Cloud Privacy and Security: Threats and Risks in SaaS and HR Database
VerifiedAdded on 2022/10/04
|19
|5964
|366
AI Summary
This report discusses the security and privacy concerns in cloud computing, specifically in SaaS and HR databases. It covers the threats and risks faced by employee data and digital identities, and provides solutions to mitigate them.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: CLOUD PRIVACY AND SECURITY
CLOUD PRIVACY AND SECURITY
Name of the Student
Name of the University
Author Note
CLOUD PRIVACY AND SECURITY
Name of the Student
Name of the University
Author Note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1CLOUD PRIVACY AND SECURITY
Executive Summary
The data can be stored into the various technology now a days. Each and every organization
has the problems to store the data properly. This huge data containing problem is solved by
the cloud computing technology. The cloud computing is a space where data can be stored
and fetched properly through the cloud. Now the protection of these data is needed. Various
sensitive data and cash transaction has been done through this method. The following report
is the explanation of the security, privacy of the employee. In the explanation the process of
threat and Risk of the SaaS, HR department and the employee database is clearly described.
Threat as well as Risk of the government employee in the SaaS / Software as a Service has
been also described properly.
Executive Summary
The data can be stored into the various technology now a days. Each and every organization
has the problems to store the data properly. This huge data containing problem is solved by
the cloud computing technology. The cloud computing is a space where data can be stored
and fetched properly through the cloud. Now the protection of these data is needed. Various
sensitive data and cash transaction has been done through this method. The following report
is the explanation of the security, privacy of the employee. In the explanation the process of
threat and Risk of the SaaS, HR department and the employee database is clearly described.
Threat as well as Risk of the government employee in the SaaS / Software as a Service has
been also described properly.
2CLOUD PRIVACY AND SECURITY
Table of Contents
Introduction:...............................................................................................................................2
Discussion..................................................................................................................................3
Security of Employee Data:......................................................................................................3
1. Threat and Risk in HR database:.....................................................................................3
2. Threat and Risk of Data after migration of SaaS:...........................................................4
3. Severity Risk and threat in employee data:.....................................................................6
Privacy of Employee Data:........................................................................................................7
1. Threat and Risk in HR database:.....................................................................................7
2. Threat and Risk of Data after migration of Software as a Service:................................8
3. Severity Risk and threat in employee data:...................................................................10
Digital Identity Issues:.............................................................................................................12
Threat and Risk of Government employee (digital identities, using Software as a Service):
..............................................................................................................................................12
Conclusion:..............................................................................................................................13
Referencing:.............................................................................................................................14
Table of Contents
Introduction:...............................................................................................................................2
Discussion..................................................................................................................................3
Security of Employee Data:......................................................................................................3
1. Threat and Risk in HR database:.....................................................................................3
2. Threat and Risk of Data after migration of SaaS:...........................................................4
3. Severity Risk and threat in employee data:.....................................................................6
Privacy of Employee Data:........................................................................................................7
1. Threat and Risk in HR database:.....................................................................................7
2. Threat and Risk of Data after migration of Software as a Service:................................8
3. Severity Risk and threat in employee data:...................................................................10
Digital Identity Issues:.............................................................................................................12
Threat and Risk of Government employee (digital identities, using Software as a Service):
..............................................................................................................................................12
Conclusion:..............................................................................................................................13
Referencing:.............................................................................................................................14
3CLOUD PRIVACY AND SECURITY
Introduction:
The adoption of the Cloud technology is needed for the proper privacy and the
security. The company or the organization are needed to solve the security problem properly.
The flexibility, agility, security are crucial part of the system. All of these are maintained
through the cloud computing. The interoperability issue and the data ownership also taking
care by the cloud computing. In today’s world, the data mining is done through the data
migration. There are several experts are assigned to take care of the responsibility and the
vendor security. The Administrative Services Department has been taken care of the cyber
surety from a decade. The multi cloud computing has been done with the different type of
cloud environment. This formation is applicable for the multiple cloud platform and the
services. The cloud operation has been done sometimes with the third party. Data integration
is also done by this procedure. The final procedure and the complexity is needed to be
complete that the organization security remain stable. The SaaS or the software as a service is
the distribution model of the software which is the third party provider which is capable of
the application service. In this system the provider will get one copy of application that will
help for the service level agreement. The application programming interface is also
maintained by the SaaS. Various SaaS applications like the email, sales management, human
resource management are essential. All these application is needed for the cloud privacy and
the security. The Department of Administrative Services has been maintain the payroll
properly. The COTS or the Commercial off The Shelf application is also maintained through
the Administrative Services Department. In the organization there are several problems has
been created by the spam, malicious attack. That is why the risk management is needed
(Esposito et al., 2016). For the better result, the information technology concern about the
complex environment. There are several professionals for taking care the cloud computing
system. The Cloud Security Alliance has more than 700 professionals for taking care the
Introduction:
The adoption of the Cloud technology is needed for the proper privacy and the
security. The company or the organization are needed to solve the security problem properly.
The flexibility, agility, security are crucial part of the system. All of these are maintained
through the cloud computing. The interoperability issue and the data ownership also taking
care by the cloud computing. In today’s world, the data mining is done through the data
migration. There are several experts are assigned to take care of the responsibility and the
vendor security. The Administrative Services Department has been taken care of the cyber
surety from a decade. The multi cloud computing has been done with the different type of
cloud environment. This formation is applicable for the multiple cloud platform and the
services. The cloud operation has been done sometimes with the third party. Data integration
is also done by this procedure. The final procedure and the complexity is needed to be
complete that the organization security remain stable. The SaaS or the software as a service is
the distribution model of the software which is the third party provider which is capable of
the application service. In this system the provider will get one copy of application that will
help for the service level agreement. The application programming interface is also
maintained by the SaaS. Various SaaS applications like the email, sales management, human
resource management are essential. All these application is needed for the cloud privacy and
the security. The Department of Administrative Services has been maintain the payroll
properly. The COTS or the Commercial off The Shelf application is also maintained through
the Administrative Services Department. In the organization there are several problems has
been created by the spam, malicious attack. That is why the risk management is needed
(Esposito et al., 2016). For the better result, the information technology concern about the
complex environment. There are several professionals for taking care the cloud computing
system. The Cloud Security Alliance has more than 700 professionals for taking care the
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4CLOUD PRIVACY AND SECURITY
system. There are several points like: what type of cloud platform the company has been
using, workload activity proportions, managing the security, network application outrage
calculation, addressing the outrage security, anticipated risk have been maintained through
this IT professionals properly.
Discussion
Security of Employee Data:
The Administrative Services Department is renowned as the central agency
(administrative) which is under the state Government of Oregon. It is shortly named as the
DAS. It is created to serve the supporting of people who reside near the Oregon. The
financial decision and the policy are maintained through the DAS. The Oregon legislature
and the Governor have the direct access to the DAS. The account section has been maintained
thoroughly by the DAS employee. That is why the state government taxation has been
calculated properly.
1. Threat and Risk in HR database:
The cloud computing is the pillar of the IT industry now a days. It is one of the central
to the technology, the concept has been used in it hugely. The Cloud computing is involved
with the Human resource also. The cloud computing has been transformed the small business
of HR software with the huge impact on beneficial and profound. The organization has been
fully dependent on the cloud computing now a days. The cloud computing has been taken a
huge place, where the gap of organization and the HR management in connected. There was a
communication gap between both sections. Obviously the delay will decrease if cloud
computing has been taken place. The data organization will also became organized and the
access will be allowed to directly connect to the HR department. There are several risk that
has been attacked through the database (Islam et al. 2016). If the data base has been attacked
system. There are several points like: what type of cloud platform the company has been
using, workload activity proportions, managing the security, network application outrage
calculation, addressing the outrage security, anticipated risk have been maintained through
this IT professionals properly.
Discussion
Security of Employee Data:
The Administrative Services Department is renowned as the central agency
(administrative) which is under the state Government of Oregon. It is shortly named as the
DAS. It is created to serve the supporting of people who reside near the Oregon. The
financial decision and the policy are maintained through the DAS. The Oregon legislature
and the Governor have the direct access to the DAS. The account section has been maintained
thoroughly by the DAS employee. That is why the state government taxation has been
calculated properly.
1. Threat and Risk in HR database:
The cloud computing is the pillar of the IT industry now a days. It is one of the central
to the technology, the concept has been used in it hugely. The Cloud computing is involved
with the Human resource also. The cloud computing has been transformed the small business
of HR software with the huge impact on beneficial and profound. The organization has been
fully dependent on the cloud computing now a days. The cloud computing has been taken a
huge place, where the gap of organization and the HR management in connected. There was a
communication gap between both sections. Obviously the delay will decrease if cloud
computing has been taken place. The data organization will also became organized and the
access will be allowed to directly connect to the HR department. There are several risk that
has been attacked through the database (Islam et al. 2016). If the data base has been attacked
5CLOUD PRIVACY AND SECURITY
with the malware, then the data will be lost or the accessibility will be destroyed. So the
system of the HR should be protected properly. The task has been maintained by the IT
professionals. There are several way that database can be effected. Sometimes deployment
failures are occurred in the HR database system. The database sometimes attacked by the
SQL injection where all data has been corrupted.
2. Threat and Risk of Data after migration of SaaS:
The Software as a Service (SaaS) is mainly denoted as the staple in the proper business
world. The digital age and the data sharing are the main concept of the Software as a Service
or SaaS. The latest technology is also maintained through the Software as a Service. The
small details of this concept is actually invaluable for the customers. The loss of DVDs. CDs
and the flash drives is needed to come in peace through this concept. The Software as a
Service has various benefits in the business and the IT industry. The data storage of the
Information technology. There are several points related to discuss:
Data Access Risk: The organization has been given the raw or edited data to the third
party, those party can access the data with various way to complete their process. The data
storing is one of the risk again. The person who are taking the data from the third party;
he/she has a huge risk that the environment or the system may corrupt for the Data access
(Hussein et al., 2016). The terms and conditions are also applied for the providers. The
Software as a Service technician are always ready to provide service against any type of the
problem. The Software as a Service providers are always ready to access the problem for the
organization.
with the malware, then the data will be lost or the accessibility will be destroyed. So the
system of the HR should be protected properly. The task has been maintained by the IT
professionals. There are several way that database can be effected. Sometimes deployment
failures are occurred in the HR database system. The database sometimes attacked by the
SQL injection where all data has been corrupted.
2. Threat and Risk of Data after migration of SaaS:
The Software as a Service (SaaS) is mainly denoted as the staple in the proper business
world. The digital age and the data sharing are the main concept of the Software as a Service
or SaaS. The latest technology is also maintained through the Software as a Service. The
small details of this concept is actually invaluable for the customers. The loss of DVDs. CDs
and the flash drives is needed to come in peace through this concept. The Software as a
Service has various benefits in the business and the IT industry. The data storage of the
Information technology. There are several points related to discuss:
Data Access Risk: The organization has been given the raw or edited data to the third
party, those party can access the data with various way to complete their process. The data
storing is one of the risk again. The person who are taking the data from the third party;
he/she has a huge risk that the environment or the system may corrupt for the Data access
(Hussein et al., 2016). The terms and conditions are also applied for the providers. The
Software as a Service technician are always ready to provide service against any type of the
problem. The Software as a Service providers are always ready to access the problem for the
organization.
6CLOUD PRIVACY AND SECURITY
Instability: The stability and the security has been used as the pillar of any organization’s
Software as a Service used software. Now a days the service of the provider are rapidly
increasing. That is why the high quality software is needed to solve the case. According to the
growing market the Software as a Service stability is needed properly. The data portability is
one of the vital point needed to discuss. The situation has been unpredictable. All the
essential data generally data of the Software as a Service may be out of business (Bokhari et
al., 2016). The company shut down may also occur for this problem. The policy should be
carefully maintained. The reason of this is the price of security policy may be not maintained
properly. So the instability is one of the valuable point that required to maintain properly.
Lack –transparency (Software as a Service provider): The Software as a Service
provider has the task to maintain the security first. The data is needed to be safe at any how
any cost. The guarantee of securing the data and the info has been provided by the customers
also. The lack of transparency is also maintained the security protocol for the security. The
matter of this topic is little bit debatable. The lack of transparency can be the cause of distrust
of the customers. If both the customers and the client does not react or concern about the
security reason; then it can be said that the huge gap has been created in the system
(Cocchiara et al.,2019).The service provided by the company may hamper for this reason. It
can cause the argumentative situation for the lack of transparency. So it is defined that the
both client and the organization have to be careful about this matter.
Identity theft: The Software as a Service has to complete their payment through the
credit card and various online transaction processes. The potential risk has been discussed
through this process. Several security protocol has been used to prevent the identity theft
properly. The LDAP direction has been installed in the organization’s firewall to supply the
Instability: The stability and the security has been used as the pillar of any organization’s
Software as a Service used software. Now a days the service of the provider are rapidly
increasing. That is why the high quality software is needed to solve the case. According to the
growing market the Software as a Service stability is needed properly. The data portability is
one of the vital point needed to discuss. The situation has been unpredictable. All the
essential data generally data of the Software as a Service may be out of business (Bokhari et
al., 2016). The company shut down may also occur for this problem. The policy should be
carefully maintained. The reason of this is the price of security policy may be not maintained
properly. So the instability is one of the valuable point that required to maintain properly.
Lack –transparency (Software as a Service provider): The Software as a Service
provider has the task to maintain the security first. The data is needed to be safe at any how
any cost. The guarantee of securing the data and the info has been provided by the customers
also. The lack of transparency is also maintained the security protocol for the security. The
matter of this topic is little bit debatable. The lack of transparency can be the cause of distrust
of the customers. If both the customers and the client does not react or concern about the
security reason; then it can be said that the huge gap has been created in the system
(Cocchiara et al.,2019).The service provided by the company may hamper for this reason. It
can cause the argumentative situation for the lack of transparency. So it is defined that the
both client and the organization have to be careful about this matter.
Identity theft: The Software as a Service has to complete their payment through the
credit card and various online transaction processes. The potential risk has been discussed
through this process. Several security protocol has been used to prevent the identity theft
properly. The LDAP direction has been installed in the organization’s firewall to supply the
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7CLOUD PRIVACY AND SECURITY
process properly. The Software as a Service (which is provider) site also provide the process
for prevention of the system properly to complete the process. The LDAP may also provide
by the site. The provider does not have more accurate prevention technology than the
companies firewall. Various preventing tools is used for the security. Those software used for
the transaction is generally used for the security. The software has a huge roll for the security
purpose. So the credit card information is needed to be secured. The hackers are using several
protocol, that the money amount can be deducted easily to complete the process (Dorri et al.
2017). The transaction is needed to be completed securely. Not only for the organizational
transaction, has other transaction like the Google pay, Paytm needed to be more secure.
Uncertainty of the Data Location: The Federal Information Security Management act is
stating that the customer’s data should be store into hi/her own country. The customer does
not have any right to access or know their essential data of the organization where it is kept.
But the act specified that the data should be in the local area cloud. Sometimes the customer
will move from one to another place for own purpose. The all the essential data should be
moved to the local cloud for the security. But there is a problem that the total number of
countries are huge. That is why it can be said that the actual data cannot be traced by the
customers.
3. Severity Risk and threat in employee data:
There are several Risk and threat is generally faced by the employee at the time of data
accessing. Suppose a link or email has been delivered to the employee. Generally the hackers
are the key person for these activity. If the employee clicked the link or share his own
information (sometimes hackers are asking the employees details, such a way that the
process properly. The Software as a Service (which is provider) site also provide the process
for prevention of the system properly to complete the process. The LDAP may also provide
by the site. The provider does not have more accurate prevention technology than the
companies firewall. Various preventing tools is used for the security. Those software used for
the transaction is generally used for the security. The software has a huge roll for the security
purpose. So the credit card information is needed to be secured. The hackers are using several
protocol, that the money amount can be deducted easily to complete the process (Dorri et al.
2017). The transaction is needed to be completed securely. Not only for the organizational
transaction, has other transaction like the Google pay, Paytm needed to be more secure.
Uncertainty of the Data Location: The Federal Information Security Management act is
stating that the customer’s data should be store into hi/her own country. The customer does
not have any right to access or know their essential data of the organization where it is kept.
But the act specified that the data should be in the local area cloud. Sometimes the customer
will move from one to another place for own purpose. The all the essential data should be
moved to the local cloud for the security. But there is a problem that the total number of
countries are huge. That is why it can be said that the actual data cannot be traced by the
customers.
3. Severity Risk and threat in employee data:
There are several Risk and threat is generally faced by the employee at the time of data
accessing. Suppose a link or email has been delivered to the employee. Generally the hackers
are the key person for these activity. If the employee clicked the link or share his own
information (sometimes hackers are asking the employees details, such a way that the
8CLOUD PRIVACY AND SECURITY
employee has own a huge amount of money and needed details for transaction). Then the data
of amount of money may deducted from the targeted account. This type of attacking are
called as the Phishing. Sometimes problem may occur through the new installed application.
Some employee may download the application without knowledge and authenticity. The
feedback and review should be checked of the authenticity. Otherwise the data from the
mobile may be lost. Sometimes the password has been given very much weak. There are
several algorithm has been used in ethical hacking, that the data of the password will check
with the permutation combination method. If the password is weak, then it will be hacked or
traced easily. Disability of the security control can hamper the system sometimes. If the
administrator give the permission to access all the data then the security may hamper, the
malware may affect the system and it will cost huge. Remote insecurity is one of the other
problem that hamper the system properly. Because the family member can access the data
through the employee (Duncan & Whittington, 2016). If any third person work on this and
after that the file has been transferred, then it will create a hazard into the system. Clumsy
social network using for the data transfer is not secured. The data packet may be hampered or
the data may be lost for this kind of network.
Privacy-Employee Data:
1. Threat and Risk in HR database:
The employee data has been hugely connected with the Human Resource data of the
organization. The information of corporate database has been always connected with the HR
data security. The personal details of the customer are filled with this database. The good
will and the performance is connected with it. So there are several points that will help to
check the risk of the HR database. The BYOD or the Bring Your Own Device is used for the
increased security issue. The device may different for the security policy. The security issue
is clearly maintained through the BYOD. Another one cause of risk has been created by the
employee has own a huge amount of money and needed details for transaction). Then the data
of amount of money may deducted from the targeted account. This type of attacking are
called as the Phishing. Sometimes problem may occur through the new installed application.
Some employee may download the application without knowledge and authenticity. The
feedback and review should be checked of the authenticity. Otherwise the data from the
mobile may be lost. Sometimes the password has been given very much weak. There are
several algorithm has been used in ethical hacking, that the data of the password will check
with the permutation combination method. If the password is weak, then it will be hacked or
traced easily. Disability of the security control can hamper the system sometimes. If the
administrator give the permission to access all the data then the security may hamper, the
malware may affect the system and it will cost huge. Remote insecurity is one of the other
problem that hamper the system properly. Because the family member can access the data
through the employee (Duncan & Whittington, 2016). If any third person work on this and
after that the file has been transferred, then it will create a hazard into the system. Clumsy
social network using for the data transfer is not secured. The data packet may be hampered or
the data may be lost for this kind of network.
Privacy-Employee Data:
1. Threat and Risk in HR database:
The employee data has been hugely connected with the Human Resource data of the
organization. The information of corporate database has been always connected with the HR
data security. The personal details of the customer are filled with this database. The good
will and the performance is connected with it. So there are several points that will help to
check the risk of the HR database. The BYOD or the Bring Your Own Device is used for the
increased security issue. The device may different for the security policy. The security issue
is clearly maintained through the BYOD. Another one cause of risk has been created by the
9CLOUD PRIVACY AND SECURITY
mobile application. All the data of could computing has been shifted regularly through the
cloud computing. The new HR app may not smooth or speedy enough for the data
transferring. The normal data transfer has been done through the cloud computing is very
fast. So it will create problem, because the HR app may be slow. The banned apps also has a
huge step in this matter. Noncompliance with the registration (local) may cause hamper in
this system. The native encryption has been demanded against the HIPAA act (Henze et
al.,2016). So the risk will be always a threat for the HR, the solution is to avoid the methods.
Data loss or theft of data may create a huge risk in the segment of HR. The employee privacy
is maintained through the HR properly. In the year of 2014 the Ernst and Young which is
famous security service had confirmed that the 30% of the Risk has been made through the
lack of awareness. The unusual mobile application and lack of care made a huge problem to
the HR data security.
2. Threat and Risk of Data after migration of Software as a Service:
There are several vital points needed to discuss against the risk after migrating the
software as a service. Those are: Long term and paying Upfront: The final security has a huge
issue that generally born the agreement to use the software as a service provider. A huge
majority require the payment of the upfront for the long term. It is generally concerned that
the crucial part of the company is generally maintained properly for the customer satisfaction.
Once the payment has been done by the through the internet; then the liability has shifted to
the organizations. Contract, quality and the security has been maintained properly. Otherwise
it will create a huge risk. If the encryption issue has been not done according to the date, then
it will create huge problems. The all details should be checked before the payment. The data
is also being compromised properly. Less assured Agreement: Privacy of employee data
should be maintained in a proper way. Now before the dealing the employee and customer
have their own agreement. It can be said that the terms and condition before the product
mobile application. All the data of could computing has been shifted regularly through the
cloud computing. The new HR app may not smooth or speedy enough for the data
transferring. The normal data transfer has been done through the cloud computing is very
fast. So it will create problem, because the HR app may be slow. The banned apps also has a
huge step in this matter. Noncompliance with the registration (local) may cause hamper in
this system. The native encryption has been demanded against the HIPAA act (Henze et
al.,2016). So the risk will be always a threat for the HR, the solution is to avoid the methods.
Data loss or theft of data may create a huge risk in the segment of HR. The employee privacy
is maintained through the HR properly. In the year of 2014 the Ernst and Young which is
famous security service had confirmed that the 30% of the Risk has been made through the
lack of awareness. The unusual mobile application and lack of care made a huge problem to
the HR data security.
2. Threat and Risk of Data after migration of Software as a Service:
There are several vital points needed to discuss against the risk after migrating the
software as a service. Those are: Long term and paying Upfront: The final security has a huge
issue that generally born the agreement to use the software as a service provider. A huge
majority require the payment of the upfront for the long term. It is generally concerned that
the crucial part of the company is generally maintained properly for the customer satisfaction.
Once the payment has been done by the through the internet; then the liability has shifted to
the organizations. Contract, quality and the security has been maintained properly. Otherwise
it will create a huge risk. If the encryption issue has been not done according to the date, then
it will create huge problems. The all details should be checked before the payment. The data
is also being compromised properly. Less assured Agreement: Privacy of employee data
should be maintained in a proper way. Now before the dealing the employee and customer
have their own agreement. It can be said that the terms and condition before the product
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
10CLOUD PRIVACY AND SECURITY
exchange has been done. Now according the terms and condition the software as a service
team have to provide the product properly. Otherwise it will create a risk or hamper the
system for the deadline miss. Now the separate section has its own experts to maintain the
system properly. The ideal situation has been maintained with the ideal condition. The
different section for the different requirement is the key thing of this category. Actual Data
security: The actual data security is needed. The encryption protocol is the main thing of the
data security. The resorting is a huge problem is the system. In the time of the restoring it is
needed that the delicate and sensitive data should be transferred properly. The data is needed
to be secured proper way that the risk level became very low. No direct control over the own
data: the data has been maintained through the software as a service provider and the experts.
That is why it is not needed to access their own data directly. Because sometimes if the data
has been accessed directly through the customer; then it will have a huge problem if the data
will loss. Sometimes the transaction and the uploading data packet will be lost through the
process time (Bokhari et al. 2016). That is why the direct data access should be denied by the
software as a service. The data provider sometimes not interested in providing the modern
security standards. Now in the privacy of the data so much important that the system up
gradation should be regularly updated. Because risk has been updated and the hacker are also
doing their up gradation each and every day. So the service should be provided properly.
3. Severity Risk and threat in employee data:
There are several points that will help to explain the severity risk that has been clearly
discussed with the employee data.
exchange has been done. Now according the terms and condition the software as a service
team have to provide the product properly. Otherwise it will create a risk or hamper the
system for the deadline miss. Now the separate section has its own experts to maintain the
system properly. The ideal situation has been maintained with the ideal condition. The
different section for the different requirement is the key thing of this category. Actual Data
security: The actual data security is needed. The encryption protocol is the main thing of the
data security. The resorting is a huge problem is the system. In the time of the restoring it is
needed that the delicate and sensitive data should be transferred properly. The data is needed
to be secured proper way that the risk level became very low. No direct control over the own
data: the data has been maintained through the software as a service provider and the experts.
That is why it is not needed to access their own data directly. Because sometimes if the data
has been accessed directly through the customer; then it will have a huge problem if the data
will loss. Sometimes the transaction and the uploading data packet will be lost through the
process time (Bokhari et al. 2016). That is why the direct data access should be denied by the
software as a service. The data provider sometimes not interested in providing the modern
security standards. Now in the privacy of the data so much important that the system up
gradation should be regularly updated. Because risk has been updated and the hacker are also
doing their up gradation each and every day. So the service should be provided properly.
3. Severity Risk and threat in employee data:
There are several points that will help to explain the severity risk that has been clearly
discussed with the employee data.
11CLOUD PRIVACY AND SECURITY
Lack of awareness: The lack of knowledge is the huge reason of the risk in the
employee data. Sometimes they use the unsecured Wi-Fi network, which will very much
risky. Sensitive data may be stored in the USB drive, which is not secured. In the 3.0 fast
USB drives, it is very fast to access data. So it is very much risky for the employee data. The
data should be maintained properly.
Phishing emails: the emails attack is generally named as the Phishing attacks. The email
attacking is denoted by the hackers generally. The 71% attacks is generally started with the
Phishing emails. A link has been shared with the attackers’ emails. Then if the employee
clicked the mail, then all data access will in hand of the hacker. Then the a hacker will ask for
a good amount money to give the decrypt key to the user or employee. The user name,
password and bank details can be accessed through this kind of attacks. There are several way
to track the mail properly. The mail will have several mistakes, the name of the sender will be
not accurate. So avoiding this kind of problem may occur problem for the employee data.
Using unsecured network: Sometimes the employee has been used the local network
or the Wi-Fi for the office purpose and vital data transferring. At that time it can be said that
the various data has been provided in the network. This local network does not have the
proper encryption packet system at the time of transferring. So at the time of data transfer it
can be said that the local network is not secured. When the net banking system, it is said that
the data can be hacked easily through the application. The password is also can be hacked. To
avoid this kind of situation the VPN or the virtual private network should be used. Then the
tracking of this system is so much difficult for the hackers (Truyen et al., 2016).
Storing sensitive data: The Heathrow Airport has been fined £120,000 amount of
money for the data loss. USB is the main reason of easily data loss. It is easily hackable and it
can be copied within a minute. If any of the cybercriminal copy it, and replace the USB in the
Lack of awareness: The lack of knowledge is the huge reason of the risk in the
employee data. Sometimes they use the unsecured Wi-Fi network, which will very much
risky. Sensitive data may be stored in the USB drive, which is not secured. In the 3.0 fast
USB drives, it is very fast to access data. So it is very much risky for the employee data. The
data should be maintained properly.
Phishing emails: the emails attack is generally named as the Phishing attacks. The email
attacking is denoted by the hackers generally. The 71% attacks is generally started with the
Phishing emails. A link has been shared with the attackers’ emails. Then if the employee
clicked the mail, then all data access will in hand of the hacker. Then the a hacker will ask for
a good amount money to give the decrypt key to the user or employee. The user name,
password and bank details can be accessed through this kind of attacks. There are several way
to track the mail properly. The mail will have several mistakes, the name of the sender will be
not accurate. So avoiding this kind of problem may occur problem for the employee data.
Using unsecured network: Sometimes the employee has been used the local network
or the Wi-Fi for the office purpose and vital data transferring. At that time it can be said that
the various data has been provided in the network. This local network does not have the
proper encryption packet system at the time of transferring. So at the time of data transfer it
can be said that the local network is not secured. When the net banking system, it is said that
the data can be hacked easily through the application. The password is also can be hacked. To
avoid this kind of situation the VPN or the virtual private network should be used. Then the
tracking of this system is so much difficult for the hackers (Truyen et al., 2016).
Storing sensitive data: The Heathrow Airport has been fined £120,000 amount of
money for the data loss. USB is the main reason of easily data loss. It is easily hackable and it
can be copied within a minute. If any of the cybercriminal copy it, and replace the USB in the
12CLOUD PRIVACY AND SECURITY
same position; then it will very hard to trace him as well as the data will be leaked (Syed et
al,.2019).
Install the illegitimate applications –programme: Low rated data and the illegal
application my cause the reason of the data loss. Apple app store is very much secured. Such
app stores is very much reliable for the trusted app.
Not updating software: the regular update of the device software is needed to solve
the problem. If the software will not updated, then the firewall of the system software
will be out dated. Then there will be high risk for this matter.
Internet of things: The IoT has been developed huge in the industry for
decades. Each and every day new things are invented, and all of them are very much
hack able. The usage of network of this product is the main reason of creating the risk.
So the defend is also needed with updated version for the secure system (Aldossary &
Allen, 2016). Secure password apply in this gadget will help to protect the data
properly.
Digital Identity Issues:
Threat and Risk of Government employee (digital identities, using Software as a
Service):
The cloud first technology has been used in the government employee in the 70 %
case. The growth adoption has been used by the SaaS. Office 365 and the G suite are the
business adoption for these platforms. There are three points needed to discuss: Agility: the
SaaS has been renowned for the support of Agile IT. The maintenance and management are
explained through this. Scalability: The SaaS application has been provided for the rapid
same position; then it will very hard to trace him as well as the data will be leaked (Syed et
al,.2019).
Install the illegitimate applications –programme: Low rated data and the illegal
application my cause the reason of the data loss. Apple app store is very much secured. Such
app stores is very much reliable for the trusted app.
Not updating software: the regular update of the device software is needed to solve
the problem. If the software will not updated, then the firewall of the system software
will be out dated. Then there will be high risk for this matter.
Internet of things: The IoT has been developed huge in the industry for
decades. Each and every day new things are invented, and all of them are very much
hack able. The usage of network of this product is the main reason of creating the risk.
So the defend is also needed with updated version for the secure system (Aldossary &
Allen, 2016). Secure password apply in this gadget will help to protect the data
properly.
Digital Identity Issues:
Threat and Risk of Government employee (digital identities, using Software as a
Service):
The cloud first technology has been used in the government employee in the 70 %
case. The growth adoption has been used by the SaaS. Office 365 and the G suite are the
business adoption for these platforms. There are three points needed to discuss: Agility: the
SaaS has been renowned for the support of Agile IT. The maintenance and management are
explained through this. Scalability: The SaaS application has been provided for the rapid
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
13CLOUD PRIVACY AND SECURITY
scale-up for the local and the state government. Staffing: The SaaS application has been
reducing the need for the on-premises for the manager of an application, storage, update and
the patches. The low and the middle economic countries has sophisticated the digital
identification system. Some countries have the phone number for the banking identity. The
ID4D or the Banks identity for development is the main thought for the digital identities. It
can provide a better scope and the assist for the better plans. The social, politician and the
economical view can be displayed to the system to reach the people easily. The Digital ID,
Adhar are the examples if this kind of digital identity. There are several points is needed to
discuss the threat of these identities. If any type of government service is linked with this ID
and the data recording has to be wrong for some reason. Then the people will not provide that
service unless and until the Adhar/Digital ID card has been rectified. Sometimes the fake of
this ID is easily available. Then various criminal activity can be done through the fake ID
(Almorsy et al., 2016). So various criminal activity can be done by this ID. Suppose the data
has been lost, or the ID card of a specific person has been lost. Then the ID can be used for
the several criminal activities.
Conclusion:
Cloud computing is one of the main technology used for the data storing and various
data access. The concept of cloud came from the solving of the big data theory. Now when
the cloud-computing is heavily used for the various purpose. Then the data-security is also
needed for any organizations. This data contains various essential and sensitive data and
sometimes the cash transaction also. The cash transaction has been done nowadays by digital
transferring. That is why the data is needed to be protected properly. If the data/info has been
hacked, then not only the cash amount will be lost, the other data may be lost. Then it will
create a huge problem. The customers are providing their information of several purposes. If
their data are copied or lost, then it will be a mess. That is why cloud privacy and security is
scale-up for the local and the state government. Staffing: The SaaS application has been
reducing the need for the on-premises for the manager of an application, storage, update and
the patches. The low and the middle economic countries has sophisticated the digital
identification system. Some countries have the phone number for the banking identity. The
ID4D or the Banks identity for development is the main thought for the digital identities. It
can provide a better scope and the assist for the better plans. The social, politician and the
economical view can be displayed to the system to reach the people easily. The Digital ID,
Adhar are the examples if this kind of digital identity. There are several points is needed to
discuss the threat of these identities. If any type of government service is linked with this ID
and the data recording has to be wrong for some reason. Then the people will not provide that
service unless and until the Adhar/Digital ID card has been rectified. Sometimes the fake of
this ID is easily available. Then various criminal activity can be done through the fake ID
(Almorsy et al., 2016). So various criminal activity can be done by this ID. Suppose the data
has been lost, or the ID card of a specific person has been lost. Then the ID can be used for
the several criminal activities.
Conclusion:
Cloud computing is one of the main technology used for the data storing and various
data access. The concept of cloud came from the solving of the big data theory. Now when
the cloud-computing is heavily used for the various purpose. Then the data-security is also
needed for any organizations. This data contains various essential and sensitive data and
sometimes the cash transaction also. The cash transaction has been done nowadays by digital
transferring. That is why the data is needed to be protected properly. If the data/info has been
hacked, then not only the cash amount will be lost, the other data may be lost. Then it will
create a huge problem. The customers are providing their information of several purposes. If
their data are copied or lost, then it will be a mess. That is why cloud privacy and security is
14CLOUD PRIVACY AND SECURITY
essential for us to. Cloud computing is such a system where the data should be provided
properly for the purpose. Now the data packing is needed to be strong in this situation. If the
data is protected, then the customer trust will increase for the organizations. Each and every
hacker will be waiting for the data hack. The cash amount, user name, password, other
sensitive data can be hacked able. So every organization has the challenge to protect the data
properly. The above case studies will give a brief discussion for the cases and the prevention
procedures. The main thought of the report is to be active to prevent hacking properly. The
organization data lost or the corruption problem also created by hackers. So cloud is the
system for the data storing properly. It is such kind of technology that cannot be avoided.
That is why the security of the data is needed properly. So in the system, the data privacy and
the security both are needed for the organization. The ethical business concern has been taken
for security. The legal service requirement is also maintained properly for cloud computing.
The overall discussion has been made through the report.
essential for us to. Cloud computing is such a system where the data should be provided
properly for the purpose. Now the data packing is needed to be strong in this situation. If the
data is protected, then the customer trust will increase for the organizations. Each and every
hacker will be waiting for the data hack. The cash amount, user name, password, other
sensitive data can be hacked able. So every organization has the challenge to protect the data
properly. The above case studies will give a brief discussion for the cases and the prevention
procedures. The main thought of the report is to be active to prevent hacking properly. The
organization data lost or the corruption problem also created by hackers. So cloud is the
system for the data storing properly. It is such kind of technology that cannot be avoided.
That is why the security of the data is needed properly. So in the system, the data privacy and
the security both are needed for the organization. The ethical business concern has been taken
for security. The legal service requirement is also maintained properly for cloud computing.
The overall discussion has been made through the report.
15CLOUD PRIVACY AND SECURITY
Referencing:
Agarwal, M., Choudhary, A., Agarwal, P., Kumar, A., Shah, N., & Soni, A. (2016). U.S.
Patent No. 9,282,097. Washington, DC: U.S. Patent and Trademark Office.
Aldossary, S., & Allen, W. (2016). Data security, privacy, availability and integrity in cloud
computing: issues and current solutions. International Journal of Advanced Computer
Science and Applications, 7(4), 485-498.
Almorsy, M., Grundy, J., & Müller, I. (2016). An analysis of the cloud computing security
problem. arXiv preprint arXiv:1609.01107.
Bokhari, M. U., Shallal, Q. M., & Tamandani, Y. K. (2016, March). Cloud computing service
models: A comparative study. In 2016 3rd International Conference on Computing for
Sustainable Global Development (INDIACom) (pp. 890-895). IEEE.
Cocchiara, R. M., Delaney, J. V., Hunt, A. M., O'Reilly, M. M., & Zolotow, C. A.
(2019). U.S. Patent Application No. 10/332,018.
Dorri, A., Kanhere, S. S., Jurdak, R., & Gauravaram, P. (2017, March). Blockchain for IoT
security and privacy: The case study of a smart home. In 2017 IEEE international
conference on pervasive computing and communications workshops (PerCom
workshops) (pp. 618-623). IEEE.
Duncan, R. A. K., & Whittington, M. (2016). Enhancing cloud security and privacy: The
power and the weakness of the audit trail. CLOUD COMPUTING 2016.
Esposito, C., Castiglione, A., Martini, B., & Choo, K. K. R. (2016). Cloud manufacturing:
security, privacy, and forensic concerns. IEEE Cloud Computing, 3(4), 16-22.
Referencing:
Agarwal, M., Choudhary, A., Agarwal, P., Kumar, A., Shah, N., & Soni, A. (2016). U.S.
Patent No. 9,282,097. Washington, DC: U.S. Patent and Trademark Office.
Aldossary, S., & Allen, W. (2016). Data security, privacy, availability and integrity in cloud
computing: issues and current solutions. International Journal of Advanced Computer
Science and Applications, 7(4), 485-498.
Almorsy, M., Grundy, J., & Müller, I. (2016). An analysis of the cloud computing security
problem. arXiv preprint arXiv:1609.01107.
Bokhari, M. U., Shallal, Q. M., & Tamandani, Y. K. (2016, March). Cloud computing service
models: A comparative study. In 2016 3rd International Conference on Computing for
Sustainable Global Development (INDIACom) (pp. 890-895). IEEE.
Cocchiara, R. M., Delaney, J. V., Hunt, A. M., O'Reilly, M. M., & Zolotow, C. A.
(2019). U.S. Patent Application No. 10/332,018.
Dorri, A., Kanhere, S. S., Jurdak, R., & Gauravaram, P. (2017, March). Blockchain for IoT
security and privacy: The case study of a smart home. In 2017 IEEE international
conference on pervasive computing and communications workshops (PerCom
workshops) (pp. 618-623). IEEE.
Duncan, R. A. K., & Whittington, M. (2016). Enhancing cloud security and privacy: The
power and the weakness of the audit trail. CLOUD COMPUTING 2016.
Esposito, C., Castiglione, A., Martini, B., & Choo, K. K. R. (2016). Cloud manufacturing:
security, privacy, and forensic concerns. IEEE Cloud Computing, 3(4), 16-22.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
16CLOUD PRIVACY AND SECURITY
Gholami, A., & Laure, E. (2016). Security and privacy of sensitive data in cloud computing:
a survey of recent developments. arXiv preprint arXiv:1601.01498.
Henze, M., Hermerschmidt, L., Kerpen, D., Häußling, R., Rumpe, B., & Wehrle, K. (2016).
A comprehensive approach to privacy in the cloud-based Internet of Things. Future
Generation Computer Systems, 56, 701-718.
Islam, S., Fenz, S., Weippl, E., & Kalloniatis, C. (2016). Migration goals and risk
management in cloud computing: a review of state of the art and survey results on
practitioners. International Journal of Secure Software Engineering (IJSSE), 7(3), 44-
73.
Jiang, Q., Ma, J., & Wei, F. (2016). On the security of a privacy-aware authentication scheme
for distributed mobile cloud computing services. IEEE systems journal, 12(2), 2039-
2042.
Jouini, M., & Rabai, L. B. A. (2019). A security framework for secure cloud computing
environments. In Cloud security: Concepts, methodologies, tools, and
applications (pp. 249-263). IGI Global.
Kalaiprasath, R., Elankavi, R., & Udayakumar, D. R. (2017). Cloud. Security and
Compliance-A Semantic Approach in End to End Security. International Journal Of
Mechanical Engineering And Technology (Ijmet), 8(5), 987-994.
Kavanagh, M. J., & Johnson, R. D. (Eds.). (2017). Human resource information systems:
Basics, applications, and future directions. Sage Publications.
Mollah, M. B., Azad, M. A. K., & Vasilakos, A. (2017). Security and privacy challenges in
mobile cloud computing: Survey and way ahead. Journal of Network and Computer
Applications, 84, 38-54.
Gholami, A., & Laure, E. (2016). Security and privacy of sensitive data in cloud computing:
a survey of recent developments. arXiv preprint arXiv:1601.01498.
Henze, M., Hermerschmidt, L., Kerpen, D., Häußling, R., Rumpe, B., & Wehrle, K. (2016).
A comprehensive approach to privacy in the cloud-based Internet of Things. Future
Generation Computer Systems, 56, 701-718.
Islam, S., Fenz, S., Weippl, E., & Kalloniatis, C. (2016). Migration goals and risk
management in cloud computing: a review of state of the art and survey results on
practitioners. International Journal of Secure Software Engineering (IJSSE), 7(3), 44-
73.
Jiang, Q., Ma, J., & Wei, F. (2016). On the security of a privacy-aware authentication scheme
for distributed mobile cloud computing services. IEEE systems journal, 12(2), 2039-
2042.
Jouini, M., & Rabai, L. B. A. (2019). A security framework for secure cloud computing
environments. In Cloud security: Concepts, methodologies, tools, and
applications (pp. 249-263). IGI Global.
Kalaiprasath, R., Elankavi, R., & Udayakumar, D. R. (2017). Cloud. Security and
Compliance-A Semantic Approach in End to End Security. International Journal Of
Mechanical Engineering And Technology (Ijmet), 8(5), 987-994.
Kavanagh, M. J., & Johnson, R. D. (Eds.). (2017). Human resource information systems:
Basics, applications, and future directions. Sage Publications.
Mollah, M. B., Azad, M. A. K., & Vasilakos, A. (2017). Security and privacy challenges in
mobile cloud computing: Survey and way ahead. Journal of Network and Computer
Applications, 84, 38-54.
17CLOUD PRIVACY AND SECURITY
Parthasarathi, A., Ng, G. Y., & Honea, M. (2016). U.S. Patent Application No. 15/082,890.
Rahman, A. F. A., Daud, M., & Mohamad, M. Z. (2016, March). Securing sensor to cloud
ecosystem using internet of things (iot) security framework. In Proceedings of the
International Conference on Internet of things and Cloud Computing (p. 79). ACM.
Redondo, J. M., & Ortin, F. (2017). A SaaS framework for credit risk analysis services. IEEE
Latin America Transactions, 15(3), 474-481.
Rittinghouse, J. W., & Ransome, J. F. (2017). Cloud computing: implementation,
management, and security. CRC press.
Rittinghouse, J. W., & Ransome, J. F. (2017). Cloud computing: implementation,
management, and security. CRC press.
Sahmim, S., & Gharsellaoui, H. (2017). Privacy and security in internet-based computing:
cloud computing, internet of things, cloud of things: a review. Procedia computer
science, 112, 1516-1522.
Syed, S., Fatehi, F., Venkataraman, S., & Prabhu, J. A. (2019). U.S. Patent Application No.
10/185,601. Hussein, N. H., & Khalid, A. (2016). A survey of cloud computing
security challenges and solutions. International Journal of Computer Science and
Information Security, 14(1), 52.
Syed, S., Fatehi, F., Venkataraman, S., & Prabhu, J. A. (2019). U.S. Patent Application No.
10/185,601.
Tang, J., Cui, Y., Li, Q., Ren, K., Liu, J., & Buyya, R. (2016). Ensuring security and privacy
preservation for cloud data services. ACM Computing Surveys (CSUR), 49(1), 13.
Parthasarathi, A., Ng, G. Y., & Honea, M. (2016). U.S. Patent Application No. 15/082,890.
Rahman, A. F. A., Daud, M., & Mohamad, M. Z. (2016, March). Securing sensor to cloud
ecosystem using internet of things (iot) security framework. In Proceedings of the
International Conference on Internet of things and Cloud Computing (p. 79). ACM.
Redondo, J. M., & Ortin, F. (2017). A SaaS framework for credit risk analysis services. IEEE
Latin America Transactions, 15(3), 474-481.
Rittinghouse, J. W., & Ransome, J. F. (2017). Cloud computing: implementation,
management, and security. CRC press.
Rittinghouse, J. W., & Ransome, J. F. (2017). Cloud computing: implementation,
management, and security. CRC press.
Sahmim, S., & Gharsellaoui, H. (2017). Privacy and security in internet-based computing:
cloud computing, internet of things, cloud of things: a review. Procedia computer
science, 112, 1516-1522.
Syed, S., Fatehi, F., Venkataraman, S., & Prabhu, J. A. (2019). U.S. Patent Application No.
10/185,601. Hussein, N. H., & Khalid, A. (2016). A survey of cloud computing
security challenges and solutions. International Journal of Computer Science and
Information Security, 14(1), 52.
Syed, S., Fatehi, F., Venkataraman, S., & Prabhu, J. A. (2019). U.S. Patent Application No.
10/185,601.
Tang, J., Cui, Y., Li, Q., Ren, K., Liu, J., & Buyya, R. (2016). Ensuring security and privacy
preservation for cloud data services. ACM Computing Surveys (CSUR), 49(1), 13.
18CLOUD PRIVACY AND SECURITY
Tiwari, P. K., & Joshi, S. (2016). Data security for software as a service. In Web-Based
Services: Concepts, Methodologies, Tools, and Applications (pp. 864-880). IGI
Global.
Truyen, E., Van Landuyt, D., Reniers, V., Rafique, A., Lagaisse, B., & Joosen, W. (2016).
Towards a container-based architecture for multi-tenant SaaS applications.
In Proceedings of the 15th International Workshop on Adaptive and Reflective
Middleware (pp. 1-6). ACM; New York, NY, USA.
Vacca, J. R. (2016). ◾ Risk and Trust Assessment: Schemes for Cloud Services ERDAL
CAYIRCI. In Cloud Computing Security (pp. 93-104). CRC Press.
Vijayakumar, K., & Arun, C. (2017). Analysis and selection of risk assessment frameworks
for cloud based enterprise applications. Biomedical Research (0970-938X), 28.
Viswanathan, M., Sivaram, M., Yuvaraj, D., & Mohammed, A. S. (2018). Security and
privacy protection in cloud computing.
Yu, Y., Au, M. H., Ateniese, G., Huang, X., Susilo, W., Dai, Y., & Min, G. (2016). Identity-
based remote data integrity checking with perfect data privacy preserving for cloud
storage. IEEE Transactions on Information Forensics and Security, 12(4), 767-778.
Zhou, J., Cao, Z., Dong, X., & Vasilakos, A. V. (2017). Security and privacy for cloud-based
IoT: Challenges. IEEE Communications Magazine, 55(1), 26-33.
Tiwari, P. K., & Joshi, S. (2016). Data security for software as a service. In Web-Based
Services: Concepts, Methodologies, Tools, and Applications (pp. 864-880). IGI
Global.
Truyen, E., Van Landuyt, D., Reniers, V., Rafique, A., Lagaisse, B., & Joosen, W. (2016).
Towards a container-based architecture for multi-tenant SaaS applications.
In Proceedings of the 15th International Workshop on Adaptive and Reflective
Middleware (pp. 1-6). ACM; New York, NY, USA.
Vacca, J. R. (2016). ◾ Risk and Trust Assessment: Schemes for Cloud Services ERDAL
CAYIRCI. In Cloud Computing Security (pp. 93-104). CRC Press.
Vijayakumar, K., & Arun, C. (2017). Analysis and selection of risk assessment frameworks
for cloud based enterprise applications. Biomedical Research (0970-938X), 28.
Viswanathan, M., Sivaram, M., Yuvaraj, D., & Mohammed, A. S. (2018). Security and
privacy protection in cloud computing.
Yu, Y., Au, M. H., Ateniese, G., Huang, X., Susilo, W., Dai, Y., & Min, G. (2016). Identity-
based remote data integrity checking with perfect data privacy preserving for cloud
storage. IEEE Transactions on Information Forensics and Security, 12(4), 767-778.
Zhou, J., Cao, Z., Dong, X., & Vasilakos, A. V. (2017). Security and privacy for cloud-based
IoT: Challenges. IEEE Communications Magazine, 55(1), 26-33.
1 out of 19
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.