Data Sensitivity and Security Threats in a Cloud-Based System
VerifiedAdded on 2019/11/25
|22
|5610
|356
Report
AI Summary
The report discusses various data sensitivity issues related to the implementation of Software as a Service (SaaS) in DAS. It highlights three main issues: confidentiality, integrity, and availability of employee information. The report emphasizes the importance of considering these requirements for different types of information or data, as some may require confidential consideration while others can be publicly available. Additionally, it touches on privacy issues and their relation to security.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Cloud Computing in DAS
Name of the Student
Name of the University
Author Note
Name of the Student
Name of the University
Author Note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Table of Contents
4033 Introduction..................................................................................................................................3
Security of Employee Data....................................................................................................................3
Existing security threats to Employee data........................................................................................3
Explaining issues...............................................................................................................................5
New Security Threat to Employee data (after moving to SaaS).........................................................6
Explain issues....................................................................................................................................8
Severity Matrix......................................................................................................................................9
Privacy of Employee Data...................................................................................................................10
Existing privacy threats and risks to the privacy of employee data..................................................10
New Security Threat to Employee data (after moving to SaaS).......................................................12
Severity Matrix................................................................................................................................13
Digital Identity Issues..........................................................................................................................14
Explanation briefly..........................................................................................................................14
Provider Solution Issues and why?..................................................................................................15
Solution Architecture Including Security and Privacy.........................................................................16
Data Sensitivity...................................................................................................................................16
Appendix.............................................................................................................................................20
Group Communication....................................................................................................................20
4033 Introduction..................................................................................................................................3
Security of Employee Data....................................................................................................................3
Existing security threats to Employee data........................................................................................3
Explaining issues...............................................................................................................................5
New Security Threat to Employee data (after moving to SaaS).........................................................6
Explain issues....................................................................................................................................8
Severity Matrix......................................................................................................................................9
Privacy of Employee Data...................................................................................................................10
Existing privacy threats and risks to the privacy of employee data..................................................10
New Security Threat to Employee data (after moving to SaaS).......................................................12
Severity Matrix................................................................................................................................13
Digital Identity Issues..........................................................................................................................14
Explanation briefly..........................................................................................................................14
Provider Solution Issues and why?..................................................................................................15
Solution Architecture Including Security and Privacy.........................................................................16
Data Sensitivity...................................................................................................................................16
Appendix.............................................................................................................................................20
Group Communication....................................................................................................................20
4033 Introduction
The DAS (Department of the Administrative Service) is responsible for delivering many
services for the various departments of the state government in Australia. The data centre of
the DAS is the one who is accountable for delivering the services for the department. A new
service provider has been introduced to DAS in order to upgrade the existing system named
‘SaaS’ (Software-as-a-Service), which is a centrally hosting licensed model and software
delivery services. A team of two members is being introduced to the management for the
delivery of a risk management program, which will be helpful in identifying the threats and
risks to the privacy and security of employee’s data, who are employed in DAS. Following
report presents a severity matrix in order to show the likelihood, priority and the impact of
the identified risks and threats. They are rated based on the consideration.
Security of Employee Data
Existing security threats to Employee data
S.No Security
Threat/Risk
Description
Likelihood
Impact
Priority Preventive Actions Contingency Plans
Student 1
S1. Cloud
Computing
VL VH VH o Encrypting files before
uploading
o Protecting credentials
from unauthorized
access
o Accessing Third
party services
o Keep changing the
credentials or using
auto generated
password
S2. Poor
configuration
M VH VH o Systems should be well
configured and pre-
checked
o updating applications
and operating system
on regular basis
o The IT team should
cross-check the
configuration
before connecting it
to the network.
S3. Weak security H H M o There should be pre- o IT expert advices
The DAS (Department of the Administrative Service) is responsible for delivering many
services for the various departments of the state government in Australia. The data centre of
the DAS is the one who is accountable for delivering the services for the department. A new
service provider has been introduced to DAS in order to upgrade the existing system named
‘SaaS’ (Software-as-a-Service), which is a centrally hosting licensed model and software
delivery services. A team of two members is being introduced to the management for the
delivery of a risk management program, which will be helpful in identifying the threats and
risks to the privacy and security of employee’s data, who are employed in DAS. Following
report presents a severity matrix in order to show the likelihood, priority and the impact of
the identified risks and threats. They are rated based on the consideration.
Security of Employee Data
Existing security threats to Employee data
S.No Security
Threat/Risk
Description
Likelihood
Impact
Priority Preventive Actions Contingency Plans
Student 1
S1. Cloud
Computing
VL VH VH o Encrypting files before
uploading
o Protecting credentials
from unauthorized
access
o Accessing Third
party services
o Keep changing the
credentials or using
auto generated
password
S2. Poor
configuration
M VH VH o Systems should be well
configured and pre-
checked
o updating applications
and operating system
on regular basis
o The IT team should
cross-check the
configuration
before connecting it
to the network.
S3. Weak security H H M o There should be pre- o IT expert advices
architecture or
non-existing of
security
architecture
existent of personnel in
order to design security
architecture for the
systems off DAS
(Sundarrajan, 2014).
from external
S4. Third party
software in the
system
M H M o Using personal
applications, database
and servers.
o There should be no
cloud storage.
o Third party should
be licensed and
policies should
meet the
requirements of
DAS
o Regularly updating
the applications
provided by service
providers.
Studen
t 2
S5. Botnets L VH VH o Strong IT security
architecture
o Proper encryption to
the files that are about
to upload into the cloud
o Proper and licensed
antivirus (Asghari,
Eten& Bauer, 2015).
o Choosing option for
auto-update for the
firewalls and
antivirus.
o Operating system
should be original
and updated.
S6. External
removable
devices
L L VL o DAS should provide
personal external
devices to the
employees.
o BYOD (Bring Your
Own Device) should
not be implemented in
the management
system.
o There should not be
o Training to the
employees on how
to use external
device in the office
premises.
non-existing of
security
architecture
existent of personnel in
order to design security
architecture for the
systems off DAS
(Sundarrajan, 2014).
from external
S4. Third party
software in the
system
M H M o Using personal
applications, database
and servers.
o There should be no
cloud storage.
o Third party should
be licensed and
policies should
meet the
requirements of
DAS
o Regularly updating
the applications
provided by service
providers.
Studen
t 2
S5. Botnets L VH VH o Strong IT security
architecture
o Proper encryption to
the files that are about
to upload into the cloud
o Proper and licensed
antivirus (Asghari,
Eten& Bauer, 2015).
o Choosing option for
auto-update for the
firewalls and
antivirus.
o Operating system
should be original
and updated.
S6. External
removable
devices
L L VL o DAS should provide
personal external
devices to the
employees.
o BYOD (Bring Your
Own Device) should
not be implemented in
the management
system.
o There should not be
o Training to the
employees on how
to use external
device in the office
premises.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
any auto run option or
it should be disabled
for the devices
connecting externally
to the system.
S7. Websites VH H VH o Blocking access to the
websites that may
contain malicious
programming.
o Using updated
firewalls.
o Installing latest
anti-virus and keep
updated that anti-
virus whenever it
arrives at market.
o Training to the
employees about
accessing proper
websites.
S8. Phishing H VH M o Installing professional
enterprises into the
system.
o Providing training
to the employees on
regular basis.
Likelihood - VL, L,M, H, VH
Impact-VL, L,M, H, VH
Priority- VL, L, M,H, VH
Explaining issues
1. Cloud Computing: Cloud computing can lead to various security issues related to the
information of the employees that are being saved on the Cloud. Saving files and information
on the internet makes it vulnerable to cyber-attacks and data breaches. Considering latest data
breaches it can be said that cybercrimes are the real concern for this new digital world.
2. Poor configuration: It can be considered as a pre-existing threat that was complete
responsibility of the providers and suppliers. Poor configured system can easily be breached
by the intruders and could lead to several security issues related to the employees of DAS
(Lafuente, 2015). Proper IT team should be appointed before making purchase of computers
in order to pre-check the supplies.
it should be disabled
for the devices
connecting externally
to the system.
S7. Websites VH H VH o Blocking access to the
websites that may
contain malicious
programming.
o Using updated
firewalls.
o Installing latest
anti-virus and keep
updated that anti-
virus whenever it
arrives at market.
o Training to the
employees about
accessing proper
websites.
S8. Phishing H VH M o Installing professional
enterprises into the
system.
o Providing training
to the employees on
regular basis.
Likelihood - VL, L,M, H, VH
Impact-VL, L,M, H, VH
Priority- VL, L, M,H, VH
Explaining issues
1. Cloud Computing: Cloud computing can lead to various security issues related to the
information of the employees that are being saved on the Cloud. Saving files and information
on the internet makes it vulnerable to cyber-attacks and data breaches. Considering latest data
breaches it can be said that cybercrimes are the real concern for this new digital world.
2. Poor configuration: It can be considered as a pre-existing threat that was complete
responsibility of the providers and suppliers. Poor configured system can easily be breached
by the intruders and could lead to several security issues related to the employees of DAS
(Lafuente, 2015). Proper IT team should be appointed before making purchase of computers
in order to pre-check the supplies.
3. Weak security architecture or non-existing of security architecture: Weak security
architecture of the network is another important aspect that can lead expose of personal and
sensitive information and alternatively affect the security of the employees and the
organization too. There should be updated and always presence of a security architecture for
the network that is being used within the organization.
4. Third party software in the system: Using third party software makes the organization
completely reliable on that organization, which makes them dependent to those third party on
“what, when and how” that data should be used. Nothing is stable in this digital world
specially, with respect to the information system. Breaches that affect the third party will
automatically affect the information and data of the organization, which was relied on those
third parties.
5. Botnets:Botnets are not a new concept in the cybercrime. They are being used in order to get
access to the systems whose access is highly secured. These could be spread into the system
by mails, files or several other means and allow unauthorized users to access the system.
6. External removable devices: Many malware coding can be transferred to the systems in
which those devices had been used(Felbermayr, Hauptmann &Schmerer, 2014). Not all the
computers are safe and using external devices could lead towards transferring of those
malicious viruses from one system to another.
7. Websites: Generally using untrusted websites leads toward download of malicious coding
that could harm the system. These websites often asks to download applications that are not
certified or licensed. Using secured, certified and safe websites should be the first step in
order to keep the data secured into the system.
8. Phishing: It is term used in computer science generally related to transfer of malicious
programs via emails or messages.
New Security Threat to Employee data(after moving to SaaS)
S.No New Security
Threat/Risk of
employee data
Description
(after moving to
Saas)
Likelihood
Impact
Priority
Preventive Actions Contingency Plans
architecture of the network is another important aspect that can lead expose of personal and
sensitive information and alternatively affect the security of the employees and the
organization too. There should be updated and always presence of a security architecture for
the network that is being used within the organization.
4. Third party software in the system: Using third party software makes the organization
completely reliable on that organization, which makes them dependent to those third party on
“what, when and how” that data should be used. Nothing is stable in this digital world
specially, with respect to the information system. Breaches that affect the third party will
automatically affect the information and data of the organization, which was relied on those
third parties.
5. Botnets:Botnets are not a new concept in the cybercrime. They are being used in order to get
access to the systems whose access is highly secured. These could be spread into the system
by mails, files or several other means and allow unauthorized users to access the system.
6. External removable devices: Many malware coding can be transferred to the systems in
which those devices had been used(Felbermayr, Hauptmann &Schmerer, 2014). Not all the
computers are safe and using external devices could lead towards transferring of those
malicious viruses from one system to another.
7. Websites: Generally using untrusted websites leads toward download of malicious coding
that could harm the system. These websites often asks to download applications that are not
certified or licensed. Using secured, certified and safe websites should be the first step in
order to keep the data secured into the system.
8. Phishing: It is term used in computer science generally related to transfer of malicious
programs via emails or messages.
New Security Threat to Employee data(after moving to SaaS)
S.No New Security
Threat/Risk of
employee data
Description
(after moving to
Saas)
Likelihood
Impact
Priority
Preventive Actions Contingency Plans
Student 1
S.Cd1. Data Access VL H VH o Defining level of
access to whom it may
be granted
o Not hesitating to ask
about technical side of
theSaaS provider.
o conditions should
be implemented in
the agreement
S.Cd2. Instability M H L o Data portability should
be made carefully and
securely.
o Situations should be
predicted before, if any
data losses and many
other situations
(Caroll, 2014).
o Encountering
changes to the
security policies or
changes in price
S.Cd3. Lack of
transparency
VH L M o Security protocols
should be cross-
checked
o Huge compensation
agreement will ensure
SaaS provider work
more effectively
o DAS should know
everything about
the IT infrastructure
and security system
of SaaS provider
S.Cd4. Identity Theft M VH H o Keeping credentials
personal and private
o Using auto generated
password
o Identity detection
should be latest and
updated(Mann, 2012).
o One Time Password
(OTP)
S.Cd5. Uncertainty to
data location
VH VL L o Keep recovering data
on regular basis
o Updating data
o Deleting unnecessary
o Agreement should
be made if any data
losses, SaaS service
provider should pay
S.Cd1. Data Access VL H VH o Defining level of
access to whom it may
be granted
o Not hesitating to ask
about technical side of
theSaaS provider.
o conditions should
be implemented in
the agreement
S.Cd2. Instability M H L o Data portability should
be made carefully and
securely.
o Situations should be
predicted before, if any
data losses and many
other situations
(Caroll, 2014).
o Encountering
changes to the
security policies or
changes in price
S.Cd3. Lack of
transparency
VH L M o Security protocols
should be cross-
checked
o Huge compensation
agreement will ensure
SaaS provider work
more effectively
o DAS should know
everything about
the IT infrastructure
and security system
of SaaS provider
S.Cd4. Identity Theft M VH H o Keeping credentials
personal and private
o Using auto generated
password
o Identity detection
should be latest and
updated(Mann, 2012).
o One Time Password
(OTP)
S.Cd5. Uncertainty to
data location
VH VL L o Keep recovering data
on regular basis
o Updating data
o Deleting unnecessary
o Agreement should
be made if any data
losses, SaaS service
provider should pay
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
data the compensation
Student 2
S.Cd6. Paying Long-
term and upfront
VH VL VL o DAS should chose
smallest service time
o Post-paid service
can be helpful
S.Cd7. Agreement made
is unsure
VH M L o DAS should check all
the conditions apply
and policies of the
service provider and
check either it meets
with the policies of
DAS or not
o Agreement should
made by the DAS.
S.Cd8. How data is
actually being
secured
L H VH o DAS should use
encryption to the data
before sending it to the
SaaS service providers.
o Regular audit on the
data that are being
saved
S.Cd9. No direct control
over the data
H VL M o The management
should decide which
data should be
uploaded to the cloud
or which should not
o Only not important
data should be
uploaded over the
Cloud.
S.Cd10. Do not update
with modern
security
standards
VH VH VH o Service provider
should provide updated
security measures
o The service
provider should be
reminded again and
again to update the
security
Likelihood - VL, L,M, H, VH
Impact- - VL, L,M, H, VH
Priority- - VL, L, M,H, VH
Explain issues
Student 2
S.Cd6. Paying Long-
term and upfront
VH VL VL o DAS should chose
smallest service time
o Post-paid service
can be helpful
S.Cd7. Agreement made
is unsure
VH M L o DAS should check all
the conditions apply
and policies of the
service provider and
check either it meets
with the policies of
DAS or not
o Agreement should
made by the DAS.
S.Cd8. How data is
actually being
secured
L H VH o DAS should use
encryption to the data
before sending it to the
SaaS service providers.
o Regular audit on the
data that are being
saved
S.Cd9. No direct control
over the data
H VL M o The management
should decide which
data should be
uploaded to the cloud
or which should not
o Only not important
data should be
uploaded over the
Cloud.
S.Cd10. Do not update
with modern
security
standards
VH VH VH o Service provider
should provide updated
security measures
o The service
provider should be
reminded again and
again to update the
security
Likelihood - VL, L,M, H, VH
Impact- - VL, L,M, H, VH
Priority- - VL, L, M,H, VH
Explain issues
1. Data Access:Employees if not trained well, might access to the websites that can upload or
download malicious coding into the system. This coding has capability to corrupt, manipulate
and delete the data and information that are being saved to the database system.
2. Instability:SaaS (Software as a service) does not show stability of data. Uploading or porting
data into the Cloud could be a hassle for the organization and management of the
organization, who is responsible for data management. Proper policies should be introduced
related to the issue that might affect the security of DAS’s employees (Pfeifer, 2016).
3. Lack of transparency:SaaS cannot provide transparency of its working to the customers,
which raises a concern of distrust on the service provider. Several security questions are
being unanswerable to the clients like DAS. This creates an empty space and speculation
about the services that are being offered by the SaaS.
4. Identity Theft: Making payment to this service provider through credit cards is a matter of
risk and raise concern towards potential risk it may arises. Identity management can be within
the LDAP directions of the company, inside the firewall of the firm, or on the SaaSwebsite of
providers in order to make system more secure (Kristal, 2017).
5. Uncertainty to data location: The data is being stored in the cloud, which is a virtual space to
save data and information raises concern about the uncertainty to the location, where the data
is being saved. In this case even the headquarters are separated and situated far away from the
location of the firm.
6. Paying Long-term and upfront:SaaS does not provide any short-term services, which can be
irrespective to the changes made in policies or if an organization does not need any services.
After the payment, service is being offered. However, that is matter of security concern for
the customers or the clients.
7. Agreement made is unsure: agreement papers are generally big documented agreements,
which in general no one bothers to read or if read properly individual customers might have
many problems regarding the security of the information, which is being shared with the third
party(Müller & Neumann, 2015).
8. How data is actually being secured: As stated above SaaS is not agree to expose the security
architecture for its services led individuals concerns regarding, whether the data moving to
cloud by SaaS will be safe or not safe.
9. No direct control over the data: Data will be helpless in controlling the data after uploading
them into Cloud. After moving to SaaS, DAS will have to completely rely on them for any
data or information related to the employee or any operational or transactional details (Smith
& Ross, 2014).
download malicious coding into the system. This coding has capability to corrupt, manipulate
and delete the data and information that are being saved to the database system.
2. Instability:SaaS (Software as a service) does not show stability of data. Uploading or porting
data into the Cloud could be a hassle for the organization and management of the
organization, who is responsible for data management. Proper policies should be introduced
related to the issue that might affect the security of DAS’s employees (Pfeifer, 2016).
3. Lack of transparency:SaaS cannot provide transparency of its working to the customers,
which raises a concern of distrust on the service provider. Several security questions are
being unanswerable to the clients like DAS. This creates an empty space and speculation
about the services that are being offered by the SaaS.
4. Identity Theft: Making payment to this service provider through credit cards is a matter of
risk and raise concern towards potential risk it may arises. Identity management can be within
the LDAP directions of the company, inside the firewall of the firm, or on the SaaSwebsite of
providers in order to make system more secure (Kristal, 2017).
5. Uncertainty to data location: The data is being stored in the cloud, which is a virtual space to
save data and information raises concern about the uncertainty to the location, where the data
is being saved. In this case even the headquarters are separated and situated far away from the
location of the firm.
6. Paying Long-term and upfront:SaaS does not provide any short-term services, which can be
irrespective to the changes made in policies or if an organization does not need any services.
After the payment, service is being offered. However, that is matter of security concern for
the customers or the clients.
7. Agreement made is unsure: agreement papers are generally big documented agreements,
which in general no one bothers to read or if read properly individual customers might have
many problems regarding the security of the information, which is being shared with the third
party(Müller & Neumann, 2015).
8. How data is actually being secured: As stated above SaaS is not agree to expose the security
architecture for its services led individuals concerns regarding, whether the data moving to
cloud by SaaS will be safe or not safe.
9. No direct control over the data: Data will be helpless in controlling the data after uploading
them into Cloud. After moving to SaaS, DAS will have to completely rely on them for any
data or information related to the employee or any operational or transactional details (Smith
& Ross, 2014).
Severity Matrix
o Severity of risk and threat to security employee data
Probability
Very High
S.Cd5. &
S.Cd6. S.Cd3. S.Cd7. S7. S.Cd10.
High S.Cd9. S3. S8.
Medium
S4.
&S.Cd2. S2. & S.Cd4.
Low S.Cd8. S5.
Very Low S6. S.Cd1. S1.
Severity Very Low Low Medium High Very High
Privacy of Employee Data
Existing privacy threats and risks to the privacy of employee data
S.No Privacy
Threat/Risk of
employee data
Description
Likelihood
Impact
Priority
Preventive Actions Contingency Plans
Student 1
P.1. Video
surveillance
H H VH o Written document policies
should be presented to the
employees before recruiting
them.
o Showing
disciplinary action
within the premises
by employees.
P.2. Telephone
monitoring
L H VL o Fixed-dialling telephone
should be used with the
environment of the work.
o Proper policies can
help in restricting
employees to make
calls that may affect
the reputation and
o Severity of risk and threat to security employee data
Probability
Very High
S.Cd5. &
S.Cd6. S.Cd3. S.Cd7. S7. S.Cd10.
High S.Cd9. S3. S8.
Medium
S4.
&S.Cd2. S2. & S.Cd4.
Low S.Cd8. S5.
Very Low S6. S.Cd1. S1.
Severity Very Low Low Medium High Very High
Privacy of Employee Data
Existing privacy threats and risks to the privacy of employee data
S.No Privacy
Threat/Risk of
employee data
Description
Likelihood
Impact
Priority
Preventive Actions Contingency Plans
Student 1
P.1. Video
surveillance
H H VH o Written document policies
should be presented to the
employees before recruiting
them.
o Showing
disciplinary action
within the premises
by employees.
P.2. Telephone
monitoring
L H VL o Fixed-dialling telephone
should be used with the
environment of the work.
o Proper policies can
help in restricting
employees to make
calls that may affect
the reputation and
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
performance of the
organization.
P.3. Internet usage
monitoring
L VH VH o Updated and original
firewalls, operating system
and secured network(Miller,
2012).
o Training to the
employees on how
to surf and what to
surf on the internet.
Student 2
P.4. Computer
monitoring
VH L H o Original softwares,
applications and hardware
as per the need should be
provided by DAS(Miller,
2012).
o Blocking domains
and restricting
usage
P.5. Email
monitoring
M H VH o Private messaging websites
(portal) for organization’s
daily operational activities.
o Agreement should
be made in order to
compromising both
employees and the
organization.
P.6. Mobile device
monitoring
VL M L o Bring-your-own-device
(BYOD) should be
restricted in the office
premises or work
environments.
o Training programs
and better policies.
Explain issues
1. Video surveillance: video surveillance will be beneficial, only with the perspective of the
organization but it can affect the privacy of the employees at work places. Video surveillance
can help in protecting organizational personal assets but it will also raise privacy concern to
the employees working in that environment(Kristal, 2017).
2. Telephone monitoring:It is another issue related to the privacy of the employees, it could
expose the privacy to whom and what an individual is talking. Those conversations may be
very personal for the individual, which he or she does not wanted to expose to anyone.
3. Internet usage monitoring: Organization generally monitors the internet usage of the
employee, especially those whose operational activities are connected to the internet (Finkin,
organization.
P.3. Internet usage
monitoring
L VH VH o Updated and original
firewalls, operating system
and secured network(Miller,
2012).
o Training to the
employees on how
to surf and what to
surf on the internet.
Student 2
P.4. Computer
monitoring
VH L H o Original softwares,
applications and hardware
as per the need should be
provided by DAS(Miller,
2012).
o Blocking domains
and restricting
usage
P.5. Email
monitoring
M H VH o Private messaging websites
(portal) for organization’s
daily operational activities.
o Agreement should
be made in order to
compromising both
employees and the
organization.
P.6. Mobile device
monitoring
VL M L o Bring-your-own-device
(BYOD) should be
restricted in the office
premises or work
environments.
o Training programs
and better policies.
Explain issues
1. Video surveillance: video surveillance will be beneficial, only with the perspective of the
organization but it can affect the privacy of the employees at work places. Video surveillance
can help in protecting organizational personal assets but it will also raise privacy concern to
the employees working in that environment(Kristal, 2017).
2. Telephone monitoring:It is another issue related to the privacy of the employees, it could
expose the privacy to whom and what an individual is talking. Those conversations may be
very personal for the individual, which he or she does not wanted to expose to anyone.
3. Internet usage monitoring: Organization generally monitors the internet usage of the
employee, especially those whose operational activities are connected to the internet (Finkin,
2015). This could lead proper internet usage by the employees at workplaces but will, no-
doubt affect the privacy of the individual.
4. Computer monitoring: Computer monitoring is another general likelihood of several
organizations that might affect the privacy of the individuals, as there may be personal media
files, which an individual is unwilling to expose to others without his or her permission.
5. Email monitoring: Email is generally used for personal messages and contains very personal
information related to the personal life of the individual, which no one would ever like to
expose to an unwanted individual. Accessing this information without the will of the
employees exposes their privacy into real world.
6. Mobile device monitoring: Mobile devices of individual information that can be considered
as personal and private information and monitoring this will be against the policies of FERPA
and will violate those policies.
New Security Threat to Employee data(after moving to SaaS)
S.No New Privacy
Threat/Risk of
employee data
Description
(after moving to
Saas)
Likelihood
Impact
Priority
Preventive Actions Contingency Plans
Student 1
P.Cd1. Data and
information may
be compromised
H VH VH o Encrypting all the files
before uploading to the
Cloud
o Tokenization of files
o Using protected server
o Involving third
party for the
system.
P.Cd2. Types of
information
saved
VL L L o Categorizing data into
different groups
o Very personal information
should not be uploaded
(Humphreys, 2016).
o Suggestions or
permission of the
employees on
which data they
want to upload.
doubt affect the privacy of the individual.
4. Computer monitoring: Computer monitoring is another general likelihood of several
organizations that might affect the privacy of the individuals, as there may be personal media
files, which an individual is unwilling to expose to others without his or her permission.
5. Email monitoring: Email is generally used for personal messages and contains very personal
information related to the personal life of the individual, which no one would ever like to
expose to an unwanted individual. Accessing this information without the will of the
employees exposes their privacy into real world.
6. Mobile device monitoring: Mobile devices of individual information that can be considered
as personal and private information and monitoring this will be against the policies of FERPA
and will violate those policies.
New Security Threat to Employee data(after moving to SaaS)
S.No New Privacy
Threat/Risk of
employee data
Description
(after moving to
Saas)
Likelihood
Impact
Priority
Preventive Actions Contingency Plans
Student 1
P.Cd1. Data and
information may
be compromised
H VH VH o Encrypting all the files
before uploading to the
Cloud
o Tokenization of files
o Using protected server
o Involving third
party for the
system.
P.Cd2. Types of
information
saved
VL L L o Categorizing data into
different groups
o Very personal information
should not be uploaded
(Humphreys, 2016).
o Suggestions or
permission of the
employees on
which data they
want to upload.
Student 2
P.Cd3. Distant location
of headquarters
VL H H o The Data centre should be
located near to the
organization or should be
incorporated within the
organization’s place.
o DAS can ask for
headquarter should
be situated closer to
the offices premises
or at least in same
city
P.Cd4. Malicious virus
attack and data
breaches
VH VH VH o Professional and
experienced IT team should
be incorporated within the
management
o Using antivirus
(Rusinek&Rycx, 2013).
o External IT team or
any experienced
individual can be
consulted.
Likelihood - VL, L,M, H, VH
Impact- - VL, L,M, H, VH
Priority- - VL, L, M,H, VH
Explain issues
1. Data and information may be compromised: After moving to SaaS, the data being saved
on the internet becomes more vulnerable to cyber-attacks, which might expose the information
of the employees. This information may contain personal information like medical report,
qualifications and many more.
2. Types of information saved: DAS should not upload all the data saved in the database to
the Cloud. It should first categorize them and then upload it, as again data breaches may expose
the privacy and cause privacy issues to the individuals(Rusinek&Rycx, 2013).
3. Distant location of headquarters: Distant location of headquarters results in no face to face
interaction between the service provider and the DAS management. If any vulnerability occurs
there is not any means to shut down whole system.
4. Malicious virus attack and data breaches: Most concern topic nowadays data breaches and
virus attacks, whose results may be unfavourable for both organization and the employee(Müller
& Neumann, 2015). These unwanted incidents allow access of the information to the
P.Cd3. Distant location
of headquarters
VL H H o The Data centre should be
located near to the
organization or should be
incorporated within the
organization’s place.
o DAS can ask for
headquarter should
be situated closer to
the offices premises
or at least in same
city
P.Cd4. Malicious virus
attack and data
breaches
VH VH VH o Professional and
experienced IT team should
be incorporated within the
management
o Using antivirus
(Rusinek&Rycx, 2013).
o External IT team or
any experienced
individual can be
consulted.
Likelihood - VL, L,M, H, VH
Impact- - VL, L,M, H, VH
Priority- - VL, L, M,H, VH
Explain issues
1. Data and information may be compromised: After moving to SaaS, the data being saved
on the internet becomes more vulnerable to cyber-attacks, which might expose the information
of the employees. This information may contain personal information like medical report,
qualifications and many more.
2. Types of information saved: DAS should not upload all the data saved in the database to
the Cloud. It should first categorize them and then upload it, as again data breaches may expose
the privacy and cause privacy issues to the individuals(Rusinek&Rycx, 2013).
3. Distant location of headquarters: Distant location of headquarters results in no face to face
interaction between the service provider and the DAS management. If any vulnerability occurs
there is not any means to shut down whole system.
4. Malicious virus attack and data breaches: Most concern topic nowadays data breaches and
virus attacks, whose results may be unfavourable for both organization and the employee(Müller
& Neumann, 2015). These unwanted incidents allow access of the information to the
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
unauthorized users and give them power to manipulate, delete and expose that information. This
may include very personal and sensitive information of the employees working in DAS. Various
measures have also been proposed in the above table on how to mitigate and eliminate these
threats and risks.
Severity Matrix
o Severity of risk and threat to privacy employee data
Probability
Very High P.4. P.Cd4.
High P.1. P.Cd1.
Medium P.5.
Low P.2. P.3.
Very Low P.Cd2. P.6. P.Cd3.
Severity Very Low Low Medium High Very High
Digital Identity Issues
Explanation briefly
Following are the issues because of the digital identity to the employees of DAS while
moving towards SaaS.
1.Data breach: Deeply expose of very personal and sensitive information are
penetrating various citizens by unauthorized users, which can enable the intruders to make
demand of extortion and fraud. This could let to the expose of information about the
employees and create many issues to an individual’s livelihood(Müller & Neumann, 2015).
2. Mass surveillance: Expose of personal and private information that covers large
area of population including their data usage that will reasonably pretended to be private.
may include very personal and sensitive information of the employees working in DAS. Various
measures have also been proposed in the above table on how to mitigate and eliminate these
threats and risks.
Severity Matrix
o Severity of risk and threat to privacy employee data
Probability
Very High P.4. P.Cd4.
High P.1. P.Cd1.
Medium P.5.
Low P.2. P.3.
Very Low P.Cd2. P.6. P.Cd3.
Severity Very Low Low Medium High Very High
Digital Identity Issues
Explanation briefly
Following are the issues because of the digital identity to the employees of DAS while
moving towards SaaS.
1.Data breach: Deeply expose of very personal and sensitive information are
penetrating various citizens by unauthorized users, which can enable the intruders to make
demand of extortion and fraud. This could let to the expose of information about the
employees and create many issues to an individual’s livelihood(Müller & Neumann, 2015).
2. Mass surveillance: Expose of personal and private information that covers large
area of population including their data usage that will reasonably pretended to be private.
3. Individual surveillance: Similar to mass surveillance expose of personal
information including the usage data that will reasonably assumed to be private to the private
investigators(Abowd, McKinney & Zhao, 2015).
4. Identity theft: Expose of sensitive information that could allow subsequent
impression of the identity can lead to the duplicity of the digital identity and can allow access
to that data or information by unauthorized user(Rusinek&Rycx, 2013).
5. Integrity threats:this includes attacks on cryptographic underpinnings of the
scheme: Digital identity can allow access to the scheme private keys in manner that the
authentication services would no longer be trusted.
6. Alteration of data: Alteration of data means either manipulating the data or deleting
the information and data, which can be made in order to enable the identity takeover or either,
disrupt the services or bring it into disrupt.
Provider Solution Issues and why?
1. This new implementation process could be highly private in order to manage HR
and contract managers. Features and capabilities of the organization should be overlooked for
the cases those are irrelevant and inappropriate for the data that is being stored into the
database system of HR of DAS.
2. Applicant tracking: Tracking the positions of the employees according to their
capabilities can be a solution for these issues.
3. Performance management: Ability to determine the capabilities of the individual
employee and manipulating them towards merging their goals with the organizational goals.
It is recommended for this case as it will be suitable for DAS in order to enhance the
performance and achieve respective goals(Taylor, Fritsch &Liederbach, 2014).
4. Offered HRMS software: It will be beneficial in all aspects of DAS, as it will be
helpful in offering beneficial activities by increasing their efficiency and saving time during
management.
5. ELearning authoring: this can be considered as an option for the purpose of training
the employees that is originated and evaluated by the DAS itself. It will help in providing
information and increase awareness among the employees on how to use the latest
technology give access publicity(Abowd, McKinney & Zhao, 2015).
6. Proper certification: In order to take the organization towards its goals, agreement
between the workers should be proper and documented. In same manner, for properly
information including the usage data that will reasonably assumed to be private to the private
investigators(Abowd, McKinney & Zhao, 2015).
4. Identity theft: Expose of sensitive information that could allow subsequent
impression of the identity can lead to the duplicity of the digital identity and can allow access
to that data or information by unauthorized user(Rusinek&Rycx, 2013).
5. Integrity threats:this includes attacks on cryptographic underpinnings of the
scheme: Digital identity can allow access to the scheme private keys in manner that the
authentication services would no longer be trusted.
6. Alteration of data: Alteration of data means either manipulating the data or deleting
the information and data, which can be made in order to enable the identity takeover or either,
disrupt the services or bring it into disrupt.
Provider Solution Issues and why?
1. This new implementation process could be highly private in order to manage HR
and contract managers. Features and capabilities of the organization should be overlooked for
the cases those are irrelevant and inappropriate for the data that is being stored into the
database system of HR of DAS.
2. Applicant tracking: Tracking the positions of the employees according to their
capabilities can be a solution for these issues.
3. Performance management: Ability to determine the capabilities of the individual
employee and manipulating them towards merging their goals with the organizational goals.
It is recommended for this case as it will be suitable for DAS in order to enhance the
performance and achieve respective goals(Taylor, Fritsch &Liederbach, 2014).
4. Offered HRMS software: It will be beneficial in all aspects of DAS, as it will be
helpful in offering beneficial activities by increasing their efficiency and saving time during
management.
5. ELearning authoring: this can be considered as an option for the purpose of training
the employees that is originated and evaluated by the DAS itself. It will help in providing
information and increase awareness among the employees on how to use the latest
technology give access publicity(Abowd, McKinney & Zhao, 2015).
6. Proper certification: In order to take the organization towards its goals, agreement
between the workers should be proper and documented. In same manner, for properly
functioning and further compensation there should be proper agreement between the SaaS
service provider and the DAS.
Efficiency of the operational locations and solutions:
Concerning the privacy and security about the employees related to the personal
information that is being saved on the cloud, both SaaS solution and operational location can
be beneficial for DAS. This implementation and changes will help the organization in
managing and keeping the personal and sensitive information that is being saved in the
database of HR system, private and secured(Rusinek&Rycx, 2013). However, some
recommendations can be made in order to mitigate the threats and risks that may cause
vulnerability to the information about the employee.
First and most considerable objective about this implementation is that the offered
operational solution and location into DAS offers both canned integration and the open APIs.
This new implementation also introduced and offered HRMS vendors (and applications),
which enables two options for DAS firstly, by making extra payment and secondly,
downloading connectors, which are specific for the organizational operations. In order to
create integration between the systems, the open APIs allow users to promote this integration.
Solution Architecture Including Security and Privacy
Figure 1: Solution Architecture including Security and Privacy (DAS)
(Source: created by author)
service provider and the DAS.
Efficiency of the operational locations and solutions:
Concerning the privacy and security about the employees related to the personal
information that is being saved on the cloud, both SaaS solution and operational location can
be beneficial for DAS. This implementation and changes will help the organization in
managing and keeping the personal and sensitive information that is being saved in the
database of HR system, private and secured(Rusinek&Rycx, 2013). However, some
recommendations can be made in order to mitigate the threats and risks that may cause
vulnerability to the information about the employee.
First and most considerable objective about this implementation is that the offered
operational solution and location into DAS offers both canned integration and the open APIs.
This new implementation also introduced and offered HRMS vendors (and applications),
which enables two options for DAS firstly, by making extra payment and secondly,
downloading connectors, which are specific for the organizational operations. In order to
create integration between the systems, the open APIs allow users to promote this integration.
Solution Architecture Including Security and Privacy
Figure 1: Solution Architecture including Security and Privacy (DAS)
(Source: created by author)
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Data Sensitivity
There are many issues related to the data sensitivity in this case, which are
considerable in order to protect the organization’s information and employee’s information.
This make it crucial to point out each objective, some of these issues are:
Student 1
Data sensitivity: data sensitivity includes very sensitive data of an individual like
Credit card details, Social Security Numbers (SSNs), bank account details, medical
information, educational qualifications and many more. Ne SaaS implementation in DAS
could lead serious threats and issues to information like these(Feher, 2016).
Regulations: An examples can be helpful in understanding regulations clearer, the
implementation of “how and what data should be saved” is being managed by several
jurisdictions towards this approach.Same requirements are not required for different types of
data protection, in this case for intellectual property protection and financial protection needs
different types of protection for the beneficial aspects of DAS. “This was not stated as
regulatory but was affecting directly the requirements that were necessary for the data
protection”(Müller & Neumann, 2015).
Student 2
Data confidentiality: It is another type of issue that is related to the data sensitivity,
which states that considering the requirements for different information or data is different, as
many of the information needs confidential consider ability but there are also some
information that does not needs data confidentiality. Availability of data that is responsible
for the continuity of the business and business’s life are very critical.In this case, availability
of data related to the business continuity of DAS is much more crucial than any other
information.
The substituting and spoofing of the data: This is the last identified data sensitivity
issue. Data integrity can be made assured that the spoofing and substituting of data and other
matters related to information of employee that can be responsible for the improper behaviour
of the system. Not conflating confidentiality of the employee and organizational personal
There are many issues related to the data sensitivity in this case, which are
considerable in order to protect the organization’s information and employee’s information.
This make it crucial to point out each objective, some of these issues are:
Student 1
Data sensitivity: data sensitivity includes very sensitive data of an individual like
Credit card details, Social Security Numbers (SSNs), bank account details, medical
information, educational qualifications and many more. Ne SaaS implementation in DAS
could lead serious threats and issues to information like these(Feher, 2016).
Regulations: An examples can be helpful in understanding regulations clearer, the
implementation of “how and what data should be saved” is being managed by several
jurisdictions towards this approach.Same requirements are not required for different types of
data protection, in this case for intellectual property protection and financial protection needs
different types of protection for the beneficial aspects of DAS. “This was not stated as
regulatory but was affecting directly the requirements that were necessary for the data
protection”(Müller & Neumann, 2015).
Student 2
Data confidentiality: It is another type of issue that is related to the data sensitivity,
which states that considering the requirements for different information or data is different, as
many of the information needs confidential consider ability but there are also some
information that does not needs data confidentiality. Availability of data that is responsible
for the continuity of the business and business’s life are very critical.In this case, availability
of data related to the business continuity of DAS is much more crucial than any other
information.
The substituting and spoofing of the data: This is the last identified data sensitivity
issue. Data integrity can be made assured that the spoofing and substituting of data and other
matters related to information of employee that can be responsible for the improper behaviour
of the system. Not conflating confidentiality of the employee and organizational personal
information can be recommended for the DAS in order to maintain privacy and security of
the employee.
Conclusion:
Based on the above report it can be concluded that there are various existing threats
to the information of the employees working in an organization. Moving towards SaaS
implementation by DAS can be beneficial for the organization but there are several threats
and risks to this implementation. These threats and risk can cost the security and privacy of
the employees working there. This report also emphasis on the privacy and security issues to
the employees that will arise after the implication of this new system into the organization.
Two severity matrixes have been proposed in this report in order to measure the severity and
probability of the impacts those risks may cause to the information of the employees.
the employee.
Conclusion:
Based on the above report it can be concluded that there are various existing threats
to the information of the employees working in an organization. Moving towards SaaS
implementation by DAS can be beneficial for the organization but there are several threats
and risks to this implementation. These threats and risk can cost the security and privacy of
the employees working there. This report also emphasis on the privacy and security issues to
the employees that will arise after the implication of this new system into the organization.
Two severity matrixes have been proposed in this report in order to measure the severity and
probability of the impacts those risks may cause to the information of the employees.
References:
Asghari, H., van Eeten, M. J., & Bauer, J. M. (2015). Economics of fighting botnets: Lessons
from a decade of mitigation. IEEE Security & Privacy, 13(5), 16-23.
Abowd, J. M., McKinney, K. L., & Zhao, N. (2015). Earnings Inequality Trends in the
United States: Nationally Representative Estimates from Longitudinally Linked
Employer-Employee Data. NBER Chapters.
Feher, K. (2016). Digital identity: The transparency of the self. In Applied Psychology:
Proceedings of the 2015 Asian Congress of Applied Psychology (ACAP 2015) (pp.
132-143).
Felbermayr, G., Hauptmann, A., &Schmerer, H. J. (2014). International trade and collective
bargaining outcomes: Evidence from German employer–employee data. The
Scandinavian Journal of Economics, 116(3), 820-837.
Finkin, M. (2015). The Acquisition and Dissemination of Employee Data: the Law of the
European Union and the United States Compared. Studia z zakresuprawapracy i
politykispołecznej, 2015.
Frankenberger, K., Weiblen, T., &Gassmann, O. (2013). Network configuration, customer
centricity, and performance of open business models: A solution provider
perspective. Industrial Marketing Management, 42(5), 671-682.
Gaddam, A., Aissi, S., &Kgil, T. (2014). U.S. Patent Application No. 14/303,461.
Gholami, A., & Laure, E. (2016). Security and privacy of sensitive data in cloud computing:
a survey of recent developments. arXiv preprint arXiv:1601.01498.
Asghari, H., van Eeten, M. J., & Bauer, J. M. (2015). Economics of fighting botnets: Lessons
from a decade of mitigation. IEEE Security & Privacy, 13(5), 16-23.
Abowd, J. M., McKinney, K. L., & Zhao, N. (2015). Earnings Inequality Trends in the
United States: Nationally Representative Estimates from Longitudinally Linked
Employer-Employee Data. NBER Chapters.
Feher, K. (2016). Digital identity: The transparency of the self. In Applied Psychology:
Proceedings of the 2015 Asian Congress of Applied Psychology (ACAP 2015) (pp.
132-143).
Felbermayr, G., Hauptmann, A., &Schmerer, H. J. (2014). International trade and collective
bargaining outcomes: Evidence from German employer–employee data. The
Scandinavian Journal of Economics, 116(3), 820-837.
Finkin, M. (2015). The Acquisition and Dissemination of Employee Data: the Law of the
European Union and the United States Compared. Studia z zakresuprawapracy i
politykispołecznej, 2015.
Frankenberger, K., Weiblen, T., &Gassmann, O. (2013). Network configuration, customer
centricity, and performance of open business models: A solution provider
perspective. Industrial Marketing Management, 42(5), 671-682.
Gaddam, A., Aissi, S., &Kgil, T. (2014). U.S. Patent Application No. 14/303,461.
Gholami, A., & Laure, E. (2016). Security and privacy of sensitive data in cloud computing:
a survey of recent developments. arXiv preprint arXiv:1601.01498.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Heining, J., Klosterhuber, W., & Seth, S. (2014). An Overview on the Linked Employer-
Employee Data of the Institute for Employment Research
(IAB). SchmollersJahrbuch, 134(1), 141-148.
Hudson, K. L., &Pollitz, K. (2017). Undermining Genetic Privacy? Employee Wellness
Programs and the Law. New England Journal of Medicine.
Kristal, T. (2017). Who Gets and Who Gives Employer-Provided Benefits? Evidence from
Matched Employer-Employee Data. Social Forces, 1-33.
Kristal, T. (2017). Who Gets and Who Gives Employer-Provided Benefits? Evidence from
Matched Employer-Employee Data. Social Forces, 1-33.
Lafuente, G. (2015). The big data security challenge. Network security, 2015(1), 12-14.
Lewis, L. (2013). Digital identity: are students' views regarding digital representation
of'self'gendered?.
Mann, M. I. (2012). Hacking the human: social engineering techniques and security
countermeasures. Gower Publishing, Ltd..
Müller, K. U., & Neumann, M. (2015). How reliable are incidence estimates based on cross-
sectional distributions? Evidence from simulations and linked employer-employee
data.
Pandey, S. C. (2016, October). An efficient security solution for cloud environment.In Signal
Processing, Communication, Power and Embedded System (SCOPES), 2016
International Conference on (pp. 950-959).IEEE.
Employee Data of the Institute for Employment Research
(IAB). SchmollersJahrbuch, 134(1), 141-148.
Hudson, K. L., &Pollitz, K. (2017). Undermining Genetic Privacy? Employee Wellness
Programs and the Law. New England Journal of Medicine.
Kristal, T. (2017). Who Gets and Who Gives Employer-Provided Benefits? Evidence from
Matched Employer-Employee Data. Social Forces, 1-33.
Kristal, T. (2017). Who Gets and Who Gives Employer-Provided Benefits? Evidence from
Matched Employer-Employee Data. Social Forces, 1-33.
Lafuente, G. (2015). The big data security challenge. Network security, 2015(1), 12-14.
Lewis, L. (2013). Digital identity: are students' views regarding digital representation
of'self'gendered?.
Mann, M. I. (2012). Hacking the human: social engineering techniques and security
countermeasures. Gower Publishing, Ltd..
Müller, K. U., & Neumann, M. (2015). How reliable are incidence estimates based on cross-
sectional distributions? Evidence from simulations and linked employer-employee
data.
Pandey, S. C. (2016, October). An efficient security solution for cloud environment.In Signal
Processing, Communication, Power and Embedded System (SCOPES), 2016
International Conference on (pp. 950-959).IEEE.
Pfeifer, C. (2016). InTRA-fIRMWAgeCOMPRessIOnAnDCOveRAge Of TRAInIngCOsTs:
evIDenCefROMLInkeDeMPLOyeR-eMPLOyee DATA. ILR Review, 69(2), 435-
454.
Rusinek, M., &Rycx, F. (2013). Rent‐Sharing under Different Bargaining Regimes: Evidence
from Linked Employer–Employee Data. British Journal of Industrial Relations, 51(1),
28-58.
Sari, K. (2013). Selection of RFID solution provider: a fuzzy multi-criteria decision model
with Monte Carlo simulation. Kybernetes, 42(3), 448-465.
Smith, M., & Ross, A. (2014). Workplace law: Employee privacy: Take care when dealing
with records. Proctor, The, 34(4), 42.
Sundararajan, A. (2014). Peer-to-peer businesses and the sharing (collaborative) economy:
Overview, economic effects and regulatory issues. Written testimony for the hearing
titled The Power of Connection: Peer to Peer Businesses.
Taylor, R. W., Fritsch, E. J., &Liederbach, J. (2014). Digital crime and digital
terrorism.Prentice Hall Press.
Zhao, F., Li, C., & Liu, C. F. (2014, February). A cloud computing security solution based on
fully homomorphic encryption. In Advanced Communication Technology (ICACT),
2014 16th International Conference on(pp. 485-488). IEEE.
evIDenCefROMLInkeDeMPLOyeR-eMPLOyee DATA. ILR Review, 69(2), 435-
454.
Rusinek, M., &Rycx, F. (2013). Rent‐Sharing under Different Bargaining Regimes: Evidence
from Linked Employer–Employee Data. British Journal of Industrial Relations, 51(1),
28-58.
Sari, K. (2013). Selection of RFID solution provider: a fuzzy multi-criteria decision model
with Monte Carlo simulation. Kybernetes, 42(3), 448-465.
Smith, M., & Ross, A. (2014). Workplace law: Employee privacy: Take care when dealing
with records. Proctor, The, 34(4), 42.
Sundararajan, A. (2014). Peer-to-peer businesses and the sharing (collaborative) economy:
Overview, economic effects and regulatory issues. Written testimony for the hearing
titled The Power of Connection: Peer to Peer Businesses.
Taylor, R. W., Fritsch, E. J., &Liederbach, J. (2014). Digital crime and digital
terrorism.Prentice Hall Press.
Zhao, F., Li, C., & Liu, C. F. (2014, February). A cloud computing security solution based on
fully homomorphic encryption. In Advanced Communication Technology (ICACT),
2014 16th International Conference on(pp. 485-488). IEEE.
Appendix
Group Communication
Student 1: I have searched in various journals, articles and on internet and found four security issues
that might affect the information of the employees in DAS.
Student 2: I have also found six security issues, seems two of them are common to your findings.
Student 1: ok then we will eliminate the common ones but what about privacy issues? I did not get
much because privacy and security seems to be interrelated.
Student 2: yes I have made research on the topic privacy issues and found four.
Student 1: oh! We have found some common issues. Let’s eliminate them and move ahead.
Student 2: what about SaaS implementation into SaaS?
Student 1: One of my neighbours is a businessman and using cloud for his small firm. He hinted me
some issues and I have also made research and found some issues related to their privacy.
Student 2: let’s start preparing the report, we have got enough materials.
Student 1: No wait! First collect all the related materials, where is network structure.
Student 2: don’t be panic I got this. See what you think (showing a handmade diagram on paper).
Student 1: You forgot my friend. We have to submit soft copy but I have an idea, first let’s make this
accurate by adding servers and mobile devices. I have an online tool MS Visio this could help.
Student 2: All set?
Student 1: yes. Let’s start.
Student 2: ok, time to type some words.
Group Communication
Student 1: I have searched in various journals, articles and on internet and found four security issues
that might affect the information of the employees in DAS.
Student 2: I have also found six security issues, seems two of them are common to your findings.
Student 1: ok then we will eliminate the common ones but what about privacy issues? I did not get
much because privacy and security seems to be interrelated.
Student 2: yes I have made research on the topic privacy issues and found four.
Student 1: oh! We have found some common issues. Let’s eliminate them and move ahead.
Student 2: what about SaaS implementation into SaaS?
Student 1: One of my neighbours is a businessman and using cloud for his small firm. He hinted me
some issues and I have also made research and found some issues related to their privacy.
Student 2: let’s start preparing the report, we have got enough materials.
Student 1: No wait! First collect all the related materials, where is network structure.
Student 2: don’t be panic I got this. See what you think (showing a handmade diagram on paper).
Student 1: You forgot my friend. We have to submit soft copy but I have an idea, first let’s make this
accurate by adding servers and mobile devices. I have an online tool MS Visio this could help.
Student 2: All set?
Student 1: yes. Let’s start.
Student 2: ok, time to type some words.
1 out of 22
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.