Cloud Security Report 2022
VerifiedAdded on 2022/10/15
|23
|6412
|11
AI Summary
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: CLOUD SECURITY
Cloud Security
Name of the Student
Name of the University
Author Note
Cloud Security
Name of the Student
Name of the University
Author Note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1CLOUD SECURITY
Executive Summery
The main aim of this report is to analyze the impacts of the migration to SaaS, decision taken
by DAS. DAS provides different services to the organizations in the State Government of
Australia. There provided service is HR management, payroll management, constructor
management and so on. They have decided to implement the HR and Personnel Database
management software in SaaS for better security and privacy for the employee’s data. This
study discusses about the migration to the SaaS and the risks and threats of the migration to
SaaS of the security and the privacy of the information of the employees of the organization
of the Australian State Government. There are some risk assessment of the threats and risks
of the privacy and security of the personal data of the employee. Digital identity is the issues
that are discussed in this study and the assessment of the study. This paper concludes that HR
and personnel database software application and its migration to SaaS are variables and the
design of the SaaS designs have not yet matured. This study explains that these methods are
increasingly needed for the organization. In order to provide a SaaS alternative, DAS plans to
buy a staff and HR management implementation. The reason why DAS should implement the
HR database into SaaS are In embracing cloud computing, lower servicing costs, particularly
for databases, are often the first concern.
Executive Summery
The main aim of this report is to analyze the impacts of the migration to SaaS, decision taken
by DAS. DAS provides different services to the organizations in the State Government of
Australia. There provided service is HR management, payroll management, constructor
management and so on. They have decided to implement the HR and Personnel Database
management software in SaaS for better security and privacy for the employee’s data. This
study discusses about the migration to the SaaS and the risks and threats of the migration to
SaaS of the security and the privacy of the information of the employees of the organization
of the Australian State Government. There are some risk assessment of the threats and risks
of the privacy and security of the personal data of the employee. Digital identity is the issues
that are discussed in this study and the assessment of the study. This paper concludes that HR
and personnel database software application and its migration to SaaS are variables and the
design of the SaaS designs have not yet matured. This study explains that these methods are
increasingly needed for the organization. In order to provide a SaaS alternative, DAS plans to
buy a staff and HR management implementation. The reason why DAS should implement the
HR database into SaaS are In embracing cloud computing, lower servicing costs, particularly
for databases, are often the first concern.
2CLOUD SECURITY
Table of Contents
Introduction................................................................................................................................4
Security of Employee Data........................................................................................................4
Threats and Risks to the Security in HR Database................................................................5
BYOD................................................................................................................................5
Compliance........................................................................................................................5
Litigation Exposer Risks....................................................................................................6
Mobile Applications...........................................................................................................6
Lack of Awareness.............................................................................................................6
Risks and Treats to the Security after moving to SaaS application.......................................6
Assessment of the Threats and Risks to Security to Employee Data.....................................8
Loss & Operations Control................................................................................................8
Cyber Security....................................................................................................................8
Insurance............................................................................................................................8
Privacy of Employee Data.........................................................................................................8
Threats and Risks to the Privacy in HR Database..................................................................9
BYOD................................................................................................................................9
The Cloud...........................................................................................................................9
Voice and video................................................................................................................10
Taking control..................................................................................................................10
People...............................................................................................................................10
Table of Contents
Introduction................................................................................................................................4
Security of Employee Data........................................................................................................4
Threats and Risks to the Security in HR Database................................................................5
BYOD................................................................................................................................5
Compliance........................................................................................................................5
Litigation Exposer Risks....................................................................................................6
Mobile Applications...........................................................................................................6
Lack of Awareness.............................................................................................................6
Risks and Treats to the Security after moving to SaaS application.......................................6
Assessment of the Threats and Risks to Security to Employee Data.....................................8
Loss & Operations Control................................................................................................8
Cyber Security....................................................................................................................8
Insurance............................................................................................................................8
Privacy of Employee Data.........................................................................................................8
Threats and Risks to the Privacy in HR Database..................................................................9
BYOD................................................................................................................................9
The Cloud...........................................................................................................................9
Voice and video................................................................................................................10
Taking control..................................................................................................................10
People...............................................................................................................................10
3CLOUD SECURITY
Covering all records.........................................................................................................11
Creating a safety environment.........................................................................................11
Risks and Treats to the Privacy after moving to SaaS application......................................11
Assessment of the Threats and Risks to Privacy to Employee Data....................................13
Security............................................................................................................................13
Hybrid..............................................................................................................................14
Speed................................................................................................................................14
Digital Identity Issues..............................................................................................................14
Risks and Threats to the digital identities of employees......................................................14
Identity theft.....................................................................................................................14
Identity tampering............................................................................................................15
Personal information theft................................................................................................16
Privilege escalation..........................................................................................................16
Misuse of identity.............................................................................................................16
Conclusion................................................................................................................................17
References................................................................................................................................19
Covering all records.........................................................................................................11
Creating a safety environment.........................................................................................11
Risks and Treats to the Privacy after moving to SaaS application......................................11
Assessment of the Threats and Risks to Privacy to Employee Data....................................13
Security............................................................................................................................13
Hybrid..............................................................................................................................14
Speed................................................................................................................................14
Digital Identity Issues..............................................................................................................14
Risks and Threats to the digital identities of employees......................................................14
Identity theft.....................................................................................................................14
Identity tampering............................................................................................................15
Personal information theft................................................................................................16
Privilege escalation..........................................................................................................16
Misuse of identity.............................................................................................................16
Conclusion................................................................................................................................17
References................................................................................................................................19
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4CLOUD SECURITY
Introduction
DAS stands for The Department of Administrative Services, which provides various
services to many departments in the State Government of Australia. There are mainly
services like HR management, contractor management, payroll, procurement and contract
management. From the own data center these services are provided. After the Government
policy change, DAS has decided to shift to the Shared Service of cloud computing system. As
a result, all the departments will have to move their services to DAS as DAS can consolidate
their services. Another policy of government has come for mandating the cloud computing
for the updating process of the software. DAS is planning to purchase a personnel and HR
management application to provide a SaaS solution. The main aim of this report is to analyze
the impacts of the implementation of the personnel and HR management application. A HR
suite will be provided with the application of DAS. The performance management system
will be included in the HR application. This report discusses about the employee data or
information security, threats and risks to the HR database security, threats and risks to the
application after moving to SaaS, assessment of the threats for the security of employee’s
information, privacy and risks of in SaaS for the information of the employees and the
assessments for digital security. This study analyzes the migration of Das to the SaaS and its
impact to the organization and the implementation of the HR and personnel database
management system. The aim of DAS is to provide a secure cost effective cloud storage
system for the organization for better range of privacy and security purpose.
Security of Employee Data
Data security is the main concern for the organization in today’s world but the key
focus is on the customers. Companies need to maintain the information of the customer and
Introduction
DAS stands for The Department of Administrative Services, which provides various
services to many departments in the State Government of Australia. There are mainly
services like HR management, contractor management, payroll, procurement and contract
management. From the own data center these services are provided. After the Government
policy change, DAS has decided to shift to the Shared Service of cloud computing system. As
a result, all the departments will have to move their services to DAS as DAS can consolidate
their services. Another policy of government has come for mandating the cloud computing
for the updating process of the software. DAS is planning to purchase a personnel and HR
management application to provide a SaaS solution. The main aim of this report is to analyze
the impacts of the implementation of the personnel and HR management application. A HR
suite will be provided with the application of DAS. The performance management system
will be included in the HR application. This report discusses about the employee data or
information security, threats and risks to the HR database security, threats and risks to the
application after moving to SaaS, assessment of the threats for the security of employee’s
information, privacy and risks of in SaaS for the information of the employees and the
assessments for digital security. This study analyzes the migration of Das to the SaaS and its
impact to the organization and the implementation of the HR and personnel database
management system. The aim of DAS is to provide a secure cost effective cloud storage
system for the organization for better range of privacy and security purpose.
Security of Employee Data
Data security is the main concern for the organization in today’s world but the key
focus is on the customers. Companies need to maintain the information of the customer and
5CLOUD SECURITY
the employees. Employees do not have enough confident that the employers are keeping their
personal information safe at their workplace. Employers of the company have a process to
maintain the huge range of personal information of the employees throughout the entire
employment. During the onboarding process or recruitment and the relationship of
employment, every information is maintained (Rao & Selvamani, 2015). The information of
the assessment of pre-employment, tracking system and the background checks are included
with the candidate’s name, address, email, phone number and SSN. It is as critical to protect
the data as protecting the employee’s information. Without proper safety of the data of
candidate and the employees the company is giving access to the intruders. This could be the
violation of the security of the employee’s data.
Threats and Risks to the Security in HR Database
Data security of HR is very important for any software system or database of any
organization (Chou, 2015). It all included with the personal information of the employees and
their performance data. It integrates or handles the payroll package of the employees.
BYOD
BYOD stands for Bring Your own Device. There are huge number of users of
personal device and their personal usage. Organizations are implementing and installing the
BYOD programs, which will tackle the security issues of the personal devices. Information
security is always being a concern for the organizations for uploading or downloading any
information of payroll and the other sensitive data (Samaras et al., 2014).The user devices
may vary but the protocols and the security policy will not.
Compliance
Even if the employee information is safe form cyber-attack and hacking another risks
and threats will be non-compliance with local legislation (Tang & Liu, 2015). The multi-
the employees. Employees do not have enough confident that the employers are keeping their
personal information safe at their workplace. Employers of the company have a process to
maintain the huge range of personal information of the employees throughout the entire
employment. During the onboarding process or recruitment and the relationship of
employment, every information is maintained (Rao & Selvamani, 2015). The information of
the assessment of pre-employment, tracking system and the background checks are included
with the candidate’s name, address, email, phone number and SSN. It is as critical to protect
the data as protecting the employee’s information. Without proper safety of the data of
candidate and the employees the company is giving access to the intruders. This could be the
violation of the security of the employee’s data.
Threats and Risks to the Security in HR Database
Data security of HR is very important for any software system or database of any
organization (Chou, 2015). It all included with the personal information of the employees and
their performance data. It integrates or handles the payroll package of the employees.
BYOD
BYOD stands for Bring Your own Device. There are huge number of users of
personal device and their personal usage. Organizations are implementing and installing the
BYOD programs, which will tackle the security issues of the personal devices. Information
security is always being a concern for the organizations for uploading or downloading any
information of payroll and the other sensitive data (Samaras et al., 2014).The user devices
may vary but the protocols and the security policy will not.
Compliance
Even if the employee information is safe form cyber-attack and hacking another risks
and threats will be non-compliance with local legislation (Tang & Liu, 2015). The multi-
6CLOUD SECURITY
national functions can consider the various and even laws. Any device that keeps information
or data needs to have the native encryption.
Litigation Exposer Risks
There will be other risks except the loss of data that is mislaid of information. The
organization may be subjected for the legal actions against them from the employees of the
company, whose information that was (Hill, 2016). Through the HR, the organization usually
needs to have the responsibility for maintaining the security of the data of the employee in
which the security of HR data is included.
Mobile Applications
There is a constant flow of data and information from the cloud and uploaded to the
cloud with a mobile application (Suo et al., 2013). The initial stage of a collaborative HR
application can be unparalleled function in speed and the proven data security except the
other issues. By the approach of BYOD, the issues can be exacerbated and the applications
will be enforced and monitored.
Lack of Awareness
Human is always the biggest risk and threat and the threats factor can be increased
when the user does not have any clear concept about the risks of HR data loss. There is lack
of security issues in the smart devices (Rahman & Cheung, 2014). The weakest factor of the
data security is human errors. If there is lack of the awareness that means there will be lack of
care and attention and that will cause loss of the security of the HR data. The potential
information security always remains. There will be hardware risks as well as software risks
and the human errors.
national functions can consider the various and even laws. Any device that keeps information
or data needs to have the native encryption.
Litigation Exposer Risks
There will be other risks except the loss of data that is mislaid of information. The
organization may be subjected for the legal actions against them from the employees of the
company, whose information that was (Hill, 2016). Through the HR, the organization usually
needs to have the responsibility for maintaining the security of the data of the employee in
which the security of HR data is included.
Mobile Applications
There is a constant flow of data and information from the cloud and uploaded to the
cloud with a mobile application (Suo et al., 2013). The initial stage of a collaborative HR
application can be unparalleled function in speed and the proven data security except the
other issues. By the approach of BYOD, the issues can be exacerbated and the applications
will be enforced and monitored.
Lack of Awareness
Human is always the biggest risk and threat and the threats factor can be increased
when the user does not have any clear concept about the risks of HR data loss. There is lack
of security issues in the smart devices (Rahman & Cheung, 2014). The weakest factor of the
data security is human errors. If there is lack of the awareness that means there will be lack of
care and attention and that will cause loss of the security of the HR data. The potential
information security always remains. There will be hardware risks as well as software risks
and the human errors.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
7CLOUD SECURITY
Risks and Threats to the Security after moving to SaaS application
There will be some concerns for using the cloud applications if the organization does
not aware of it. DAS is planning to move maximum number of corporate data in the cloud
SaaS application. DAS will approve the use of cloud for the business purpose. On this factor,
the organization should focus. The organization should focus on the protection, visibility and
the governance of the SaaS application (Aleem & Sprott, 2013). When it come to the
conversion to SaaS applications there are three various characteristics, which defines the
requirement of the various approach of the risk management, security and data governance in
the cloud.
The user of any smart device can access the SaaS applications with a secure account
and password from anytime, anywhere. The SaaS application can be accessed from any
managed or unmanaged smart devices (Tang & Liu, 2015). This is very distinct from on-site
apps where entry is only permitted through commercial VPN networks and controlled
computers, and there are extra safety obstacles between the customer and the cloud running
data center.
Users create folders and records for the SaaS implementation. Users can use just one
connection to encourage colleagues to discuss these documents with anyone. Many of these
consumers have very little experience in safety to comprehend when their activities put the
organization at risk.
There are many methods to share and store information, distinctive to a very SaaS
implementation. You understand, for instance, that information can be found in Chatter files,
Sales force knowledge base posts, CRM material, documents of web materials and
attachments within the Sales force alone. It is unrealistic for allowing security administrators
to comprehend the nuances of each SaaS implementation, yet eventually they are accountable
Risks and Threats to the Security after moving to SaaS application
There will be some concerns for using the cloud applications if the organization does
not aware of it. DAS is planning to move maximum number of corporate data in the cloud
SaaS application. DAS will approve the use of cloud for the business purpose. On this factor,
the organization should focus. The organization should focus on the protection, visibility and
the governance of the SaaS application (Aleem & Sprott, 2013). When it come to the
conversion to SaaS applications there are three various characteristics, which defines the
requirement of the various approach of the risk management, security and data governance in
the cloud.
The user of any smart device can access the SaaS applications with a secure account
and password from anytime, anywhere. The SaaS application can be accessed from any
managed or unmanaged smart devices (Tang & Liu, 2015). This is very distinct from on-site
apps where entry is only permitted through commercial VPN networks and controlled
computers, and there are extra safety obstacles between the customer and the cloud running
data center.
Users create folders and records for the SaaS implementation. Users can use just one
connection to encourage colleagues to discuss these documents with anyone. Many of these
consumers have very little experience in safety to comprehend when their activities put the
organization at risk.
There are many methods to share and store information, distinctive to a very SaaS
implementation. You understand, for instance, that information can be found in Chatter files,
Sales force knowledge base posts, CRM material, documents of web materials and
attachments within the Sales force alone. It is unrealistic for allowing security administrators
to comprehend the nuances of each SaaS implementation, yet eventually they are accountable
8CLOUD SECURITY
for data management (Theoharidou et al., 2013). All this implies that the hazards associated
with the use of SaaS implementation are inexplicably linked with the human element. The
certain attributes that affect the risk profile of an organization in cloud are who users interact
with, their privileges, the data they touch, how they access the data and their behaviors.
Assessment of the Threats and Risks to Security to Employee Data
Loss & Operations Control
It is evident that for every SaaS business it is extremely essential to limit your
responsibility and keep your profit scale stable (Safa et al., 2015). The department of
operations is essential to ensure smooth running of your business. The group should also
introduce countermeasures and checks to mitigate the hazards and to reduce them. Without
the technical checks, administrative checks are ineffective (Chou, 2015). They minimize
downtime while enhancing your capacity to cope with problems rapidly as they occur.
Cyber Security
It requires comprehending the organization's cyber security demands and countless
work functions in cyber security such as safety analyst, principal data safety agent, bug
prevention expert, accident respondent, data threat auditors, hazard assessor, and so on (Rabai
et al., 2013). Only then HR can generate precise work details and determine the correct
match.
Insurance
Regardless of how much you concentrate on implementation errors, procedures and
risk mitigation occur, and litigation continues (Millard, 2013). All companies should have
payment for employees and professional liability insurance, but for SaaS firms two other
strategies are particularly crucial.
for data management (Theoharidou et al., 2013). All this implies that the hazards associated
with the use of SaaS implementation are inexplicably linked with the human element. The
certain attributes that affect the risk profile of an organization in cloud are who users interact
with, their privileges, the data they touch, how they access the data and their behaviors.
Assessment of the Threats and Risks to Security to Employee Data
Loss & Operations Control
It is evident that for every SaaS business it is extremely essential to limit your
responsibility and keep your profit scale stable (Safa et al., 2015). The department of
operations is essential to ensure smooth running of your business. The group should also
introduce countermeasures and checks to mitigate the hazards and to reduce them. Without
the technical checks, administrative checks are ineffective (Chou, 2015). They minimize
downtime while enhancing your capacity to cope with problems rapidly as they occur.
Cyber Security
It requires comprehending the organization's cyber security demands and countless
work functions in cyber security such as safety analyst, principal data safety agent, bug
prevention expert, accident respondent, data threat auditors, hazard assessor, and so on (Rabai
et al., 2013). Only then HR can generate precise work details and determine the correct
match.
Insurance
Regardless of how much you concentrate on implementation errors, procedures and
risk mitigation occur, and litigation continues (Millard, 2013). All companies should have
payment for employees and professional liability insurance, but for SaaS firms two other
strategies are particularly crucial.
9CLOUD SECURITY
Privacy of Employee Data
In order to protect the personal data of the citizens of each country, most information security
and safety regulation are enacted (Pearson, 2013). These regulations usually regulate the
capacity of the organizations and people to process data from others such as retrieve, store,
arrange and maintain, use and extend when data is recorded, obtained, handled or conveyed
to or from the nation. Due to the growing use of portable phones for the company reason, a
Mexican in Canada whose data are collected by the Brazilian-based Cloud Computation
service supplier would probably cause certain clause within the legislative system of all three
nations. A general counsel must hold record of the electronic information of his corporation
as it travels across boundaries in attempt to prevent transgressions of all these legislation.
Threats and Risks to the Privacy in HR Database
BYOD
The manner individuals operate is developing quickly, facilitated largely by
technological improvements. This is a tremendously beneficial thing in many respects, as
staff can operate anytime, anywhere (Sobers, 2015). Using private smart phones, laptops and
phones to do company, however, increases the danger of information failure either by human
mistake or by offering a route in for computer criminals. A research conducted by Ovum
discovered that 79% of staff discovered that BYOD allowed them to do their employment
faster, but approximately 18% stated that their IT office had no concept that they were using
their own equipment for job.
The Cloud
Cloud computing is easy, more and more common, and is usually regarded as safe.
That's not always the situation, though. All information is deposited inside a public cloud
inside the network of the operator and, as such, is accessible to assault. Also the private cloud
Privacy of Employee Data
In order to protect the personal data of the citizens of each country, most information security
and safety regulation are enacted (Pearson, 2013). These regulations usually regulate the
capacity of the organizations and people to process data from others such as retrieve, store,
arrange and maintain, use and extend when data is recorded, obtained, handled or conveyed
to or from the nation. Due to the growing use of portable phones for the company reason, a
Mexican in Canada whose data are collected by the Brazilian-based Cloud Computation
service supplier would probably cause certain clause within the legislative system of all three
nations. A general counsel must hold record of the electronic information of his corporation
as it travels across boundaries in attempt to prevent transgressions of all these legislation.
Threats and Risks to the Privacy in HR Database
BYOD
The manner individuals operate is developing quickly, facilitated largely by
technological improvements. This is a tremendously beneficial thing in many respects, as
staff can operate anytime, anywhere (Sobers, 2015). Using private smart phones, laptops and
phones to do company, however, increases the danger of information failure either by human
mistake or by offering a route in for computer criminals. A research conducted by Ovum
discovered that 79% of staff discovered that BYOD allowed them to do their employment
faster, but approximately 18% stated that their IT office had no concept that they were using
their own equipment for job.
The Cloud
Cloud computing is easy, more and more common, and is usually regarded as safe.
That's not always the situation, though. All information is deposited inside a public cloud
inside the network of the operator and, as such, is accessible to assault. Also the private cloud
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10CLOUD SECURITY
with information deposited in such a private network that is not accessible to the globe is still
not faultless (Sadiku, Musa & Momoh, 2014). Because both government and personal
windows are fundamentally centralized devices with only one weakness level, it is
comparatively simple for someone to keep the gate open through failure or by malice.
Voice and video
Many organizations also struggle to understand how their underlying cyber security
approach is influenced by telecoms and progressively by television. Of course, efficient
communication from casual conversations between peers to private customer discussions is
vital for any company (Alam, 2019). Video and voice however, are as prone as other
technologies to hacking. This is particularly accurate with regard to VoIP (Kulkarni et al.,
2013). Any IP interaction including speech is possibly useful to hackers and vulnerable to
assault. For example, when using Skype, this is not something organizations appear to
consider, but video and voice should be treated as carefully like any other safety and files
risk.
Taking control
Digital data security and privacy should be an immediate privilege for companies, but
they are unfortunately not. For organizations, however, there are methods to grow up and
bring away power, enabling them to experience a personal and secure digital life (Hashizume
et al., 2013). There are solutions like Siccura that allow companies to manage all information
through a centralized administration scheme, synchronize all company telephone records,
monitor all company interaction and information, and encrypt all documents.
People
Quite often, individuals in the protection chain are the fragile connection. It is not
always harmful, but an enormous source of cyber threats and violations of information is
with information deposited in such a private network that is not accessible to the globe is still
not faultless (Sadiku, Musa & Momoh, 2014). Because both government and personal
windows are fundamentally centralized devices with only one weakness level, it is
comparatively simple for someone to keep the gate open through failure or by malice.
Voice and video
Many organizations also struggle to understand how their underlying cyber security
approach is influenced by telecoms and progressively by television. Of course, efficient
communication from casual conversations between peers to private customer discussions is
vital for any company (Alam, 2019). Video and voice however, are as prone as other
technologies to hacking. This is particularly accurate with regard to VoIP (Kulkarni et al.,
2013). Any IP interaction including speech is possibly useful to hackers and vulnerable to
assault. For example, when using Skype, this is not something organizations appear to
consider, but video and voice should be treated as carefully like any other safety and files
risk.
Taking control
Digital data security and privacy should be an immediate privilege for companies, but
they are unfortunately not. For organizations, however, there are methods to grow up and
bring away power, enabling them to experience a personal and secure digital life (Hashizume
et al., 2013). There are solutions like Siccura that allow companies to manage all information
through a centralized administration scheme, synchronize all company telephone records,
monitor all company interaction and information, and encrypt all documents.
People
Quite often, individuals in the protection chain are the fragile connection. It is not
always harmful, but an enormous source of cyber threats and violations of information is
11CLOUD SECURITY
human error (Rittinghouse & Ransome, 2017). Something as easy as transferring data to the
incorrect email address, leaving a mobile or laptop or using standard passwords can cause
enormous problems. Then there are circumstances in which staff deliberately trigger safety
assaults or spill information. Fortunately, important measures can be taken by organizations
to assist mitigate risks to cyber safety and data privacy.
Covering all records
There are too many methods that assaults and breaches can happen, taking benefit of a
alternative that can address not just text, but text messages, SMS, speech and text calls,
computers, and any records and data placed on cloud, regional and adjustable memory across
a broad spectrum of systems is essential for any extensive safety approach (Jiang et al.,
2014). It is also essential for organizations to think whether the organization have the
capacity to hold away, restrict entry to and ruin information if needed, for instance if an
worker leaves or if the computer of an worker that they used to contact business messages is
wasted.
Creating a safety environment
A powerful feeling of safety across the company is a crucial component of
safeguarding organizations from assaults and breaches of information (Di Martino, Cretella &
Esposito, 2014). Every worker should be conscious of the appropriate hazards and threats and
their function in minimizing them.
Risks and Threats to the Privacy after moving to SaaS application
User’s visibility and control have been decreased. Organizations lose some
transparency and influence over these operations when transferring assets activities to the
cloud. The responsible for some of the strategies and facilities shifts to the CSP when using
real cloud facilities.
human error (Rittinghouse & Ransome, 2017). Something as easy as transferring data to the
incorrect email address, leaving a mobile or laptop or using standard passwords can cause
enormous problems. Then there are circumstances in which staff deliberately trigger safety
assaults or spill information. Fortunately, important measures can be taken by organizations
to assist mitigate risks to cyber safety and data privacy.
Covering all records
There are too many methods that assaults and breaches can happen, taking benefit of a
alternative that can address not just text, but text messages, SMS, speech and text calls,
computers, and any records and data placed on cloud, regional and adjustable memory across
a broad spectrum of systems is essential for any extensive safety approach (Jiang et al.,
2014). It is also essential for organizations to think whether the organization have the
capacity to hold away, restrict entry to and ruin information if needed, for instance if an
worker leaves or if the computer of an worker that they used to contact business messages is
wasted.
Creating a safety environment
A powerful feeling of safety across the company is a crucial component of
safeguarding organizations from assaults and breaches of information (Di Martino, Cretella &
Esposito, 2014). Every worker should be conscious of the appropriate hazards and threats and
their function in minimizing them.
Risks and Threats to the Privacy after moving to SaaS application
User’s visibility and control have been decreased. Organizations lose some
transparency and influence over these operations when transferring assets activities to the
cloud. The responsible for some of the strategies and facilities shifts to the CSP when using
real cloud facilities.
12CLOUD SECURITY
The real change of accountability relies on the cloud storage service model used,
resulting in a fundamental shift in safety surveillance and recording for organizations (Tang
& Liu, 2015). Organizations need to monitor and analyze information about apps, facilities,
data, and customers without the use of network based surveillance and recording accessible
for IT on-site.
Self-service on-demand facilitates unauthorized use. CSPs render providing fresh facilities
very simple. The cloud's on-demand self-service disaster recovery characteristics allow the
staff of an organization to provide extra facilities without IT department of DAS permission
from the CSP of the agency (Kalloniatis, Mouratidis & Islam, 2013). In an organization that
is not endorsed by the IT division of the organization, the exercise of using computers is
frequently referred to as silhouette IT of DAS.
The likelihood of unlawful use of cloud computing storage services rises due to the
reduced expenses and convenience of applying SaaS and PaaS products. Services provided or
used without awareness of IT, however, pose an organization with hazards. Using unlawful
cloud based services could lead to a rise in malware diseases or information ex filtration as
the organization is unable to safeguard funds that it is not aware of. Using unlawful cloud
services also reduces the accessibility and command of your network and information by an
organization.
Deletion of data is incomplete. Data deletion threats occur because the customer has
decreased awareness where their information is physically collected throughout the cloud as
well as the capacity to check the safe deletion of their information has been decreased. This
danger is worrying because in a long-tenancy area, the information is distributed across a
variety of distinct processing systems within the premises of the CSP. Furthermore, deletion
processes may vary from supplier to supplier. Organizations may not be prepared to confirm
The real change of accountability relies on the cloud storage service model used,
resulting in a fundamental shift in safety surveillance and recording for organizations (Tang
& Liu, 2015). Organizations need to monitor and analyze information about apps, facilities,
data, and customers without the use of network based surveillance and recording accessible
for IT on-site.
Self-service on-demand facilitates unauthorized use. CSPs render providing fresh facilities
very simple. The cloud's on-demand self-service disaster recovery characteristics allow the
staff of an organization to provide extra facilities without IT department of DAS permission
from the CSP of the agency (Kalloniatis, Mouratidis & Islam, 2013). In an organization that
is not endorsed by the IT division of the organization, the exercise of using computers is
frequently referred to as silhouette IT of DAS.
The likelihood of unlawful use of cloud computing storage services rises due to the
reduced expenses and convenience of applying SaaS and PaaS products. Services provided or
used without awareness of IT, however, pose an organization with hazards. Using unlawful
cloud based services could lead to a rise in malware diseases or information ex filtration as
the organization is unable to safeguard funds that it is not aware of. Using unlawful cloud
services also reduces the accessibility and command of your network and information by an
organization.
Deletion of data is incomplete. Data deletion threats occur because the customer has
decreased awareness where their information is physically collected throughout the cloud as
well as the capacity to check the safe deletion of their information has been decreased. This
danger is worrying because in a long-tenancy area, the information is distributed across a
variety of distinct processing systems within the premises of the CSP. Furthermore, deletion
processes may vary from supplier to supplier. Organizations may not be prepared to confirm
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
13CLOUD SECURITY
that their information has been erased safely and that information remains are unavailable to
attackers. This risk rises as more CSP facilities are used by an organization.
The following are the threats that need to be addressed by organizations for both
cloud and on site IT data centers.
Credentials are being robbed. If an intruder gets access to the cloud records of a user,
the intruder can tap the facilities of the CSP to provide extra funds if qualifications permit
entry to the provisioning and aim the property of the organization.
Resources of cloud computing could be used by the attacker to target administrative
users of the organization, other organizations that use the same CSP, or administrators of the
CSP. An intruder gaining entry to the web records of a CSP administrator can use those
identities to enter the processes and information of the agency (Tiwari & Joshi, 2014). The
duties of administrators differ from one CSP to another. The CSP administrator has entry to
the systems, CSP network and application of the infrastructure of the CSP, while the
administrators of the user have access to the cloud implementations of the organization. The
CSP administrator essentially has administrative privileges over than one client and promotes
various facilities.
The stored information is lost. For purposes other than harmful assaults, data
deposited in the cloud may be wasted. Accidental deletion of information or a physical
disaster, such as a flame or earthquake in SaaS may result in continuous failure of client
information. The responsibility of preventing destruction of information does not rest on the
backs of the provider alone. If a client encrypts their information before uploading to the
cloud but drops the button for encryption, the information will be wasted. Furthermore,
insufficient knowledge of the storage model of a CSP can lead in failure of information.
that their information has been erased safely and that information remains are unavailable to
attackers. This risk rises as more CSP facilities are used by an organization.
The following are the threats that need to be addressed by organizations for both
cloud and on site IT data centers.
Credentials are being robbed. If an intruder gets access to the cloud records of a user,
the intruder can tap the facilities of the CSP to provide extra funds if qualifications permit
entry to the provisioning and aim the property of the organization.
Resources of cloud computing could be used by the attacker to target administrative
users of the organization, other organizations that use the same CSP, or administrators of the
CSP. An intruder gaining entry to the web records of a CSP administrator can use those
identities to enter the processes and information of the agency (Tiwari & Joshi, 2014). The
duties of administrators differ from one CSP to another. The CSP administrator has entry to
the systems, CSP network and application of the infrastructure of the CSP, while the
administrators of the user have access to the cloud implementations of the organization. The
CSP administrator essentially has administrative privileges over than one client and promotes
various facilities.
The stored information is lost. For purposes other than harmful assaults, data
deposited in the cloud may be wasted. Accidental deletion of information or a physical
disaster, such as a flame or earthquake in SaaS may result in continuous failure of client
information. The responsibility of preventing destruction of information does not rest on the
backs of the provider alone. If a client encrypts their information before uploading to the
cloud but drops the button for encryption, the information will be wasted. Furthermore,
insufficient knowledge of the storage model of a CSP can lead in failure of information.
14CLOUD SECURITY
Assessment of the Threats and Risks to Privacy to Employee Data
To select a appropriate structure of safety, the amount of privacy is described to chart
the privacy demand of customers. Users may configure the amount of privacy based on the
amount of delicate data they want and the degree of privacy they want (Theoharidou, Tsalis
& Gritzalis, 2013). The amount of privacy is classified into three stages:
Security
The data includes the most significant information at this stage of protection. Users
tend to sacrifice more efficiency to guarantee confidentiality in attempt to safeguard data
security.
Hybrid
This tier restriction shows that some delicate information is included in the data. If the
data utilizes the soft protective encryption, consumers will care about the simple disclosure of
delicate information. However, users want to not be too affected by the results of needing
cloud services.
Speed
This tier condition provides that the records do not contain delicate information. Users
are willing to use the fragile structure of encryption to achieve higher efficiency when using
cloud services.
Digital Identity Issues
Policy based confidence is used to create confidence between organizations in
computer security. We also clarified that, until demonstrated otherwise, digital identity is
conditional on an individual and statements are expected to be dubious (Saini & Mann,
2014). In reality, it is possible to attack digital information of the employees just as true
Assessment of the Threats and Risks to Privacy to Employee Data
To select a appropriate structure of safety, the amount of privacy is described to chart
the privacy demand of customers. Users may configure the amount of privacy based on the
amount of delicate data they want and the degree of privacy they want (Theoharidou, Tsalis
& Gritzalis, 2013). The amount of privacy is classified into three stages:
Security
The data includes the most significant information at this stage of protection. Users
tend to sacrifice more efficiency to guarantee confidentiality in attempt to safeguard data
security.
Hybrid
This tier restriction shows that some delicate information is included in the data. If the
data utilizes the soft protective encryption, consumers will care about the simple disclosure of
delicate information. However, users want to not be too affected by the results of needing
cloud services.
Speed
This tier condition provides that the records do not contain delicate information. Users
are willing to use the fragile structure of encryption to achieve higher efficiency when using
cloud services.
Digital Identity Issues
Policy based confidence is used to create confidence between organizations in
computer security. We also clarified that, until demonstrated otherwise, digital identity is
conditional on an individual and statements are expected to be dubious (Saini & Mann,
2014). In reality, it is possible to attack digital information of the employees just as true
15CLOUD SECURITY
identities. One can use false identification records in the true globe, or a disguise that can
change an observer's judgment. The safety requirements for digital information as well as the
privacy properties that can safeguard the digital information from these attacks.
Risks and Threats to the digital identities of employees
Identity theft
Authentication Identity robbery is the first danger to be subjected. The phishing
assault which consists of impersonating a page and inviting people to sign in with their digital
identification is an overview of this risk. For the next time, the obtained identification will be
used in the legitimate website for impersonating the users. Authentication is the safety estate
that suits the danger of identity theft (Modi et al., 2013). In many safety norms, this well-
known asset is described. Authentication involves verifying an entity's digital identification.
Four authentication classes are usually defined for this purpose: what does the entity
own, what does the the entity knows, what the entity is, and what does the entity do. A
subgroup of demands comprising the electronic image must apply to one or more of these
categories in order to authenticate the company displaying a digital identification. For
instance, a security code belongs to the group of knowledge and to the class of being a finger
print data. A strong authentication requires position when the requests apply to at least two of
the categories. An immediate response to that safety estate is the digital identification.
However, it is simple to observe that the digital identification must be guarded as sensitive
information.
Identity tampering
Trust-building authenticity requires an individual to ensure that an intruder could not
manipulate the allegations about the organization he wishes to define. In handling
allegations, which are used for verification, it is particularly crucial. The integrity ownership
identities. One can use false identification records in the true globe, or a disguise that can
change an observer's judgment. The safety requirements for digital information as well as the
privacy properties that can safeguard the digital information from these attacks.
Risks and Threats to the digital identities of employees
Identity theft
Authentication Identity robbery is the first danger to be subjected. The phishing
assault which consists of impersonating a page and inviting people to sign in with their digital
identification is an overview of this risk. For the next time, the obtained identification will be
used in the legitimate website for impersonating the users. Authentication is the safety estate
that suits the danger of identity theft (Modi et al., 2013). In many safety norms, this well-
known asset is described. Authentication involves verifying an entity's digital identification.
Four authentication classes are usually defined for this purpose: what does the entity
own, what does the the entity knows, what the entity is, and what does the entity do. A
subgroup of demands comprising the electronic image must apply to one or more of these
categories in order to authenticate the company displaying a digital identification. For
instance, a security code belongs to the group of knowledge and to the class of being a finger
print data. A strong authentication requires position when the requests apply to at least two of
the categories. An immediate response to that safety estate is the digital identification.
However, it is simple to observe that the digital identification must be guarded as sensitive
information.
Identity tampering
Trust-building authenticity requires an individual to ensure that an intruder could not
manipulate the allegations about the organization he wishes to define. In handling
allegations, which are used for verification, it is particularly crucial. The integrity ownership
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
16CLOUD SECURITY
can discourage this kind of assault on a digital identification by ensuring that between the
moments the viewer reads it and the moment it was published, information has not been
changed. Many norms have been suggested for this purpose. The overall concept is focused
on the use between both the sender and receiver of a secret key distribution. With this button,
the sender calculates a text MAC and gives it with the email. The receiver also calculates the
message's MAC and relates it to the email obtained. If the two keys are same, the receiver
will be ensured that the signal has not been changed and ensured of validity because the code
is known to that sender only. It is also possible to use digital identification to guarantee
validity (Calabrese & Cannataro, 2015). The sender as well as the receiver, based on
asymmetric cryptography, has both a personal and a public key that is used to register emails
and check the record, respectively.
Personal information theft
Confidentiality Data theft is another danger that targets digital identity. In reality, we
have described a digital identity as a collection of object statements, these allegations can be
delicate information like passwords or biometric information that must stay confidential. The
privacy property ensures that the information of a message is accessed only by the intended
entities (Sharma & Batra, 2016). The usual way of realizing that the asset is encrypting the
emails. It is possible to use the two families of cryptographic methods such
as symmetric and asymmetric
Privilege escalation
Authorization as described, the digital identification also covers the assets of the
approval. The demands can actually convey the capabilities of the organization so that they
can relate to particular freedoms. However, most of the situation, capability statements are
not used and private data freedoms are described in particular separate privacy policies
(Gouglidis, Mavridis & Hu, 2014). This is the situation with the standard method of access
can discourage this kind of assault on a digital identification by ensuring that between the
moments the viewer reads it and the moment it was published, information has not been
changed. Many norms have been suggested for this purpose. The overall concept is focused
on the use between both the sender and receiver of a secret key distribution. With this button,
the sender calculates a text MAC and gives it with the email. The receiver also calculates the
message's MAC and relates it to the email obtained. If the two keys are same, the receiver
will be ensured that the signal has not been changed and ensured of validity because the code
is known to that sender only. It is also possible to use digital identification to guarantee
validity (Calabrese & Cannataro, 2015). The sender as well as the receiver, based on
asymmetric cryptography, has both a personal and a public key that is used to register emails
and check the record, respectively.
Personal information theft
Confidentiality Data theft is another danger that targets digital identity. In reality, we
have described a digital identity as a collection of object statements, these allegations can be
delicate information like passwords or biometric information that must stay confidential. The
privacy property ensures that the information of a message is accessed only by the intended
entities (Sharma & Batra, 2016). The usual way of realizing that the asset is encrypting the
emails. It is possible to use the two families of cryptographic methods such
as symmetric and asymmetric
Privilege escalation
Authorization as described, the digital identification also covers the assets of the
approval. The demands can actually convey the capabilities of the organization so that they
can relate to particular freedoms. However, most of the situation, capability statements are
not used and private data freedoms are described in particular separate privacy policies
(Gouglidis, Mavridis & Hu, 2014). This is the situation with the standard method of access
17CLOUD SECURITY
control. The risk connected with the ownership of the permission is called privilege
escalation, an assaulted person attempts to gain more important privileges to a scheme. In
attempt to impersonate another organization with more privileges, it can be accomplished by
changing its demands for ability or other demands.
Misuse of identity
Revocation can alter over moment just like their true peers, the allegations of
identification (Hashizume et al., 2013). For example, if any person moves his right of access
may change in the event of a mutation, the address of mailing may change. It is vital to allow
it to be withdrawn while using the digital identification to acquire sensitive data. It
assumption claims has a duration of legitimacy and that a termination system remains to
avoid its use. Also essential for protecting a person in the event of identification theft is the
revocation estate.
Conclusion
This paper concludes that HR and personnel database software application and its
migration to SaaS are variables and the design of the SaaS designs have not yet matured. This
study explains that these methods are increasingly needed for the organization. DAS is
planning to shift their database to SaaS for better security and privacy purpose for the
employees. After the change in government strategy, DAS chose to move to the cloud
computing system's shared service. As a consequence, all agencies will need to transfer their
facilities to DAS as their services can be consolidated by DAS. Another public strategy has
begun to mandate the web computing to update the application system. In order to provide a
SaaS alternative, DAS plans to buy a staff and HR management implementation. The reason
why DAS should implement the HR database into SaaS are In embracing cloud computing,
lower servicing costs, particularly for databases, are often the first concern. It is very
control. The risk connected with the ownership of the permission is called privilege
escalation, an assaulted person attempts to gain more important privileges to a scheme. In
attempt to impersonate another organization with more privileges, it can be accomplished by
changing its demands for ability or other demands.
Misuse of identity
Revocation can alter over moment just like their true peers, the allegations of
identification (Hashizume et al., 2013). For example, if any person moves his right of access
may change in the event of a mutation, the address of mailing may change. It is vital to allow
it to be withdrawn while using the digital identification to acquire sensitive data. It
assumption claims has a duration of legitimacy and that a termination system remains to
avoid its use. Also essential for protecting a person in the event of identification theft is the
revocation estate.
Conclusion
This paper concludes that HR and personnel database software application and its
migration to SaaS are variables and the design of the SaaS designs have not yet matured. This
study explains that these methods are increasingly needed for the organization. DAS is
planning to shift their database to SaaS for better security and privacy purpose for the
employees. After the change in government strategy, DAS chose to move to the cloud
computing system's shared service. As a consequence, all agencies will need to transfer their
facilities to DAS as their services can be consolidated by DAS. Another public strategy has
begun to mandate the web computing to update the application system. In order to provide a
SaaS alternative, DAS plans to buy a staff and HR management implementation. The reason
why DAS should implement the HR database into SaaS are In embracing cloud computing,
lower servicing costs, particularly for databases, are often the first concern. It is very
18CLOUD SECURITY
attractive to indefinitely eliminate a large portion of software and hardware capital expenses.
Redundancy and reliability for cloud implementation are significant factors. With dozens or
hundreds of information centers around the world, the majority of SaaS providers is highly
reliable and prices their clients. Providers employ big amounts of administrators to operate
the data centers of DAS and guarantee a single line of error is not present. Flexibility is the
fringe benefit of working in the cloud, where the ability to scale up and back down quickly
keeps needs and resources closely matched.
When moving to the SaaS, DAS needs to consider multiple variables including
economic, legal, safety, operational and technical hazards and advantages, as well as overall
HR database management system interventions. The SaaS field is maturing, and SLA offers
eliminate the most perceptible safety and legal issues in past years. These dangers may still
occur, however, based on the SaaS provider selected or the legal limitations affecting its
strategic location. Once deemed a one time job, moving has now become a long term
undertaking n SaaS by DAS. This has an impact on the organization in various ways in terms
of the technology and expertise required, economic factors and the impact that future
conversion in SaaS can have on the employees of the organization. These aspects will
provide the organization to handle and monitor the HR database application and
implementation with ease and more security.
attractive to indefinitely eliminate a large portion of software and hardware capital expenses.
Redundancy and reliability for cloud implementation are significant factors. With dozens or
hundreds of information centers around the world, the majority of SaaS providers is highly
reliable and prices their clients. Providers employ big amounts of administrators to operate
the data centers of DAS and guarantee a single line of error is not present. Flexibility is the
fringe benefit of working in the cloud, where the ability to scale up and back down quickly
keeps needs and resources closely matched.
When moving to the SaaS, DAS needs to consider multiple variables including
economic, legal, safety, operational and technical hazards and advantages, as well as overall
HR database management system interventions. The SaaS field is maturing, and SLA offers
eliminate the most perceptible safety and legal issues in past years. These dangers may still
occur, however, based on the SaaS provider selected or the legal limitations affecting its
strategic location. Once deemed a one time job, moving has now become a long term
undertaking n SaaS by DAS. This has an impact on the organization in various ways in terms
of the technology and expertise required, economic factors and the impact that future
conversion in SaaS can have on the employees of the organization. These aspects will
provide the organization to handle and monitor the HR database application and
implementation with ease and more security.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
19CLOUD SECURITY
References
Alam, T. (2019). Middleware Implementation in Cloud-MANET Mobility Model for Internet
of Smart Devices. arXiv preprint arXiv:1902.09744.
Aleem, A., & Sprott, C. R. (2013). Let me in the cloud: analysis of the benefit and risk
assessment of cloud platform. Journal of Financial Crime.
Calabrese, B., & Cannataro, M. (2015). Bioinformatics and microarray data analysis on the
cloud. In Microarray Data Analysis (pp. 25-39). Humana Press, New York, NY.
Chou, D. C. (2015). Cloud computing: A value creation model. Computer Standards &
Interfaces, 38, 72-77.
Chou, T. S. (2013). Security threats on cloud computing vulnerabilities. International Journal
of Computer Science & Information Technology, 5(3), 79.
Di Martino, B., Cretella, G., & Esposito, A. (2014, July). Towards a unified OWL ontology
of cloud vendors' appliances and services at paas and saas level. In 2014 Eighth
International Conference on Complex, Intelligent and Software Intensive Systems (pp.
570-575). IEEE.
Gouglidis, A., Mavridis, I., & Hu, V. C. (2014). Security policy verification for multi-
domains in cloud systems. International Journal of Information Security, 13(2), 97-
111.
Hashizume, K., Rosado, D. G., Fernández-Medina, E., & Fernandez, E. B. (2013). An
analysis of security issues for cloud computing. Journal of internet services and
applications, 4(1), 5.
References
Alam, T. (2019). Middleware Implementation in Cloud-MANET Mobility Model for Internet
of Smart Devices. arXiv preprint arXiv:1902.09744.
Aleem, A., & Sprott, C. R. (2013). Let me in the cloud: analysis of the benefit and risk
assessment of cloud platform. Journal of Financial Crime.
Calabrese, B., & Cannataro, M. (2015). Bioinformatics and microarray data analysis on the
cloud. In Microarray Data Analysis (pp. 25-39). Humana Press, New York, NY.
Chou, D. C. (2015). Cloud computing: A value creation model. Computer Standards &
Interfaces, 38, 72-77.
Chou, T. S. (2013). Security threats on cloud computing vulnerabilities. International Journal
of Computer Science & Information Technology, 5(3), 79.
Di Martino, B., Cretella, G., & Esposito, A. (2014, July). Towards a unified OWL ontology
of cloud vendors' appliances and services at paas and saas level. In 2014 Eighth
International Conference on Complex, Intelligent and Software Intensive Systems (pp.
570-575). IEEE.
Gouglidis, A., Mavridis, I., & Hu, V. C. (2014). Security policy verification for multi-
domains in cloud systems. International Journal of Information Security, 13(2), 97-
111.
Hashizume, K., Rosado, D. G., Fernández-Medina, E., & Fernandez, E. B. (2013). An
analysis of security issues for cloud computing. Journal of internet services and
applications, 4(1), 5.
20CLOUD SECURITY
Hashizume, K., Rosado, D. G., Fernández-Medina, E., & Fernandez, E. B. (2013). An
analysis of security issues for cloud computing. Journal of internet services and
applications, 4(1), 5.
Hill, D. G. (2016). Data protection: Governance, risk management, and compliance. CRC
Press.
Jiang, L., Da Xu, L., Cai, H., Jiang, Z., Bu, F., & Xu, B. (2014). An IoT-oriented data storage
framework in cloud computing platform. IEEE Transactions on Industrial
Informatics, 10(2), 1443-1451.
Kalloniatis, C., Mouratidis, H., & Islam, S. (2013). Evaluating cloud deployment scenarios
based on security and privacy requirements. Requirements Engineering, 18(4), 299-
319.
Kulkarni, G. U. R. U. D. A. T. T., Jadhav, M. A. H. E. S. H. C. H. A. N. D. R. A., Bhuse, S.
A. D. A. N. A. N. D., Bankar, H., & Sushma, A. A. (2013). Communication as service
cloud. Int. J. Comput. Network, 3, 149-156.
Millard, C. J. (Ed.). (2013). Cloud computing law. Oxford: Oxford University Press.
Modi, C., Patel, D., Borisaniya, B., Patel, A., & Rajarajan, M. (2013). A survey on security
issues and solutions at different layers of Cloud computing. The journal of
supercomputing, 63(2), 561-592.
Parekh, D. H., & Sridaran, R. (2013). An analysis of security challenges in cloud
computing. IJACSA) International Journal of Advanced Computer Science and
Applications, 4(1).
Hashizume, K., Rosado, D. G., Fernández-Medina, E., & Fernandez, E. B. (2013). An
analysis of security issues for cloud computing. Journal of internet services and
applications, 4(1), 5.
Hill, D. G. (2016). Data protection: Governance, risk management, and compliance. CRC
Press.
Jiang, L., Da Xu, L., Cai, H., Jiang, Z., Bu, F., & Xu, B. (2014). An IoT-oriented data storage
framework in cloud computing platform. IEEE Transactions on Industrial
Informatics, 10(2), 1443-1451.
Kalloniatis, C., Mouratidis, H., & Islam, S. (2013). Evaluating cloud deployment scenarios
based on security and privacy requirements. Requirements Engineering, 18(4), 299-
319.
Kulkarni, G. U. R. U. D. A. T. T., Jadhav, M. A. H. E. S. H. C. H. A. N. D. R. A., Bhuse, S.
A. D. A. N. A. N. D., Bankar, H., & Sushma, A. A. (2013). Communication as service
cloud. Int. J. Comput. Network, 3, 149-156.
Millard, C. J. (Ed.). (2013). Cloud computing law. Oxford: Oxford University Press.
Modi, C., Patel, D., Borisaniya, B., Patel, A., & Rajarajan, M. (2013). A survey on security
issues and solutions at different layers of Cloud computing. The journal of
supercomputing, 63(2), 561-592.
Parekh, D. H., & Sridaran, R. (2013). An analysis of security challenges in cloud
computing. IJACSA) International Journal of Advanced Computer Science and
Applications, 4(1).
21CLOUD SECURITY
Pearson, S. (2013). Privacy, security and trust in cloud computing. In Privacy and security
for cloud computing (pp. 3-42). Springer, London.
Rabai, L. B. A., Jouini, M., Aissa, A. B., & Mili, A. (2013). A cybersecurity model in cloud
computing environments. Journal of King Saud University-Computer and Information
Sciences, 25(1), 63-75.
Rahman, M., & Cheung, W. M. (2014). Analysis of cloud computing vulnerabilities.
Rao, R. V., & Selvamani, K. (2015). Data security challenges and its solutions in cloud
computing. Procedia Computer Science, 48, 204-209.
Rittinghouse, J. W., & Ransome, J. F. (2017). Cloud computing: implementation,
management, and security. CRC press.
Sadiku, M. N., Musa, S. M., & Momoh, O. D. (2014). Cloud computing: opportunities and
challenges. IEEE potentials, 33(1), 34-36.
Safa, N. S., Sookhak, M., Von Solms, R., Furnell, S., Ghani, N. A., & Herawan, T. (2015).
Information security conscious care behaviour formation in organizations. Computers
& Security, 53, 65-78.
Saini, S., & Mann, D. (2014). Identity Management issues in Cloud Computing. arXiv
preprint arXiv:1406.1033.
Samaras, V., Daskapan, S., Ahmad, R., & Ray, S. K. (2014, November). An enterprise
security architecture for accessing SaaS cloud services with BYOD. In 2014
Australasian Telecommunication Networks and Applications Conference
(ATNAC) (pp. 129-134). IEEE.
Pearson, S. (2013). Privacy, security and trust in cloud computing. In Privacy and security
for cloud computing (pp. 3-42). Springer, London.
Rabai, L. B. A., Jouini, M., Aissa, A. B., & Mili, A. (2013). A cybersecurity model in cloud
computing environments. Journal of King Saud University-Computer and Information
Sciences, 25(1), 63-75.
Rahman, M., & Cheung, W. M. (2014). Analysis of cloud computing vulnerabilities.
Rao, R. V., & Selvamani, K. (2015). Data security challenges and its solutions in cloud
computing. Procedia Computer Science, 48, 204-209.
Rittinghouse, J. W., & Ransome, J. F. (2017). Cloud computing: implementation,
management, and security. CRC press.
Sadiku, M. N., Musa, S. M., & Momoh, O. D. (2014). Cloud computing: opportunities and
challenges. IEEE potentials, 33(1), 34-36.
Safa, N. S., Sookhak, M., Von Solms, R., Furnell, S., Ghani, N. A., & Herawan, T. (2015).
Information security conscious care behaviour formation in organizations. Computers
& Security, 53, 65-78.
Saini, S., & Mann, D. (2014). Identity Management issues in Cloud Computing. arXiv
preprint arXiv:1406.1033.
Samaras, V., Daskapan, S., Ahmad, R., & Ray, S. K. (2014, November). An enterprise
security architecture for accessing SaaS cloud services with BYOD. In 2014
Australasian Telecommunication Networks and Applications Conference
(ATNAC) (pp. 129-134). IEEE.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
22CLOUD SECURITY
Sharma, N., & Batra, S. (2016). Security from insider theft on cloud computing. International
Journal of Science, Engineering and Computer Technology, 6(5), 153.
Sobers, A. (2015). BYOD and the Mobile Enterprise-Organisational challenges and solutions
to adopt BYOD. arXiv preprint arXiv:1512.03911.
Suo, H., Liu, Z., Wan, J., & Zhou, K. (2013, July). Security and privacy in mobile cloud
computing. In 2013 9th International Wireless Communications and Mobile
Computing Conference (IWCMC) (pp. 655-659). IEEE.
Tang, C., & Liu, J. (2015). Selecting a trusted cloud service provider for your SaaS
program. Computers & Security, 50, 60-73.
Theoharidou, M., Papanikolaou, N., Pearson, S., & Gritzalis, D. (2013, December). Privacy
risk, security, accountability in the cloud. In 2013 IEEE 5th International Conference
on Cloud Computing Technology and Science (Vol. 1, pp. 177-184). IEEE.
Theoharidou, M., Tsalis, N., & Gritzalis, D. (2013, June). In cloud we trust: Risk-
Assessment-as-a-Service. In IFIP International Conference on Trust
Management (pp. 100-110). Springer, Berlin, Heidelberg.
Tiwari, P. K., & Joshi, S. (2014, December). A review of data security and privacy issues
over SaaS. In 2014 IEEE International Conference on Computational Intelligence
and Computing Research (pp. 1-6). IEEE.
Sharma, N., & Batra, S. (2016). Security from insider theft on cloud computing. International
Journal of Science, Engineering and Computer Technology, 6(5), 153.
Sobers, A. (2015). BYOD and the Mobile Enterprise-Organisational challenges and solutions
to adopt BYOD. arXiv preprint arXiv:1512.03911.
Suo, H., Liu, Z., Wan, J., & Zhou, K. (2013, July). Security and privacy in mobile cloud
computing. In 2013 9th International Wireless Communications and Mobile
Computing Conference (IWCMC) (pp. 655-659). IEEE.
Tang, C., & Liu, J. (2015). Selecting a trusted cloud service provider for your SaaS
program. Computers & Security, 50, 60-73.
Theoharidou, M., Papanikolaou, N., Pearson, S., & Gritzalis, D. (2013, December). Privacy
risk, security, accountability in the cloud. In 2013 IEEE 5th International Conference
on Cloud Computing Technology and Science (Vol. 1, pp. 177-184). IEEE.
Theoharidou, M., Tsalis, N., & Gritzalis, D. (2013, June). In cloud we trust: Risk-
Assessment-as-a-Service. In IFIP International Conference on Trust
Management (pp. 100-110). Springer, Berlin, Heidelberg.
Tiwari, P. K., & Joshi, S. (2014, December). A review of data security and privacy issues
over SaaS. In 2014 IEEE International Conference on Computational Intelligence
and Computing Research (pp. 1-6). IEEE.
1 out of 23
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.