Cloud Security and Privacy: Personal Data Protection Strategy Report
VerifiedAdded on  2020/02/24
|34
|10001
|50
Report
AI Summary
This report analyzes cloud security and privacy strategies for the Department of Administrative Service (DAS) in Australia. It addresses personal data protection, management, and security within a cloud computing environment. The report covers various aspects, including privacy strategies for personal data, recommended privacy controls, and personal data protection strategies. It delves into data collection, use, disclosure, digital identities, access, and quality, alongside recommended controls to mitigate identified risks. The report also examines the security of personal information, authorized access, de-identification, and archiving of personal data. The core focus is on implementing effective strategies to safeguard personal data, ensuring compliance with relevant laws, and mitigating potential risks associated with cloud-based solutions.
Running head: CLOUD SECURITY AND PRIVACY
Cloud security and privacy
(Department of Administrative Service)
Name of the student:
Name of the university:
Author Note
Cloud security and privacy
(Department of Administrative Service)
Name of the student:
Name of the university:
Author Note
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
1CLOUD SECURITY AND PRIVACY
Executive summary
The DAS or the Department of the Administrative Service at Australia supplies various services to
various departments of the state government of the country. The report is developed to keep the
privacy strategy for personal data and the personal data protection in mind. It has been also
recommending the privacy controls and the strategies of personal information protection.
Executive summary
The DAS or the Department of the Administrative Service at Australia supplies various services to
various departments of the state government of the country. The report is developed to keep the
privacy strategy for personal data and the personal data protection in mind. It has been also
recommending the privacy controls and the strategies of personal information protection.
2CLOUD SECURITY AND PRIVACY
Table of Contents
Introduction:..........................................................................................................................................4
1. Privacy strategy for personal data:....................................................................................................4
1.1. Management of personal information:........................................................................................4
1.2. Collection and management of solicited personal information:.................................................5
1.3. Use and disclosure of personal information:..............................................................................6
1.4. Use and security of digital identities:.........................................................................................6
1.5. Security of personal information:...............................................................................................7
1. 6. Access to personal information:................................................................................................8
1.7. Quality and correction of personal information:........................................................................8
2. Recommended Privacy controls:.......................................................................................................9
2.1. Mitigating the previously identified privacy risks:.....................................................................9
2.2. Implement the privacy strategy:...............................................................................................11
3. Personal data protection strategy:....................................................................................................14
3.1. Protection of personal information:..........................................................................................14
3.2. Authorized access & disclosure of personal information:........................................................15
3.3. De-identification of personal data:...........................................................................................16
3.4. Use of personal digital identities:.............................................................................................16
3.5. Security of personal data:.........................................................................................................18
3.6. Archiving of personal data:......................................................................................................19
Table of Contents
Introduction:..........................................................................................................................................4
1. Privacy strategy for personal data:....................................................................................................4
1.1. Management of personal information:........................................................................................4
1.2. Collection and management of solicited personal information:.................................................5
1.3. Use and disclosure of personal information:..............................................................................6
1.4. Use and security of digital identities:.........................................................................................6
1.5. Security of personal information:...............................................................................................7
1. 6. Access to personal information:................................................................................................8
1.7. Quality and correction of personal information:........................................................................8
2. Recommended Privacy controls:.......................................................................................................9
2.1. Mitigating the previously identified privacy risks:.....................................................................9
2.2. Implement the privacy strategy:...............................................................................................11
3. Personal data protection strategy:....................................................................................................14
3.1. Protection of personal information:..........................................................................................14
3.2. Authorized access & disclosure of personal information:........................................................15
3.3. De-identification of personal data:...........................................................................................16
3.4. Use of personal digital identities:.............................................................................................16
3.5. Security of personal data:.........................................................................................................18
3.6. Archiving of personal data:......................................................................................................19
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
3CLOUD SECURITY AND PRIVACY
4. Recommended personal data protection strategy:...........................................................................21
4.1. Mitigating the previously identified security risks:..................................................................21
4.2. Recommended personal data protection strategy:....................................................................25
Conclusion:..........................................................................................................................................27
References:..........................................................................................................................................28
4. Recommended personal data protection strategy:...........................................................................21
4.1. Mitigating the previously identified security risks:..................................................................21
4.2. Recommended personal data protection strategy:....................................................................25
Conclusion:..........................................................................................................................................27
References:..........................................................................................................................................28
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4CLOUD SECURITY AND PRIVACY
Introduction:
The cloud-based solution refers to various services, resources, applications that are available
to the users on demand through online from the cloud service providers. The organizations have
been typically using the cloud computing for increasing the capacity, improve the functionalities and
incorporate extra services on demand (Lafuente, 2015).
The DAS or the Department of the Administrative Service at Australia has been providing
various services to various sections of the state government of the country. A successful engagement
of their team is completed, for providing the privacy and security analysis for DAS. The group has
again attempted to create the strategies regarding the privacy and personal data protection.
The following report is prepared to keep the privacy strategy for personal data and the
personal data protection in mind. It has also recommended the privacy controls and the strategies of
personal information protection.
1. Privacy strategy for personal data:
1.1. Management of personal information:
This is all about searching, placing, managing and sustaining the information. It also deals
with the privacy management and the data flow. DAS needed to place the external factors away from
retrieving the data rather than providing permission from the cloud service providers. The
organization has needed to safeguard the time. They have been also concentrating on the retrieval of
data instead of taking permission from online. This personal information management denotes the
measuring and evaluating. DAS requires finding out whether the tool would harm or not. They
should also be aware of the alternate strategies (Felbermayr, Hauptmann & Schmerer, 2014). The
Introduction:
The cloud-based solution refers to various services, resources, applications that are available
to the users on demand through online from the cloud service providers. The organizations have
been typically using the cloud computing for increasing the capacity, improve the functionalities and
incorporate extra services on demand (Lafuente, 2015).
The DAS or the Department of the Administrative Service at Australia has been providing
various services to various sections of the state government of the country. A successful engagement
of their team is completed, for providing the privacy and security analysis for DAS. The group has
again attempted to create the strategies regarding the privacy and personal data protection.
The following report is prepared to keep the privacy strategy for personal data and the
personal data protection in mind. It has also recommended the privacy controls and the strategies of
personal information protection.
1. Privacy strategy for personal data:
1.1. Management of personal information:
This is all about searching, placing, managing and sustaining the information. It also deals
with the privacy management and the data flow. DAS needed to place the external factors away from
retrieving the data rather than providing permission from the cloud service providers. The
organization has needed to safeguard the time. They have been also concentrating on the retrieval of
data instead of taking permission from online. This personal information management denotes the
measuring and evaluating. DAS requires finding out whether the tool would harm or not. They
should also be aware of the alternate strategies (Felbermayr, Hauptmann & Schmerer, 2014). The
5CLOUD SECURITY AND PRIVACY
managing includes the abilities to make the data known. This has been referring to the learning and
the practices of the activities of the people. This is to achieve, generate, store, maintain, use,
distribute and organize the information required to meet the aims. Additionally, it has been focusing
on the documents like paper, electronic, web references and others for future storage and re-usage.
One of the popular concepts of the management is whether DAS possess the exact data in proper
format at the proper place inadequate amount. In actuality, DAS should be spending an important
section of time by doing away with the pervasive issues of the data fragmentation.
1.2. Collection and management of solicited personal information:
Since SaaS has been supplying various services and working with the employees, partners,
clients, and the volunteers engaged, it has been obvious that they have needed to collect and manage
the solicited personal data informing about the individuals. This has been the capability to bring the
critical and the ethical duties. DAS has required knowing the legal necessities for managing the
information regarding the people. DAS is responsible for the tasks and should assure that it does not
go against the relevant laws (Pfeifer, 2016). These laws have been collecting and using the string
data about the people. The people are turning to highly knowledgeable about the privacy and data
protection concerns. DAS must take into consideration the process very tactically for managing the
data of the persons. They must assure that the values of DAS get reflected and meet the reasonable
demands of the clients.
APP3 draws the APP entities that are collecting the solicited data. APP differentiates
between the collection of solicited data and the getting of unsolicited data done by the APP entities.
Since APP collects the data the perquisites have been showing variation according to its sensitivity
(Kristal, 2017). Apart from this, it has been also considering the entity as the company or agency. It
managing includes the abilities to make the data known. This has been referring to the learning and
the practices of the activities of the people. This is to achieve, generate, store, maintain, use,
distribute and organize the information required to meet the aims. Additionally, it has been focusing
on the documents like paper, electronic, web references and others for future storage and re-usage.
One of the popular concepts of the management is whether DAS possess the exact data in proper
format at the proper place inadequate amount. In actuality, DAS should be spending an important
section of time by doing away with the pervasive issues of the data fragmentation.
1.2. Collection and management of solicited personal information:
Since SaaS has been supplying various services and working with the employees, partners,
clients, and the volunteers engaged, it has been obvious that they have needed to collect and manage
the solicited personal data informing about the individuals. This has been the capability to bring the
critical and the ethical duties. DAS has required knowing the legal necessities for managing the
information regarding the people. DAS is responsible for the tasks and should assure that it does not
go against the relevant laws (Pfeifer, 2016). These laws have been collecting and using the string
data about the people. The people are turning to highly knowledgeable about the privacy and data
protection concerns. DAS must take into consideration the process very tactically for managing the
data of the persons. They must assure that the values of DAS get reflected and meet the reasonable
demands of the clients.
APP3 draws the APP entities that are collecting the solicited data. APP differentiates
between the collection of solicited data and the getting of unsolicited data done by the APP entities.
Since APP collects the data the perquisites have been showing variation according to its sensitivity
(Kristal, 2017). Apart from this, it has been also considering the entity as the company or agency. It
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
6CLOUD SECURITY AND PRIVACY
included how the APP entity collects the personal data. This needed the same necessities applied to
all the APP entities and to all types of personal data.
Moreover, it has been also considering the entity has been an agency or any company. This has been
including how the APP entity has been gathering the personal data. This has been the similar
requirements applying to every APP entities and to every kind of the personal data.
1.3. Use and disclosure of personal information:
For this reason, APP has been gathering the personal data. The basis on which the APP entity
has been using or disclosing the personal data is discussed here. It is never revealed to the entities
depending on any ground or to determine whether to shut the personal data till the disclosure or
usage is required by the law. The factor at section 6.1 of the APP standards is defined as the implied
or the express consent. The following one has been the checking of whether data has been providing
the content in a voluntarily way. This consent is denoting to a particular and the individuals have
possessed the ability to make sense and communicate with the consent. About the using and
disclosure of the personal data where there has been a high expectation of individuals and related to
basic reason to collect has been undergoing some principles.
The APP has been allowing the APP for using and disclosing the information for extra
reasons (Müller & Neumann, 2015). It occurs has the public demand the entity to make use or show
the data for this additional reason. It includes the searching of whether data has been sensitive or not.
It has also been including the finding whether the information is sensitive or not. The secondary
purpose here has been related to the basic cause of collection.
1.4. Use and security of digital identities:
Various trends have been driving the requirements for the digital identity systems. The initial
one is the rise of the volume of transaction. The quantity of the transaction depending on identities is
included how the APP entity collects the personal data. This needed the same necessities applied to
all the APP entities and to all types of personal data.
Moreover, it has been also considering the entity has been an agency or any company. This has been
including how the APP entity has been gathering the personal data. This has been the similar
requirements applying to every APP entities and to every kind of the personal data.
1.3. Use and disclosure of personal information:
For this reason, APP has been gathering the personal data. The basis on which the APP entity
has been using or disclosing the personal data is discussed here. It is never revealed to the entities
depending on any ground or to determine whether to shut the personal data till the disclosure or
usage is required by the law. The factor at section 6.1 of the APP standards is defined as the implied
or the express consent. The following one has been the checking of whether data has been providing
the content in a voluntarily way. This consent is denoting to a particular and the individuals have
possessed the ability to make sense and communicate with the consent. About the using and
disclosure of the personal data where there has been a high expectation of individuals and related to
basic reason to collect has been undergoing some principles.
The APP has been allowing the APP for using and disclosing the information for extra
reasons (Müller & Neumann, 2015). It occurs has the public demand the entity to make use or show
the data for this additional reason. It includes the searching of whether data has been sensitive or not.
It has also been including the finding whether the information is sensitive or not. The secondary
purpose here has been related to the basic cause of collection.
1.4. Use and security of digital identities:
Various trends have been driving the requirements for the digital identity systems. The initial
one is the rise of the volume of transaction. The quantity of the transaction depending on identities is
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7CLOUD SECURITY AND PRIVACY
developing because of the advent of the use of digital channels. Then there is the rise of the
transaction complexity. The transactions are rising through the disparate entities in spite of the
relationships established before. Let the instance of the cross-border transaction be taken here. It has
needed more accuracy and protection to identify the data that has been sensitive (Smith & Ross,
2014). Moreover, there has been the rise in the speed of the financial and harms regarding the
reputations. The ineffective actors are the financial systems increasingly sober in the usage of
technologies and tools. It is done to control the activities that are illicit. It has been also including the
abilities for causing the financial and the reputational harms by exploiting the actual systems of
identity. The digital identity system has comprised of different layers. All of them have been serving
different reasons.
As per the WEF report, there are six typical layers. The initial one is the standard. Their task
is to govern the overall activities to eradicate the issues regarding consistency and coordination.
Then there is the attribute collection. The required user attributes are appropriately achieved here.
They are also stored and the protected. The next one is the authentication. The mechanisms are
delivering the links to the users to the attributes to avoid the inconsistent authentication. The next
one is the exchange of attributes. The mechanisms have been delivering to exchange the attributes
among the different attributes (Kristal, 2017). The next one is the verification. The proper rules and
the relationships are needed to implement to authorize what the service users are entitled to access
on the attribute basis. Finally, there is the service delivery. In this case, the users are supplied with
the effective and easy-using services.
1.5. Security of personal information:
It was comprised of different terms as listed in the APP11. This includes the interference,
unauthorized accessing, misuse and loss unauthorized modification, and disclosure. There has been
developing because of the advent of the use of digital channels. Then there is the rise of the
transaction complexity. The transactions are rising through the disparate entities in spite of the
relationships established before. Let the instance of the cross-border transaction be taken here. It has
needed more accuracy and protection to identify the data that has been sensitive (Smith & Ross,
2014). Moreover, there has been the rise in the speed of the financial and harms regarding the
reputations. The ineffective actors are the financial systems increasingly sober in the usage of
technologies and tools. It is done to control the activities that are illicit. It has been also including the
abilities for causing the financial and the reputational harms by exploiting the actual systems of
identity. The digital identity system has comprised of different layers. All of them have been serving
different reasons.
As per the WEF report, there are six typical layers. The initial one is the standard. Their task
is to govern the overall activities to eradicate the issues regarding consistency and coordination.
Then there is the attribute collection. The required user attributes are appropriately achieved here.
They are also stored and the protected. The next one is the authentication. The mechanisms are
delivering the links to the users to the attributes to avoid the inconsistent authentication. The next
one is the exchange of attributes. The mechanisms have been delivering to exchange the attributes
among the different attributes (Kristal, 2017). The next one is the verification. The proper rules and
the relationships are needed to implement to authorize what the service users are entitled to access
on the attribute basis. Finally, there is the service delivery. In this case, the users are supplied with
the effective and easy-using services.
1.5. Security of personal information:
It was comprised of different terms as listed in the APP11. This includes the interference,
unauthorized accessing, misuse and loss unauthorized modification, and disclosure. There has been
8CLOUD SECURITY AND PRIVACY
lying different examples and analysis by which the terms have been retrieving common meanings.
Firstly there is the misuse. The personal data is misused as it is used by the APP entity that has not
been allowed by the Act. Then there is the interference. This takes place as there is no attack on the
personal data. Despite all this, it has not been updating the content as necessary. The next is the loss.
It has been covering the accidental loss or inadvertent of the personal data as held by the APP entity.
It has been including the APP entity losing the personal data and the losing the data (Rusinek &
Rycx, 2013). The next one is the unauthorized access. It has been taking place as the data upheld by
the entity of APP has been penetrated by some who have not been allowed to do so. The next step is
the disclosing of the unauthorized data. This type of incident occurs since the APP entity creates the
personal data transparent and accessible to the third parties of the entities. Its task is to release the
data from the efficient management such that it is not allowed by the APP Act.
1. 6. Access to personal information:
This is defined in the APP 12. It has been needed that APP to provide the access to the
personal data. It has not been supplying the appropriate access to all kinds of data. Here, the personal
data is referred to as the information or the opinion of the people identified for a reason. It has been
determining as the data or the opinion is real and is recorded in the proper format. The personal data
of one could be the personal data of the other individual. Additionally, the opinion could be personal
data of the subject or the providing choices.
1.7. Quality and correction of personal information:
It has been defined under the umbrella term such as the relevance, accuracy, up-gradation
and the completion. The personal information might of very poor quality. It has been regarding the
purpose for what it has been collected, disclosed or used. The initial reason is the accuracy. The
lying different examples and analysis by which the terms have been retrieving common meanings.
Firstly there is the misuse. The personal data is misused as it is used by the APP entity that has not
been allowed by the Act. Then there is the interference. This takes place as there is no attack on the
personal data. Despite all this, it has not been updating the content as necessary. The next is the loss.
It has been covering the accidental loss or inadvertent of the personal data as held by the APP entity.
It has been including the APP entity losing the personal data and the losing the data (Rusinek &
Rycx, 2013). The next one is the unauthorized access. It has been taking place as the data upheld by
the entity of APP has been penetrated by some who have not been allowed to do so. The next step is
the disclosing of the unauthorized data. This type of incident occurs since the APP entity creates the
personal data transparent and accessible to the third parties of the entities. Its task is to release the
data from the efficient management such that it is not allowed by the APP Act.
1. 6. Access to personal information:
This is defined in the APP 12. It has been needed that APP to provide the access to the
personal data. It has not been supplying the appropriate access to all kinds of data. Here, the personal
data is referred to as the information or the opinion of the people identified for a reason. It has been
determining as the data or the opinion is real and is recorded in the proper format. The personal data
of one could be the personal data of the other individual. Additionally, the opinion could be personal
data of the subject or the providing choices.
1.7. Quality and correction of personal information:
It has been defined under the umbrella term such as the relevance, accuracy, up-gradation
and the completion. The personal information might of very poor quality. It has been regarding the
purpose for what it has been collected, disclosed or used. The initial reason is the accuracy. The
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
9CLOUD SECURITY AND PRIVACY
personal data is inaccurate since it has been containing the error. The data could also be proved to be
improper as it is misguided.
Then there is the up-gradation. It occurs as the data becomes outdated. This could take place
as it consists of the factual, opinions or the additional data that have gone obsolete. The next one is
the completion. It proves to be incomplete since it has to present the misleading scenario or the
partial viewpoint. The final one is the relevance (Finkin, 2015). Here the data could turn out to be
erroneous. This is because it could lose the ability to tolerate or connect with no cause. The instance
of is that when the client gathered for delivering the financial advisers. It occurs as the entity
discloses the personal data to buy the share representing the clients.
2. Recommended Privacy controls:
2.1. Mitigating the previously identified privacy risks:
The risks of cloud computing are identified by various researchers practicing in the area of
the privacy protection. It leads to the mitigation schemes and the most effective practices to be put
forward to assist the corporations and the public bodies. The most important tool for assessing the
risks is the Privacy Impact Assessment or the PIA. Through this manner, DAS could address and
identify the privacy concerns systematically under the data. Concurrently they should consider the
further outcomes of the proposed and the present action.
The risk management is the manner to control the risks that are inherent. It includes the non-
compliance with the rules, frauds, the competition of the legal expenses and the change to recognize
the effective impact and the risks of DAS.
A question has been rising as the PIA is considered. It has been indicating at what cases and
what stage has the DAS been needed to complete the PIA. There have been several criteria
personal data is inaccurate since it has been containing the error. The data could also be proved to be
improper as it is misguided.
Then there is the up-gradation. It occurs as the data becomes outdated. This could take place
as it consists of the factual, opinions or the additional data that have gone obsolete. The next one is
the completion. It proves to be incomplete since it has to present the misleading scenario or the
partial viewpoint. The final one is the relevance (Finkin, 2015). Here the data could turn out to be
erroneous. This is because it could lose the ability to tolerate or connect with no cause. The instance
of is that when the client gathered for delivering the financial advisers. It occurs as the entity
discloses the personal data to buy the share representing the clients.
2. Recommended Privacy controls:
2.1. Mitigating the previously identified privacy risks:
The risks of cloud computing are identified by various researchers practicing in the area of
the privacy protection. It leads to the mitigation schemes and the most effective practices to be put
forward to assist the corporations and the public bodies. The most important tool for assessing the
risks is the Privacy Impact Assessment or the PIA. Through this manner, DAS could address and
identify the privacy concerns systematically under the data. Concurrently they should consider the
further outcomes of the proposed and the present action.
The risk management is the manner to control the risks that are inherent. It includes the non-
compliance with the rules, frauds, the competition of the legal expenses and the change to recognize
the effective impact and the risks of DAS.
A question has been rising as the PIA is considered. It has been indicating at what cases and
what stage has the DAS been needed to complete the PIA. There have been several criteria
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10CLOUD SECURITY AND PRIVACY
identified. Moreover, eight principles are brought forward to deal with the cross-border with the
analysis of the privacy impact. Next, there is the identification of the reason for what the PI is kept.
For every principle the series of queries, DAS must indulge deeper to every aspect needed to
be asked and replied with progression. It is to arrive at the fully informed decision to determine
whether the expected migration of the cross-border is totally compliant with the jurisdictional
necessities and the data security. Because of the lack of the worldwide standardization for the PIA
process, the guidelines are of critical importance. It has been assuring that these issues of the
differences regarding the legislation and the jurisdiction has been addressed.
Then there is another approach that has been referred against the conventional PIA. This is
the Privacy by Design and the PbD. The fundamental concept of PbD is to rely highly on the
promotion to impose the Privacy Enhancing Technologies or PET. The PET has been discriminated
into four distinct functionalities. All of them have been possessing distinct focuses. The objective of
them has been to protect the personal privacy.
The initial one is the PET that has been subject oriented. The aim has been to anonymize the
data subject and the deliver the pseudo-identification. Then there is the PET that has been objecting
oriented. The objective has been to conceal with every happening of the transaction. The final one
has been the system oriented PET. It is the combination of the previous three orientations.
The functionality and the characteristics are the combined format of the more decisive
mechanisms of the enhancing and the privacy protection. They are also regarded as the fundamental
actors in the strategies and the techniques for mitigating the privacy risks in the cloud computing
scenario. These are identified as the challenges of innovation to the norms since the consumers have
been individually or at the enterprise level running apart from the issues of privacy. Both of them
have been lying as the obstacles to adopt the cloud computing technology.
identified. Moreover, eight principles are brought forward to deal with the cross-border with the
analysis of the privacy impact. Next, there is the identification of the reason for what the PI is kept.
For every principle the series of queries, DAS must indulge deeper to every aspect needed to
be asked and replied with progression. It is to arrive at the fully informed decision to determine
whether the expected migration of the cross-border is totally compliant with the jurisdictional
necessities and the data security. Because of the lack of the worldwide standardization for the PIA
process, the guidelines are of critical importance. It has been assuring that these issues of the
differences regarding the legislation and the jurisdiction has been addressed.
Then there is another approach that has been referred against the conventional PIA. This is
the Privacy by Design and the PbD. The fundamental concept of PbD is to rely highly on the
promotion to impose the Privacy Enhancing Technologies or PET. The PET has been discriminated
into four distinct functionalities. All of them have been possessing distinct focuses. The objective of
them has been to protect the personal privacy.
The initial one is the PET that has been subject oriented. The aim has been to anonymize the
data subject and the deliver the pseudo-identification. Then there is the PET that has been objecting
oriented. The objective has been to conceal with every happening of the transaction. The final one
has been the system oriented PET. It is the combination of the previous three orientations.
The functionality and the characteristics are the combined format of the more decisive
mechanisms of the enhancing and the privacy protection. They are also regarded as the fundamental
actors in the strategies and the techniques for mitigating the privacy risks in the cloud computing
scenario. These are identified as the challenges of innovation to the norms since the consumers have
been individually or at the enterprise level running apart from the issues of privacy. Both of them
have been lying as the obstacles to adopt the cloud computing technology.
11CLOUD SECURITY AND PRIVACY
As per the recent survey was done by IBM, it has been found that about seventy percent of
the respondents have been trusting to adopt the technique. They have wanted to protect the privacy
more than half part concern expressed regarding the data breaches and loss. The viewpoints are the
clear indicators for directing what DAS needed to undertake. It has been assuring more up-gradation
of the technology. It has been also delivering the probability that the providers needed to follow the
effective security practices for mitigating the risks faced by the consumer and the providers. Despite
all these, it is not the case to identify the issues what has been covering the schemes of adoption like
the PbD. It has been posing serious barriers in adopting the CSPs.
2.2. Implement the privacy strategy:
The cloud users are needed to ensure that the personal data is stored appropriately with
proper protection and processing. By combining various models of the cloud deployment, DAS
might address the privacy issue sin cloud much better. Through undergoing by the appropriate model
of cloud deployment to deliver the fundamental aspects ate to assure the successful and the long-
term strategies of privacy.
As made the comparison with the on-premise deployment of the data deployment and then
implementing the IT solutions is the off-premise. It has been resulting in the much effective solution
to the personal data privacy.
As there have been the on-premise solutions that have been delivering few benefits it has
been also exposing the data to the larger risks since the DAS never has the sufficient security,
expertise, and the resources to support that all the day.
The on-premise resolutions are needed the dedicated area for the servers, system solutions,
hardware and the redundancy of the system to ensure the integrity and the data availability. Apart
from this, the on-premise deployments have been heavier on the capital expenses to the DAS. It has
As per the recent survey was done by IBM, it has been found that about seventy percent of
the respondents have been trusting to adopt the technique. They have wanted to protect the privacy
more than half part concern expressed regarding the data breaches and loss. The viewpoints are the
clear indicators for directing what DAS needed to undertake. It has been assuring more up-gradation
of the technology. It has been also delivering the probability that the providers needed to follow the
effective security practices for mitigating the risks faced by the consumer and the providers. Despite
all these, it is not the case to identify the issues what has been covering the schemes of adoption like
the PbD. It has been posing serious barriers in adopting the CSPs.
2.2. Implement the privacy strategy:
The cloud users are needed to ensure that the personal data is stored appropriately with
proper protection and processing. By combining various models of the cloud deployment, DAS
might address the privacy issue sin cloud much better. Through undergoing by the appropriate model
of cloud deployment to deliver the fundamental aspects ate to assure the successful and the long-
term strategies of privacy.
As made the comparison with the on-premise deployment of the data deployment and then
implementing the IT solutions is the off-premise. It has been resulting in the much effective solution
to the personal data privacy.
As there have been the on-premise solutions that have been delivering few benefits it has
been also exposing the data to the larger risks since the DAS never has the sufficient security,
expertise, and the resources to support that all the day.
The on-premise resolutions are needed the dedicated area for the servers, system solutions,
hardware and the redundancy of the system to ensure the integrity and the data availability. Apart
from this, the on-premise deployments have been heavier on the capital expenses to the DAS. It has
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 34
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
 +13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.