Data Privacy and Security Challenges
VerifiedAdded on 2020/03/23
|18
|4804
|105
AI Summary
This assignment examines the critical challenges surrounding data privacy and security in the digital age. Students are tasked with analyzing various threats to personal information online, such as leakage through social networks and vulnerabilities in cloud computing. The assignment also requires an exploration of effective mitigation strategies and a discussion on the ethical implications of data protection.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: CLOUD PRIVACY AND SECURITY
CLOUD PRIVACY AND SECURITY
Name of the Student
Name of the University
Author’s Note:
CLOUD PRIVACY AND SECURITY
Name of the Student
Name of the University
Author’s Note:
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1CLOUD PRIVACY AND SECURITY
Executive Summary
This report is all about personal identification information and personal data protection by
Department of Administrative service which claims to provide a various number of services to
the state government of Australia. These services emphasize in certain areas like HR, personal
management, payroll, contract and contractor management. As there is change in the policy of
the government, DAS is now emphasizing on the use of shared services. The government has
now decided to use portal named My License for renewal of license. It also helps in keeping a
track of the fact that government can easily keep an eye on the type of license that each citizen
holds.
Various key points like threat and risk assessment for personally identifiable information data on
the portal of My License with both the privacy and data protection of it with solution to control
risk, Strategies to control informal digital identity, privacy and data protection part of digital
identity has been discussed.
Executive Summary
This report is all about personal identification information and personal data protection by
Department of Administrative service which claims to provide a various number of services to
the state government of Australia. These services emphasize in certain areas like HR, personal
management, payroll, contract and contractor management. As there is change in the policy of
the government, DAS is now emphasizing on the use of shared services. The government has
now decided to use portal named My License for renewal of license. It also helps in keeping a
track of the fact that government can easily keep an eye on the type of license that each citizen
holds.
Various key points like threat and risk assessment for personally identifiable information data on
the portal of My License with both the privacy and data protection of it with solution to control
risk, Strategies to control informal digital identity, privacy and data protection part of digital
identity has been discussed.
2CLOUD PRIVACY AND SECURITY
Table of Contents
Executive Summary.............................................................................................................1
Introduction..........................................................................................................................3
Discussion............................................................................................................................4
Threat and risk Assessment.................................................................................................4
Privacy and Data protection.................................................................................................5
Mitigation to overcome the identified problems.............................................................6
Protection of Informal Digital identity................................................................................7
Privacy and data protection aspects for a digital identity................................................8
Outline plan.........................................................................................................................9
Personal data and PII data for DAS users......................................................................10
PII data and Financial data for user...............................................................................11
DAS staff in COTS payroll suite...................................................................................12
Conclusion.........................................................................................................................13
References..........................................................................................................................14
Table of Contents
Executive Summary.............................................................................................................1
Introduction..........................................................................................................................3
Discussion............................................................................................................................4
Threat and risk Assessment.................................................................................................4
Privacy and Data protection.................................................................................................5
Mitigation to overcome the identified problems.............................................................6
Protection of Informal Digital identity................................................................................7
Privacy and data protection aspects for a digital identity................................................8
Outline plan.........................................................................................................................9
Personal data and PII data for DAS users......................................................................10
PII data and Financial data for user...............................................................................11
DAS staff in COTS payroll suite...................................................................................12
Conclusion.........................................................................................................................13
References..........................................................................................................................14
3CLOUD PRIVACY AND SECURITY
Introduction
This report is all about personal identification information and personal data protection
by Department of Administrative service which claims to provide a various number of services
to the state government of Australia (Al-Fedaghi & Al-Azmi, 2012). These services emphasize
in certain areas like HR, personal management, payroll, contract and contractor management. As
there is change in the policy of the government, DAS is now emphasizing on the use of shared
services (Chakravorty, Wlodarczyk & Rong, 2013). This highlights on the fact that DAS is now
focusing on building a centralized service system for the government. Various agencies who run
services are required to collect its data into centralized data of DAS (Theoharidou, Mylonas &
Gritzalis, 2012). It relates to the implementation SaaS HR, personnel management suite, SaaS
contractor management suite, Cots payroll solution in the AWS cloud.
The government has now decided to use portal named My License for renewal of license.
It also promotes the idea that government can easily keep an eye on the type of license that each
citizen holds (Bryant, 2013). Government introduces certain plan to register on My license portal
and make their own informal digital identity (Cavoukian & Jonas, 2012). The data stored in the
database can be used to for better planning and decision making by various government bodies
and public agencies (Venkatanathan et al., 2013).
Various key points like threat and risk assessment for personally identifiable information
data on the portal of My License with both the privacy and data protection of it with solution to
control risk, Strategies to control informal digital identity, privacy and data protection part of
digital identity has been discussed (Barocas & Nissenbaum, 2014). Outline plan for the
Introduction
This report is all about personal identification information and personal data protection
by Department of Administrative service which claims to provide a various number of services
to the state government of Australia (Al-Fedaghi & Al-Azmi, 2012). These services emphasize
in certain areas like HR, personal management, payroll, contract and contractor management. As
there is change in the policy of the government, DAS is now emphasizing on the use of shared
services (Chakravorty, Wlodarczyk & Rong, 2013). This highlights on the fact that DAS is now
focusing on building a centralized service system for the government. Various agencies who run
services are required to collect its data into centralized data of DAS (Theoharidou, Mylonas &
Gritzalis, 2012). It relates to the implementation SaaS HR, personnel management suite, SaaS
contractor management suite, Cots payroll solution in the AWS cloud.
The government has now decided to use portal named My License for renewal of license.
It also promotes the idea that government can easily keep an eye on the type of license that each
citizen holds (Bryant, 2013). Government introduces certain plan to register on My license portal
and make their own informal digital identity (Cavoukian & Jonas, 2012). The data stored in the
database can be used to for better planning and decision making by various government bodies
and public agencies (Venkatanathan et al., 2013).
Various key points like threat and risk assessment for personally identifiable information
data on the portal of My License with both the privacy and data protection of it with solution to
control risk, Strategies to control informal digital identity, privacy and data protection part of
digital identity has been discussed (Barocas & Nissenbaum, 2014). Outline plan for the
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4CLOUD PRIVACY AND SECURITY
governance of PII data and digital identity with personal data and PII data for contractor in the
contractor management suite has also been discussed.
Discussion
Department of Administrative service (DAS) which provide a number of services like
HR and personnel management, payroll, contract and contractor management to other
department of government of Australia (Louw & von Solms, 2013). DAS is now planning move
into shared services which ultimately relates to the fact that it will centralize a large number of
services for the whole government (Cavoukian & Jonas, 2012). Government has now planned to
introduce the centralization of application and renewal of license from various agencies into
single web portal known as My license (Smith, 2012). Government plans to encourage various
citizen to register on the portal of My license, renewal dates (Markham & Buchanan, 2012).
Various important points like threat and risk assessment for PII data for the My License portal,
protection of informal digital identity for the creation of My License portal, outline plan for
governance of PII data and digital identity has been discussed in brief (Marwick & Boyd, 2014).
Various other points like threat and risk assessment, privacy and data protection, possible
solution to overcome the given problem, protection of informal digital identity with possible
ways to overcome the problem with outline plan has been discussed (Theoharidou, Mylonas &
Gritzalis, 2012).
Threat and risk Assessment
A threat and risk assessment is nothing but a process for checking the risk to assets and
various threats related to be destroyed accessed and to be modified (Venkatanathan et al., 2013).
TRA checks the risk at the time of upgradation, implementation and after complementation of
various operation of services (Louw & von Solms, 2013). A TRA uses the information of the
governance of PII data and digital identity with personal data and PII data for contractor in the
contractor management suite has also been discussed.
Discussion
Department of Administrative service (DAS) which provide a number of services like
HR and personnel management, payroll, contract and contractor management to other
department of government of Australia (Louw & von Solms, 2013). DAS is now planning move
into shared services which ultimately relates to the fact that it will centralize a large number of
services for the whole government (Cavoukian & Jonas, 2012). Government has now planned to
introduce the centralization of application and renewal of license from various agencies into
single web portal known as My license (Smith, 2012). Government plans to encourage various
citizen to register on the portal of My license, renewal dates (Markham & Buchanan, 2012).
Various important points like threat and risk assessment for PII data for the My License portal,
protection of informal digital identity for the creation of My License portal, outline plan for
governance of PII data and digital identity has been discussed in brief (Marwick & Boyd, 2014).
Various other points like threat and risk assessment, privacy and data protection, possible
solution to overcome the given problem, protection of informal digital identity with possible
ways to overcome the problem with outline plan has been discussed (Theoharidou, Mylonas &
Gritzalis, 2012).
Threat and risk Assessment
A threat and risk assessment is nothing but a process for checking the risk to assets and
various threats related to be destroyed accessed and to be modified (Venkatanathan et al., 2013).
TRA checks the risk at the time of upgradation, implementation and after complementation of
various operation of services (Louw & von Solms, 2013). A TRA uses the information of the
5CLOUD PRIVACY AND SECURITY
given assets and various details of controlling the information through a lifecycle. TRA uses the
data within the scope of TRA and data sensitivity to the risk of discloser, manipulation of data
(Monteleone, 2012). Various risk mitigation techniques which addresses the various
vulnerabilities (Song et al., 2012). PII can be referred to any information that can be used to
identify uniquely, which can be used to locate or contact any individual.
Privacy and Data protection
The way of data loss does not matter on the contrary the cost of breach of data can be
large. Fines can be considered to be well known technique of losing data from any portal like My
License and they can be considered to be very expensive (Chown et al., 2012). There are three
states of data that are data in use, data at rest and data at motion. Data in use is the data which is
present on the endpoints which is used by employees to do their job (Marwick & Boyd, 2014).
Data at rest is the information that is stored on the endpoints, server of files and information
things like exchange server, web server and various SharePoint (Markham & Buchanan, 2012).
Administrator of My License can use following five steps for preventing the loss of data that is
identifying the personal identifiable information and it is duty of administrator to protect the
portal, PII should be on the top of priority list and this location being checked (Monteleone,
2012). Creating an AUP can be beneficial for AUP and educating about the AUP about the
different employees working on this portal. AUP can be beneficial for protecting PII which is on
the portal of this My License (Chen & Zhao, 2012). AUP vary from organization to organization
on the contrary it achieves three goals that are protection of PII data, limitation of the access of
PII and implementation of rules for accessing PII by unauthorized employee on the portal of this
license website that is My License (Louw & von Solms, 2013). The AUP can be beneficial if and
only if the employees have a major part in the protection of PII (Chown et al., 2012). PII can be
given assets and various details of controlling the information through a lifecycle. TRA uses the
data within the scope of TRA and data sensitivity to the risk of discloser, manipulation of data
(Monteleone, 2012). Various risk mitigation techniques which addresses the various
vulnerabilities (Song et al., 2012). PII can be referred to any information that can be used to
identify uniquely, which can be used to locate or contact any individual.
Privacy and Data protection
The way of data loss does not matter on the contrary the cost of breach of data can be
large. Fines can be considered to be well known technique of losing data from any portal like My
License and they can be considered to be very expensive (Chown et al., 2012). There are three
states of data that are data in use, data at rest and data at motion. Data in use is the data which is
present on the endpoints which is used by employees to do their job (Marwick & Boyd, 2014).
Data at rest is the information that is stored on the endpoints, server of files and information
things like exchange server, web server and various SharePoint (Markham & Buchanan, 2012).
Administrator of My License can use following five steps for preventing the loss of data that is
identifying the personal identifiable information and it is duty of administrator to protect the
portal, PII should be on the top of priority list and this location being checked (Monteleone,
2012). Creating an AUP can be beneficial for AUP and educating about the AUP about the
different employees working on this portal. AUP can be beneficial for protecting PII which is on
the portal of this My License (Chen & Zhao, 2012). AUP vary from organization to organization
on the contrary it achieves three goals that are protection of PII data, limitation of the access of
PII and implementation of rules for accessing PII by unauthorized employee on the portal of this
license website that is My License (Louw & von Solms, 2013). The AUP can be beneficial if and
only if the employees have a major part in the protection of PII (Chown et al., 2012). PII can be
6CLOUD PRIVACY AND SECURITY
achieved much in a better way by delivering copies of AUP to the employee of this license portal
and having training sessions. It also on signing of acknowledgement statement and to promising
on the fact that they will follow it(Satchwell, Barton & Hamilton, 2013). This will ultimately
relate to the fact that every employee of this portal must take an active participation in the
implementation of AUP and it also emphasizes on the prevention of data loss and also the loss of
PII.
Mitigation to overcome the identified problems
Possible five steps like encryption, threat protection, prevention of data loss, policy
compliance and blocking can be taken to overcome the problem for the portal of My license
(Chen & Zhao, 2012). Data encryption aims in keeping the data safe, threat protection ensures to
keep the data in the server from different viruses, phishing and other threats, Data loss
prevention will alert him about to send important information that he is about to send a file
containing information of the portal of this website that is My License (Chown et al., 2012).
Policy compliance will block the user from using a browser with a well-known security
technique (Satchwell, Barton & Hamilton, 2013). Lastly, it blocks unknown or anonymous
proxies for various web searches as they allow personal information to be used by the
administrator of the proxy server. Encryption method encrypts USB, CD and various different
removable media devices (Danezis et al., 2015). Threat protection emphasizes on the protection
of endpoint, emails and web vectors with provided security (Markham & Buchanan, 2012). It
detects known and unknown malware and many potential unwanted application (PUA) (Chen &
Zhao, 2012). Prevention of data loss has certain rules that are file mismatching rule, content rule.
File mismatching rule checks the particular action that must be taken which checks the kind of
file the user is trying to access (Chen & Zhao, 2012). Content rule which contains some
achieved much in a better way by delivering copies of AUP to the employee of this license portal
and having training sessions. It also on signing of acknowledgement statement and to promising
on the fact that they will follow it(Satchwell, Barton & Hamilton, 2013). This will ultimately
relate to the fact that every employee of this portal must take an active participation in the
implementation of AUP and it also emphasizes on the prevention of data loss and also the loss of
PII.
Mitigation to overcome the identified problems
Possible five steps like encryption, threat protection, prevention of data loss, policy
compliance and blocking can be taken to overcome the problem for the portal of My license
(Chen & Zhao, 2012). Data encryption aims in keeping the data safe, threat protection ensures to
keep the data in the server from different viruses, phishing and other threats, Data loss
prevention will alert him about to send important information that he is about to send a file
containing information of the portal of this website that is My License (Chown et al., 2012).
Policy compliance will block the user from using a browser with a well-known security
technique (Satchwell, Barton & Hamilton, 2013). Lastly, it blocks unknown or anonymous
proxies for various web searches as they allow personal information to be used by the
administrator of the proxy server. Encryption method encrypts USB, CD and various different
removable media devices (Danezis et al., 2015). Threat protection emphasizes on the protection
of endpoint, emails and web vectors with provided security (Markham & Buchanan, 2012). It
detects known and unknown malware and many potential unwanted application (PUA) (Chen &
Zhao, 2012). Prevention of data loss has certain rules that are file mismatching rule, content rule.
File mismatching rule checks the particular action that must be taken which checks the kind of
file the user is trying to access (Chen & Zhao, 2012). Content rule which contains some
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
7CLOUD PRIVACY AND SECURITY
important data which specifies the various action that can be taken to transfer data that matches
the given definition (Lin et al., 2012). Policy compliance factor develops a list of application that
are needed to be controlled under certain condition for prevention of data against the accidental
transfer of data by various methods like email, online storage and synchronization of smartphone
(Danezis et al., 2015). Various methods can be introduced for controlling web as internet is
considered to be the biggest source of various malwares (Smith, 2012). Policy compliance uses
three devices that is storage, network and short range which is widely used for the accidental
storage and sending of important data. Storage devices include USB, external hard drives, optical
media drives and floppy disk (Chakravorty, Wlodarczyk & Rong, 2013). Network devices are
modems and wireless fidelity that is Wi-Fi interface with 802.11 standard (Marwick & Boyd,
2014). Short range devices which includes Bluetooth technology and infrared for sending and
receiving of data (Venkatanathan et al., 2013).
Protection of Informal Digital identity
An informal digital identity has three components that is identification or registration,
authentication and authorization (Chen & Zhao, 2012). Identification or registration is a process
which allows a user to get an identity which is digital, Authentication process is nothing but the
process of verification of different attributes of identity (Barocas & Nissenbaum, 2014).
Authorization is a process which allow a user to use digital identity for identifying various
electronic transaction and online filling up of the form of this license website. Identification has
four parts that are self-asserted, direct, third party and detailed direct (Chen & Zhao, 2012). Self-
asserted is when the user makes self-assertion of his own identity and no verification is
performed by the third party (Danezis et al., 2015). Third party perform the verification process
and a good example is validating the outputs by a telecomm company (Bryant, 2013).
important data which specifies the various action that can be taken to transfer data that matches
the given definition (Lin et al., 2012). Policy compliance factor develops a list of application that
are needed to be controlled under certain condition for prevention of data against the accidental
transfer of data by various methods like email, online storage and synchronization of smartphone
(Danezis et al., 2015). Various methods can be introduced for controlling web as internet is
considered to be the biggest source of various malwares (Smith, 2012). Policy compliance uses
three devices that is storage, network and short range which is widely used for the accidental
storage and sending of important data. Storage devices include USB, external hard drives, optical
media drives and floppy disk (Chakravorty, Wlodarczyk & Rong, 2013). Network devices are
modems and wireless fidelity that is Wi-Fi interface with 802.11 standard (Marwick & Boyd,
2014). Short range devices which includes Bluetooth technology and infrared for sending and
receiving of data (Venkatanathan et al., 2013).
Protection of Informal Digital identity
An informal digital identity has three components that is identification or registration,
authentication and authorization (Chen & Zhao, 2012). Identification or registration is a process
which allows a user to get an identity which is digital, Authentication process is nothing but the
process of verification of different attributes of identity (Barocas & Nissenbaum, 2014).
Authorization is a process which allow a user to use digital identity for identifying various
electronic transaction and online filling up of the form of this license website. Identification has
four parts that are self-asserted, direct, third party and detailed direct (Chen & Zhao, 2012). Self-
asserted is when the user makes self-assertion of his own identity and no verification is
performed by the third party (Danezis et al., 2015). Third party perform the verification process
and a good example is validating the outputs by a telecomm company (Bryant, 2013).
8CLOUD PRIVACY AND SECURITY
Authentication is nothing but a security process which allow user by using a set of categories that
has one factor authentication, two factor authentication and three factor authentication (Al-
Fedaghi & Al-Azmi, 2012). One factor authentication is usually the most common type of
authentication is the combination of user and password (Ferrari, 2013). Two factor authentication
is a more secure authentication which combines of digital certificate, a fingerprint or passcode
(Li et al., 2014). Three factor is nothing but a combination of all three factors of authentication
process (Lin et al., 2012). The code at the entry can be easily generated by the device which the
user has and it focus on the generation of code in the presence of different biometrics like voice,
fingerprint and scan of retina.
Privacy and data protection aspects for a digital identity
The loss of data of digital identity does not matter on the contrary the price of data breach
can be huge or large. Fines is generally considered to be technique which is used for data loss
from any portal like My license and it is generally considered to be very expensive (Satchwell,
Barton & Hamilton, 2013). There are generally three states of data that is used data, rest data
motion data (Ferrari, 2013). Administrator of My license can use the following five steps
identification of personal identifiable information, it is duty of administrator to protect the portal,
PII should be on the top of the priority list. Creating an AUP can be beneficial for this portal and
educating the different employees working on the portal about the AUP (Lin et al., 2012). AUP
varies from organization to organization and it aims on achieving three goals that is Protection of
personal identifiable information or PII, Limitation on the access of PII and implementing
various rules for accessing PII by any unauthorized employee on the portal of My License (Li et
al., 2014). AUP can be beneficial for the privacy and data protection for digital identity if and
only if various employees of this portal take initiative in the protection of PII (Li et al., 2014). It
Authentication is nothing but a security process which allow user by using a set of categories that
has one factor authentication, two factor authentication and three factor authentication (Al-
Fedaghi & Al-Azmi, 2012). One factor authentication is usually the most common type of
authentication is the combination of user and password (Ferrari, 2013). Two factor authentication
is a more secure authentication which combines of digital certificate, a fingerprint or passcode
(Li et al., 2014). Three factor is nothing but a combination of all three factors of authentication
process (Lin et al., 2012). The code at the entry can be easily generated by the device which the
user has and it focus on the generation of code in the presence of different biometrics like voice,
fingerprint and scan of retina.
Privacy and data protection aspects for a digital identity
The loss of data of digital identity does not matter on the contrary the price of data breach
can be huge or large. Fines is generally considered to be technique which is used for data loss
from any portal like My license and it is generally considered to be very expensive (Satchwell,
Barton & Hamilton, 2013). There are generally three states of data that is used data, rest data
motion data (Ferrari, 2013). Administrator of My license can use the following five steps
identification of personal identifiable information, it is duty of administrator to protect the portal,
PII should be on the top of the priority list. Creating an AUP can be beneficial for this portal and
educating the different employees working on the portal about the AUP (Lin et al., 2012). AUP
varies from organization to organization and it aims on achieving three goals that is Protection of
personal identifiable information or PII, Limitation on the access of PII and implementing
various rules for accessing PII by any unauthorized employee on the portal of My License (Li et
al., 2014). AUP can be beneficial for the privacy and data protection for digital identity if and
only if various employees of this portal take initiative in the protection of PII (Li et al., 2014). It
9CLOUD PRIVACY AND SECURITY
can be achieved in a much better way by providing copies of AUP to the employees of this portal
(Reynolds et al., 2014). This will ultimately focus on signing of acknowledge statement and
promising on the mere fact that they follow it (Ferrari, 2013). It ultimately emphasizes on the
fact that every employee of this portal must take an active participation of the AUP usage and
data loss prevention and loss of privacy aspect of digital identity (Haimes,2015).
Outline plan
The ultimate goal of the governance plan is to check and approve various procedures
which are need for the management and administration of a given project (KoninG et al., 2014).
A proper governance plan is prepared by the help of both procedural and documentation
(Theoharidou, Mylonas & Gritzalis, 2012). The project governance plan has four goals within
the process of project management. These include promoting various things like consistency,
productivity and expectation of various stakeholders (Haimes,2015). Production of proper
deliverables by the help of various pre-defined practices (Venkatanathan et al., 2013).
Empowering stakeholders with various flexible techniques and practices. Establishment of
proper reviews and governance of various plan.
Governance can be considered to be a key factor which consists of practices, steps,
strategies and various decision which can be used for direct execution of project. Project
governance is also known as people and purpose driven process (Song et al., 2012). Project are
governed by various with proper authority and responsibility for carrying out particular steps
(Haimes,2015). There are four steps for the production of governance plan (KoninG et al., 2014).
These are nimble and flexible, clean and concise consistency, explain and justify and accept and
approve. Format of governance plan must be sufficiently flexible for accounting the various sizes
of project (Theoharidou, Mylonas & Gritzalis, 2012). This ultimately relate to the fact that
can be achieved in a much better way by providing copies of AUP to the employees of this portal
(Reynolds et al., 2014). This will ultimately focus on signing of acknowledge statement and
promising on the mere fact that they follow it (Ferrari, 2013). It ultimately emphasizes on the
fact that every employee of this portal must take an active participation of the AUP usage and
data loss prevention and loss of privacy aspect of digital identity (Haimes,2015).
Outline plan
The ultimate goal of the governance plan is to check and approve various procedures
which are need for the management and administration of a given project (KoninG et al., 2014).
A proper governance plan is prepared by the help of both procedural and documentation
(Theoharidou, Mylonas & Gritzalis, 2012). The project governance plan has four goals within
the process of project management. These include promoting various things like consistency,
productivity and expectation of various stakeholders (Haimes,2015). Production of proper
deliverables by the help of various pre-defined practices (Venkatanathan et al., 2013).
Empowering stakeholders with various flexible techniques and practices. Establishment of
proper reviews and governance of various plan.
Governance can be considered to be a key factor which consists of practices, steps,
strategies and various decision which can be used for direct execution of project. Project
governance is also known as people and purpose driven process (Song et al., 2012). Project are
governed by various with proper authority and responsibility for carrying out particular steps
(Haimes,2015). There are four steps for the production of governance plan (KoninG et al., 2014).
These are nimble and flexible, clean and concise consistency, explain and justify and accept and
approve. Format of governance plan must be sufficiently flexible for accounting the various sizes
of project (Theoharidou, Mylonas & Gritzalis, 2012). This ultimately relate to the fact that
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10CLOUD PRIVACY AND SECURITY
smaller, less complex project may not necessarily require the same governance planning for
large, complex projects. Format of governance of plan must provide a clean, proper layout for
the governance variables like resource management, project communication, financial
management and various other matters related to it. Content of governance plan must provide
planned procedure and also provide justification in the various terms of inclusion and exclusion
(Haimes,2015). Format of governance plan must provide the way to get and record various
approvals which ensure the approval and buy in of proper stakeholders.
Personal data and PII data for DAS users
Governance plan can do a certain number of things while dealing with personal
identifiable information and it uses some set standards and procedure for protection of personal
data (Cavoukian & Jonas, 2012). It the duty of developer to avoid putting various sensitive data
containing important or information in various programs (Barocas & Nissenbaum, 2014).
Identification of the person who has the right and power to make changes (KoninG et al., 2014).
It also ensures the privacy and security issue before they are produced (Chakravorty, Wlodarczyk
& Rong, 2013). This will ultimately benefit the user of DAS and bring a lot of benefits for the
portal of My License.
Data breach response plan is an important tool which helps in managing data breach. It is
considered to be framework which puts out certain roles and responsibilities for proper
management of breach of data and various steps taken for managing data breach. The plan
should cover the proper strategy for managing various data breach. This is inclusive of potential
strategies for checking data breach. The plan should provide a clear and proper communication
technique for communication. This is inclusive of various persons will be approached and
managed.
smaller, less complex project may not necessarily require the same governance planning for
large, complex projects. Format of governance of plan must provide a clean, proper layout for
the governance variables like resource management, project communication, financial
management and various other matters related to it. Content of governance plan must provide
planned procedure and also provide justification in the various terms of inclusion and exclusion
(Haimes,2015). Format of governance plan must provide the way to get and record various
approvals which ensure the approval and buy in of proper stakeholders.
Personal data and PII data for DAS users
Governance plan can do a certain number of things while dealing with personal
identifiable information and it uses some set standards and procedure for protection of personal
data (Cavoukian & Jonas, 2012). It the duty of developer to avoid putting various sensitive data
containing important or information in various programs (Barocas & Nissenbaum, 2014).
Identification of the person who has the right and power to make changes (KoninG et al., 2014).
It also ensures the privacy and security issue before they are produced (Chakravorty, Wlodarczyk
& Rong, 2013). This will ultimately benefit the user of DAS and bring a lot of benefits for the
portal of My License.
Data breach response plan is an important tool which helps in managing data breach. It is
considered to be framework which puts out certain roles and responsibilities for proper
management of breach of data and various steps taken for managing data breach. The plan
should cover the proper strategy for managing various data breach. This is inclusive of potential
strategies for checking data breach. The plan should provide a clear and proper communication
technique for communication. This is inclusive of various persons will be approached and
managed.
11CLOUD PRIVACY AND SECURITY
PII data and Financial data for user
Governance plan can easily help the PII data and financial data for the generation of data
assets and it also provide important opportunity for the portal of My License, strategy and
experience of user (Bryant, 2013). Governance data asset can be beneficial as other assets of
enterprise like financial security, cash and human resource. National action plan helps in
promoting transparency, fight against corruption, harness the power of new technologies and
making government better. The plan emphasizes in certain areas like transparency in various
business domain, open data, access to different government plan, participation of plan.
Development of this plan has mainly three phases that is raising awareness, seeking
ideas, Drafting the national action plan. Raising awareness has many public meetings in the year
of 2015 to grow awareness in Australia and this process develops the first action plan of
Australia. Additional awareness about the plan can be created by using platform of social media,
different government websites, teleconferences and emailing. Seeking ideas is a former
consultant process to take new ideas on usage of National Action plan. This is inclusive of
submission process, conversation with stakeholders and a workshop. Various times frames and
consultation and submission are generally published on the internet.
DAS staff in COTS payroll suite
Cots stands for commercial off the shelf product is nothing a product that is merely used
as-is. These products are merely designed in such a way that it can be installed very easily and
perform with the existing components of the system (Al-Fedaghi & Al-Azmi, 2012). One major
advantage that the staff of DAS will get implementation of COTS payroll suite is that it is mass-
produced and has relatively low cost (KoninG et al., 2014).
PII data and Financial data for user
Governance plan can easily help the PII data and financial data for the generation of data
assets and it also provide important opportunity for the portal of My License, strategy and
experience of user (Bryant, 2013). Governance data asset can be beneficial as other assets of
enterprise like financial security, cash and human resource. National action plan helps in
promoting transparency, fight against corruption, harness the power of new technologies and
making government better. The plan emphasizes in certain areas like transparency in various
business domain, open data, access to different government plan, participation of plan.
Development of this plan has mainly three phases that is raising awareness, seeking
ideas, Drafting the national action plan. Raising awareness has many public meetings in the year
of 2015 to grow awareness in Australia and this process develops the first action plan of
Australia. Additional awareness about the plan can be created by using platform of social media,
different government websites, teleconferences and emailing. Seeking ideas is a former
consultant process to take new ideas on usage of National Action plan. This is inclusive of
submission process, conversation with stakeholders and a workshop. Various times frames and
consultation and submission are generally published on the internet.
DAS staff in COTS payroll suite
Cots stands for commercial off the shelf product is nothing a product that is merely used
as-is. These products are merely designed in such a way that it can be installed very easily and
perform with the existing components of the system (Al-Fedaghi & Al-Azmi, 2012). One major
advantage that the staff of DAS will get implementation of COTS payroll suite is that it is mass-
produced and has relatively low cost (KoninG et al., 2014).
12CLOUD PRIVACY AND SECURITY
Simple method is established where various routines, methods were established and it
comprises of standard services which is better services which is known as commercial of the
shelf (COTS). In this process the level of risk is minimum, various goods and services does not
need or require any development. Special advice on legal and financial consideration is not
required in general.
Conclusion
From the above discussion it can be stated that the department of Administrative service
that is DAS of Australian state government provides certain services like HR and personnel
management, payroll, contract tendering management. As there is change in the policy of
government DAS is now focusing on the implementation of Shared services which ultimately
relates to fact that DAS will centralize a number of services. The government has now decided to
use portal named My License for renewal of license. It also highlight on the fact the government
can easily keep an eye on the type of license that each citizen holds. Government introduces
certain plan to register on My license portal and make their own informal digital identity. The
data stored in the database can be used to for better planning and decision making by various
government bodies and public agencies. Various has been discussed in detail for the
development of threat and risk assessment for the given licensee portal that is My License. TRA
has considered both the privacy and data protection part of personal identifiable information in
the portal of this website with possible solution has been discussed in brief. Strategy for the
protection of informal digital identity for the creation of My license portal with possible solution
has been discussed. Outline plan for the governance of PII data and digital identity has been
discussed for the portal of My License. Other key points like personal data and PII data for DAS
user of HR personnel management, contractor management suite has been discussed briefly. PII
Simple method is established where various routines, methods were established and it
comprises of standard services which is better services which is known as commercial of the
shelf (COTS). In this process the level of risk is minimum, various goods and services does not
need or require any development. Special advice on legal and financial consideration is not
required in general.
Conclusion
From the above discussion it can be stated that the department of Administrative service
that is DAS of Australian state government provides certain services like HR and personnel
management, payroll, contract tendering management. As there is change in the policy of
government DAS is now focusing on the implementation of Shared services which ultimately
relates to fact that DAS will centralize a number of services. The government has now decided to
use portal named My License for renewal of license. It also highlight on the fact the government
can easily keep an eye on the type of license that each citizen holds. Government introduces
certain plan to register on My license portal and make their own informal digital identity. The
data stored in the database can be used to for better planning and decision making by various
government bodies and public agencies. Various has been discussed in detail for the
development of threat and risk assessment for the given licensee portal that is My License. TRA
has considered both the privacy and data protection part of personal identifiable information in
the portal of this website with possible solution has been discussed in brief. Strategy for the
protection of informal digital identity for the creation of My license portal with possible solution
has been discussed. Outline plan for the governance of PII data and digital identity has been
discussed for the portal of My License. Other key points like personal data and PII data for DAS
user of HR personnel management, contractor management suite has been discussed briefly. PII
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
13CLOUD PRIVACY AND SECURITY
data and financial data for users and DAS staff in the COTS payroll suite has also been discussed
in brief.
data and financial data for users and DAS staff in the COTS payroll suite has also been discussed
in brief.
14CLOUD PRIVACY AND SECURITY
References
Al-Fedaghi, S., & Al-Azmi, A. A. R. (2012). Experimentation with personal identifiable
information. Intelligent Information Management, 4(04), 123.
Barocas, S., & Nissenbaum, H. (2014). Big data's end run around procedural privacy
protections. Communications of the ACM, 57(11), 31-33.
Bryant, T. (2013). UE-COTS at the University of Iowa. Workplace: A Journal for Academic
Labor, (7).
Cavoukian, A., & Jonas, J. (2012). Privacy by design in the age of big data (pp. 1-17).
Information and Privacy Commissioner of Ontario, Canada.
Chakravorty, A., Wlodarczyk, T., & Rong, C. (2013, May). Privacy preserving data analytics for
smart homes. In Security and Privacy Workshops (SPW), 2013 IEEE (pp. 23-27). IEEE.
Chen, D., & Zhao, H. (2012, March). Data security and privacy protection issues in cloud
computing. In Computer Science and Electronics Engineering (ICCSEE), 2012
International Conference on (Vol. 1, pp. 647-651). IEEE.
Chen, D., & Zhao, H. (2012, March). Data security and privacy protection issues in cloud
computing. In Computer Science and Electronics Engineering (ICCSEE), 2012
International Conference on (Vol. 1, pp. 647-651). IEEE.
Chown, S. L., Huiskes, A. H., Gremmen, N. J., Lee, J. E., Terauds, A., Crosbie, K., ... &
Lebouvier, M. (2012). Continent-wide risk assessment for the establishment of
nonindigenous species in Antarctica. Proceedings of the National Academy of
Sciences, 109(13), 4938-4943.
References
Al-Fedaghi, S., & Al-Azmi, A. A. R. (2012). Experimentation with personal identifiable
information. Intelligent Information Management, 4(04), 123.
Barocas, S., & Nissenbaum, H. (2014). Big data's end run around procedural privacy
protections. Communications of the ACM, 57(11), 31-33.
Bryant, T. (2013). UE-COTS at the University of Iowa. Workplace: A Journal for Academic
Labor, (7).
Cavoukian, A., & Jonas, J. (2012). Privacy by design in the age of big data (pp. 1-17).
Information and Privacy Commissioner of Ontario, Canada.
Chakravorty, A., Wlodarczyk, T., & Rong, C. (2013, May). Privacy preserving data analytics for
smart homes. In Security and Privacy Workshops (SPW), 2013 IEEE (pp. 23-27). IEEE.
Chen, D., & Zhao, H. (2012, March). Data security and privacy protection issues in cloud
computing. In Computer Science and Electronics Engineering (ICCSEE), 2012
International Conference on (Vol. 1, pp. 647-651). IEEE.
Chen, D., & Zhao, H. (2012, March). Data security and privacy protection issues in cloud
computing. In Computer Science and Electronics Engineering (ICCSEE), 2012
International Conference on (Vol. 1, pp. 647-651). IEEE.
Chown, S. L., Huiskes, A. H., Gremmen, N. J., Lee, J. E., Terauds, A., Crosbie, K., ... &
Lebouvier, M. (2012). Continent-wide risk assessment for the establishment of
nonindigenous species in Antarctica. Proceedings of the National Academy of
Sciences, 109(13), 4938-4943.
15CLOUD PRIVACY AND SECURITY
Danezis, G., Domingo-Ferrer, J., Hansen, M., Hoepman, J. H., Metayer, D. L., Tirtea, R., &
Schiffner, S. (2015). Privacy and Data Protection by Design-from policy to
engineering. arXiv preprint arXiv:1501.03726.
Ferrari, A. (2013). DIGCOMP: A framework for developing and understanding digital
competence in Europe.
Haimes, Y. Y. (2015). Risk modeling, assessment, and management. John Wiley & Sons.
KoninG, M., KoREnhoF, P., Alpár, G., & Hoepman, J. H. (2014). The abc of abc: an analysis of
attribute-based credentials in the light of data protection, privacy and identity.
Li, Z., Ma, Z., van der Kuijp, T. J., Yuan, Z., & Huang, L. (2014). A review of soil heavy metal
pollution from mines in China: pollution and health risk assessment. Science of the Total
Environment, 468, 843-853.
Lin, N., Emanuel, K., Oppenheimer, M., & Vanmarcke, E. (2012). Physically based assessment
of hurricane surge threat under climate change. Nature Climate Change, 2(6), 462.
Louw, C., & von Solms, S. (2013, October). Personally identifiable information leakage through
online social networks. In Proceedings of the South African Institute for Computer
Scientists and Information Technologists Conference (pp. 68-71). ACM.
Markham, A., & Buchanan, E. (2012). Ethical decision-making and internet research:
Recommendations from the aoir ethics working committee (version 2.0).
Marwick, A. E., & Boyd, D. (2014). Networked privacy: How teenagers negotiate context in
social media. New Media & Society, 16(7), 1051-1067.
Danezis, G., Domingo-Ferrer, J., Hansen, M., Hoepman, J. H., Metayer, D. L., Tirtea, R., &
Schiffner, S. (2015). Privacy and Data Protection by Design-from policy to
engineering. arXiv preprint arXiv:1501.03726.
Ferrari, A. (2013). DIGCOMP: A framework for developing and understanding digital
competence in Europe.
Haimes, Y. Y. (2015). Risk modeling, assessment, and management. John Wiley & Sons.
KoninG, M., KoREnhoF, P., Alpár, G., & Hoepman, J. H. (2014). The abc of abc: an analysis of
attribute-based credentials in the light of data protection, privacy and identity.
Li, Z., Ma, Z., van der Kuijp, T. J., Yuan, Z., & Huang, L. (2014). A review of soil heavy metal
pollution from mines in China: pollution and health risk assessment. Science of the Total
Environment, 468, 843-853.
Lin, N., Emanuel, K., Oppenheimer, M., & Vanmarcke, E. (2012). Physically based assessment
of hurricane surge threat under climate change. Nature Climate Change, 2(6), 462.
Louw, C., & von Solms, S. (2013, October). Personally identifiable information leakage through
online social networks. In Proceedings of the South African Institute for Computer
Scientists and Information Technologists Conference (pp. 68-71). ACM.
Markham, A., & Buchanan, E. (2012). Ethical decision-making and internet research:
Recommendations from the aoir ethics working committee (version 2.0).
Marwick, A. E., & Boyd, D. (2014). Networked privacy: How teenagers negotiate context in
social media. New Media & Society, 16(7), 1051-1067.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
16CLOUD PRIVACY AND SECURITY
Monteleone, S. (2012). Privacy and Data Protection at the time of Facial Recognition: towards a
new right to Digital Identity? European Journal of Law and Technology, 3(3).
Reynolds, D., Creemers, B., Nesselrodt, P. S., Shaffer, E. C., Stringfield, S., & Teddlie, C.
(Eds.). (2014). Advances in school effectiveness research and practice. Elsevier.
Satchwell, C., Barton, D., & Hamilton, M. (2013). Crossing boundaries: digital and non-digital
literacy practices in formal and informal contexts in further and higher education.
Smith, C. (Ed.). (2012). Insect colonization and mass production. Elsevier.
Song, D., Shi, E., Fischer, I., & Shankar, U. (2012). Cloud data protection for the
masses. Computer, 45(1), 39-45.
Theoharidou, M., Mylonas, A., & Gritzalis, D. (2012). A risk assessment method for
smartphones. Information security and privacy research, 443-456.
Venkatanathan, J., Kostakos, V., Karapanos, E., & Gonçalves, J. (2013). Online Disclosure of
Personally Identifiable Information with Strangers: Effects of Public and Private
Sharing. Interacting with Computers, 26(6), 614-626.
Monteleone, S. (2012). Privacy and Data Protection at the time of Facial Recognition: towards a
new right to Digital Identity? European Journal of Law and Technology, 3(3).
Reynolds, D., Creemers, B., Nesselrodt, P. S., Shaffer, E. C., Stringfield, S., & Teddlie, C.
(Eds.). (2014). Advances in school effectiveness research and practice. Elsevier.
Satchwell, C., Barton, D., & Hamilton, M. (2013). Crossing boundaries: digital and non-digital
literacy practices in formal and informal contexts in further and higher education.
Smith, C. (Ed.). (2012). Insect colonization and mass production. Elsevier.
Song, D., Shi, E., Fischer, I., & Shankar, U. (2012). Cloud data protection for the
masses. Computer, 45(1), 39-45.
Theoharidou, M., Mylonas, A., & Gritzalis, D. (2012). A risk assessment method for
smartphones. Information security and privacy research, 443-456.
Venkatanathan, J., Kostakos, V., Karapanos, E., & Gonçalves, J. (2013). Online Disclosure of
Personally Identifiable Information with Strangers: Effects of Public and Private
Sharing. Interacting with Computers, 26(6), 614-626.
17CLOUD PRIVACY AND SECURITY
1 out of 18
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.