ProductsLogo
LogoStudy Documents
LogoAI Grader
LogoAI Answer
LogoAI Code Checker
LogoPlagiarism Checker
LogoAI Paraphraser
LogoAI Quiz
LogoAI Detector
PricingBlogAbout Us
logo

Risk Management in Emirates: Cloud Computing Risks and Recommendations

Verified

Added on  2023/04/25

|15
|3373
|378
AI Summary
In this assessment report we will discuss about risk management and below are the summaries point:- Emirates is a leading company in the aviation industry, operating 256 aircraft across 152 destinations worldwide. This report focuses on cloud computing risks and provides a risk assessment report for Emirates. The report includes recommendations for mitigating the risks and discusses the company's IT infrastructure expansion using cloud computing services.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
Running Head: RISK MANAGEMENT 0 | P a g e
Risk Management
Risk Assessment Report
Student name

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Risk Management 1 | P a g e
Executive Summary
Emirates has a well-known company I the aviation industry. In 1985, Emirates
established with two aircrafts, which were leased from International Airlines of Pakistan. Now a
day Emirates has become most famous and largest company of the world and they have 256
aircraft that travel between 152 destinations around the world.
This report will provides knowledge of cloud computing and it will also provide risk
assessment report of Emirates with the risk matrix. Recommendations will provide for emirates
in the later section of this report.
Cloud computing has become famous for different things, as it provides many facilities to
the host, such as Infrastructure-as-a-Service (IaaS), Service-as-a-Service (SaaS), and Platform-
as-a-Service (PaaS). This report will explain risks of cloud computing that can affect Emirates
business processes (Baun, Kunze, Nimis, & Tai, 2011).
Document Page
Risk Management 2 | P a g e
Table of Contents
Executive Summary.........................................................................................................................1
Introduction......................................................................................................................................3
Emirates Airlines Company.............................................................................................................3
EAC Organizational Structure.....................................................................................................4
Stakeholders of EAC....................................................................................................................5
The Nature of the Business..........................................................................................................5
(a) Risk Assessment for EAC....................................................................................................6
Risk Assessment Matrix..................................................................................................................7
(b) Threats and Vulnerabilities for EAC....................................................................................8
Recommendations............................................................................................................................9
Summary........................................................................................................................................10
Conclusion.....................................................................................................................................11
References......................................................................................................................................12
Document Page
Risk Management 3 | P a g e
Introduction
Emirates airline has made an agreement for cloud computing services with International
Business Machine (IBM). It is for expending their IT infrastructure using cloud-computing
service to manage global business processes and operations. Different vendors, such as AWS,
Google, IBM, and Microsoft, provide cloud-computing services. IBM will implement data centre
for Emirates airlines that enables private cloud infrastructure, which is enable data applications
access to the employees regardless of geographical local and time (Bhagat, 2012).
Emirates Airlines Company is 100 percent owned by the Dubai Government. For agility
and productivity, Emirates transform their IT-infrastructure into cloud architecture. IT strategic
services are most important for the growth of the organization. Therefore, the management of
Emirates states that they adopt cloud services for achieving their goals ( Bodhani, 2018).
This report is a Risk Assessment Report that provides an overview of different risks in
the cloud computing services for the Emirates Airlines. It will provide Risk Matrix for the uses
of cloud based IT-infrastructure by Emirates airlines.
Recommendations are used for the avoidance of risks, in this report recommendations
will provide for the Emirates airlines to reduce upcoming risks from cloud computing
infrastructure in later section of this report.
Emirates Airlines Company
In context of security policies for Emirates Airline Company, a risk report is submitted
that is based on the risks, which is associated with cloud computing. In this report, as a
representative between the senior management, stakeholders, managers, and technologists,
technical risks are communicated to the management to enable security policies in an efficient
way (Blaisdell , 2015).
This report is having an objective that IT Risk Assessment will provide help to create
security policies for Emirates Airlines Company for use of cloud-computing infrastructure for
their IT-infrastructure. The report uncover internal and external threats and vulnerabilities that
changes availability, integrity, and confidentiality of data for the organization. Cloud security is

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
Risk Management 4 | P a g e
an issue in front of the company (Chen & Zhao, 2012). Therefore, it includes data policies and
standards for creating security policies. Before designing security policies, it is required to
calculate risks from different threats and vulnerabilities to the system of Emirates Airlines
Company (EAC) (Svantesson & Clarke, 2010).
EAC Organizational Structure
EAC is a huge organization in the field of airlines industry. Below figure is shows
organizational structure of EAC.
Source: (projonmerpokaaiub2014.blogspot.com, 2014)
EAC should have security policies for their data and sensitive information at their servers
that are cloud based. Cloud computing is a bundle of different service at a single space, which
enables infrastructures, computing resources, network access, and shared devices, such as
servers, data storage, networks, applications, and many others (Coles, 2018).
Document Page
Risk Management 5 | P a g e
Source: (Leeham, 2017)
Stakeholders of EAC
EAC has numerous operations for managing customer’s services as well as maintenance
of aircrafts. Dubai government is only one stakeholder for the EAC. However, in this report,
cloud services security policies are consider stakeholders, which are following:
1. Passengers
2. Employees
3. Vendors
4. Sponsors
5. Dubai government
All are stakeholders in term of holding services of EAC’s services and operations. Airline
companies are having many data about the flights management, customer’s details, flight’s
maintenance and backup and recovery. Therefore, they also required such types of services that
do not have time and geographical restrictions on those services (Garg, Versteeg, & Buyya,
2013).
The Nature of the Business
EAC is providing different services to their customers from numerous resources, such as
travelling, transportation, and many others. They are providing thier best services to their
customers. According to the size of EAC, it is an essential part to manage different operations.
Security experts are suggest to use cloud services for increased capacity, lower capital expenses,
Document Page
Risk Management 6 | P a g e
data storage, reduce establishment cost of new hardware and software. An internet-based facility
provides other services (Dinh, Lee, Niyato, & Wang, 2013).
(a) Risk Assessment for EAC
Cloud computing services are helping in different works of airlines, such as boarding
gates, baggage check-in, self-check-in, and printable labels. Those facilities are required data and
information from the server for managing all processes, such as contact and other details. These
things are accessible for every staff member for their uses in particular work. Hence, EAC
should invest a big amount for acquiring those services that improve their working style and IT
infrastructure (Heiser & Nicolett, 2008).
Cloud computing is also helping in flights management with better accuracy. Aircraft can
collect weather forecasting from different nearby flights that is generated by the real-time
sensors in the flight. They can access that data though cloud technology and it reduce risks of
disasters ( Howells, 2017).
Cloud computing services enhance different facilities of EAC, such as aircraft
maintenance. It stores all the data related to the ordering, maintenance, and replacing of aircraft
components. Authorized person can access the service logs of aircraft as well as history and
maintenance record of particular aircraft (Jansen, 2011).
It is also used for business proposes, such as loyalty programs for customers, real-time
fare management, calculating travel time of aircraft and customers, and identifying aircrafts.
Virgin America, Endeavor Air, West Jet are those companies, which are already moved on cloud
computing (Krutz & Vines, 2010).
EAC can used security policies for reduces potential risks that occurs with cloud
computing. Airline companies always follow recommendations for preventions from disasters. It
is useful for save cost, time, and efforts. EAC can use the risk management for measuring
different risk and appropriate protections for their data and information (Krutz & Vines, 2010).
Risk management cycle is used for the finding risks in a particular system. It has different
process for calculating risks.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Risk Management 7 | P a g e
Source: (ivytech.edu)
Risk Assessment Matrix
Risk Assessment Matrix is used to determine different consequences and intensity of the
risks concerning their impacts on the different business processes and their probability (Mather,
Kumaraswamy, & Latif, 2009). There are the factors of risk management matrix as given below:
1. Extreme Risk: senior management action required, serious threat
2. High Risk: it specified the responsibility of management
3. Moderate Risk: It manages through monitoring and response
4. Low Risk: Routine process check handle these risks
Source: Author
Document Page
Risk Management 8 | P a g e
(b) Threats and Vulnerabilities for EAC
There are many threats and vulnerabilities in the field of airlines. EAC has these threats and
vulnerabilities.
1. Intellectual Property:
Intellectual Property (IP) is used for securing the sensitive information and other
records in the cloud computing. According to Coles, many organizations are having their
20% confidential data as well as IP inn clouds (Pearson, 2013).
Source: (Garg, Versteeg, & Buyya, 2013)
2. Violation of Business processes:
EAC should know about their data and their locations as well as who are able to
access it. Few of the companies are allowed the employee to take their own devices,
which may create a serious threat in respect of security of organization. It puts company
in a state of uncertainty (Zhang, Wuwong, Li, & Zhang, 2010).
3. Observation on user’s activity:
In case on cloud, it is not possible to track all the activities of their employees. It
maintains records of all the activities but it cannot responses without an issue has been
raised in the system.
4. Malware attacks on data:
Document Page
Risk Management 9 | P a g e
Cloud data storages are having confidential and sensitive data of the
organizations. This is a huge issue for security, as hackers can use malwares and encode
the data, which can reduce the growth of the company as well as damage reputation.
5. Customer’s faith:
Data breaches can break the faiths of customers from the company. Thus, EAC
should use proper security policies for preventions. EAC is having many data of their
clients in their systems, such as passport numbers, contact number, credit card details and
much other information. If that data is violated then it damage the image of EAC as well
as loss of business.
6. Network Issues:
Internet is a first thing to manage cloud services. Hence, network availability is
required for 24/7 for those services.
Recommendations
Recommendations are used for overcome the risks from threats and vulnerabilities. EAC
must consider these recommendations as well as execute these as needed for cloud computing
services.
1. Oversight:
Cloud computing services has become most popular technology that growing in
an exponential way. It provides immense advantages to the vendor as well as number of
risks. EAC can make monitor the different operations of the cloud-computing services as
per the rule and regulations as well as security policies (So, 2011).
2. Owning of Risks:
EAC takes responsibility of any issues that arise from the use of cloud-computing
services. Hence, it is necessary to monitor all the services as well as security of sensitive
data and information as needed.
3. Knowledge of Cloud-Computing:
Cloud computing services are providing different things. Hence, everyone should
know about the uses of those services as well as the threats and vulnerabilities of them. It
will require a proper training of all employees.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
Risk Management 10 | P a g e
4. Cloud services usages:
The EAC must be aware of all the operations and access of data by different
users. Therefore, risk can be identified in easy way, and take necessary action against it
before raising an issue in the system (Sen, 2014).
5. Availability:
EAC must assure about the availability of cloud provides, as this system is require
reliable and secure system.
6. Data protection:
Cloud provides should provide reduplicate and archive data for overcome security
risk, which will require at the time of malware attack and breakdown of system.
7. Data locations:
EAC makes a contract with the cloud providers to insure that they do not allow
the user to know their data storage. It is according to the laws and regulations as well as
security policies of EAC.
8. Recovery:
EAC must assure about the total recovery of data in case of disasters. It is
mandatory for business continuity and it is a major factor for the EAC (Takabi, Joshi, &
Ahn, 2010).
Summary
EAC must use security policies for securing information assets from different threats. It is
require using security policies as well as certain protection mechanism as given below.
Software Update:
Older versions of softwares are a platform for the hackers. Therefore, all the softwares
must update with the newer version. It provides a protection against possible changes by
attackers.
Encryption:
Cloud computing services should provide encryption mechanism to EAC data as well as
their customer’s personal information (Yan, Deng, & Varadharajan, 2017).
Document Page
Risk Management 11 | P a g e
Hashing:
Another technique provides security to cloud data. EAC should acquire this mechanism
for the data and information. It makes more secure their passwords.
Digital Signature:
It is a way to protect the authenticity and integrity of the data. It is used for authorization
of customers from digital signature. It makes a document valid that is transfer-using internet. It is
way to securing different orders to aircrafts as per requirements.
EAC follows all the rules and guidelines in safeguard their assets from the cyber-attacks.
They can reduce and prevent risks, which comes from different threats and vulnerabilities that
occurs by cloud computing (Rittinghouse & Ransome, 2016).
Conclusion
It is concluded from the above section of this report that cloud computing is a famous and
secure service for IT infrastructure. Every organizations wants new technologies for enhance
their market value. Cloud-computing services provide many advantages. However, it requires a
concern of the data security.
This report provides threats and vulnerabilities that come from cloud computing as well
as protection mechanism for those risks. EAC must implement the cloud services with those
security policies for securing their data and sensitive information on cloud.
EAC operational cost is high because of their quality services, investment in
technologies, and latest and maintained aircrafts. It should be minimize through improvement in
the operations as well as development in different business processes, which can reduce cost.
Finally, it is concluded that EAC must go for cloud computing services and it will
provides different opportunities and advantages to them.
Document Page
Risk Management 12 | P a g e
References
Bodhani, A. (2018, January 10). IBM signs $85m private cloud deal with Emirates. Retrieved
from www.itp.net: http://www.itp.net/616239-ibm-signs-$85m-private-cloud-deal-with-
emirates
Howells, T. (2017, May 10). Looking Back at The History of Emirates. Retrieved from
airlinegeeks.com: https://airlinegeeks.com/2017/05/10/looking-back-at-the-history-of-
emirates/
Baun, C., Kunze, M., Nimis, J., & Tai, S. (2011). Cloud computing: Web-based dynamic IT
services. (1 ed.). London: Springer Science & Business Media.
Bhagat, B. (2012). Patent No. 13/016,999. U. S.
Blaisdell , R. (2015, January 21). How cloud computing could help the aviation industry.
Retrieved from rickscloud.com: https://rickscloud.com/how-cloud-computing-could-
help-the-aviation-industry/
Chen, D., & Zhao, H. (2012). Data security and privacy protection issues in cloud computing.
International Conference on Computer Science and Electronics Engineering, 1(1), 647-
651.
Coles, C. (2018, January 21). 9 Cloud Computing Security Risks Every Company Faces.
Retrieved from www.skyhighnetworks.com: https://www.skyhighnetworks.com/cloud-
security-blog/9-cloud-computing-security-risks-every-company-faces/
Dinh, H., Lee, C., Niyato, D., & Wang, P. (2013). A survey of mobile cloud computing:
architecture, applications, and approaches. Wireless communications and mobile
computing, 13(18), 1587-1611.
Garg, S. K., Versteeg, S., & Buyya, R. (2013). A framework for ranking of cloud computing
services. Future Generation Computer Systems, 29(4), 1012-1023.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Risk Management 13 | P a g e
Heiser, J., & Nicolett, M. (2008). Assessing the security risks of cloud computing. Gartner
Report, 27(1), 29-52.
ivytech.edu. (n.d.). Risk. Retrieved from www.ivytech.edu: https://www.ivytech.edu/risk/
Jansen, W. (2011). Cloud hooks: Security and privacy issues in cloud computing. In 2011 44th
Hawaii International Conference on System Sciences (pp. 1-10). Hawaii: IEEE.
Krutz, R., & Vines, R. D. (2010). Cloud security: A comprehensive guide to secure cloud
computing. . London: Wiley Publishing.
Leeham. (2017, January 12). Is Emirates in trouble? Retrieved from leehamnews.com:
https://leehamnews.com/2017/01/12/is-emirates-in-trouble/
Mather, T., Kumaraswamy, S., & Latif, S. (2009). Cloud security and privacy: an enterprise
perspective on risks and compliance. Sebastopol: O'Reilly Media, Inc.
Pearson, S. (2013). Privacy, security and trust in cloud computing. In Privacy and Security for
Cloud Computing (1 ed.). London: Springer.
Rittinghouse, J., & Ransome, J. F. (2016). Cloud computing: implementation, management, and
security. . Florida: CRC press.
Sen, J. (2014). Security and privacy issues in cloud computing. In J. Sen, In Architectures and
protocols for secure information technology infrastructures (pp. 1-45). USA: IGI Global.
So, K. (2011). Cloud computing security issues and challenges. International Journal of
Computer Networks, 3(5), 247-255.
Svantesson, D., & Clarke, R. (2010). Privacy and consumer risks in cloud computing. Computer
law & security review, 26(4), 391-397.
Takabi, H., Joshi, J. B., & Ahn, G. J. (2010). Security and privacy challenges in cloud computing
environments. IEEE Security & Privacy, 6(1), 24-31.
Yan, Z., Deng, R. H., & Varadharajan, V. (2017). Cryptography and data security in cloud
computing. Elsevier, 53(1), 3. doi:10.1016/j.ins.2016.12.034
Document Page
Risk Management 14 | P a g e
Zhang, X., Wuwong, N., Li, H., & Zhang, X. (2010). Information security risk management
framework for the cloud computing environments. In Computer and Information
Technology (CIT) (pp. 1328-1334). IEEE.
1 out of 15
[object Object]

Your All-in-One AI-Powered Toolkit for Academic Success.

Available 24*7 on WhatsApp / Email

[object Object]