Security of Employee Data Assignment 2022
Analyzing the security and privacy risks associated with the migration of employee data to a shared services approach in an Australian State Government department.
17 Pages5058 Words16 Views
Added on 2022-10-11
Security of Employee Data Assignment 2022
Analyzing the security and privacy risks associated with the migration of employee data to a shared services approach in an Australian State Government department.
Added on 2022-10-11
ShareRelated Documents
Introduction:
1. Security of Employee Data
S.No Security
Threat/Risk
Description
Likelihoo
d
Impact
Priority Preventive
Actions
Contingency
Plans
1. Data Access
Risk
VL H L 1. The company
should check all the
terms and
conditions related to
the SaaS.
2. Every user
should review all the
procedure that can
be implemented by
the SaaS.
1. The company
implement
appropriate
measure of the
security.
2. The company
should not
implement this
without the prior
authorization.
2. Instability H L VH The company should
read all the policies
related to the
insatiability of SaaS.
The DAS company
must know all the
issues related to the
SaaS that is before
giving the money.
The leakage of
the software can
prevent by using
the other
software that
cannot be
accessed by the
hackers and also
there must be
some IT
professional who
are able to stop
this kind of the
activity.
3. Lack of
transparency
VL M M The company DAS
must provide the
provider of the SaaS
about the issue
related to the
transparency. This
company must know
related to the data
so that there must
be no security
issues
The less amount
of the
transparency can
fall the company
into the trouble
that can be
prevented the
proper
communication
among the
employee who
can tackle this
kind of data
4. Identity the
theft
VL L VH The DAS company
can implement
different kinds of
the software tools
that can help to
prevent the identity
theft.
The cloud
interface of the
company should
be encrypted in
such a way that
it cannot be
accessed by the
1. Security of Employee Data
S.No Security
Threat/Risk
Description
Likelihoo
d
Impact
Priority Preventive
Actions
Contingency
Plans
1. Data Access
Risk
VL H L 1. The company
should check all the
terms and
conditions related to
the SaaS.
2. Every user
should review all the
procedure that can
be implemented by
the SaaS.
1. The company
implement
appropriate
measure of the
security.
2. The company
should not
implement this
without the prior
authorization.
2. Instability H L VH The company should
read all the policies
related to the
insatiability of SaaS.
The DAS company
must know all the
issues related to the
SaaS that is before
giving the money.
The leakage of
the software can
prevent by using
the other
software that
cannot be
accessed by the
hackers and also
there must be
some IT
professional who
are able to stop
this kind of the
activity.
3. Lack of
transparency
VL M M The company DAS
must provide the
provider of the SaaS
about the issue
related to the
transparency. This
company must know
related to the data
so that there must
be no security
issues
The less amount
of the
transparency can
fall the company
into the trouble
that can be
prevented the
proper
communication
among the
employee who
can tackle this
kind of data
4. Identity the
theft
VL L VH The DAS company
can implement
different kinds of
the software tools
that can help to
prevent the identity
theft.
The cloud
interface of the
company should
be encrypted in
such a way that
it cannot be
accessed by the
The company must
pay large amount
money for the
security of the
employee details.
unauthorized
person.
5. Malware
attacks
VL L H The DAS company
should prevent the
different kinds of
the malware attacks
by using the strong
firewall security in
the software.
The system can be
prevented from the
malware attacks by
implementing the
appropriate SaaS
tools.
The malware can
be the major
security concerns
of the company.
It can be
protected by
using some
security tools
that can be
handled by the
different It
professional in
the company.
o Existing security threats to Employee data
Likelihood - VL, L,M, H, VH
Impact- - VL, L,M, H, VH
Priority- - VL, L, M,H, VH
Explain issues
1. Data access risk: The data access risk can be the great issue for the DAS
Company. If the company does not have any solution that then any unauthorized
person can access the sensitive as well as the data related to the company
(Aazam et al., 2014). As this is an administrative service company, so there
must be various amounts of important data. There should be any strong security
mechanism for protecting the unauthorized access (Ahmed & Hossain, 2014).
There should be strong security mechanism for protecting this kind of the data.
2. Instability: It is also an important security issues related to the DAS
Company. Insatiability is the leakage of the data that can be the major security
threat to the company. Leakage of the important data can lead to the loss of the
sensitive data in the company (Almorsy, Grundy & Müller, 2016). The
company must have some proper solution that is related to the leakage of the
data. Leakage of the data of the DAS Company can lead to the security threats
related to the company. The data leakage can lead to the major damage of the
data of the DAS Company.
3. Lack of transparency: It is an important security issues related to the
company. There should be any kind of the transparency related to data of the
company and also there are different kinds of the SaaS providers that are opting
pay large amount
money for the
security of the
employee details.
unauthorized
person.
5. Malware
attacks
VL L H The DAS company
should prevent the
different kinds of
the malware attacks
by using the strong
firewall security in
the software.
The system can be
prevented from the
malware attacks by
implementing the
appropriate SaaS
tools.
The malware can
be the major
security concerns
of the company.
It can be
protected by
using some
security tools
that can be
handled by the
different It
professional in
the company.
o Existing security threats to Employee data
Likelihood - VL, L,M, H, VH
Impact- - VL, L,M, H, VH
Priority- - VL, L, M,H, VH
Explain issues
1. Data access risk: The data access risk can be the great issue for the DAS
Company. If the company does not have any solution that then any unauthorized
person can access the sensitive as well as the data related to the company
(Aazam et al., 2014). As this is an administrative service company, so there
must be various amounts of important data. There should be any strong security
mechanism for protecting the unauthorized access (Ahmed & Hossain, 2014).
There should be strong security mechanism for protecting this kind of the data.
2. Instability: It is also an important security issues related to the DAS
Company. Insatiability is the leakage of the data that can be the major security
threat to the company. Leakage of the important data can lead to the loss of the
sensitive data in the company (Almorsy, Grundy & Müller, 2016). The
company must have some proper solution that is related to the leakage of the
data. Leakage of the data of the DAS Company can lead to the security threats
related to the company. The data leakage can lead to the major damage of the
data of the DAS Company.
3. Lack of transparency: It is an important security issues related to the
company. There should be any kind of the transparency related to data of the
company and also there are different kinds of the SaaS providers that are opting
for this (Bera, Misra & Rodrigues, 2014). There should have the transparency
among the employees of the company. The employees must know about the
privacy of the company. There are many security issues that is related security
issues of the organization. Vulnerability means the leakage of the data from the
company.
4.Identity theft: It is the primary concern for the organization. It is also a very
serious problem of the DAS Company. It also called as the criminal offense
(Bitzer & Gebretsadi, 2013). The black hat hackers can hack the database
server of the company and get all kind of the information that is related to this
company. They can access the data related to that organization. If there is no
data then the company cannot work with this kind of the data (Carlin & Curran,
2013). The private key must be known by the owner of the company so that he
or she can protect the unauthorized access related to the server of the company.
5. Malware attacks: Malware is a type of the malicious attack that is related to
the DAS company. The malware can be detected inside the company as well as
the outside the organization. There are different kinds of the software for
spreading the malware includes spyware, Ransomware and many others (Chang
& Ramachandran, 2015). The spyware can get into the system of the
company and it spies is doing.
S.No New Security
Threat/Risk
of employee
data
Description
(after
moving to
Saas)
Likelihood
Impact
Priority
Preventive
Actions
Contingency
Plans
1. Immature
identification
of the
management
VL L H 1. Use of the secure
data connector
provided by the
Google in the DAS
company.
2. Company can use
the cloud data
alliance of the
different cloud
vendors
1. It involves the
safety that is
related the
company.
2. Plan to
implement the
connectivity
between the
employees of the
DAS company.
2. Nature of the
software are
very weak
VL L L Implementation of
the privacy of the
different kinds of the
service vendor of
Company needs
to take the
backup for the
different kinds of
among the employees of the company. The employees must know about the
privacy of the company. There are many security issues that is related security
issues of the organization. Vulnerability means the leakage of the data from the
company.
4.Identity theft: It is the primary concern for the organization. It is also a very
serious problem of the DAS Company. It also called as the criminal offense
(Bitzer & Gebretsadi, 2013). The black hat hackers can hack the database
server of the company and get all kind of the information that is related to this
company. They can access the data related to that organization. If there is no
data then the company cannot work with this kind of the data (Carlin & Curran,
2013). The private key must be known by the owner of the company so that he
or she can protect the unauthorized access related to the server of the company.
5. Malware attacks: Malware is a type of the malicious attack that is related to
the DAS company. The malware can be detected inside the company as well as
the outside the organization. There are different kinds of the software for
spreading the malware includes spyware, Ransomware and many others (Chang
& Ramachandran, 2015). The spyware can get into the system of the
company and it spies is doing.
S.No New Security
Threat/Risk
of employee
data
Description
(after
moving to
Saas)
Likelihood
Impact
Priority
Preventive
Actions
Contingency
Plans
1. Immature
identification
of the
management
VL L H 1. Use of the secure
data connector
provided by the
Google in the DAS
company.
2. Company can use
the cloud data
alliance of the
different cloud
vendors
1. It involves the
safety that is
related the
company.
2. Plan to
implement the
connectivity
between the
employees of the
DAS company.
2. Nature of the
software are
very weak
VL L L Implementation of
the privacy of the
different kinds of the
service vendor of
Company needs
to take the
backup for the
different kinds of
the DAS company. the data
insurance and
many others.
3. Secrecy issues
of the data
H H VH The company can
implement the
issues related to the
data by the cloud
vendor.
The DAS
company should
keep the backup
for keeping the
data that is
highly sensitive.
4. Access from
anywhere in
the also
contains the
risk
VH VH VH The company can
able to implement
the web gateway
appliances designed
the company named
Cisco.
The company can
able to
implement the
power source
named
generator.
5. Unknown
location of the
data
VL L H DAS company can
implement the
Google applications
that are certified by
the organization
named FISMA.
Safety of the
data of the
company as well
as the employee
can be
implemented.
6 Lack of the
logging as well
as the control
of the
monitoring of
the data.
VL L H DAS company can
implement the
control of the
monitoring and
logging of the data
of the employee.
The safety of the
company can a
huge problem in
the DAS
company.
o New Security Threat to Employee data (after moving to SaaS)
Likelihood - VL, L, M, H, VH Impact- - VL, L,M, H, VH Priority- - VL,
L, M,H, VH
Explain issues
1.Immature identification of the management: The service provider of the
company are not always able to provide. It is used to identify the backside of the
firewall of the company named DAS. Google has the platform that is related to
the secure data connector (Chang, Walters & Wills, 2014). But the discovery of
the SaaS has the great effort for the generation of the important data that is
related to the standard of the industry of the DAS Company. There are several
mark-up languages that can apply for providing this kind of the facility.
2. Weak standards of the cloud software: The DAS company completes the
audit that is related to the SaaS. The name of the audit is known as the SaaS 70
audit. It is a standard that can be provided by different kinds of the clod vendor
that provides the different amount of the data related to the company. These
insurance and
many others.
3. Secrecy issues
of the data
H H VH The company can
implement the
issues related to the
data by the cloud
vendor.
The DAS
company should
keep the backup
for keeping the
data that is
highly sensitive.
4. Access from
anywhere in
the also
contains the
risk
VH VH VH The company can
able to implement
the web gateway
appliances designed
the company named
Cisco.
The company can
able to
implement the
power source
named
generator.
5. Unknown
location of the
data
VL L H DAS company can
implement the
Google applications
that are certified by
the organization
named FISMA.
Safety of the
data of the
company as well
as the employee
can be
implemented.
6 Lack of the
logging as well
as the control
of the
monitoring of
the data.
VL L H DAS company can
implement the
control of the
monitoring and
logging of the data
of the employee.
The safety of the
company can a
huge problem in
the DAS
company.
o New Security Threat to Employee data (after moving to SaaS)
Likelihood - VL, L, M, H, VH Impact- - VL, L,M, H, VH Priority- - VL,
L, M,H, VH
Explain issues
1.Immature identification of the management: The service provider of the
company are not always able to provide. It is used to identify the backside of the
firewall of the company named DAS. Google has the platform that is related to
the secure data connector (Chang, Walters & Wills, 2014). But the discovery of
the SaaS has the great effort for the generation of the important data that is
related to the standard of the industry of the DAS Company. There are several
mark-up languages that can apply for providing this kind of the facility.
2. Weak standards of the cloud software: The DAS company completes the
audit that is related to the SaaS. The name of the audit is known as the SaaS 70
audit. It is a standard that can be provided by different kinds of the clod vendor
that provides the different amount of the data related to the company. These
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Security of Employee Data Report 2022lg...
|15
|4031
|18
Security of Employee Data Question 2022lg...
|16
|5147
|28
Security and Privacy of Employee Data | Reportlg...
|34
|6311
|63
Cloud Security - ITC 568 | Assignmentlg...
|12
|2975
|261
Report | Cloud Computing in DASlg...
|22
|5610
|356
Security and Privacy of Employee Data - Deskliblg...
|25
|6301
|272