Analysis of COVID-19 Safety Application Risks and Controls

Verified

Added on 2023/01/06

AI Summary

This report provides a detailed analysis of the security and privacy risks associated with COVID-19 safety applications. It explores potential threats to user data, including data leakage, network spoofing, phishing attacks, and broken cryptography. The report also examines privacy risks related to location data and data sovereignty issues, particularly in the context of cloud storage. It outlines various security and privacy controls, such as regular software updates, third-party vendor compliance, user training, data encryption, and location-based access. The report emphasizes the importance of these controls in safeguarding user data and ensuring compliance with Australian data sovereignty regulations. Finally, the report concludes with recommendations for users and governments to enhance the security and privacy of COVID-19 safety applications, referencing the importance of data control agreements with other governments.

Title
COVID 19 safety applications and risks

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Table of content
• Introduction
• Possible threats and risks to the security of user data
• Possible threats to the privacy of a user's data, location
• Issues of data sovereignty
• Possible security controls
• Possible privacy controls
• Possible controls to sure that data is under control of Australian
data sovereignty
• Conclusion
• References

INTRODUCTION
The power point presentation on analysis of various kinds of control
measures in order to prevent users from different security risks. In
COVID 19 pandemic, the government of various nations is offering
mobile applications to track the cases and protecting public. Due to
these applications, there are a range of possibilities that users might face
different kinds of issues related to security and their privacy. In this
Power point presentation, detailed analysis of different control measures
is mentioned to protect privacy of users of mobile applications.

Possible threats and risks to the
security of user data
Due to COVID safe applications, there can various kinds of risks and threats to security
of user. This is so because after installation of these applications, users have to add
different kinds of personal information which can be misused by different cyber
hackers. Below some security risks are mentioned which can occur due to COVID safe
application:
• Risk of data leakage- This is a key risk that is related of inadvertent data breaches due to
COVID mobile apps.
• Risk of network spoofing- Network hacking is when attackers in high-traffic crowded
locations like cafes, library resources and airlines set up fake wireless networks,
conations that stare such as Wi-Fi networks, but are currently hooks.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

CONTINUE
• Risk of phishing attack- There are the front lines of many of these
malware attempts, as mobile devices are always driven-on.
• Spyware- In the context of COVID 19 safe application, this type of
risk can occur.
• Broken Cryptography- Broken cryptography can occur when
application developers of COVID safe app, utilize lackluster data
encryption, or failed to adequately enforce encryption software, as per
the research.

CONTINUE
• Risk of Improper Session Handling- Many applications like
COVID 19 safe apps make use of "coupons" to promote
ease-of-access for smart phone purchases, enabling users to
execute many acts without being asked to identify and
authenticate their identification
• Risk of financial accounts- This is also a risk which can be
faced by users due to various kinds of cyber attackers

CONTINUE
Risk of broken authentication- The identification of
innovative to distort this data is not taken by a remarkable
number of apps and APIs. It's kept unencrypted, quickly
intercepted, in plain text (Kimani, Oduol and Langat,
2019). The material is often immediately decrypted when
recovered, which makes it much easier to copy / paste
outside of the device when combined with insertion flaws.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Possible threats to the privacy of a
user's data, location
In the context of COVID 19 safe application, there can be certain risks of data of users,
locations and activities. There are various kinds of risks which may occur and some of
them are mentioned below in such manner:
• Data privacy and security risk
• Mobile Risks and Attacks
• Insufficient Transport Layer Protection
• Insecure Data Storage
• Lack of Binary Protections
• Poor Authorization and Authentication

CONTINUE
• Client Side Injection
• Risk of denial service attack
• Risk of network exploits
• Risk of browser exploits
• Risk of Vulnerable Application
• Privacy threats

Issues of data sovereignty that may apply to the
storage of COVID Safe data in U.S. based Cloud
storage
Data sovereignty, the notion that while it is processed
inside those borders, data is subject to the rules of a
government, has become more of a problem for
corporations as they migrate to the cloud. In Latin America,
if they violate the data sovereignty laws known as general
Data Protection Regulation (GDPR), "organizations will be
prosecuted up to 4 percent of its annual global turnover.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

CONTINUE
When policymakers in CARICOM countries start discussing the
implementation of software and the storage of highly sensitive data
in public cloud networks, data control and confidentiality and the
possible legal ramifications of the lack of such control or
confidentiality need to be taken into account. If they suggest storing
software and data in cloud services beyond their territory, or with
international cloud vendors without a presence throughout the
Caribbean or Latin America, this risk is improved considerably.

CONTINUE
The obstacle of data ownership is rarely necessary for many
"advanced" nations, in which droplet public services are more
prevalent, as ones cloud provider most probably does have a
physiological public cloud existence in their nation (Limba,
Agafonov and Damkus, 2019). Nations, as in the scenario of
Member States of the European Union, may insist that sensitive
information resides solely on cloud infrastructure within their
authority.