Security of Employee Data Report 2022
Added on 2022-09-21
15 Pages4031 Words18 Views
|
|
|
Introduction:
1. Security of Employee Data
S.No Threat of
Security/Descr
iption of risk
Likelihoo
d
Impact
Priority Preventive
Actions
Contingency
Plans
1. Data access risk H H H 1. The processes
and policies must
be reviewed by the
customers that are
provided by Saas
provider.
2. The rules and
regulations of the
Saas provider must
be checked by the
DAS company.
1 The proper
security should
be maintained
by the company
for maintaining
the
confidentiality,
integrity
authentication of
data.
2. Instability VH M VH 1 The Saas should
be enquired by the
company prior to
the investments.
2 All the policies
should be read by
the company
related to the
instability prior to
the data leakage.
1 The company
can prevent the
data leakage by
the software that
does not allow
the hackers and
company should
hire trained
people who can
cease the
leakage of data.
3. Lack of
transparency
VL M M 1 The Saas
providers should be
communicated by
DAS regarding
transparency
issues.
2 The data
transparency must
be known by DAS
for less issues
related to security.
1 The company
can prevent
issues related to
transparency by
properly
communicating
with the people
who are
responsible for
handling data
like this.
4. Identity theft VH L VH 1 The identity theft
issue could be
prevented by DAS
by utilizing different
security tools.
2 The safety
services regarding
privacy of the bank
accounts should be
paid by the
1 The primary
security in the
company is the
personality theft.
The place should
be encrypted
with a private
key where the
data is kept for
avoiding threat
1. Security of Employee Data
S.No Threat of
Security/Descr
iption of risk
Likelihoo
d
Impact
Priority Preventive
Actions
Contingency
Plans
1. Data access risk H H H 1. The processes
and policies must
be reviewed by the
customers that are
provided by Saas
provider.
2. The rules and
regulations of the
Saas provider must
be checked by the
DAS company.
1 The proper
security should
be maintained
by the company
for maintaining
the
confidentiality,
integrity
authentication of
data.
2. Instability VH M VH 1 The Saas should
be enquired by the
company prior to
the investments.
2 All the policies
should be read by
the company
related to the
instability prior to
the data leakage.
1 The company
can prevent the
data leakage by
the software that
does not allow
the hackers and
company should
hire trained
people who can
cease the
leakage of data.
3. Lack of
transparency
VL M M 1 The Saas
providers should be
communicated by
DAS regarding
transparency
issues.
2 The data
transparency must
be known by DAS
for less issues
related to security.
1 The company
can prevent
issues related to
transparency by
properly
communicating
with the people
who are
responsible for
handling data
like this.
4. Identity theft VH L VH 1 The identity theft
issue could be
prevented by DAS
by utilizing different
security tools.
2 The safety
services regarding
privacy of the bank
accounts should be
paid by the
1 The primary
security in the
company is the
personality theft.
The place should
be encrypted
with a private
key where the
data is kept for
avoiding threat
company. of identity.
5. Malware attacks M VH H 1 The attacks of
malware could be
stopped by DAS by
providing good
security and
important data can
be affected by the
malware.
2 Proper Saas can
protect the system
from the malware
attacks as the data
is protected in the
cloud.
1 The major
security concern
is the malware
attacks. The
company can
prevent the
malware attacks
by utilizing
security tools
and trained
people should be
hired for
stopping such
attacks.
o Existing security threats to Employee data
Likelihood - VL, L,M, H, VH
Impact- - VL, L,M, H, VH
Priority- - VL, L, M,H, VH
Explain issues
1. Data access risk: This kind of risk is the biggest concern of the Administrative
services department of the company. Anybody will be able to use the sensitive
company data if all the security solutions of this company are not proper for
information and data resulting in the sensitive data loss. For unauthorized data
access, proper solutions should be there (Kavis, 2014). For stopping the illegal
data access, trained people along with security tools are required.
2. Instability: It refers to the data leakage is most essential issues related to
security and is a threat too (Sadiku et al., 2013). Important data leakage means
loss of sensitive information of the company which can harm the company.
Encrypting data and locking down of networks can help in stopping the leakage
of data
3. Lack of transparency: One of the security issues is the insufficient
transparency in DAS. Among the Saas providers which the company has selected
and the company and among the employees there should be some transparency.
It is important for DAS to know data transparency because irrespective of the
location, the data can be accessed and without the data transparency, the
company is unable to work with any sort of data (Tan, 2013). The vulnerability of
information is a massive issue which means without any knowledge regarding
the company, the data can be unauthorized access.
4. Identity theft: It is a crime under which the sensitive information is hacked
and someone else can be impersonated by the hacker. To avoid such scenarios,
5. Malware attacks M VH H 1 The attacks of
malware could be
stopped by DAS by
providing good
security and
important data can
be affected by the
malware.
2 Proper Saas can
protect the system
from the malware
attacks as the data
is protected in the
cloud.
1 The major
security concern
is the malware
attacks. The
company can
prevent the
malware attacks
by utilizing
security tools
and trained
people should be
hired for
stopping such
attacks.
o Existing security threats to Employee data
Likelihood - VL, L,M, H, VH
Impact- - VL, L,M, H, VH
Priority- - VL, L, M,H, VH
Explain issues
1. Data access risk: This kind of risk is the biggest concern of the Administrative
services department of the company. Anybody will be able to use the sensitive
company data if all the security solutions of this company are not proper for
information and data resulting in the sensitive data loss. For unauthorized data
access, proper solutions should be there (Kavis, 2014). For stopping the illegal
data access, trained people along with security tools are required.
2. Instability: It refers to the data leakage is most essential issues related to
security and is a threat too (Sadiku et al., 2013). Important data leakage means
loss of sensitive information of the company which can harm the company.
Encrypting data and locking down of networks can help in stopping the leakage
of data
3. Lack of transparency: One of the security issues is the insufficient
transparency in DAS. Among the Saas providers which the company has selected
and the company and among the employees there should be some transparency.
It is important for DAS to know data transparency because irrespective of the
location, the data can be accessed and without the data transparency, the
company is unable to work with any sort of data (Tan, 2013). The vulnerability of
information is a massive issue which means without any knowledge regarding
the company, the data can be unauthorized access.
4. Identity theft: It is a crime under which the sensitive information is hacked
and someone else can be impersonated by the hacker. To avoid such scenarios,
the data should be encrypted in the cloud with a private key and the owner
should have it in a way that no access to information should exist creating
identity theft of the company (Hashizume, 2013). Identity theft of DAS could be
impersonated by some different company along with that same data by the
hackers.
5. Malware attacks: Under this, a system is affected by a malicious software
without the employee knowing about it. The sensitive information could be stolen
from the database without the knowledge of anyone. Different types of malware
consists of ransom ware, spyware etc. The spyware can get in the system and
follow the work done by the company (Wu et al., 2013). The malware can be
detected by the software related to security for which professionals are required.
S.
No
New Security
Threat/Risk
of employee
data
Description
(after
moving to
Saas)
Likelihood
Impact
Priority
Preventive
Actions
Contingency
Plans
1. Immature
identification
management
M H VH 1. Secured data
connector of Google
is utilized.
2. The alliance of
cloud data is utilized
in DAS.
1.Employee
safety in DAS
2. planning for
establishing
connection
among the
workers.
2. Weak nature
of cloud
software
H VH VH Various kinds of
vendor of software
is implemented in
DAS
Backing up of
various types of
information such
as insurance.
3. Data security
issues
VH VH H Security issues
regarding cloud
software can be
implemented by
DAS
A place for
keeping the
cloud data
backup is there
in DAS.
4. Risky access
from
everywhere
VH H H Cisco Web gateway
appliances can be
implemented by
DAS.
Implementation
of the generator
should be
implemented by
the company.
5. Unknown data
location
VH H H The Google Apps
certified by FISMA
can be implemented
by DAS.
The
implementation
of data could be
done.
10. Data logging
and
monitoring
L L H The control of
logging and
monitoring of
The data safety
is a major issues.
should have it in a way that no access to information should exist creating
identity theft of the company (Hashizume, 2013). Identity theft of DAS could be
impersonated by some different company along with that same data by the
hackers.
5. Malware attacks: Under this, a system is affected by a malicious software
without the employee knowing about it. The sensitive information could be stolen
from the database without the knowledge of anyone. Different types of malware
consists of ransom ware, spyware etc. The spyware can get in the system and
follow the work done by the company (Wu et al., 2013). The malware can be
detected by the software related to security for which professionals are required.
S.
No
New Security
Threat/Risk
of employee
data
Description
(after
moving to
Saas)
Likelihood
Impact
Priority
Preventive
Actions
Contingency
Plans
1. Immature
identification
management
M H VH 1. Secured data
connector of Google
is utilized.
2. The alliance of
cloud data is utilized
in DAS.
1.Employee
safety in DAS
2. planning for
establishing
connection
among the
workers.
2. Weak nature
of cloud
software
H VH VH Various kinds of
vendor of software
is implemented in
DAS
Backing up of
various types of
information such
as insurance.
3. Data security
issues
VH VH H Security issues
regarding cloud
software can be
implemented by
DAS
A place for
keeping the
cloud data
backup is there
in DAS.
4. Risky access
from
everywhere
VH H H Cisco Web gateway
appliances can be
implemented by
DAS.
Implementation
of the generator
should be
implemented by
the company.
5. Unknown data
location
VH H H The Google Apps
certified by FISMA
can be implemented
by DAS.
The
implementation
of data could be
done.
10. Data logging
and
monitoring
L L H The control of
logging and
monitoring of
The data safety
is a major issues.
lack employees should
be implemented by
DAS.
a. New Security Threat to Employee data (after moving to SaaS)
Likelihood - VL, L,M, H, VH Impact- - VL, L,M, H, VH Priority- - VL,
L, M,H, V
1. Immature identification management: The genuine platforms are not
always provided by the cloud services vendor which consists of services that are
related to the identity which is in the firewall’s backside of that company. The
access control can be extended by technologies of the third party which lets the
information technology to do so. A secure connection is established between the
business application and data with the help of a platform under Google known as
the secure data connector. For generating the standards of industry, the Saas
discovery has great efforts.
2. Weak Standards of the cloud software: The audit of Saas 70 has been
completed by DAS. It is the main thing which could be heard from the vendor of
clod of the company. SAS 70 is an auditing benchmark which is provided by the
clod vendor for sufficient data. With the cloud computing, the standard was
undistributed. In the absence of the definite standards of various platforms of the
cloud, it becomes the standardised benchmark.
3. Secrecy: The ability to provide proper data security than a customer is
claimed by the various cloud vendors. The Saas privacy is quite good as
compared to that of the thought of most people. Few customers have faith in the
tendency of vendors of Saas to behave in a secretive way in the processes
regarding the data security of the company named DAS. The platform of cloud
under the company shows transparency in nature in context of the certain
practices.
4. Risky access from everywhere: Wherever there is internet connectivity,
the applications of the business of company named DAS can be easily accessed
which is why the Saas is most advantageous one but on the other hand it also
carries some risks along with it. The privacy of the endpoints for the IT shops is
given more importance by the Saas. The nature of Saas makes it more
accessible from any given place. The employees of this particular company will
be implemented by
DAS.
a. New Security Threat to Employee data (after moving to SaaS)
Likelihood - VL, L,M, H, VH Impact- - VL, L,M, H, VH Priority- - VL,
L, M,H, V
1. Immature identification management: The genuine platforms are not
always provided by the cloud services vendor which consists of services that are
related to the identity which is in the firewall’s backside of that company. The
access control can be extended by technologies of the third party which lets the
information technology to do so. A secure connection is established between the
business application and data with the help of a platform under Google known as
the secure data connector. For generating the standards of industry, the Saas
discovery has great efforts.
2. Weak Standards of the cloud software: The audit of Saas 70 has been
completed by DAS. It is the main thing which could be heard from the vendor of
clod of the company. SAS 70 is an auditing benchmark which is provided by the
clod vendor for sufficient data. With the cloud computing, the standard was
undistributed. In the absence of the definite standards of various platforms of the
cloud, it becomes the standardised benchmark.
3. Secrecy: The ability to provide proper data security than a customer is
claimed by the various cloud vendors. The Saas privacy is quite good as
compared to that of the thought of most people. Few customers have faith in the
tendency of vendors of Saas to behave in a secretive way in the processes
regarding the data security of the company named DAS. The platform of cloud
under the company shows transparency in nature in context of the certain
practices.
4. Risky access from everywhere: Wherever there is internet connectivity,
the applications of the business of company named DAS can be easily accessed
which is why the Saas is most advantageous one but on the other hand it also
carries some risks along with it. The privacy of the endpoints for the IT shops is
given more importance by the Saas. The nature of Saas makes it more
accessible from any given place. The employees of this particular company will
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents