Security and Privacy Risk Assessment for DAS

Verified

Added on  2022/12/23

|22
|1875
|77
Presentation
AI Summary
This presentation discusses the security and privacy risk assessment for the Department of Administrative Service (DAS) and the implications of using BambooHR, a SaaS application for HR management. It also addresses issues related to data sensitivity and data sovereignty. The presentation concludes with recommendations for mitigating the identified issues.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
DAS MANAGEMENT
SECURITY AND PRIVACY RISK
ASSESSMENT FOR THE DAS

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Introduction
The topics to be discussed:
The presentation is based on the Department of Administrative Service.
The security assessment and the privacy risk assessment are discussed.
A software named BambooHR is selected which is a SaaS application software
for HR management which is discussed in the presentation.
The security implications and the privacy implications are also discussed in the
presentation.
Issue related to data sensitivity of the organisation are also discussed in the
presentation and the issues which are related to data sovereignty are discussed
here.
The presentation will provide a clear conclusion regarding HR management
software solution along with the security and risk assessment.
Document Page
SaaS application- BambooHR
About BambooHR:
BambooHR is a SaaS application which originates from a US based company.
The application provides a solution for the HR department of an organisation
(Pugh et al., 2015).
All the activities that are performed by HR can be managed by this
application. This application helps the HR to perform their tasks with more
focus and security.
Document Page
Operational solution of
BambooHR
The solution provided by BambooHR are as follows:
BambooHR handles a numerous number of operational solutions of HR activities in a
compact structure.
The overall agility, efficiency of the organisation increases (Zhou & Guan, 2018).
The problems that the HR faced in managing all the different activities which causes the
increase of data redundancy and it becomes complex for the HR to navigate. This is the
reason BambooHR provides a better support to the HR department.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Affect on security posture of DAS
due to operational solution
As most of the data of the employees of the organisation are in the hand
of the HR department, it is the responsibility for the HR to secure the data
(Syed et al., 2019).
The software helps to manage better all the data of the employees by
providing role-based access and by providing data encryption.
The application of operational solutions of BambooHR software the
security posture of DAS can be managed.
Document Page
Operational Location of
BambooHR
Due to the security concern of the important data of the
organisation it is very important to have an update of the
location where all the operations of the organisation are
performed (Lovrić & Horvat, 2016).
In case of the change in locations of the operation BambooHR will
give instant update of the changed location.
Document Page
Affect on security posture of DAS
due to operational location
As the operational location feature of BambooHR provides big
support to the HR department, the HR of the DAS management
uses the feature to get the location update (Maksymiuk, 2017).
This will provide security of all the documents of the employees
and provide a good effect on the security perspective of DAS.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
Threat on employee data
The threats are as follows:
The security threat on employee data may occur due to certain cause such as
Phishing
weak password
disabled security control
unauthorised installation of application; and many other causes.
In DAS the risk of the employee data may cause a big damage. Due to this
the HR department should manage the data with more care.
Document Page
Operational solution & operational
location mitigate threat
1. The operational tools of BambooHR provides various type of operational solution
to the HR which benefits the HR to manage the employee data of DAS (Cherinka &
Prezzama, 2015).
2. The application provides various security gateways which makes the data much
secured.
3. Besides, the operational location helps the HR to manage the location very easily
which secures the data at higher extent.
Document Page
Security implication of data
processing location
To provide better security in the location of the organisation where the
data are processed is very important.
With the implication of the application BambooHR the management
capacity of the location where the data are processed increases.
The application provides a compact security support to the organisation
which if followed will give a secured environment for the location of data
processing.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Privacy implication of data
processing location
To provide privacy of the data present in the data processing location and so that
the data of DAS do not go to wrong hands. DAS should use the BambooHR
application.
In this case the data of the employees will be managed in a particular location in
the internet and can be accessed very easily by the authorised persons (Dyrda et
al., 2017).
There will be high security that will help to keep up the privacy in the data
processing location of DAS.
Document Page
What are Trade Secrets?
Information of an organization that the owner considers to
protect as their sole property.
Mainly comprised of the confidential and valuable information of
the organization.
The trade secrets are governed by the legislative government
regarding the safe using of the trade secret policies.
Document Page
Common types of Trade Secrets
Sales information
Lists of the customers and the suppliers
Plans for marketing
Information of the steps regarding the manufacturing process
Recipes (if any)
Source codes for the programs and other software (for the IT
companies)

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
Issue of Data sensitivity – Trade
secrets
Identification and marking of the trade secrets – Appropriate marking and identification
of the data needs to be done.
Tracking and limiting the access to the information – Proper restriction should be made
for the authorised personnel to access the information. Besides, tracking of the sue of
the access is also necessary.
Active management of the trade secrets – Finally, continuous management of the
secret information is necessary in terms of its location as well as the protection
procedures used.
Document Page
Issues to maintain trade secrets in
storage locations
The secret data for each of the organisation gets accessible for
both of the organisation (Romojaro et al., 2017).
Due to the common access for the organisations involved, the
secrecy does not remain the same.
In case of any breaching activity, both the companies have to
suffer with their trade secrets.
Document Page
In case of the previous issue, DAS can use the BambooHR software which will
help to maintain the data in such a way that only the specified people will
have access to those particular data.
The data will be participated according to the privacy of each of the personnel.
This is the reason because of the importance of the SaaS software for DAS to
maintain data sensitivity in the storage location of the organisation.
Mitigation procedures for the issues
with the trade secrets

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Data Sovereignty
In the days where cloud computing so playing an important role where
the information of business are shared through cloud and the information
are also stored over there. In this case the organisations have a chance to
face various issues of data sovereignty (Maksymiuk, 2017).
This is because some of the data that are available in the internet can be
accessed by the outsiders. This is why it is difficult to maintain data
sovereignty in an organisation.
Document Page
Data Sovereignty in DAS
As DAS is going to enter in the industry of shared services, DAS will be needed to
use the cloud services to send and receive various type of data.
Beside to this they will also have to store data in the online data storage. In this
case the issue of data sovereignty comes into action where the data of DAS that
are shared through the cloud services and stored in the cloud can be accessible to
certain unwanted users.
This is one of the issues of data sovereignty that can be considered as a real issue
for DAS.
Document Page
Conclusion
The presentation concludes a clear structure, if certain privacy issues on
data of DAS is observed it can be mitigated by the application of SaaS
software that will be controlled by the HR department of the organisation.
In this presentation certain issues are mentioned along with the
mitigating technique of the issues are also mentioned by the using of
BambooHR application which is a SaaS software for the management of
HR.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
Recommendation
There are certain techniques which can be applied to mitigate the
issues further. They are listed below:
Alerting and metrics
Centralised logging
Redundancy
Firewalls
Backup
2-Factor Authentication
A program for security awareness
Document Page
References
Cherinka, R., & Prezzama, J. (2015). Innovative approaches to building comprehensive talent pipelines: Helping
to grow a strong and diverse professional workforce. Systemics, Cybernetics and Informatics, 13(6), 82-86.
Dyrda, J., Soppera, N., Hill, I., Bossant, M., & Gulliford, J. (2017). New features and improved uncertainty
analysis in the NEA nuclear data sensitivity tool (NDaST). In EPJ Web of Conferences (Vol. 146, p. 06026). EDP
Sciences.
Lovrić, S., & Horvat, Đ. (2016). CHOOSING AN EFFECTIVE HUMAN RESOURCES INFORMATION SYSTEM HRIS IN
REMOTE ENVIRONMENT. Under the auspices of the President of the Republic of Croatia, 236.
Maksymiuk, H. (2017). ONBOARDING NEW EMPLOYEES: REVIEW OF CURRENT PRACTICIES. Scientific Journal of
Polonia University, 20(1), 123-128.
Pugh, W., Eakes, M., Bernander, O., & Gundavaram, P. (2015). U.S. Patent No. 8,990,699. Washington, DC: U.S.
Patent and Trademark Office.
Romojaro, P., Álvarez-Velarde, F., Kodeli, I., Stankovskiy, A., Diez, C. J., Cabellos, O., ... & Žerovnik, G. (2017).
Nuclear data sensitivity and uncertainty analysis of effective neutron multiplication factor in various MYRRHA
core configurations. Annals of Nuclear Energy, 101, 330-338.
Syed, S., Venkataraman, S. and Prabhu, J.A., Corent Tech Inc, 2019. Multi-application SaaS metering engine.
U.S. Patent Application 10/305,761.
Zhou, F., & Guan, Y. (2018, March). Research on Database Fragmentation Technology Based on Hibernate
Shards Framework for SaaS Development. In 2018 International Conference on Advanced Control, Automation
and Artificial Intelligence (ACAAI 2018). Atlantis Press.
Document Page
1 out of 22
circle_padding
hide_on_mobile
zoom_out_icon
[object Object]

Your All-in-One AI-Powered Toolkit for Academic Success.

Available 24*7 on WhatsApp / Email

[object Object]