Cloud Computing Report 2022
Added on 2022-10-17
24 Pages7085 Words19 Views
Running head: CLOUD COMPUTING
Cloud Computing
Name of Student
Name of University
Author Note
Cloud Computing
Name of Student
Name of University
Author Note
1
CLOUD COMPUTING
Table of Contents
Introduction..........................................................................................................................2
1. Privacy Strategy for Personal Data..................................................................................3
2. Recommended Privacy Controls.....................................................................................6
2.1. Control for Mitigation of Privacy Risks...................................................................6
2.2. Implementation of Privacy Strategy.........................................................................8
3. Personal Data Protection Strategy...................................................................................8
3.1. Protection of Personal Information...........................................................................9
3.2. Authorised access and Disclosure of Personal Information...................................11
3.3. Use of Personal Digital Identities...........................................................................13
4. Recommended Personal Data Protection Controls........................................................14
4.1. Mitigation of Data Security Risks..........................................................................14
4.2. Implementation of Personal Data Protection Strategy............................................16
Conclusion.........................................................................................................................17
References..........................................................................................................................19
CLOUD COMPUTING
Table of Contents
Introduction..........................................................................................................................2
1. Privacy Strategy for Personal Data..................................................................................3
2. Recommended Privacy Controls.....................................................................................6
2.1. Control for Mitigation of Privacy Risks...................................................................6
2.2. Implementation of Privacy Strategy.........................................................................8
3. Personal Data Protection Strategy...................................................................................8
3.1. Protection of Personal Information...........................................................................9
3.2. Authorised access and Disclosure of Personal Information...................................11
3.3. Use of Personal Digital Identities...........................................................................13
4. Recommended Personal Data Protection Controls........................................................14
4.1. Mitigation of Data Security Risks..........................................................................14
4.2. Implementation of Personal Data Protection Strategy............................................16
Conclusion.........................................................................................................................17
References..........................................................................................................................19
2
CLOUD COMPUTING
Introduction
DAS (The Department of Administrative Services), is known for delivering services in
several departments under the state government of Australia. The services offered by DAS
encompasses payroll services, contact tendering, management of the contractors and
management of the procurement. DAS have been providing all these services through their own
data centres. However, in relation to modification in existing policy, DAS needs to move to a
“Shared service” method by centralizing all the services offered by DAS. This indicates that each
department under DAS needs to transfer their data to DAS servers. This is needed so that the
data can be tracked and managed centrally. The migration to a centralized database is further
linked with a policy defined by government that mandates a “cloud first” method of data
processing and procuring the software services. For that, a HR and an application for personnel
management is obtained from a company in US. The configuration, processing and updates will
be handled by the processing centre situated in Bangalore India. The centralised database will
provide a complete access to the information related to HR management and Performance
management to the employees through a link that is placed on DAS intranet. The information
and data access will be authenticated by the use of the digital ID of DAS.
The report aims in preparation of a strategy correlated to personal information and
strategy for privacy data security for DAS. The report will be presenting the proposal of privacy
strategy for the use of DAS. The strategy will encompass effective administration of personal
information that encompasses the collection and also managing of the solicited personal and
confidential information. The policy will address the secure use of the personal information of
the staffs and will look after the security of that information while it is being disclosed. The use
of SaaS cloud is associated with a certain amount of privacy risk that is needed to be addressed
CLOUD COMPUTING
Introduction
DAS (The Department of Administrative Services), is known for delivering services in
several departments under the state government of Australia. The services offered by DAS
encompasses payroll services, contact tendering, management of the contractors and
management of the procurement. DAS have been providing all these services through their own
data centres. However, in relation to modification in existing policy, DAS needs to move to a
“Shared service” method by centralizing all the services offered by DAS. This indicates that each
department under DAS needs to transfer their data to DAS servers. This is needed so that the
data can be tracked and managed centrally. The migration to a centralized database is further
linked with a policy defined by government that mandates a “cloud first” method of data
processing and procuring the software services. For that, a HR and an application for personnel
management is obtained from a company in US. The configuration, processing and updates will
be handled by the processing centre situated in Bangalore India. The centralised database will
provide a complete access to the information related to HR management and Performance
management to the employees through a link that is placed on DAS intranet. The information
and data access will be authenticated by the use of the digital ID of DAS.
The report aims in preparation of a strategy correlated to personal information and
strategy for privacy data security for DAS. The report will be presenting the proposal of privacy
strategy for the use of DAS. The strategy will encompass effective administration of personal
information that encompasses the collection and also managing of the solicited personal and
confidential information. The policy will address the secure use of the personal information of
the staffs and will look after the security of that information while it is being disclosed. The use
of SaaS cloud is associated with a certain amount of privacy risk that is needed to be addressed
3
CLOUD COMPUTING
(Ahmed & Hossain, 2014). The report will recommend certain controls for addressing of the
privacy risks of using SaaS cloud. In this context, a privacy strategy will be proposed that can be
implemented to safeguard of confidentiality of the data. The report further aims in developing a
strategy for DAS related to personal data protection that will enable in enforcing authorised
usage and exposure of the private data. It will further help in security of the personal data. The
use of cloud is linked with certain amount of data security risks. The report aims in
implementation of a proper strategy for securing personal data. In the following paragraphs the
privacy strategy linked with the personal data usage, recommendation for privacy control,
strategy for protection of private data and recommendations for personal data controls are
discussed.
1. Privacy Strategy for Personal Data
This section of the report aims in developing a proposal for privacy process in DAS. It is
necessary to develop a privacy strategy for DAS as this department provides several services to
different departments in Australian state government and privacy of the data of the customers is
the foremost consideration of this department. The movement of DAS to a shared services
approach increases the privacy risks linked with storage and access of the data from a centralized
database (Rao & Selvamani, 2015). The privacy strategy that is being proposed for DAS will
help in effective administration of the personal data that is kept in the centralized database. The
strategy aims in enforcing security in storage and access of personal information. This privacy
proposal is needed as data privacy is one significant challenge faced by the organization making
use of a cloud model. While making use of a shared service, it is quite obligatory to manage and
safeguard the personal data associated with the staffs and employees of an organization (Shaikh
& Sasikumar, 2015). The privaate information access should strictly be constrained to the
CLOUD COMPUTING
(Ahmed & Hossain, 2014). The report will recommend certain controls for addressing of the
privacy risks of using SaaS cloud. In this context, a privacy strategy will be proposed that can be
implemented to safeguard of confidentiality of the data. The report further aims in developing a
strategy for DAS related to personal data protection that will enable in enforcing authorised
usage and exposure of the private data. It will further help in security of the personal data. The
use of cloud is linked with certain amount of data security risks. The report aims in
implementation of a proper strategy for securing personal data. In the following paragraphs the
privacy strategy linked with the personal data usage, recommendation for privacy control,
strategy for protection of private data and recommendations for personal data controls are
discussed.
1. Privacy Strategy for Personal Data
This section of the report aims in developing a proposal for privacy process in DAS. It is
necessary to develop a privacy strategy for DAS as this department provides several services to
different departments in Australian state government and privacy of the data of the customers is
the foremost consideration of this department. The movement of DAS to a shared services
approach increases the privacy risks linked with storage and access of the data from a centralized
database (Rao & Selvamani, 2015). The privacy strategy that is being proposed for DAS will
help in effective administration of the personal data that is kept in the centralized database. The
strategy aims in enforcing security in storage and access of personal information. This privacy
proposal is needed as data privacy is one significant challenge faced by the organization making
use of a cloud model. While making use of a shared service, it is quite obligatory to manage and
safeguard the personal data associated with the staffs and employees of an organization (Shaikh
& Sasikumar, 2015). The privaate information access should strictly be constrained to the
4
CLOUD COMPUTING
intended individual to address the privacy issues. Proper authentication prior to data access
should be enforced to ascertain that the data is being addressed by the intended audience only.
The privacy strategy proposal for DAS are documented as follows-
a) Management of Personal Information: This is one of the most integral considerations
of the strategy for privacy (Latif et al., 2014). The administration of the personal data involves
restriction of the data use and access to the intended individual. Since the entire data processing
will be managed by the cloud vendors’ processing centre, the confidentiality of the personal
information might be at risk. The strategy is to enforce identity and access management
controls to ascertain that only the intended users are accessing the data that too from the
approved devices only (Jouini & Rabai, 2019). The identity management control will eliminate
the chances of any illegal data access thus managing the private data that is kept in DAS.
b) Collecting and Managing solicited Personal Information: collection of the personal
data is one of the business needs of DAS. However, the gathering of the solicited private data
should be subjected to the individual’s consent. The strategy is to let the person know about the
real need of collection of personal data, its intended use and the process in which the privacy of
the collected data will be maintained (Cuzzocrea, 2014). Furthermore, the collected private data
should be kept in an encrypted manner and should be subjected to proper access control so that it
can be accessed only by the intended audience.
c) Use and Disclosure of Personal Information: Disclosing any private data to any
unintended person should be completely restricted (Kalaiprasath, Elankavi & Udayakumar,
2017). The private information usage should be constrained only for the use of individual and for
authenticating the identity of the individual. The storage of the personal information over the
CLOUD COMPUTING
intended individual to address the privacy issues. Proper authentication prior to data access
should be enforced to ascertain that the data is being addressed by the intended audience only.
The privacy strategy proposal for DAS are documented as follows-
a) Management of Personal Information: This is one of the most integral considerations
of the strategy for privacy (Latif et al., 2014). The administration of the personal data involves
restriction of the data use and access to the intended individual. Since the entire data processing
will be managed by the cloud vendors’ processing centre, the confidentiality of the personal
information might be at risk. The strategy is to enforce identity and access management
controls to ascertain that only the intended users are accessing the data that too from the
approved devices only (Jouini & Rabai, 2019). The identity management control will eliminate
the chances of any illegal data access thus managing the private data that is kept in DAS.
b) Collecting and Managing solicited Personal Information: collection of the personal
data is one of the business needs of DAS. However, the gathering of the solicited private data
should be subjected to the individual’s consent. The strategy is to let the person know about the
real need of collection of personal data, its intended use and the process in which the privacy of
the collected data will be maintained (Cuzzocrea, 2014). Furthermore, the collected private data
should be kept in an encrypted manner and should be subjected to proper access control so that it
can be accessed only by the intended audience.
c) Use and Disclosure of Personal Information: Disclosing any private data to any
unintended person should be completely restricted (Kalaiprasath, Elankavi & Udayakumar,
2017). The private information usage should be constrained only for the use of individual and for
authenticating the identity of the individual. The storage of the personal information over the
5
CLOUD COMPUTING
centralized database should be subjected to proper authentication so that illegal access to the
same can be restricted (Kumar, Lakshmi & Balamurugan, 2015). Apart from that a privacy
policy should be enforced that will document the process in which the users of the shared
database will comply with the privacy policy linked with the managing and disclosure of the
private data and data of the users.
d) Use and security of Digital Identity: The secure usage of digital identity is an
important consideration of DAS. The strategy is to provide unique digital ID to each employee
which should be kept confidential by the employee. An employee by no means is allowed to
share his/her digital ID. A unique digital ID is created by the DAS active Directory instance
which can be effectively used for proper authorization and authentication. Another strategy for
securing the digital identity is to make use of updated antivirus software in the devices through
which the data is accessed (Sun et al., 2014). It is recommended to check all the security settings
regularly to eliminate any risk on the use and safety of digital identity.
e) Security of Personal Information: Personal data security is a key consideration of
privacy strategy of DAS mainly because it is making use of shared services (Narula & Jain,
2015). The use and access of the personal data is subjected to abiding the data and the privacy
policy of DAS. The strategy is to govern the process in which a particular data is collected,
shared and used.
f) Access to Personal Information: Personal data access is needed to be restricted so as
to prevent any kind of misuse of that information (Choo, 2014). The privacy strategy that DAS
should follow involves proper authentication so that the misuse of personal information can be
restricted. DAS should possess a proper privacy policy that all the staffs of the organization
CLOUD COMPUTING
centralized database should be subjected to proper authentication so that illegal access to the
same can be restricted (Kumar, Lakshmi & Balamurugan, 2015). Apart from that a privacy
policy should be enforced that will document the process in which the users of the shared
database will comply with the privacy policy linked with the managing and disclosure of the
private data and data of the users.
d) Use and security of Digital Identity: The secure usage of digital identity is an
important consideration of DAS. The strategy is to provide unique digital ID to each employee
which should be kept confidential by the employee. An employee by no means is allowed to
share his/her digital ID. A unique digital ID is created by the DAS active Directory instance
which can be effectively used for proper authorization and authentication. Another strategy for
securing the digital identity is to make use of updated antivirus software in the devices through
which the data is accessed (Sun et al., 2014). It is recommended to check all the security settings
regularly to eliminate any risk on the use and safety of digital identity.
e) Security of Personal Information: Personal data security is a key consideration of
privacy strategy of DAS mainly because it is making use of shared services (Narula & Jain,
2015). The use and access of the personal data is subjected to abiding the data and the privacy
policy of DAS. The strategy is to govern the process in which a particular data is collected,
shared and used.
f) Access to Personal Information: Personal data access is needed to be restricted so as
to prevent any kind of misuse of that information (Choo, 2014). The privacy strategy that DAS
should follow involves proper authentication so that the misuse of personal information can be
restricted. DAS should possess a proper privacy policy that all the staffs of the organization
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Cloud Privacy and Privacy Policylg...
|25
|7029
|142
Implementation of Privacy Issues for Personal Datalg...
|26
|7272
|353
ITC568 - Report Of Cloud Privacy & Security | Australian Governmentlg...
|17
|3601
|222
Investigation Data Privacy and Security Australia Report 2022lg...
|24
|6742
|9
Administrative Services Department Report 2022lg...
|16
|4808
|23
Cloud Security and Privacylg...
|27
|5040
|357