Risk Assessment for Cloud Implementation of Employee Database in an Organization
VerifiedAdded on  2023/06/08
|21
|6120
|275
AI Summary
The report analyzes the risks and threats associated with the cloud implementation of an employee database in an organization. It covers security and privacy maintenance, digital identity issues, and data sensitivity. The report provides insights on how to mitigate the risks further.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: RISK ASSESSMENT
Risk Assessment
Name of the Student
Name of the University
Author Note
Risk Assessment
Name of the Student
Name of the University
Author Note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1RISK ASSESSMENT
Executive Summary
The following report is based on the cloud implementation of employee database in an
organization to Saas Applications. For this purpose, a consultant has been approached in order to
justify the risks and threats regarding the transfer process. The entire report regarding the
deliverables of the consultant has been based on several processes that have helped in analyzing
the levels of security of different aspects of the organization. This have been represented in the
report as the security of the employee data, which is an important aspect as the database that
stores the confidential data of each employee can be extremely problematic if exposed to public
servers. The privacy functionalities of the employee data in the organization has further been
analyzed next to ensure that the organization has been utilizing proper measures to secure the
data associated with each employee. Further analysis has been presented on the Digital Identity
issues that the organization is currently been facing and the provider of solution issues. The latter
has been described from the perspective of the Saas application that has been providing service
to the organization for personal management. Finally, the report included the data sensitivity
issues which evaluate the data according to the organization’s control of data. After the analysis
of all these aspects have been done, it was found that risk occurs in several levels of the
transformation process right from the employee data to the cloud servers. The risks that can
cause further issues in the entire process have thus been described in details so that this report
can be taken as a reference for mitigating the risks further.
Executive Summary
The following report is based on the cloud implementation of employee database in an
organization to Saas Applications. For this purpose, a consultant has been approached in order to
justify the risks and threats regarding the transfer process. The entire report regarding the
deliverables of the consultant has been based on several processes that have helped in analyzing
the levels of security of different aspects of the organization. This have been represented in the
report as the security of the employee data, which is an important aspect as the database that
stores the confidential data of each employee can be extremely problematic if exposed to public
servers. The privacy functionalities of the employee data in the organization has further been
analyzed next to ensure that the organization has been utilizing proper measures to secure the
data associated with each employee. Further analysis has been presented on the Digital Identity
issues that the organization is currently been facing and the provider of solution issues. The latter
has been described from the perspective of the Saas application that has been providing service
to the organization for personal management. Finally, the report included the data sensitivity
issues which evaluate the data according to the organization’s control of data. After the analysis
of all these aspects have been done, it was found that risk occurs in several levels of the
transformation process right from the employee data to the cloud servers. The risks that can
cause further issues in the entire process have thus been described in details so that this report
can be taken as a reference for mitigating the risks further.
2RISK ASSESSMENT
Table of Contents
Introduction......................................................................................................................................3
Security of Employee Data..........................................................................................................4
Impending risks and threats.....................................................................................................4
Privacy of Employee Data...........................................................................................................7
Existing Threats.......................................................................................................................8
Additional Threats.................................................................................................................10
Risk Results...........................................................................................................................11
Digital Identity Issues................................................................................................................11
Provider Solution Issues............................................................................................................12
Data Sensitivity..........................................................................................................................13
Conclusion.....................................................................................................................................14
References......................................................................................................................................17
Table of Contents
Introduction......................................................................................................................................3
Security of Employee Data..........................................................................................................4
Impending risks and threats.....................................................................................................4
Privacy of Employee Data...........................................................................................................7
Existing Threats.......................................................................................................................8
Additional Threats.................................................................................................................10
Risk Results...........................................................................................................................11
Digital Identity Issues................................................................................................................11
Provider Solution Issues............................................................................................................12
Data Sensitivity..........................................................................................................................13
Conclusion.....................................................................................................................................14
References......................................................................................................................................17
3RISK ASSESSMENT
Introduction
Cloud computing is currently the most talked about and widely used technology all
around the world by different organizations as well as different individuals. It is a process by
which instead of physical existence of storage, management and processing of data; the entire
process is saved into the network hosted by Internet. However, there are several risks associated
with it as well, from both the perspectives of an organization and an individual. Since there is no
physical existence of the entire data storage and the public clouds are generally owned by third-
party cloud service providers, there are high chances of mishandling of data and other issues like
data breaches and ransomware attacks (Kaleeswari et al., 2018). Thus the following assignment
would present the topic of the risks associated with the Cloud and the Security and Privacy
Maintenance in a cloud environment from the perspective of an organization. In the current
project scenario, a consultant has been appointed to provide support and suggestions to a charity
based organization that provides support to the underprivileged. The number of people that the
organization has currently been providing services to is nearly 500 and has their own data centre
using the Linux based operating system by Red Hat (Younis, Kifayat & Merabti, 2014). The
servers are however owned by vendors providing cloud services. It has also been noted that the
cloud storage capacity for the entire organization ranges up to 200 TB of memory. The
consultant has been approached to report the entire security and privacy policy procurement for
the organization given the fact that the company has been purchasing personal management
application from a US based company working under SaaS environment. Thus, the entire report
regarding the deliverables of the consultant would be based on several processes that would help
in analyzing the levels of security of different aspects of the organization. This would be
Introduction
Cloud computing is currently the most talked about and widely used technology all
around the world by different organizations as well as different individuals. It is a process by
which instead of physical existence of storage, management and processing of data; the entire
process is saved into the network hosted by Internet. However, there are several risks associated
with it as well, from both the perspectives of an organization and an individual. Since there is no
physical existence of the entire data storage and the public clouds are generally owned by third-
party cloud service providers, there are high chances of mishandling of data and other issues like
data breaches and ransomware attacks (Kaleeswari et al., 2018). Thus the following assignment
would present the topic of the risks associated with the Cloud and the Security and Privacy
Maintenance in a cloud environment from the perspective of an organization. In the current
project scenario, a consultant has been appointed to provide support and suggestions to a charity
based organization that provides support to the underprivileged. The number of people that the
organization has currently been providing services to is nearly 500 and has their own data centre
using the Linux based operating system by Red Hat (Younis, Kifayat & Merabti, 2014). The
servers are however owned by vendors providing cloud services. It has also been noted that the
cloud storage capacity for the entire organization ranges up to 200 TB of memory. The
consultant has been approached to report the entire security and privacy policy procurement for
the organization given the fact that the company has been purchasing personal management
application from a US based company working under SaaS environment. Thus, the entire report
regarding the deliverables of the consultant would be based on several processes that would help
in analyzing the levels of security of different aspects of the organization. This would be
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4RISK ASSESSMENT
represented in the report as the security of the employee data, which is an important aspect as the
database that stores the confidential data of each employee can be extremely problematic if
exposed to public servers (Islam, Manivannan & Zeadally, 2016). The privacy functionalities of
the employee data in the organization would be analyzed next to ensure that the organization has
been utilizing proper measures to secure the data associated with each employee. Further
analysis would be presented on the Digital Identity issues that the organization is currently been
facing and the provider of solution issues. The latter will be described from the perspective of the
Saas application that has been providing service to the organization for personal management.
Finally, the report would include the data sensitivity issues which evaluate the data according to
the organization’s control of data.
Security of Employee Data
Impending risks and threats
Employee data in any organization is an extremely intricate property since this not only
contains personal information of an employee including their contact information and other
confidential information, but also the personal information of an employee can be linked to
classified information of the organization as well (Rao & Selvamani, 2015). The HR in-house
database has the ability to hold the information about different employees, but there are
impending risks with this database hosting in the cloud on the other hand. The consulting
company has noticed that there have been several problems associated with the cloud computing
technology in holding the employee data. These are described in details as below:
Breaching of Data: Cloud computing possesses the basic threat of breaching of data
which is very common in this technology. Cloud database is the hub of information therefore, by
represented in the report as the security of the employee data, which is an important aspect as the
database that stores the confidential data of each employee can be extremely problematic if
exposed to public servers (Islam, Manivannan & Zeadally, 2016). The privacy functionalities of
the employee data in the organization would be analyzed next to ensure that the organization has
been utilizing proper measures to secure the data associated with each employee. Further
analysis would be presented on the Digital Identity issues that the organization is currently been
facing and the provider of solution issues. The latter will be described from the perspective of the
Saas application that has been providing service to the organization for personal management.
Finally, the report would include the data sensitivity issues which evaluate the data according to
the organization’s control of data.
Security of Employee Data
Impending risks and threats
Employee data in any organization is an extremely intricate property since this not only
contains personal information of an employee including their contact information and other
confidential information, but also the personal information of an employee can be linked to
classified information of the organization as well (Rao & Selvamani, 2015). The HR in-house
database has the ability to hold the information about different employees, but there are
impending risks with this database hosting in the cloud on the other hand. The consulting
company has noticed that there have been several problems associated with the cloud computing
technology in holding the employee data. These are described in details as below:
Breaching of Data: Cloud computing possesses the basic threat of breaching of data
which is very common in this technology. Cloud database is the hub of information therefore, by
5RISK ASSESSMENT
hacking into it; any malicious attacker can access the intricate detailed information about an
organization or an individual user very easily (Sethi & Sruti, 2018). This information can be of
any kind, starting from name, address, contact information, bank details and any other detailed
credentials, that remain open to the attackers for misuse. This is the reason that many people are
affected at the same time by data attackers due to cloud computing environment.
APIs: An API is an application program interface that establishes communication
between a user and the cloud. Mostly the private organizations that provide cloud storage servers
to other companies maintain the advanced security to the API technology, so that they can secure
these networks from any kind of malicious attacker (Aggarwal, 2018). However, possibilities
still remain for any kind of vulnerabilities in this regard from the administrative areas of the
APIs.
Account hijacking: It is a common phenomenon in the cloud environment that to get
into a cloud server of any company or an individual, the attacker might gain access to an entire
account. This is mainly done with the help of a phishing method. The act of phishing accounts
mainly occurs due to the vulnerabilities of security systems in the cloud environment of an
individual or a company so that the networks handling them can be easily violated (Singh et al.,
2016). This creates a loophole in the system for the attackers to easily breach into the cloud
servers and get access to the accounts that is generally unauthorized to them.
SaaS Risks: It sometimes occurs in an organization that when the entire business process
is migrating to a new technology of SaaS, data security threats are attached with the entire
implementation. Every Saas Application is vulnerable to data breaches. To mitigate this risk, it is
mainly the responsibility of the SaaS network providers that this impending risk is taken into
hacking into it; any malicious attacker can access the intricate detailed information about an
organization or an individual user very easily (Sethi & Sruti, 2018). This information can be of
any kind, starting from name, address, contact information, bank details and any other detailed
credentials, that remain open to the attackers for misuse. This is the reason that many people are
affected at the same time by data attackers due to cloud computing environment.
APIs: An API is an application program interface that establishes communication
between a user and the cloud. Mostly the private organizations that provide cloud storage servers
to other companies maintain the advanced security to the API technology, so that they can secure
these networks from any kind of malicious attacker (Aggarwal, 2018). However, possibilities
still remain for any kind of vulnerabilities in this regard from the administrative areas of the
APIs.
Account hijacking: It is a common phenomenon in the cloud environment that to get
into a cloud server of any company or an individual, the attacker might gain access to an entire
account. This is mainly done with the help of a phishing method. The act of phishing accounts
mainly occurs due to the vulnerabilities of security systems in the cloud environment of an
individual or a company so that the networks handling them can be easily violated (Singh et al.,
2016). This creates a loophole in the system for the attackers to easily breach into the cloud
servers and get access to the accounts that is generally unauthorized to them.
SaaS Risks: It sometimes occurs in an organization that when the entire business process
is migrating to a new technology of SaaS, data security threats are attached with the entire
implementation. Every Saas Application is vulnerable to data breaches. To mitigate this risk, it is
mainly the responsibility of the SaaS network providers that this impending risk is taken into
6RISK ASSESSMENT
account and the entire transformation program is taken care of to protect confidential data
(Chhabra & Dixit, 2015). However, a SaaS network technology does not have an in-built feature
of protecting data, so this criterion is to be fulfilled by the people or the service providers who
are taking care of the network. Otherwise, the SaaS applications would not take into account the
data protecting feature on its own. It can further be noticed that when an organization is planning
on movement to a SaaS application in exchange of its previously used applications there is a
noticeable risk in down time. As all the data are moved to the provider of the SaaS so the users
have to rely on the providers to keep up the running of data (Tang & Liu, 2015). The user will no
longer have the control on data. Any mishap if happen in data controlling so it will impact a lot
in the particular organization. This the main risk of transferring the data to the SaaS application.
It is necessary for the SaaS providers to work with a lower downtime so that the risks can be
mitigated. Another risk in the SaaS application environment is that the proper implementation
plan needs to be according to the standards set by the technical laws of the country the
organization is set in. If it does not abide by said laws and orders, there might be a risk of legal
actions been taken on the organization.
Accumulated results of the threats: In the above discussion, all the threats and the
impending risks have been discussed in details regarding the problems. The primary threat that
these risks possess has the ability to attack a single entity user as well as an entire organization.
With more and more time passing, these risks are becoming larger in number since the cyber
attackers are increasingly using latest technologies for attacking the cloud servers (Seethamraju,
2015). This can also been noticed since there has been reports of increasing amounts of data
breaches in the recent times belting the reports from the entire world. This is a major threat as
intricate information and data belonging to a company or an individual or an employee
account and the entire transformation program is taken care of to protect confidential data
(Chhabra & Dixit, 2015). However, a SaaS network technology does not have an in-built feature
of protecting data, so this criterion is to be fulfilled by the people or the service providers who
are taking care of the network. Otherwise, the SaaS applications would not take into account the
data protecting feature on its own. It can further be noticed that when an organization is planning
on movement to a SaaS application in exchange of its previously used applications there is a
noticeable risk in down time. As all the data are moved to the provider of the SaaS so the users
have to rely on the providers to keep up the running of data (Tang & Liu, 2015). The user will no
longer have the control on data. Any mishap if happen in data controlling so it will impact a lot
in the particular organization. This the main risk of transferring the data to the SaaS application.
It is necessary for the SaaS providers to work with a lower downtime so that the risks can be
mitigated. Another risk in the SaaS application environment is that the proper implementation
plan needs to be according to the standards set by the technical laws of the country the
organization is set in. If it does not abide by said laws and orders, there might be a risk of legal
actions been taken on the organization.
Accumulated results of the threats: In the above discussion, all the threats and the
impending risks have been discussed in details regarding the problems. The primary threat that
these risks possess has the ability to attack a single entity user as well as an entire organization.
With more and more time passing, these risks are becoming larger in number since the cyber
attackers are increasingly using latest technologies for attacking the cloud servers (Seethamraju,
2015). This can also been noticed since there has been reports of increasing amounts of data
breaches in the recent times belting the reports from the entire world. This is a major threat as
intricate information and data belonging to a company or an individual or an employee
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7RISK ASSESSMENT
associated with a company is highly confidential. These can contain such valuable information
that an entire company can be demolished with the help of these as well as an individual’s bank
accounts can be violated to extort out money or causing any other kind of harm. Therefore, it is
absolutely essential that proper measures are taken to protect these data and information so that
they do not fall into the hands of these malevolent attackers easily (DÃaz, MartÃn & Rubio, 2016).
The phishing attacks can cause a person or an organization to lose a highly important data and an
attacker can use them for their own benefit. This is also a problem as the latest times have
witnessed a huge and exponential rise in the uses of networking and communicating devices by
an individual user and organizations as well. This is a huge risk as the cyber attackers get a huge
domain to exploit data devoid of physical existence. They get time and space to assess their
target and pursue their attacking activities. Therefore, any loophole in the system can cause a
huge problem for an individual as well as an organization.
Privacy of Employee Data
Maintaining the privacy of data is extremely important for a company since this can
cause further problems firstly to the employees and then to the organizations as a result if the
data is breached by a cyber attacker. Cyber attackers can assess any company in the market and
monitor them by their internet activities. One such activity is the one that a company performs
through the exchange of mails (Jungck & Rahman, 2015). Using a mail to exchange information
needs to be extremely cautious as it has to be made sure by an individual as well by an entire
organization that no confidential information is passed through emails. In addition to this, it has
also to be made sure that the people using emails do not click on to any unsolicited link from an
unauthorized source that they receive in mails. This is also to be made sure by the company that
associated with a company is highly confidential. These can contain such valuable information
that an entire company can be demolished with the help of these as well as an individual’s bank
accounts can be violated to extort out money or causing any other kind of harm. Therefore, it is
absolutely essential that proper measures are taken to protect these data and information so that
they do not fall into the hands of these malevolent attackers easily (DÃaz, MartÃn & Rubio, 2016).
The phishing attacks can cause a person or an organization to lose a highly important data and an
attacker can use them for their own benefit. This is also a problem as the latest times have
witnessed a huge and exponential rise in the uses of networking and communicating devices by
an individual user and organizations as well. This is a huge risk as the cyber attackers get a huge
domain to exploit data devoid of physical existence. They get time and space to assess their
target and pursue their attacking activities. Therefore, any loophole in the system can cause a
huge problem for an individual as well as an organization.
Privacy of Employee Data
Maintaining the privacy of data is extremely important for a company since this can
cause further problems firstly to the employees and then to the organizations as a result if the
data is breached by a cyber attacker. Cyber attackers can assess any company in the market and
monitor them by their internet activities. One such activity is the one that a company performs
through the exchange of mails (Jungck & Rahman, 2015). Using a mail to exchange information
needs to be extremely cautious as it has to be made sure by an individual as well by an entire
organization that no confidential information is passed through emails. In addition to this, it has
also to be made sure that the people using emails do not click on to any unsolicited link from an
unauthorized source that they receive in mails. This is also to be made sure by the company that
8RISK ASSESSMENT
no other employee can access the data of anyone else until and unless they are authorized to do
so. If it is found to be still operated in the organization, strict action should be taken against the
person responsible, even treating it as a criminal offense (Roy et al., 2015). This can be any
information of an individual employee, including the health information of the person.
Existing Threats
While protecting an in-house database, there are a huge set of threats existing in the
security systems that needs to be taken care of (Tiwari & Joshi, 2016). These threats are to be
discussed in details as below:
Malware threats: Malwares are malicious softwares or software containing viruses that
are designed to barge into any computer by clicking into undesignated links and haltering the
entire system or leaking out information and data that are otherwise kept under secured
environment (Ab Rahman & Choo, 2015). This is a perennial threat for any kind of in house
database that is protected by an organization. Malwares have a capability to infect a connecting
device and steal all the sensitive data that the databases hold.
Human Threats: This threat is classified as the human interaction of a person with any
device. This occurs due to the negligence of an individual in handling their designated device in
the organization. Due to this problem, data breaches occur at random. It is implied that a person
needs to be much more cautious in order to handle a device and for that proper training should be
given to each one of them (Mushtaq et al., 2017). It has been reported that unsolicited links being
clicked have added to cause such problems. Many phishing emails that are designed to breach
data have been clicked out of curiosity which should have otherwise been kept untouched
altogether. Therefore, any person should be focused while using a device or it can create a huge
no other employee can access the data of anyone else until and unless they are authorized to do
so. If it is found to be still operated in the organization, strict action should be taken against the
person responsible, even treating it as a criminal offense (Roy et al., 2015). This can be any
information of an individual employee, including the health information of the person.
Existing Threats
While protecting an in-house database, there are a huge set of threats existing in the
security systems that needs to be taken care of (Tiwari & Joshi, 2016). These threats are to be
discussed in details as below:
Malware threats: Malwares are malicious softwares or software containing viruses that
are designed to barge into any computer by clicking into undesignated links and haltering the
entire system or leaking out information and data that are otherwise kept under secured
environment (Ab Rahman & Choo, 2015). This is a perennial threat for any kind of in house
database that is protected by an organization. Malwares have a capability to infect a connecting
device and steal all the sensitive data that the databases hold.
Human Threats: This threat is classified as the human interaction of a person with any
device. This occurs due to the negligence of an individual in handling their designated device in
the organization. Due to this problem, data breaches occur at random. It is implied that a person
needs to be much more cautious in order to handle a device and for that proper training should be
given to each one of them (Mushtaq et al., 2017). It has been reported that unsolicited links being
clicked have added to cause such problems. Many phishing emails that are designed to breach
data have been clicked out of curiosity which should have otherwise been kept untouched
altogether. Therefore, any person should be focused while using a device or it can create a huge
9RISK ASSESSMENT
problem both for the device as well as the information it contains affecting the organization in
accordance to it.
Unmanaged data threats: Many companies have been found to be negligent in handling
user data, employee data as well as important data for the organization. Human involvement in
storage of data for the employees creates this problem as most of the time it has been found that
human errors have caused data breaches in an organization (Mishra et al., 2018). Unmanaged
data thus have a huge risk of being violated and exposed by any kind of malicious hacker
accessing the network for a supposed attack. This is like an open opportunity for them to barge
into the network and get hold these unmanaged data.
Threats due to excessive permissions: This threat occurs when an employee is given
too much of accessing permissions in an organization. The suggested method is that an employee
should be given as much access to user and employee database as needed. It has been found that
when an employee is given too much access over a network that he or she is able to take peek
into any employee information, there is a possibility that he or she might perform unsolicited
activities that can cause loss of data or even make it vulnerable to further exploitation by the
cyber attackers (Aikat et al., 2017). So it is necessary to give the privilege to the employee that
they required only not more than that or less than that limit.
Database injection threats: The injection attacks are performed to a database in order to
breach data by exploiting them. This is done by a malicious attacker by barging into vulnerable
accounts holding these important databases (Rittinghouse & Ransome, 2016). Mostly these are
the two typical types of databases comprising of traditional databases and the NoSql Database.
problem both for the device as well as the information it contains affecting the organization in
accordance to it.
Unmanaged data threats: Many companies have been found to be negligent in handling
user data, employee data as well as important data for the organization. Human involvement in
storage of data for the employees creates this problem as most of the time it has been found that
human errors have caused data breaches in an organization (Mishra et al., 2018). Unmanaged
data thus have a huge risk of being violated and exposed by any kind of malicious hacker
accessing the network for a supposed attack. This is like an open opportunity for them to barge
into the network and get hold these unmanaged data.
Threats due to excessive permissions: This threat occurs when an employee is given
too much of accessing permissions in an organization. The suggested method is that an employee
should be given as much access to user and employee database as needed. It has been found that
when an employee is given too much access over a network that he or she is able to take peek
into any employee information, there is a possibility that he or she might perform unsolicited
activities that can cause loss of data or even make it vulnerable to further exploitation by the
cyber attackers (Aikat et al., 2017). So it is necessary to give the privilege to the employee that
they required only not more than that or less than that limit.
Database injection threats: The injection attacks are performed to a database in order to
breach data by exploiting them. This is done by a malicious attacker by barging into vulnerable
accounts holding these important databases (Rittinghouse & Ransome, 2016). Mostly these are
the two typical types of databases comprising of traditional databases and the NoSql Database.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
10RISK ASSESSMENT
Additional Threats
While transferring employee data in SaaS application, many threats can be associated
with it. These threats are described in details as below:
Faulty Identity Management: It has been often found that the private organizations that
are responsible to provide cloud server identities are not that sophisticated when it comes to
respect the dignity of these service identities that reside behind the firewall of several enterprises
(Pham et al., 2017). This is because; there are many third party applications that have the ability
to access the data in the SaaS as these data do not have identity. This forms one of the major
risks that cloud environment is facing in the contemporary times.
Downfall in cloud standards: Security credentials are a standard that the cloud vendors
have been advertizing about in the recent times. This has found to be a problem after SAS 70 has
been audited. The cloud standard becomes very low in these matter, thus there is no security of
data in SaaS Applications (Kavis, 2014). Therefore, it is required that an organization adapts to
the security standards that are required when a data is transferred to SaaS Applications.
Data Security Threats: The main problem with the vendor of any cloud server is that
they put forward their capability of giving more security to the data much more than they are
capable of. Due to this, most organizations tend to have the idea that the SaaS security is that
good in securing employee data. However, the customers of the cloud vendors do not believe
that the SaaS providers are secretive about their processes of the security (Ali, Khan &
Vasilakos, 2015). Most of the cloud vendors do not show the actual amount of data centres and
the operations they actually provides. Since, they do not disclose all the necessary information to
the customers so there is a chance of compromising with the security. Customers and analysts of
Additional Threats
While transferring employee data in SaaS application, many threats can be associated
with it. These threats are described in details as below:
Faulty Identity Management: It has been often found that the private organizations that
are responsible to provide cloud server identities are not that sophisticated when it comes to
respect the dignity of these service identities that reside behind the firewall of several enterprises
(Pham et al., 2017). This is because; there are many third party applications that have the ability
to access the data in the SaaS as these data do not have identity. This forms one of the major
risks that cloud environment is facing in the contemporary times.
Downfall in cloud standards: Security credentials are a standard that the cloud vendors
have been advertizing about in the recent times. This has found to be a problem after SAS 70 has
been audited. The cloud standard becomes very low in these matter, thus there is no security of
data in SaaS Applications (Kavis, 2014). Therefore, it is required that an organization adapts to
the security standards that are required when a data is transferred to SaaS Applications.
Data Security Threats: The main problem with the vendor of any cloud server is that
they put forward their capability of giving more security to the data much more than they are
capable of. Due to this, most organizations tend to have the idea that the SaaS security is that
good in securing employee data. However, the customers of the cloud vendors do not believe
that the SaaS providers are secretive about their processes of the security (Ali, Khan &
Vasilakos, 2015). Most of the cloud vendors do not show the actual amount of data centres and
the operations they actually provides. Since, they do not disclose all the necessary information to
the customers so there is a chance of compromising with the security. Customers and analysts of
11RISK ASSESSMENT
the industry are at rageby the response by the SaaS providers. The customer must not give their
data for the security if the vendor is not transparent.
Risk Results
Malware attacks happening in a database can cause several problems to the employees and
further affecting a database. This should be taken care of by individual employees so that they
do not fall prey to further phishing attacks by malevolent cyber attackers (Hsu et al., 2014). It has
been found that 35 per cent of the attacks and phishing problems are mostly caused due to the
human negligence. Lack of knowledge in using this kind of database forms these threats;
therefore, it is essential that the human activity behind handling the database is controlled. The
employees need to be trained accordingly to make them aware of the threats and risks so that
they can be more cautious while handling them.
Digital Identity Issues
Digital identity is at a higher risk of getting exposed while data is being migrated from a
traditional database to a SaaS application. When a network or an online resource is being used,
digital identity of a data gets stored in a database (Botta et al., 2016). Normally, a data identity is
used to protect data from potential data threats and cyber crimes. Thus, losing the integrity of
data can s=cause several problems. It is to be thus made sure that all the online websites must be
used cautiously so that data identity integrity is kept intact.
For example, while accessing a banking website, it is to be made sure that all the account
information of an individual is to be kept totally under wraps. If any negligence is paid heed to,
there must be a huge risk of losing all the account information to a malicious hacker who might
barge into the bank account of a non-suspecting person and cause severe harm to the individual
the industry are at rageby the response by the SaaS providers. The customer must not give their
data for the security if the vendor is not transparent.
Risk Results
Malware attacks happening in a database can cause several problems to the employees and
further affecting a database. This should be taken care of by individual employees so that they
do not fall prey to further phishing attacks by malevolent cyber attackers (Hsu et al., 2014). It has
been found that 35 per cent of the attacks and phishing problems are mostly caused due to the
human negligence. Lack of knowledge in using this kind of database forms these threats;
therefore, it is essential that the human activity behind handling the database is controlled. The
employees need to be trained accordingly to make them aware of the threats and risks so that
they can be more cautious while handling them.
Digital Identity Issues
Digital identity is at a higher risk of getting exposed while data is being migrated from a
traditional database to a SaaS application. When a network or an online resource is being used,
digital identity of a data gets stored in a database (Botta et al., 2016). Normally, a data identity is
used to protect data from potential data threats and cyber crimes. Thus, losing the integrity of
data can s=cause several problems. It is to be thus made sure that all the online websites must be
used cautiously so that data identity integrity is kept intact.
For example, while accessing a banking website, it is to be made sure that all the account
information of an individual is to be kept totally under wraps. If any negligence is paid heed to,
there must be a huge risk of losing all the account information to a malicious hacker who might
barge into the bank account of a non-suspecting person and cause severe harm to the individual
12RISK ASSESSMENT
(Garg, 2017). For this, a hacker mostly targets innocent individuals through their social accounts
where identity is a vulnerable issue. The main thing that has been in focus in the contemporary
times in accordance to the threat of identity leak is many websites tracks the activity of the user
and stored the digital identity of that individual. The way in which they track the data is very
sophisticated and the individuals are not aware of the fact that a particular user data is being
tracked.
Therefore, it is absolutely necessary to protect the identity of a person in the digital world
or the cyber world as the data in this environment is extremely sensitive.
Provider Solution Issues
SaaS applications are provided via a private server owned by a third-party organization.
However, it cloud implementation of SaaS application, protecting a data is becoming more and
more complex as the hackers are implementing revolutionary ways to hack any kind of
vulnerable data they find. To provide optimum security of data it necessary to mitigate all the
risk those are associated with. SaaS provide security to the data of big, medium, and small
companies and the partner of the provider (Wu et al., 2015). It is necessary for the provider to
manage the data security properly. There have been several mitigation processes utilized to
protect sensitive employee data so that they do not fall vulnerable to the risk of being hacked and
breached. These mitigation processes are listed as below:
Primary cloud provider: In this era of innumerable cloud providers, it is important to
find a feasible cloud provider with all the realized data security and risk mitigation
functionalities (Marinescu, 2017). These vendors are identified with their unique quality of well
(Garg, 2017). For this, a hacker mostly targets innocent individuals through their social accounts
where identity is a vulnerable issue. The main thing that has been in focus in the contemporary
times in accordance to the threat of identity leak is many websites tracks the activity of the user
and stored the digital identity of that individual. The way in which they track the data is very
sophisticated and the individuals are not aware of the fact that a particular user data is being
tracked.
Therefore, it is absolutely necessary to protect the identity of a person in the digital world
or the cyber world as the data in this environment is extremely sensitive.
Provider Solution Issues
SaaS applications are provided via a private server owned by a third-party organization.
However, it cloud implementation of SaaS application, protecting a data is becoming more and
more complex as the hackers are implementing revolutionary ways to hack any kind of
vulnerable data they find. To provide optimum security of data it necessary to mitigate all the
risk those are associated with. SaaS provide security to the data of big, medium, and small
companies and the partner of the provider (Wu et al., 2015). It is necessary for the provider to
manage the data security properly. There have been several mitigation processes utilized to
protect sensitive employee data so that they do not fall vulnerable to the risk of being hacked and
breached. These mitigation processes are listed as below:
Primary cloud provider: In this era of innumerable cloud providers, it is important to
find a feasible cloud provider with all the realized data security and risk mitigation
functionalities (Marinescu, 2017). These vendors are identified with their unique quality of well
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
13RISK ASSESSMENT
established nature including experience in data security standards and regulation of protecting
data.
Cloud provider contracts: The contracts that is made between and organization and
cloud service provider should be made clear about all the amenities to be provided (Purcell,
2014). This should be an open ended contract where error would be able to be mitigated from
both sides.
Recovery of facilities: Data recovery is the best policy that a cloud provider can offer to
its client organization. This is to assure the client that even if there is any loss of data, it can be
easily recovered so that the client does not have to suffer further losses.
Encryption of data: If the data is encrypted properly then the cloud vendor will not have
that worry about data breach because encrypted data cannot be accessed by unauthorized persons
(Safa et al., 2015). This assurance makes a cloud service provider appear safer than the others
and reliable enough to be approached.
Business Service Security: The cloud service provider having the best cloud security
services are the right ones to approach (Chang et al., 2016). For employee data in HR systems,
this is essentially necessary as there have already been many discussions before in the report
with regards to data integrity of an employee in an organization and that any breaching of
employee data can in turn cause crumble to the entire organization as a whole.
Data Sensitivity
In an organization, different databases hold innumerable data regarding the daily
transactions and actions of a company. Not all of these data can be regarded as sensitive.
established nature including experience in data security standards and regulation of protecting
data.
Cloud provider contracts: The contracts that is made between and organization and
cloud service provider should be made clear about all the amenities to be provided (Purcell,
2014). This should be an open ended contract where error would be able to be mitigated from
both sides.
Recovery of facilities: Data recovery is the best policy that a cloud provider can offer to
its client organization. This is to assure the client that even if there is any loss of data, it can be
easily recovered so that the client does not have to suffer further losses.
Encryption of data: If the data is encrypted properly then the cloud vendor will not have
that worry about data breach because encrypted data cannot be accessed by unauthorized persons
(Safa et al., 2015). This assurance makes a cloud service provider appear safer than the others
and reliable enough to be approached.
Business Service Security: The cloud service provider having the best cloud security
services are the right ones to approach (Chang et al., 2016). For employee data in HR systems,
this is essentially necessary as there have already been many discussions before in the report
with regards to data integrity of an employee in an organization and that any breaching of
employee data can in turn cause crumble to the entire organization as a whole.
Data Sensitivity
In an organization, different databases hold innumerable data regarding the daily
transactions and actions of a company. Not all of these data can be regarded as sensitive.
14RISK ASSESSMENT
However, employee data in the HR system database is to be regarded as highly sensitive data.
This is because employee data in an organization contains the personal information of an
individual employee including their contact details and sometimes even the bank account details.
If any of these data is exposed in the vulnerable cloud environment, there are high chances that
these data can be mishandled and misused by malicious cyber attackers. On an individual
perspective this is very dangerous, since all the personal information would be exposed to and
unauthorized personnel. On the other hand, the data would also be exposed about the
organization where the employee is designated to (Avram, 2014). Breaching of sensitive data
about the employees has a potential of crumbling an entire organization, and this have been
reported to actually take place in the recent times. There are also multiple implications imposed
on the hacking of sensitive data from a legal and ethical point of view. Ethically, in an
organization it is only a designated Human Resource team member who is most likely to have
access to employee data. Therefore, they must maintain the ethical laws in handling these data so
that they do not fall under the garbs of any unauthorized person initially. Maintaining the ethical
way of handling these data would maintain the initial integrity of the sensitivity of these data.
Conclusion
Therefore, it can be concluded that transferring an existing HR system with all relevant
employee data can be problematic and have a huge set of impending risks and threats while the
transformation is going on. In the following assignment it has been presented that the topic of the
risks associated with the Cloud and the Security and Privacy Maintenance in a cloud
environment is generally taken from the perspective of an organization. In the current project
scenario, a consultant has been appointed to provide support and suggestions to a charity based
However, employee data in the HR system database is to be regarded as highly sensitive data.
This is because employee data in an organization contains the personal information of an
individual employee including their contact details and sometimes even the bank account details.
If any of these data is exposed in the vulnerable cloud environment, there are high chances that
these data can be mishandled and misused by malicious cyber attackers. On an individual
perspective this is very dangerous, since all the personal information would be exposed to and
unauthorized personnel. On the other hand, the data would also be exposed about the
organization where the employee is designated to (Avram, 2014). Breaching of sensitive data
about the employees has a potential of crumbling an entire organization, and this have been
reported to actually take place in the recent times. There are also multiple implications imposed
on the hacking of sensitive data from a legal and ethical point of view. Ethically, in an
organization it is only a designated Human Resource team member who is most likely to have
access to employee data. Therefore, they must maintain the ethical laws in handling these data so
that they do not fall under the garbs of any unauthorized person initially. Maintaining the ethical
way of handling these data would maintain the initial integrity of the sensitivity of these data.
Conclusion
Therefore, it can be concluded that transferring an existing HR system with all relevant
employee data can be problematic and have a huge set of impending risks and threats while the
transformation is going on. In the following assignment it has been presented that the topic of the
risks associated with the Cloud and the Security and Privacy Maintenance in a cloud
environment is generally taken from the perspective of an organization. In the current project
scenario, a consultant has been appointed to provide support and suggestions to a charity based
15RISK ASSESSMENT
organization that provides support to the underprivileged. The number of people that the
organization has currently been providing services to is nearly 500 and has their own data centre
using the Linux based operating system by Red Hat. The servers are however owned by vendors
providing cloud services. It has also been noted that the cloud storage capacity for the entire
organization ranges up to 200 TB of memory. The consultant has been approached to report the
entire security and privacy policy procurement for the organization given the fact that the
company has been purchasing personal management application from a US based company
working under SaaS environment. Thus, the entire report regarding the deliverables of the
consultant has been based on several processes that have helped in analyzing the levels of
security of different aspects of the organization. This have been represented in the report as the
security of the employee data, which is an important aspect as the database that stores the
confidential data of each employee can be extremely problematic if exposed to public servers.
The privacy functionalities of the employee data in the organization has further been analyzed
next to ensure that the organization has been utilizing proper measures to secure the data
associated with each employee. Further analysis has been presented on the Digital Identity issues
that the organization is currently been facing and the provider of solution issues. The latter has
been described from the perspective of the Saas application that has been providing service to the
organization for personal management. Finally, the report included the data sensitivity issues
which evaluate the data according to the organization’s control of data. After the analysis of all
these aspects have been done, it was found that risk occurs in several levels of the transformation
process right from the employee data to the cloud servers. The risks that can cause further issues
in the entire process have thus been described in details so that this report can be taken as a
reference for mitigating the risks further. The consultant team has been successful in analyzing
organization that provides support to the underprivileged. The number of people that the
organization has currently been providing services to is nearly 500 and has their own data centre
using the Linux based operating system by Red Hat. The servers are however owned by vendors
providing cloud services. It has also been noted that the cloud storage capacity for the entire
organization ranges up to 200 TB of memory. The consultant has been approached to report the
entire security and privacy policy procurement for the organization given the fact that the
company has been purchasing personal management application from a US based company
working under SaaS environment. Thus, the entire report regarding the deliverables of the
consultant has been based on several processes that have helped in analyzing the levels of
security of different aspects of the organization. This have been represented in the report as the
security of the employee data, which is an important aspect as the database that stores the
confidential data of each employee can be extremely problematic if exposed to public servers.
The privacy functionalities of the employee data in the organization has further been analyzed
next to ensure that the organization has been utilizing proper measures to secure the data
associated with each employee. Further analysis has been presented on the Digital Identity issues
that the organization is currently been facing and the provider of solution issues. The latter has
been described from the perspective of the Saas application that has been providing service to the
organization for personal management. Finally, the report included the data sensitivity issues
which evaluate the data according to the organization’s control of data. After the analysis of all
these aspects have been done, it was found that risk occurs in several levels of the transformation
process right from the employee data to the cloud servers. The risks that can cause further issues
in the entire process have thus been described in details so that this report can be taken as a
reference for mitigating the risks further. The consultant team has been successful in analyzing
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
16RISK ASSESSMENT
the entire matter that has been stated in the case study thus jotting out all the possible risks in the
entire transfer process.
the entire matter that has been stated in the case study thus jotting out all the possible risks in the
entire transfer process.
17RISK ASSESSMENT
References
Ab Rahman, N. H., & Choo, K. K. R. (2015). A survey of information security incident handling
in the cloud. Computers & Security, 49, 45-69.
Aggarwal, R. (2018). Resource Provisioning and Resource Allocation in Cloud Computing
Environment.
Aikat, J., Akella, A., Chase, J. S., Juels, A., Reiter, M., Ristenpart, T., ... & Swift, M. (2017).
Rethinking security in the era of cloud computing. IEEE Security & Privacy.
Ali, M., Khan, S. U., & Vasilakos, A. V. (2015). Security in cloud computing: Opportunities and
challenges. Information sciences, 305, 357-383.
Avram, M. G. (2014). Advantages and challenges of adopting cloud computing from an
enterprise perspective. Procedia Technology, 12, 529-534.
Botta, A., De Donato, W., Persico, V., & Pescapé, A. (2016). Integration of cloud computing and
internet of things: a survey. Future Generation Computer Systems, 56, 684-700.
Chang, V., Kuo, Y. H., & Ramachandran, M. (2016). Cloud computing adoption framework: A
security framework for business clouds. Future Generation Computer Systems, 57, 24-41.
Chhabra, S., & Dixit, V. S. (2015). Cloud computing: State of the art and security issues. ACM
SIGSOFT Software Engineering Notes, 40(2), 1-11.
References
Ab Rahman, N. H., & Choo, K. K. R. (2015). A survey of information security incident handling
in the cloud. Computers & Security, 49, 45-69.
Aggarwal, R. (2018). Resource Provisioning and Resource Allocation in Cloud Computing
Environment.
Aikat, J., Akella, A., Chase, J. S., Juels, A., Reiter, M., Ristenpart, T., ... & Swift, M. (2017).
Rethinking security in the era of cloud computing. IEEE Security & Privacy.
Ali, M., Khan, S. U., & Vasilakos, A. V. (2015). Security in cloud computing: Opportunities and
challenges. Information sciences, 305, 357-383.
Avram, M. G. (2014). Advantages and challenges of adopting cloud computing from an
enterprise perspective. Procedia Technology, 12, 529-534.
Botta, A., De Donato, W., Persico, V., & Pescapé, A. (2016). Integration of cloud computing and
internet of things: a survey. Future Generation Computer Systems, 56, 684-700.
Chang, V., Kuo, Y. H., & Ramachandran, M. (2016). Cloud computing adoption framework: A
security framework for business clouds. Future Generation Computer Systems, 57, 24-41.
Chhabra, S., & Dixit, V. S. (2015). Cloud computing: State of the art and security issues. ACM
SIGSOFT Software Engineering Notes, 40(2), 1-11.
18RISK ASSESSMENT
DÃaz, M., MartÃn, C., & Rubio, B. (2016). State-of-the-art, challenges, and open issues in the
integration of Internet of things and cloud computing. Journal of Network and Computer
Applications, 67, 99-117.
Garg, S. (2017). Survey on Cloud Computing and Data Masking Techniques.
Hsu, P. F., Ray, S., & Li-Hsieh, Y. Y. (2014). Examining cloud computing adoption intention,
pricing mechanism, and deployment model. International Journal of Information
Management, 34(4), 474-488.
Islam, T., Manivannan, D., & Zeadally, S. (2016). A classification and characterization of
security threats in cloud computing. Int. J. Next-Gener. Comput, 7(1).
Jungck, K., & Rahman, S. (2015). Cloud computing avoids downfall of application service
providers. arXiv preprint arXiv:1512.00061.
Kaleeswari, C., Maheswari, P., Kuppusamy, K., & Jeyabalu, M. (2018). A Brief Review on
Cloud Security Scenarios.
Kavis, M. J. (2014). Architecting the cloud: design decisions for cloud computing service models
(SaaS, PaaS, and IaaS). John Wiley & Sons.
Marinescu, D. C. (2017). Cloud computing: theory and practice. Morgan Kaufmann.
Mishra, N., Sharma, T. K., Sharma, V., & Vimal, V. (2018). Secure Framework for Data
Security in Cloud Computing. In Soft Computing: Theories and Applications (pp. 61-71).
Springer, Singapore.
DÃaz, M., MartÃn, C., & Rubio, B. (2016). State-of-the-art, challenges, and open issues in the
integration of Internet of things and cloud computing. Journal of Network and Computer
Applications, 67, 99-117.
Garg, S. (2017). Survey on Cloud Computing and Data Masking Techniques.
Hsu, P. F., Ray, S., & Li-Hsieh, Y. Y. (2014). Examining cloud computing adoption intention,
pricing mechanism, and deployment model. International Journal of Information
Management, 34(4), 474-488.
Islam, T., Manivannan, D., & Zeadally, S. (2016). A classification and characterization of
security threats in cloud computing. Int. J. Next-Gener. Comput, 7(1).
Jungck, K., & Rahman, S. (2015). Cloud computing avoids downfall of application service
providers. arXiv preprint arXiv:1512.00061.
Kaleeswari, C., Maheswari, P., Kuppusamy, K., & Jeyabalu, M. (2018). A Brief Review on
Cloud Security Scenarios.
Kavis, M. J. (2014). Architecting the cloud: design decisions for cloud computing service models
(SaaS, PaaS, and IaaS). John Wiley & Sons.
Marinescu, D. C. (2017). Cloud computing: theory and practice. Morgan Kaufmann.
Mishra, N., Sharma, T. K., Sharma, V., & Vimal, V. (2018). Secure Framework for Data
Security in Cloud Computing. In Soft Computing: Theories and Applications (pp. 61-71).
Springer, Singapore.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
19RISK ASSESSMENT
Mushtaq, M. F., Akram, U., Khan, I., Khan, S. N., Shahzad, A., & Ullah, A. (2017). Cloud
Computing Environment and Security Challenges: A Review. International Journal of
Advanced Computer Science and Application, 8(10), 183-195.
Pham, V. V. H., Liu, X., Zheng, X., Fu, M., Deshpande, S. V., Xia, W., ... & Abdelrazek, M.
(2017, May). PaaS-black or white: an investigation into software development model for
building retail industry SaaS. In Software Engineering Companion (ICSE-C), 2017
IEEE/ACM 39th International Conference on (pp. 285-287). IEEE.
Purcell, B. M. (2014). Big data using cloud computing. Journal of Technology Research, 5, 1.
Rao, R. V., & Selvamani, K. (2015). Data security challenges and its solutions in cloud
computing. Procedia Computer Science, 48, 204-209.
Rittinghouse, J. W., & Ransome, J. F. (2016). Cloud computing: implementation, management,
and security. CRC press.
Roy, A., Sarkar, S., Ganesan, R., & Goel, G. (2015). Secure the cloud: From the perspective of a
service-oriented organization. ACM Computing Surveys (CSUR), 47(3), 41.
Safa, N. S., Sookhak, M., Von Solms, R., Furnell, S., Ghani, N. A., & Herawan, T. (2015).
Information security conscious care behaviour formation in organizations. Computers &
Security, 53, 65-78.
Sainadh, P. S. V., Kumar, U. S., & Reddy, S. H. (2017). Security Issues in Cloud Computing.
Seethamraju, R. (2015). Adoption of software as a service (SaaS) enterprise resource planning
(ERP) systems in small and medium sized enterprises (SMEs). Information systems
frontiers, 17(3), 475-492.
Mushtaq, M. F., Akram, U., Khan, I., Khan, S. N., Shahzad, A., & Ullah, A. (2017). Cloud
Computing Environment and Security Challenges: A Review. International Journal of
Advanced Computer Science and Application, 8(10), 183-195.
Pham, V. V. H., Liu, X., Zheng, X., Fu, M., Deshpande, S. V., Xia, W., ... & Abdelrazek, M.
(2017, May). PaaS-black or white: an investigation into software development model for
building retail industry SaaS. In Software Engineering Companion (ICSE-C), 2017
IEEE/ACM 39th International Conference on (pp. 285-287). IEEE.
Purcell, B. M. (2014). Big data using cloud computing. Journal of Technology Research, 5, 1.
Rao, R. V., & Selvamani, K. (2015). Data security challenges and its solutions in cloud
computing. Procedia Computer Science, 48, 204-209.
Rittinghouse, J. W., & Ransome, J. F. (2016). Cloud computing: implementation, management,
and security. CRC press.
Roy, A., Sarkar, S., Ganesan, R., & Goel, G. (2015). Secure the cloud: From the perspective of a
service-oriented organization. ACM Computing Surveys (CSUR), 47(3), 41.
Safa, N. S., Sookhak, M., Von Solms, R., Furnell, S., Ghani, N. A., & Herawan, T. (2015).
Information security conscious care behaviour formation in organizations. Computers &
Security, 53, 65-78.
Sainadh, P. S. V., Kumar, U. S., & Reddy, S. H. (2017). Security Issues in Cloud Computing.
Seethamraju, R. (2015). Adoption of software as a service (SaaS) enterprise resource planning
(ERP) systems in small and medium sized enterprises (SMEs). Information systems
frontiers, 17(3), 475-492.
20RISK ASSESSMENT
Sethi, S., & Sruti, S. (2018). Cloud Security Issues and Challenges. In Cyber Security and
Threats: Concepts, Methodologies, Tools, and Applications (pp. 77-92). IGI Global.
Singh, S., Jeong, Y. S., & Park, J. H. (2016). A survey on cloud computing security: Issues,
threats, and solutions. Journal of Network and Computer Applications, 75, 200-222.
Tang, C., & Liu, J. (2015). Selecting a trusted cloud service provider for your SaaS
program. Computers & Security, 50, 60-73.
Tiwari, P. K., & Joshi, S. (2016). Data security for software as a service. In Web-Based Services:
Concepts, Methodologies, Tools, and Applications (pp. 864-880). IGI Global.
Wu, D., Rosen, D. W., Wang, L., & Schaefer, D. (2015). Cloud-based design and manufacturing:
A new paradigm in digital manufacturing and design innovation. Computer-Aided
Design, 59, 1-14.
Younis, Y. A., Kifayat, K., & Merabti, M. (2014). An access control model for cloud
computing. Journal of Information Security and Applications, 19(1), 45-60.
Sethi, S., & Sruti, S. (2018). Cloud Security Issues and Challenges. In Cyber Security and
Threats: Concepts, Methodologies, Tools, and Applications (pp. 77-92). IGI Global.
Singh, S., Jeong, Y. S., & Park, J. H. (2016). A survey on cloud computing security: Issues,
threats, and solutions. Journal of Network and Computer Applications, 75, 200-222.
Tang, C., & Liu, J. (2015). Selecting a trusted cloud service provider for your SaaS
program. Computers & Security, 50, 60-73.
Tiwari, P. K., & Joshi, S. (2016). Data security for software as a service. In Web-Based Services:
Concepts, Methodologies, Tools, and Applications (pp. 864-880). IGI Global.
Wu, D., Rosen, D. W., Wang, L., & Schaefer, D. (2015). Cloud-based design and manufacturing:
A new paradigm in digital manufacturing and design innovation. Computer-Aided
Design, 59, 1-14.
Younis, Y. A., Kifayat, K., & Merabti, M. (2014). An access control model for cloud
computing. Journal of Information Security and Applications, 19(1), 45-60.
1 out of 21
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
 +13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024  |  Zucol Services PVT LTD  |  All rights reserved.