DAS Cloud Computing: Privacy and Data Protection Analysis

Verified

Added on 2022/09/18

AI Summary

This report analyzes the privacy and data protection challenges associated with the Department of Administrative Services (DAS) migration to a cloud-based SaaS HR and personnel management system. It examines the concepts of cloud confidentiality, integrity, and availability, highlighting how SaaS solutions can provide data and information storage. The report details operational solutions using SaaS applications, including personnel management and data centralization. It identifies security risks, such as privilege abuse, malware, and input injection, and explores the implications of these threats on employee data. The document also discusses operational solutions for security and privacy, including digital identity, data sensitivity, and security implications for DAS, such as identity management and encryption. Furthermore, it addresses data sovereignty and the issues of data sensitivity, providing recommendations for SaaS providers to ensure data security and client guarantees. The report concludes by emphasizing the importance of risk and threat management in cloud environments, particularly within the context of SaaS applications and government services.

Cloud
Computi
ng

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Introduction
• Cloud Confidentiality is defined as assurance
of the sensitive data or information are not
disclose to any unauthorized device, process
and person.
• Cloud integrity is similar to the confidentiality
of the integrity in SaaS, which concern about
the data integrity and the computation of data
integrity.
• Availability in cloud is vital as the core
function of the cloud provides on-demand
services. (Source: Fernando, Loke & Rahayu, (2013))

• Helps to provide data and
information storage space for
many firms (Li et al., 2013).
• Personnel and staff management
policies are stored in the storage
system of DAS
• Helps to ensure information and
data
• Store employee and staff and
information and data
• Different statutory safety services
allow enormous data safety.
(Source: Han, Susilo & Mu, (2013))
Operational Solution using SaaS
application

Operational Solution using SaaS application
(Contd..)• DAS shared strategy has helped
to manage the database
• Employee and other staff
information and data are
centralized and available from
anywhere
• Improves data and information
safety
• Centralized data format is readily
available
• Manages human resources in
various company organizations

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Utility suppliers ‘operating approach have prioritized the
organization’s cyber security (Saraswathi & Bhuvaneswari,
2014). The two SaaS suppliers have provided the cloud
services at various locations in the state, which help
to maintain the organization's cultural diversity.
• SaaS implementation has assisted to provide a safe
information and data environment
• Helps improve organizational innovation
• COTS and Microsoft Share Point SaaS provide
facilities to the Australian public
• SaaS suppliers provide ongoing solutions to the
Australian public organisation.
(Source: Porkert & Sutton, 2013))
Operational Solution using SaaS application
(Contd..)

• SaaS facilities include hardware assembly in the
organisation
• HR and Contractor Management conduct threat leadership
speculations
• Operational threat leadership in the organisation involves
threat mitigation procedures
• Operational alternative includes threat resolution policies
and safety attacks policies.
The organizational plan involves approaches to
address the organization's hazards and safety
threats. SaaS suppliers in the Australian
government provide the organisation with an
operating alternative (Liu et al., 2013). SaaS
facilities include the organization's deployment
of software to enhance business importance.
Operational Solution using SaaS application
(Contd..)

Operational Solution using SaaS application
(Contd..)
• Deployment models of SaaS are helpful to maintain the privacy
and security of the data or information in SaaS application.
• The security and privacy protocol in various deployments is
different in different cases. The SaaS providers maintain the
models in various ways and that are rectified for various
context.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Security risk and threats in data and
information in DASThe data's safety issue is motivated by third party participation that
jeopardizes safety, entry, and implementation monitoring
(Hashizume et al., 2013).
• Excessive rights
• Privilege abuse (Hamza & Omar, 2013)
• Database input
• Malware (Watson et al., 2015)

Excessive
privileges
• Centralized server scheme has
assisted to provide customers
with unnecessary benefits
• Limitations may arise in the
server due to unnecessary
controls (Tari, 2014).
• Causes litigious for unified
server customers
(Source: Rong, Nguyen & Jaatun, (2013))

Privilege Abuse
• Legitimate database problems in an unlawful manner that can be viewed by
customers (Hamza & Omar, 2013)
• DAS has enabled customers to view all the data and this has created a major issue
for database customers
• Dangerous for customers to view the picture of other staff in the organisation

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Input Injection in
Database
• SQL injection and NoSQL injection
• SQL injection assaults require unlawful declaration (Sadeghian, Zamani &
Ibrahim, 2013)
• NoSQL matrix operations are performed by injecting false remarks into
the Big Data parts (Wiese, 2015)
• both kinds of insertion assaults in the computer infringe data and
employee information

Malware
• The cloud security hazards improve
dramatically as the malware
executes once a machine is affected
by cloud malware.
• In some cases, this may start
siphoning out protected or sensitive
data.
• Various viruses and malware are
injected into the database
• Malware affects the database table
and can tracks the information and
data (Watson et al., 2015)
• Malware can collapse the entire
database and the company loses all
data and information