logo

Threats and Risks to the Digital Identities of Government Employees

23 Pages5094 Words679 Views
   

Added on  2020-02-23

About This Document

What are the threats and risks to the digital identities of government employees from the move to SaaS applications? Here, we discuss Cloud Privacy and Security and the Department of Administrative Services (DAS). Consideration of the data and information that DAS holds on its employees in the current HR system. Amazon AWS and Sore’s impact will be elaborately discussed as well. The report also focused on the threats and risks associated with the DAS employees and also the severities of risks of the employees have been explained.

Threats and Risks to the Digital Identities of Government Employees

   Added on 2020-02-23

ShareRelated Documents
Running head: CLOUD PRIVACY AND SECURITYCloud Privacy and SecurityName of the StudentName of the UniversityAuthor’s noteExecutive Summary
Threats and Risks to the Digital Identities of Government Employees_1
1CLOUD PRIVACY AND SECURITYThe Department of Administrative Services (DAS) gives multiple services to variousdepartments of the Australian State Government; the multiple services involve the contractormanagement, HR management, payroll management and procurement. DAS is concernedabout the security of the employees of the organisation and their sensitive data. DASemployees can be greatly benefitted from the cloud vendor Shore and Amazon AWS in termsof advanced cloud solutions and advanced security solutions. DAS employees enter the dataand so the organization is concerned about the security and privacy issues of the employees.The result highlighted all the security threats and risks within in house HR database. Thereport also focused on the threats and risks associated with the DAS employees and also theseverities of risks of the employees have been explained. Since DAS decides to move to thecloud, their approach is to enhance the business as well as the security of the organization aswell as the employees. The threats related to digital identities have been elaborated in thisreport as well. The two operational solutions to secure and protect the HR database have beenshowcased in this report. Further, the usage of IaaS solution has been highlighted in thereport.Table of Contents
Threats and Risks to the Digital Identities of Government Employees_2
2CLOUD PRIVACY AND SECURITY1. Introduction............................................................................................................................32. Consideration of the data and information that DAS holds on its employees in the currentHR system..................................................................................................................................32.1. Establishment of the existing threats and risks to the security of that data andinformation contained in the in house HR database...............................................................32.2. The risks and threats to the employee data after migration to a SaaS application..........52.3. Assess the resulting severity of risk and threat to employee data...................................73. Consideration of the privacy of the data for those employees who will move to a SaaSapplication..................................................................................................................................93.1. Establishment of the existing threats and risks to the privacy of that data andinformation contained in the in house HR database...............................................................93.2. The risks and threats to the privacy of the employee data after migration to a SaaSapplication..............................................................................................................................93.3. Assess the resulting severity of risk and threat to the privacy of employee data..........114. The threats and risks to the digital identities of Government employees from the move toSaaS applications.....................................................................................................................115. Consideration of the operational solution and location(s) of the two SaaS providers for HRand Contractor management....................................................................................................136. The issues of data sensitivity or jurisdiction that should be considered other than the issuesdiscussed..................................................................................................................................177. Conclusion............................................................................................................................178. References............................................................................................................................18
Threats and Risks to the Digital Identities of Government Employees_3
3CLOUD PRIVACY AND SECURITY1. IntroductionThe Department of Administrative Services (DAS) gives multiple services to variousdepartments of the Australian State Government (Shostack, 2014); the multiple servicesinvolve the contractor management, HR management, payroll management and procurement.DAS is concerned about the security of the employees of the organisation and their sensitivedata.This report will highlight prevalent risks and threats associated with the organisationwithin in house HR database, will also showcase the risks and threats associated with theemployees, severity of the risks involved with the employee data. DAS has planned to moveto the cloud, the threats and the issues they can face will be detailed and the solutions tomitigate those risks. Amazon AWS and Sore’s impact will be elaborately discussed as well.2. Consideration of the data and information that DAS holds on its employees in thecurrent HR system2.1. Establishment of the existing threats and risks to the security of that data andinformation contained in the in house HR databaseThe threats and risks associated with the database are –i. Deployment failures: The failures related to database generally occurs due toinattentive use of the database, generally the faulty issues occur at the time of execution ofthe database files (Rhodes-Ousley, 2013). Though the database is developed and tested thedatabase is not tested as a whole, some bugs still exist and due to that technical fault, thedatabase fails.
Threats and Risks to the Digital Identities of Government Employees_4
4CLOUD PRIVACY AND SECURITYii. Database security flaws: Due to security issues the worms and the virus attackoccurs within the database, the hackers take advantage of the bugs residing within thedatabase and acquire the personal information of the database.Fig 1: Database data security threats and risks(Source:Safa et al., 2015, pp-65-78)iii. Data leaks: Database act as the back end of any business organisation and theorganisations generally want their database safe and secured, but the business organisationsactually cannot protect the database as a whole, the database is connected to the networkinginterface, the intruders take advantage of the insecure network and exploit the networkcompletely (Haynes & Giblin, 2014).iv. The misuse of the database: The misuse of the database and the underlyingdatabase features also leads to the security breach of the database, the users integrate andconfigured their database by adding various plugins, in this database becomes buggy and
Threats and Risks to the Digital Identities of Government Employees_5
5CLOUD PRIVACY AND SECURITYheavy and more vulnerable, in this way various loopholes get generated within the database(Chockalingam et al., 2017).v. Hopscotch approach: The hackers or the intruders here can gain access to thedatabase and acquire one’s personal data along with the account numbers without the use ofthe credit card information, so the intruders are always in search for the loopholes (Albakri etal., 2014).vi. SQL injection: The front end database is not always secured with the firewalltechnology and the variables are not tested for the SQL injection during the testing method.vii. Key management: The database administrators often keep the important keys ontheir disk drives, and there lies the vulnerability, placing those keys in the unprotected area ofthe database can lead to disaster, through the loopholes the intruders can attack and can makethe system totally vulnerable to use (Chockalingam et al., 2017).viii. Database inconsistency: The database developers and the databaseadministrators must check for the threat and vulnerabilities in the database daily if anymishap occurs they should immediately make concern and update the details (Feng, Wang &Li, 2014).2.2. The risks and threats to the employee data after migration to a SaaS applicationThe possible risks associated are-i. If the organisation holds sensitive data then moving to the cloud and manage those data canbe tough task initially, the compliance alternates will restrict the choices.ii. If the organisation is earning benefits then they do not have to worry about moving to thecloud so easily, as because the cloud computing requires maintenance, scaling and theavailability.
Threats and Risks to the Digital Identities of Government Employees_6

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Data Privacy and Security in Cloud Computing
|28
|7001
|70

Securing and Privacy Name of the University Author Name: Cloud based Approach
|24
|5598
|311

Cloud Security Report 2022
|23
|6412
|11

Administrative Services Department Report 2022
|16
|4808
|23

ITC568 - Report Of Cloud Privacy & Security | Australian Government
|17
|3601
|222

Cloud Computing Report 2022
|24
|7085
|19