS FOR ACADEMICS CASE STUDY
information is absolutely lost (Zissis and Lekkas 2012). This sometimes turns out to be risky as
if the data and information is lost, the organization can be in serious trouble.
ii) Denial of Service Attacks: The DoS or Denial of Service attack is the second most
important and significant risk or threat for any information system (Creese et al. 2012). This
particular type of security threat occurs when the hacker or the intruder intrudes or hacks into a
system and denies the entire service. The main problem of this type of attack is that the owner of
the system has absolutely no idea about the intrusion and the hacker does his job with ease. The
hacker obtains the full access of the affected system and the moment the user tries to enter into
the system, the service is denied (Chou 2013). The other disadvantage of this type of attack is
that the entire server or system is slowed down. These attacks are also done over a multiple
number of computers, known as the distributed denial of service or DDoS attacks.
iii) Information Leakage: The information is the most important and confidential part of
any organization. It should not be lost or intercepted at any cost. However, there is always a risk
or threat of leakage of information in an information system. This can occur in two ways (Rakes,
Deane and Rees 2012). The first way is that there is a technical problem in the system and the
information is leaked and the other way is through any employee. The technical problem of any
system can be mitigated by taking certain measures. The employee can leak the information
either unintentionally or intentionally that is for having wrong intentions.
iv) Receiving Unsolicited Emails: This is another significant and dangerous threat or
risk, where the victim gets or receives a hoax or fake email from fake email ids that claims to
belong to an authorized institution (Peltier 2013). The moment this hoax email is opened, the
information system is hacked and corrupted and nothing can be done about it.
ACADEMICS FOR ACADEMICS CASE STUDY
information is absolutely lost (Zissis and Lekkas 2012). This sometimes turns out to be risky as
if the data and information is lost, the organization can be in serious trouble.
ii) Denial of Service Attacks: The DoS or Denial of Service attack is the second most
important and significant risk or threat for any information system (Creese et al. 2012). This
particular type of security threat occurs when the hacker or the intruder intrudes or hacks into a
system and denies the entire service. The main problem of this type of attack is that the owner of
the system has absolutely no idea about the intrusion and the hacker does his job with ease. The
hacker obtains the full access of the affected system and the moment the user tries to enter into
the system, the service is denied (Chou 2013). The other disadvantage of this type of attack is
that the entire server or system is slowed down. These attacks are also done over a multiple
number of computers, known as the distributed denial of service or DDoS attacks.
iii) Information Leakage: The information is the most important and confidential part of
any organization. It should not be lost or intercepted at any cost. However, there is always a risk
or threat of leakage of information in an information system. This can occur in two ways (Rakes,
Deane and Rees 2012). The first way is that there is a technical problem in the system and the
information is leaked and the other way is through any employee. The technical problem of any
system can be mitigated by taking certain measures. The employee can leak the information
either unintentionally or intentionally that is for having wrong intentions.
iv) Receiving Unsolicited Emails: This is another significant and dangerous threat or
risk, where the victim gets or receives a hoax or fake email from fake email ids that claims to
belong to an authorized institution (Peltier 2013). The moment this hoax email is opened, the
information system is hacked and corrupted and nothing can be done about it.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
7
ACADEMICS FOR ACADEMICS CASE STUDY
v) Identity Theft: In this type of security risk, the identity of the user is stolen. The
hacker or the intruder gets into a system to get all the confidential data (Berghel 2012). The most
surprising feature of this threat is that the hacker acts as the user and the person sitting opposite
to the system, has no idea about this.
vi) Unauthorized Installation of Software: Software in a system plays the most
important role for the functions of the system. Any type of unauthorized software plays the
opposite role. (Sawik 2013) The victim invites the hackers as soon as he installs or updates
unauthorized software. This type of software is extremely harmful for the information system.
v) Unintentional Damage: Not all security risks are caused with wrong intentions or
intentionally. Some are even caused unintentionally. Often the employees or the staff members
of an organization do any type of damage to the information system of the organization either for
lack of training or for carelessness (Oriyano 2016). This type of damage can be caused either by
losing any confidential information or by damaging any of the information technology assets.
vi) Destruction of Records: This is another important and significant security risk for any
information system. The records cannot be destructed or destroyed at any cost for any
information system (Biham and Shamir 2012). This type of risk is caused by intentional or
unintentional motive of an employee.
vii) Modification in Data: Information or data modification or alteration is another major
and significant threat for any organization. The modified information often does not reveal the
originality of the message and the receiver is unable to get the right message (Kamara,
Papamanthou and Roeder 2012). The information system has a high chance of modification or
alteration of information.
ACADEMICS FOR ACADEMICS CASE STUDY
v) Identity Theft: In this type of security risk, the identity of the user is stolen. The
hacker or the intruder gets into a system to get all the confidential data (Berghel 2012). The most
surprising feature of this threat is that the hacker acts as the user and the person sitting opposite
to the system, has no idea about this.
vi) Unauthorized Installation of Software: Software in a system plays the most
important role for the functions of the system. Any type of unauthorized software plays the
opposite role. (Sawik 2013) The victim invites the hackers as soon as he installs or updates
unauthorized software. This type of software is extremely harmful for the information system.
v) Unintentional Damage: Not all security risks are caused with wrong intentions or
intentionally. Some are even caused unintentionally. Often the employees or the staff members
of an organization do any type of damage to the information system of the organization either for
lack of training or for carelessness (Oriyano 2016). This type of damage can be caused either by
losing any confidential information or by damaging any of the information technology assets.
vi) Destruction of Records: This is another important and significant security risk for any
information system. The records cannot be destructed or destroyed at any cost for any
information system (Biham and Shamir 2012). This type of risk is caused by intentional or
unintentional motive of an employee.
vii) Modification in Data: Information or data modification or alteration is another major
and significant threat for any organization. The modified information often does not reveal the
originality of the message and the receiver is unable to get the right message (Kamara,
Papamanthou and Roeder 2012). The information system has a high chance of modification or
alteration of information.
8
ACADEMICS FOR ACADEMICS CASE STUDY
viii) Eavesdropping: This is again a dangerous security threat. Eavesdropping in general
terms means hearing or sneaking into a system. The hacker or the intruder sneaks into the system
of the victim and gets all the necessary and confidential information (Dong, Liao and Li 2012).
However, in most of the cases, the hacker only checks the information and does not modify or
alter the information.
ix) Interception of Information: In this type of security threat, the hacker intercepts or
changes the entire content of the information present in the system and the receiver gets the
intercepted or modified version of information (Romanosky, Hoffman and Acquisti 2014). This
often turns out to be extremely dangerous as the information loses its confidentiality and
integrity.
x) Network Traffic Manipulation: Another most significant security threat for any
information system. The intruder manipulates the network traffic and the network becomes slow.
During this time, the hacker gets the chance to steal all the confidential information.
xi) Man in the Middle: In this of security risk, the hacker stays in between the victim and
the network and collects all the confidential information. He can even change or intercept the
entire information by this risk.
xii) Phishing: This is another significant security threat for any information system. The
hacker or the intruder collects all the information of the system. This is mostly done by receiving
fake and hoax emails. The moment the email is clicked to open, all the details are stolen and
money is theft. Phishing has become extremely common for any type of information system in
modern world.
ACADEMICS FOR ACADEMICS CASE STUDY
viii) Eavesdropping: This is again a dangerous security threat. Eavesdropping in general
terms means hearing or sneaking into a system. The hacker or the intruder sneaks into the system
of the victim and gets all the necessary and confidential information (Dong, Liao and Li 2012).
However, in most of the cases, the hacker only checks the information and does not modify or
alter the information.
ix) Interception of Information: In this type of security threat, the hacker intercepts or
changes the entire content of the information present in the system and the receiver gets the
intercepted or modified version of information (Romanosky, Hoffman and Acquisti 2014). This
often turns out to be extremely dangerous as the information loses its confidentiality and
integrity.
x) Network Traffic Manipulation: Another most significant security threat for any
information system. The intruder manipulates the network traffic and the network becomes slow.
During this time, the hacker gets the chance to steal all the confidential information.
xi) Man in the Middle: In this of security risk, the hacker stays in between the victim and
the network and collects all the confidential information. He can even change or intercept the
entire information by this risk.
xii) Phishing: This is another significant security threat for any information system. The
hacker or the intruder collects all the information of the system. This is mostly done by receiving
fake and hoax emails. The moment the email is clicked to open, all the details are stolen and
money is theft. Phishing has become extremely common for any type of information system in
modern world.
9
ACADEMICS FOR ACADEMICS CASE STUDY
The above-mentioned security risks and data breaches are common and applicable for the
information system of Academics For Academics or A4A. These security threats can lead the
non-governmental organization to a very serious position. These are needed to be mitigated and
reduced on immediate basis. The description of how to reduce the security risks is given in the
following paragraphs.
Management of Security Risks
The information system of Academics For Academics has the tendency and chance of
having several risks, which can be extremely harmful for the organizational information (Ghosh,
Gajar and Rai 2013). However, there are ways and guidelines or mitigating or reducing these
risks or threats. The mitigation or reduction plans of the security risks are as follows:
i) Antivirus: The most basic and simple way of mitigating the malicious code and
software is the installation of antivirus in any system. This type of software helps to detect and
prevent the virus attacks and malicious codes or software from entering into the system.
ii) Firewalls: The second most significant way of preventing any security risk is the
installation of firewalls. As the name suggests this type of security acts as a wall for any system
and thus detects and prevents any type of information security risk. Firewalls can be
implemented in any information system for the security purpose with utmost ease. The user will
only have to install the firewall software in his system.
iii) Encryption: The third most simple and basic way of protecting confidential
information is by the procedure of encryption. It is the process of encrypting or encoding
confidential information or message into an encrypted version known as the cipher text. This is
done in such a way that only the authorized sender and receiver are able to access the
ACADEMICS FOR ACADEMICS CASE STUDY
The above-mentioned security risks and data breaches are common and applicable for the
information system of Academics For Academics or A4A. These security threats can lead the
non-governmental organization to a very serious position. These are needed to be mitigated and
reduced on immediate basis. The description of how to reduce the security risks is given in the
following paragraphs.
Management of Security Risks
The information system of Academics For Academics has the tendency and chance of
having several risks, which can be extremely harmful for the organizational information (Ghosh,
Gajar and Rai 2013). However, there are ways and guidelines or mitigating or reducing these
risks or threats. The mitigation or reduction plans of the security risks are as follows:
i) Antivirus: The most basic and simple way of mitigating the malicious code and
software is the installation of antivirus in any system. This type of software helps to detect and
prevent the virus attacks and malicious codes or software from entering into the system.
ii) Firewalls: The second most significant way of preventing any security risk is the
installation of firewalls. As the name suggests this type of security acts as a wall for any system
and thus detects and prevents any type of information security risk. Firewalls can be
implemented in any information system for the security purpose with utmost ease. The user will
only have to install the firewall software in his system.
iii) Encryption: The third most simple and basic way of protecting confidential
information is by the procedure of encryption. It is the process of encrypting or encoding
confidential information or message into an encrypted version known as the cipher text. This is
done in such a way that only the authorized sender and receiver are able to access the
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10
ACADEMICS FOR ACADEMICS CASE STUDY
information. This process is highly recommended for any organization for the reduction for their
interception in messages. The encryption algorithm has two basic algorithms within it. They are
the symmetric key algorithm and the asymmetric key algorithm. The symmetric key algorithm
has only one key for encoding and decoding a message. It means the sender and the receiver of
the message uses the same key for encryption and decryption of messages. The main advantage
of this particular type of algorithm is that it is extremely simple to implement and use. The
second algorithm is the asymmetric key algorithm. This is somewhat different from the
symmetric key algorithm. Here, the keys for encoding and decoding of messages are different
and this particular feature makes this algorithm little complicated than symmetric.
iv) Digital Authentication: This is another very popular and secured way of securing any
type of information (Ghosh, Gajar and Rai 2013). Digital authentication is the process of
sanctioning or authenticating an individual or person digitally. The main examples of digital
authentication are the fingerprint recognition, face recognition, digital signatures and voice
recognition. The implementation of this security policy is done by implementing biometric entry
to any organization or information system (Hashizume et al. 2013). Only the authorized and
authenticated employees or individuals are allowed to enter or access the system.
v) Passwords: This is the most basic way of securing any information in an information
system. The identity thefts are reduced or mitigated by this procedure (Berghel 2012). Presence
of passwords protects the entire system and no hackers or intruders are able to enter into the
system easily. Moreover, passwords secure the system in such a way that the physical access to
the system is controlled (Layton and Watters 2014). Biometric passwords are the best solutions
for any security related problems as it only allows the authorized and authenticated employees or
individuals to access the information.
ACADEMICS FOR ACADEMICS CASE STUDY
information. This process is highly recommended for any organization for the reduction for their
interception in messages. The encryption algorithm has two basic algorithms within it. They are
the symmetric key algorithm and the asymmetric key algorithm. The symmetric key algorithm
has only one key for encoding and decoding a message. It means the sender and the receiver of
the message uses the same key for encryption and decryption of messages. The main advantage
of this particular type of algorithm is that it is extremely simple to implement and use. The
second algorithm is the asymmetric key algorithm. This is somewhat different from the
symmetric key algorithm. Here, the keys for encoding and decoding of messages are different
and this particular feature makes this algorithm little complicated than symmetric.
iv) Digital Authentication: This is another very popular and secured way of securing any
type of information (Ghosh, Gajar and Rai 2013). Digital authentication is the process of
sanctioning or authenticating an individual or person digitally. The main examples of digital
authentication are the fingerprint recognition, face recognition, digital signatures and voice
recognition. The implementation of this security policy is done by implementing biometric entry
to any organization or information system (Hashizume et al. 2013). Only the authorized and
authenticated employees or individuals are allowed to enter or access the system.
v) Passwords: This is the most basic way of securing any information in an information
system. The identity thefts are reduced or mitigated by this procedure (Berghel 2012). Presence
of passwords protects the entire system and no hackers or intruders are able to enter into the
system easily. Moreover, passwords secure the system in such a way that the physical access to
the system is controlled (Layton and Watters 2014). Biometric passwords are the best solutions
for any security related problems as it only allows the authorized and authenticated employees or
individuals to access the information.
11
ACADEMICS FOR ACADEMICS CASE STUDY
The above-mentioned five ways can help Academics For Academics or A4A for
managing their probable security risks and threats in the information system (Black 2013). The
organization might not be able to stop the risks, however, by following these options, they will
be able to mitigate or reduce the security risks or threats to some extent.
Assumptions
Assumptions on any case study or scenario is made by the overall discussion and
justifications. The assumptions for the management of security risks and threats in Academics
For Academics or A4A are as follows:
i) Academics For Academics is a non-governmental institution that helps the small
private and public colleges and universities in Southeast Asia and Australia.
ii) The private colleges and universities who want to receive the services of A4A have to
register themselves with A4A.
iii) The professionals who want to provide voluntary services in the field of teaching and
research can register themselves with Academics For Academics, which will be a great option
for all professionals.
iv) Academics For Academics or A4A is hiring various professionals of various fields
and is allowing cultural diversity in the organization.
v) When the professionals will become the members of the organization, they would be
getting benefits like travel and medical expenses, meals and accommodation charges.
ACADEMICS FOR ACADEMICS CASE STUDY
The above-mentioned five ways can help Academics For Academics or A4A for
managing their probable security risks and threats in the information system (Black 2013). The
organization might not be able to stop the risks, however, by following these options, they will
be able to mitigate or reduce the security risks or threats to some extent.
Assumptions
Assumptions on any case study or scenario is made by the overall discussion and
justifications. The assumptions for the management of security risks and threats in Academics
For Academics or A4A are as follows:
i) Academics For Academics is a non-governmental institution that helps the small
private and public colleges and universities in Southeast Asia and Australia.
ii) The private colleges and universities who want to receive the services of A4A have to
register themselves with A4A.
iii) The professionals who want to provide voluntary services in the field of teaching and
research can register themselves with Academics For Academics, which will be a great option
for all professionals.
iv) Academics For Academics or A4A is hiring various professionals of various fields
and is allowing cultural diversity in the organization.
v) When the professionals will become the members of the organization, they would be
getting benefits like travel and medical expenses, meals and accommodation charges.
12
ACADEMICS FOR ACADEMICS CASE STUDY
vi) The organization has only one condition for the members that all the information will
be property of A4A.
vii) The non-governmental organization, Academics For Academics stores all their
institutional information in a secured information system.
viii) There are several and probable risks in this information system. These risks can be
extremely harmful for the information system.
ix) The probable risks of the information system are phishing, information leakage,
malicious code, malicious software, spoofing, denial of services, interception of messages,
unintentional damage of information and assets and many more.
x) These risks are mitigated by following several steps and by undertaking several
measures.
xi) The basic ways of mitigating such risks are antivirus, passwords, digital
authentication, encryption and firewalls.
xii) Academics For Academics is supposed to obtain all the organizational goals and
objectives by their innovative organizational strategies.
Conclusion
Therefore, from the above discussion it can be concluded that Academics For Academics
is a popular and recognized non-governmental organization or an NGO. A4A has its head office
in Sydney and its branch office in Singapore. The funds of all the activities projects of this
particular organization mainly come from public donations. They do not sponsor any money
ACADEMICS FOR ACADEMICS CASE STUDY
vi) The organization has only one condition for the members that all the information will
be property of A4A.
vii) The non-governmental organization, Academics For Academics stores all their
institutional information in a secured information system.
viii) There are several and probable risks in this information system. These risks can be
extremely harmful for the information system.
ix) The probable risks of the information system are phishing, information leakage,
malicious code, malicious software, spoofing, denial of services, interception of messages,
unintentional damage of information and assets and many more.
x) These risks are mitigated by following several steps and by undertaking several
measures.
xi) The basic ways of mitigating such risks are antivirus, passwords, digital
authentication, encryption and firewalls.
xii) Academics For Academics is supposed to obtain all the organizational goals and
objectives by their innovative organizational strategies.
Conclusion
Therefore, from the above discussion it can be concluded that Academics For Academics
is a popular and recognized non-governmental organization or an NGO. A4A has its head office
in Sydney and its branch office in Singapore. The funds of all the activities projects of this
particular organization mainly come from public donations. They do not sponsor any money
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
13
ACADEMICS FOR ACADEMICS CASE STUDY
from themselves. This non-governmental organization has a team of total ten staff members. The
Sydney office has six staff members amongst the ten and the rest four members are present in the
office of Singapore. In spite of working in two different locations, which are Sydney and
Singapore, all the ten staff members together work as a team to obtain the organizational goals
and objectives. This Academics For Academic was established for helping all the small private
and public colleges and universities in Southeast Asia and Australia. These universities, who
want to receive the services of A4A have to register themselves and become members of A4A.
This organization has to store their confidential information in the information system. However,
this information system can have many security risks and data breaches. The above report
provides a brief discussion on the case study of Academics For Academics or A4A. This non-
governmental organization has all the confidential data and information stored and kept in their
information security system. This information security system helps them to manipulate, retrieve
and store information easily and quickly. The report provides a discussion on the probable
security risks and the ways to mitigate or manage these risks. The most significant risks of the
information system of the organization are the malicious code, malicious software, phishing,
denial of services, interception of messages, information leakage, unintentional damage of
information and assets. These risks can be extremely harmful for any organization and their
information security system. However, these risks can be controlled by certain measures.
Suitable assumptions of the case study are also provided in the report.
ACADEMICS FOR ACADEMICS CASE STUDY
from themselves. This non-governmental organization has a team of total ten staff members. The
Sydney office has six staff members amongst the ten and the rest four members are present in the
office of Singapore. In spite of working in two different locations, which are Sydney and
Singapore, all the ten staff members together work as a team to obtain the organizational goals
and objectives. This Academics For Academic was established for helping all the small private
and public colleges and universities in Southeast Asia and Australia. These universities, who
want to receive the services of A4A have to register themselves and become members of A4A.
This organization has to store their confidential information in the information system. However,
this information system can have many security risks and data breaches. The above report
provides a brief discussion on the case study of Academics For Academics or A4A. This non-
governmental organization has all the confidential data and information stored and kept in their
information security system. This information security system helps them to manipulate, retrieve
and store information easily and quickly. The report provides a discussion on the probable
security risks and the ways to mitigate or manage these risks. The most significant risks of the
information system of the organization are the malicious code, malicious software, phishing,
denial of services, interception of messages, information leakage, unintentional damage of
information and assets. These risks can be extremely harmful for any organization and their
information security system. However, these risks can be controlled by certain measures.
Suitable assumptions of the case study are also provided in the report.
14
ACADEMICS FOR ACADEMICS CASE STUDY
References
Ackermann, T., Widjaja, T., Benlian, A. and Buxmann, P., 2012. Perceived IT security risks of
cloud computing: Conceptualization and scale development.
Andres, S.G., Cole, D.M., Cummings, T.G., Garcia, R.R., Kenyon, B.M., Kurtz, G.R., McClure,
S.C., Moore, C.W., O'dea, M.J. and Saruwatari, K.D., Mcafee, Inc., 2012. System and method of
managing network security risks. U.S. Patent 8,201,257.
Awadh, A.M. and Alyahya, M.S., 2013. Impact of organizational culture on employee
performance. International Review of Management and Business Research, 2(1), p.168.
Berghel, H., 2012. Identity theft and financial fraud: Some strangeness in the
proportions. Computer, 45(1), pp.86-89.
Biham, E. and Shamir, A., 2012. Differential cryptanalysis of the data encryption standard.
Springer Science & Business Media.
Black, J., 2013. Developments in data security breach liability. The Business Lawyer, 69(1),
pp.199-207.
Chou, T.S., 2013. Security threats on cloud computing vulnerabilities. International Journal of
Computer Science & Information Technology, 5(3), p.79.
Creese, S., Goldsmith, M., Nurse, J.R. and Phillips, E., 2012, June. A data-reachability model for
elucidating privacy and security risks related to the use of online social networks. In Trust,
ACADEMICS FOR ACADEMICS CASE STUDY
References
Ackermann, T., Widjaja, T., Benlian, A. and Buxmann, P., 2012. Perceived IT security risks of
cloud computing: Conceptualization and scale development.
Andres, S.G., Cole, D.M., Cummings, T.G., Garcia, R.R., Kenyon, B.M., Kurtz, G.R., McClure,
S.C., Moore, C.W., O'dea, M.J. and Saruwatari, K.D., Mcafee, Inc., 2012. System and method of
managing network security risks. U.S. Patent 8,201,257.
Awadh, A.M. and Alyahya, M.S., 2013. Impact of organizational culture on employee
performance. International Review of Management and Business Research, 2(1), p.168.
Berghel, H., 2012. Identity theft and financial fraud: Some strangeness in the
proportions. Computer, 45(1), pp.86-89.
Biham, E. and Shamir, A., 2012. Differential cryptanalysis of the data encryption standard.
Springer Science & Business Media.
Black, J., 2013. Developments in data security breach liability. The Business Lawyer, 69(1),
pp.199-207.
Chou, T.S., 2013. Security threats on cloud computing vulnerabilities. International Journal of
Computer Science & Information Technology, 5(3), p.79.
Creese, S., Goldsmith, M., Nurse, J.R. and Phillips, E., 2012, June. A data-reachability model for
elucidating privacy and security risks related to the use of online social networks. In Trust,
15
ACADEMICS FOR ACADEMICS CASE STUDY
Security and Privacy in Computing and Communications (TrustCom), 2012 IEEE 11th
International Conference on(pp. 1124-1131). IEEE.
Dong, T., Liao, X. and Li, H., 2012, April. Stability and Hopf bifurcation in a computer virus
model with multistate antivirus. In Abstract and Applied Analysis (Vol. 2012). Hindawi
Publishing Corporation.
Fleischmann, A., Schmidt, W., Stary, C., Obermeier, S. and Brger, E., 2014. Subject-oriented
business process management. Springer Publishing Company, Incorporated.
Ghosh, A., Gajar, P.K. and Rai, S., 2013. Bring your own device (BYOD): Security risks and
mitigating strategies. Journal of Global Research in Computer Science, 4(4), pp.62-70.
Hashizume, K., Rosado, D.G., Fernández-Medina, E. and Fernandez, E.B., 2013. An analysis of
security issues for cloud computing. Journal of Internet Services and Applications, 4(1), p.5.
He, W., 2012. A review of social media security risks and mitigation techniques. Journal of
Systems and Information Technology, 14(2), pp.171-180.
Kamara, S., Papamanthou, C. and Roeder, T., 2012, October. Dynamic searchable symmetric
encryption. In Proceedings of the 2012 ACM conference on Computer and communications
security (pp. 965-976). ACM.
Kotlar, J. and De Massis, A., 2013. Goal setting in family firms: Goal diversity, social
interactions, and collective commitment to family‐centered goals. Entrepreneurship Theory and
Practice, 37(6), pp.1263-1288.
Layton, R. and Watters, P.A., 2014. A methodology for estimating the tangible cost of data
breaches. Journal of Information Security and Applications, 19(6), pp.321-330.
ACADEMICS FOR ACADEMICS CASE STUDY
Security and Privacy in Computing and Communications (TrustCom), 2012 IEEE 11th
International Conference on(pp. 1124-1131). IEEE.
Dong, T., Liao, X. and Li, H., 2012, April. Stability and Hopf bifurcation in a computer virus
model with multistate antivirus. In Abstract and Applied Analysis (Vol. 2012). Hindawi
Publishing Corporation.
Fleischmann, A., Schmidt, W., Stary, C., Obermeier, S. and Brger, E., 2014. Subject-oriented
business process management. Springer Publishing Company, Incorporated.
Ghosh, A., Gajar, P.K. and Rai, S., 2013. Bring your own device (BYOD): Security risks and
mitigating strategies. Journal of Global Research in Computer Science, 4(4), pp.62-70.
Hashizume, K., Rosado, D.G., Fernández-Medina, E. and Fernandez, E.B., 2013. An analysis of
security issues for cloud computing. Journal of Internet Services and Applications, 4(1), p.5.
He, W., 2012. A review of social media security risks and mitigation techniques. Journal of
Systems and Information Technology, 14(2), pp.171-180.
Kamara, S., Papamanthou, C. and Roeder, T., 2012, October. Dynamic searchable symmetric
encryption. In Proceedings of the 2012 ACM conference on Computer and communications
security (pp. 965-976). ACM.
Kotlar, J. and De Massis, A., 2013. Goal setting in family firms: Goal diversity, social
interactions, and collective commitment to family‐centered goals. Entrepreneurship Theory and
Practice, 37(6), pp.1263-1288.
Layton, R. and Watters, P.A., 2014. A methodology for estimating the tangible cost of data
breaches. Journal of Information Security and Applications, 19(6), pp.321-330.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
16
ACADEMICS FOR ACADEMICS CASE STUDY
Oriyano, S.P., 2016. Denial of Service. CEH™ v9: Certified Ethical Hacker Version 9 Study
Guide, pp.305-329.
Peltier, T.R., 2013. Information security fundamentals. CRC Press.
Rakes, T.R., Deane, J.K. and Rees, L.P., 2012. IT security planning under uncertainty for high-
impact events. Omega, 40(1), pp.79-88.
Romanosky, S., Hoffman, D. and Acquisti, A., 2014. Empirical analysis of data breach
litigation. Journal of Empirical Legal Studies, 11(1), pp.74-104.
Sawik, T., 2013. Selection of optimal countermeasure portfolio in IT security planning. Decision
Support Systems, 55(1), pp.156-164.
Sessa, V.I. and London, M., 2015. Continuous learning in organizations: Individual, group, and
organizational perspectives. Psychology Press.
Vaccaro, I.G., Jansen, J.J., Van Den Bosch, F.A. and Volberda, H.W., 2012. Management
innovation and leadership: The moderating role of organizational size. Journal of Management
Studies, 49(1), pp.28-51.
Zissis, D. and Lekkas, D., 2012. Addressing cloud computing security issues. Future Generation
computer systems, 28(3), pp.583-592.
ACADEMICS FOR ACADEMICS CASE STUDY
Oriyano, S.P., 2016. Denial of Service. CEH™ v9: Certified Ethical Hacker Version 9 Study
Guide, pp.305-329.
Peltier, T.R., 2013. Information security fundamentals. CRC Press.
Rakes, T.R., Deane, J.K. and Rees, L.P., 2012. IT security planning under uncertainty for high-
impact events. Omega, 40(1), pp.79-88.
Romanosky, S., Hoffman, D. and Acquisti, A., 2014. Empirical analysis of data breach
litigation. Journal of Empirical Legal Studies, 11(1), pp.74-104.
Sawik, T., 2013. Selection of optimal countermeasure portfolio in IT security planning. Decision
Support Systems, 55(1), pp.156-164.
Sessa, V.I. and London, M., 2015. Continuous learning in organizations: Individual, group, and
organizational perspectives. Psychology Press.
Vaccaro, I.G., Jansen, J.J., Van Den Bosch, F.A. and Volberda, H.W., 2012. Management
innovation and leadership: The moderating role of organizational size. Journal of Management
Studies, 49(1), pp.28-51.
Zissis, D. and Lekkas, D., 2012. Addressing cloud computing security issues. Future Generation
computer systems, 28(3), pp.583-592.
1 out of 17
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.