Cloud Privacy and Security: Threat and Risk Assessment, PII Privacy Strategies, Digital Identity and Controls, Governance Plan

Verified

Added on  2023/06/06

|35
|1107
|202
AI Summary
This presentation covers the Threat and Risk Assessment, PII Privacy Strategies, Digital Identity and Controls, Governance Plan for Cloud Privacy and Security. It includes preventive actions, contingency plans, security compliance, and safeguard policies for HIPAA data. It also discusses the mitigation plan for automatic collection of information, third-party cloud vendors, tracking and customization information, and cyber security. The presentation concludes with a governance plan for various SaaS solutions.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
CLOUD PRIVACY AND
SECURITY
Student Name:
Student ID:
University Name:

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Introduction
DAS
MyLicense
portal
Threat and Risk
Assessment
(TRA)
Personal
Identifiable
Information
(PII) strategy
proposal
Informal Digital
Identity protection
Strategy
Governance
plan for
Cloud
solutions
Document Page
Threat and Risk
Assessment
Document Page
Threat Preventive
Action
Contingency
Plan
Securing the
Personally
Identifiable
Information
Encryption using
high standards to
secure
communications
Continuity of
operations
Communicating the
crisis
Checking the
readiness of
system
Security
Compliance for
HIPAA Data
Safeguard policies
for Break-in
prevention and
physical threats
Signing of BAA
(Business Associate
Agreements)

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
TRA
Threat Preventive
Action
Contingency
Plan
Security of Data Restricting
unauthorized
access and
safeguard
physically
Backup of
additional services
if required
Rogue Software for
Security
Checking of
security log with
the help of HTTP
CP Policy
development and
business impact
analysis
Cyber Terrorism Physical security
for DAS utilities
Handling of
conflicts with
standby forces.
Cyber-espionage
and Theft of
Valuable data
Preparing a
practical checklist
and standard
encryption method
Arrangement of
backup forces to
carry out
operations in the
cyberspace.
Document Page
Threats Preventive
Actions
Contingency
Plan
Ransomware Design approach
for in-depth
security and
restricting access
Carry out backup
and restore
frequently
Redirection of
DNS
Blocking,
monitoring and
controlling
malicious clients
Securing the
operations of
active directory
Wi-Fi
Vulnerabilities
Avoid Wi-Fi
accessibility of the
portal
Preparedness for
continuous
operations
Zero Day Threats Maximum Firewall
protection and
essential
application
launching only
Preparedness and
capacity
establishment
Document Page
PII Privacy Strategies
and Control
Overview
MyLicense portal PII types
Name, email ID
Complete Virtual licences
Home address and mailing address
Phone Numbers

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
PII Privacy Strategies
and Control
Automatic Collection of
Information
Mitigation Plan: Assessing the exposure
of Information, Analysis of risks and
mitigation strategies
Implementation: Collection of various
types of information for security reasons
Document Page
PII Privacy Strategies
and Control
Third Party Cloud Vendors
Mitigation Plan: Development of security
structure required for exposed data
Implementation: Assurance to users
regarding security and non-disclosure of
PII data
Document Page
PII Privacy Strategies
and Control
Tracking and Customization
Information
Cookies
Mitigation Plan: Turning the cookies off
and avoidance of nuisance
Implementation: Allows enabling and
disabling the Cookies

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
PII Privacy Strategies
and Control
Cyber Security
Mitigation Plan: Internal access control
and user training
Implementation: SSL, Firewall and
encryption implementation.
Document Page
PII Privacy Strategies
and Control
Feedback and email/ customer
queries
Mitigation Plan: Appropriate security
for email and feedback
Implementation: Encryption through
SSH
Document Page
PII Privacy Strategies
and Control
Third Party Applications
Mitigation Plan: Changing application
setting
Implementation: Predefined settings in
security settings.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
Digital Identity and
Controls
Transaction security will be maintained
for information consistency, availability
and integrity.
Variable identification for customer
identity proofing
Assuring customers that their PII is in
safe hands
Combination of proofing, authenticator
Document Page
Digital Identity and
Controls
Lack of Customer Details
Mitigation Plan: Customer details
collected upon visit and registration
Implementation: Know Your Customer
(KYC) methodology
Document Page
Digital Identity and
Controls
Transaction Risks
Mitigation Plan: Fraud encryption and
monitoring
Implementation: Transaction monitoring
methodology

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Digital Identity and
Controls
Politically Exposed Person (PEP)
Risks
Mitigation Plan: Sanction screening for
adversary identification
Implementation: PEP and sanction
monitoring
Document Page
Digital Identity and
Controls
Data Frauds
Mitigation Plan: Data monitoring for
errors
Implementation: Fraud Prevention
methodology
Document Page
Digital Identity and
Controls
Authentication Errors
Mitigation Plan: Desired direction after
proper authentication
Implementation: Pop up for erroneous
authentication

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
Digital Identity and
Controls
Identity Proofing
Mitigation Plan: User authentication
required for particular services
Implementation: Multiple authentication
for user security
Document Page
Governance, Audit,
Incident reports
Governance plan will be outlined for
MyLicence portal user PII data and digital
identities
DAS HR Personnel Management suite users’
Personal data and PII data
Contractor Management suite contractors’
Personal data and PII data
DAS staff in the COTS payroll suite user’s PII
data and financial data
Document Page
Governance, Audit,
Incident reports
PII data and digital identities for
users of the MyLicense portal
Governance
Rules
Recommendation for standards and
procedures
Access restriction for personal and
confidential data

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Governance, Audit,
Incident reports
PII data and digital identities for
users of the MyLicense portal
Governance
Procedures
oPolicies throughout confidential
data life span.
oControl documentation and
demonstration
Document Page
Governance, Audit,
Incident reports
PII data and digital identities for
users of the MyLicense portal
Governance
Guidelines
Preserving data privacy
Information review for correction
Technical and administrative
provisions
Document Page
Governance, Audit,
Incident reports
Personal data and PII data for DAS
users of the HR Personnel
Management suite
Rules
HR data confidence
Cross functional capability
Improvement in DAS value

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
Governance, Audit,
Incident reports
Personal data and PII data for
DAS users of the HR Personnel
Management suite
Procedures
o Best practices for data integrity
o Master Data Management (MDM)
o Data Stewardship management
Document Page
Governance, Audit,
Incident reports
Personal data and PII data for
DAS users of the HR Personnel
Management suite
Guidelines
Data governance steering team
responsibility
Communication of Clear DAS
vision
Document Page
Governance, Audit,
Incident reports
PII data and financial data for users
and DAS staff in the COTS payroll suite
Rules
Processing of payments correctly and recording
in the system.
Proper maintenance of transactions for security.
Immediate resolution of errors in the payroll
system.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Governance, Audit,
Incident reports
PII data and financial data for users
and DAS staff in the COTS payroll suite
Procedures
o Recording of requests for expense
reimbursements
o Inclusion of payroll risks
o Effective collection and storage of claims from
customer companies
Document Page
Governance, Audit,
Incident reports
PII data and financial data for
users and DAS staff in the COTS
payroll suite
Guidelines
Avoiding the incorrect payroll processing
Checking the consistency of system
Maintenance of payroll control reports
Document Page
Conclusion
In the overall assessment, Threat and Risk Assessment
(TRA) has been done on the MyLicense portal PII
The strategy for PII has been developed for MyLicense
portal to mitigate the identified threats and risks
The strategy for the Informal Digital Identity has also
been developed in context to the determined risks and
threats
The Governance plan has been designed Governance
plan for the various SaaS solutions.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
Appendix A – TRA
(Threat and Risk Assessment)
Microsoft Word
Document
Microsoft Word
Document
Document Page
Appendix B – PII
Strategy
Microsoft Word
Document
Microsoft Word
Document
Document Page
Appendix C – Informal
Digital Identity
Microsoft Word
Document
Microsoft Word
Document

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Appendix D –
Governance Plan
Microsoft Word
Document
Microsoft Word
Document
1 out of 35
circle_padding
hide_on_mobile
zoom_out_icon
[object Object]

Your All-in-One AI-Powered Toolkit for Academic Success.

Available 24*7 on WhatsApp / Email

[object Object]