Cloud Privacy and Security Report: Australian Government and DAS
VerifiedAdded on 2020/03/07
|27
|7254
|278
Report
AI Summary
This report investigates cloud privacy and security concerns within the Australian government's Department of Administrative Services (DAS), particularly concerning the implementation of SaaS applications. It details various security risks and threats, including excessive privileges, privilege abuse, database injection, and malware, highlighting vulnerabilities in the DAS's centralized database and the potential for data breaches. The report examines the implications of SaaS applications on employee data security, privacy, and digital identities, discussing the importance of security protocols to protect sensitive information. It also outlines operational solutions and strategies to mitigate these risks, offering insights into the legal and technical measures necessary to safeguard data in a cloud environment. The analysis covers the shared approach of DAS, its impact on data accessibility, and the need for robust security measures to maintain data integrity and employee privacy. The report concludes by emphasizing the importance of comprehensive security strategies in the context of cloud computing within government services.
Running head: CLOUD PRIVACY AND SECURITY
Cloud Privacy and Security
Name of the Student
Name of the University
Author’s Note
Cloud Privacy and Security
Name of the Student
Name of the University
Author’s Note
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
1
CLOUD PRIVACY AND SECURITY
Executive Summary
This report deals with the security threat and risks evolving in the Australian Stare government
with the implication of DAS in the scenario. There are various security risks and threats are
discussed in the report. The DAS has implemented the SaaS application in the system that allows
storing the data and information of the employee online. The shared approach of the DAS has
created different security risks and threats to the government. The risks involved in the shared
approach has been discussed properly in the report. There are various jurisdiction and laws
against the data loss has been mentioned in the report. Various strategies of resolving the risks
and threats are discussed in the report.
CLOUD PRIVACY AND SECURITY
Executive Summary
This report deals with the security threat and risks evolving in the Australian Stare government
with the implication of DAS in the scenario. There are various security risks and threats are
discussed in the report. The DAS has implemented the SaaS application in the system that allows
storing the data and information of the employee online. The shared approach of the DAS has
created different security risks and threats to the government. The risks involved in the shared
approach has been discussed properly in the report. There are various jurisdiction and laws
against the data loss has been mentioned in the report. Various strategies of resolving the risks
and threats are discussed in the report.
2
CLOUD PRIVACY AND SECURITY
Table of Contents
Introduction......................................................................................................................................3
The Department of Administrative Services (DAS)........................................................................3
Security risk and threats in data and information in DAS...............................................................5
Other security risks after implementing SaaS application...............................................................7
Security of the Employee data.....................................................................................................7
Privacy of the Employee data......................................................................................................8
Digital Identity Issue....................................................................................................................8
Provider Solution Issue................................................................................................................9
Data Sensitivity............................................................................................................................9
Security and risks in the SaaS application.....................................................................................10
Privacy of employee data in SaaS application...........................................................................11
Threats and risks to digital identities of Government employees from the move to SaaS
applications....................................................................................................................................13
Operational Solution using SaaS application................................................................................14
Conclusion.....................................................................................................................................17
References......................................................................................................................................19
CLOUD PRIVACY AND SECURITY
Table of Contents
Introduction......................................................................................................................................3
The Department of Administrative Services (DAS)........................................................................3
Security risk and threats in data and information in DAS...............................................................5
Other security risks after implementing SaaS application...............................................................7
Security of the Employee data.....................................................................................................7
Privacy of the Employee data......................................................................................................8
Digital Identity Issue....................................................................................................................8
Provider Solution Issue................................................................................................................9
Data Sensitivity............................................................................................................................9
Security and risks in the SaaS application.....................................................................................10
Privacy of employee data in SaaS application...........................................................................11
Threats and risks to digital identities of Government employees from the move to SaaS
applications....................................................................................................................................13
Operational Solution using SaaS application................................................................................14
Conclusion.....................................................................................................................................17
References......................................................................................................................................19
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
3
CLOUD PRIVACY AND SECURITY
Introduction
Cloud Computing is a trending topic in Information Technology sector in the modern
world. Cloud computing has been emerging is a big way that has helped many business
organization in their success. The cloud computing has created a hype in the market after 2008
and continuing. The use of deployment models of the cloud computing has helped in maintaining
the risks and privacy factor in the cloud services (McNeil, Frey & Embrechts, 2015). There are
various applications used in the cloud computing that helps in maintaining the security and
privacy in the cloud services. The deployment models of the cloud computing are helpful in
maintaining the privacy and security of the data and information in the cloud storage. The
security protocol for different deployment model is different for different cases. These security
protocols maintain a proper security agenda for securing the data and information in the cloud
server and storage. There are various risks in the cloud computing that are analyzed in the report.
This report deals with the security and privacy issues in cloud computing implemented in
the Department of Administrative Services (DAS). Different threats and security risks in the data
base of the DAS. The threats are also discussed after implementation of SaaS application of
cloud.
This report outlines the comparison between DAS services and SaaS cloud services. The
threats and risks involved in both of them are discussed in the report. This report also discussed
about the solutions to the risks involved in them by using SaaS services by the providers.
The Department of Administrative Services (DAS)
The Department of Administrative Services is an administrative body that helps in
providing a space for saving the financial funds and data and information of the many company
CLOUD PRIVACY AND SECURITY
Introduction
Cloud Computing is a trending topic in Information Technology sector in the modern
world. Cloud computing has been emerging is a big way that has helped many business
organization in their success. The cloud computing has created a hype in the market after 2008
and continuing. The use of deployment models of the cloud computing has helped in maintaining
the risks and privacy factor in the cloud services (McNeil, Frey & Embrechts, 2015). There are
various applications used in the cloud computing that helps in maintaining the security and
privacy in the cloud services. The deployment models of the cloud computing are helpful in
maintaining the privacy and security of the data and information in the cloud storage. The
security protocol for different deployment model is different for different cases. These security
protocols maintain a proper security agenda for securing the data and information in the cloud
server and storage. There are various risks in the cloud computing that are analyzed in the report.
This report deals with the security and privacy issues in cloud computing implemented in
the Department of Administrative Services (DAS). Different threats and security risks in the data
base of the DAS. The threats are also discussed after implementation of SaaS application of
cloud.
This report outlines the comparison between DAS services and SaaS cloud services. The
threats and risks involved in both of them are discussed in the report. This report also discussed
about the solutions to the risks involved in them by using SaaS services by the providers.
The Department of Administrative Services (DAS)
The Department of Administrative Services is an administrative body that helps in
providing a space for saving the financial funds and data and information of the many company
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4
CLOUD PRIVACY AND SECURITY
in the market. Business organization used to store their data and information regarding their
employees and other staffs. The personnel policy and personnel administration of the employees
are stored in the DAS that helps in securing the data and information (Carver & Wolsey, 2015).
The Australian government has stored the data and information regarding employees and staffs
in the Department of Administrative Services. Various statutory security services enable huge
security to the data and information in the Department of Administrative Services. The
Department of Administrative Services provides various accountable payable, administrative
management and payroll services to the government. The use of the DAS services by the
organization has helped in maintaining a proper database of the data and information of the
employees (McNeil, Frey & Embrechts, 2015). The DAS services provides the budget control,
procurement services and financial helps to the organization in the market under the Australian
government. This helps in maintaining the stability of the companies in the market regarding the
financial condition of the company.
CLOUD PRIVACY AND SECURITY
in the market. Business organization used to store their data and information regarding their
employees and other staffs. The personnel policy and personnel administration of the employees
are stored in the DAS that helps in securing the data and information (Carver & Wolsey, 2015).
The Australian government has stored the data and information regarding employees and staffs
in the Department of Administrative Services. Various statutory security services enable huge
security to the data and information in the Department of Administrative Services. The
Department of Administrative Services provides various accountable payable, administrative
management and payroll services to the government. The use of the DAS services by the
organization has helped in maintaining a proper database of the data and information of the
employees (McNeil, Frey & Embrechts, 2015). The DAS services provides the budget control,
procurement services and financial helps to the organization in the market under the Australian
government. This helps in maintaining the stability of the companies in the market regarding the
financial condition of the company.
5
CLOUD PRIVACY AND SECURITY
Figure 1: Cloud Computing
(Source: Lam, 2014)
The shared approach of the DAS has helped in controlling the database properly. The
shared approach has helped in centralizing the database of the company in the market. The data
and information of the employees and other staffs are centralized and can be accessed from
anywhere in the state. This has also helped in enhancing the security of the data and information
of the employees in the market (Lam, 2014). The centralized data format can be easily accessible
by the employee anywhere in the state. This has helped in managing the human resource in
different business organization in the market. The HR department of the companies gave helped
in understanding the needs of the employees in the companies. Communication among the
employees have enhanced with the implementation of the Shared approach in the DAS. The
DAS has enabled the centralized format of data and information access to the employees and
CLOUD PRIVACY AND SECURITY
Figure 1: Cloud Computing
(Source: Lam, 2014)
The shared approach of the DAS has helped in controlling the database properly. The
shared approach has helped in centralizing the database of the company in the market. The data
and information of the employees and other staffs are centralized and can be accessed from
anywhere in the state. This has also helped in enhancing the security of the data and information
of the employees in the market (Lam, 2014). The centralized data format can be easily accessible
by the employee anywhere in the state. This has helped in managing the human resource in
different business organization in the market. The HR department of the companies gave helped
in understanding the needs of the employees in the companies. Communication among the
employees have enhanced with the implementation of the Shared approach in the DAS. The
DAS has enabled the centralized format of data and information access to the employees and
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
6
CLOUD PRIVACY AND SECURITY
other staffs in the organization. The Australian government is able to provide a consolidated
service to the employees of the companies by the use of the shared approach of the Department
of Administrative Services.
Security risk and threats in data and information in DAS
The Department of Administrative Services is able to provide a centralized database
services to the Australian Government (Smith et al., 2015). The data and information can be
accessed from anywhere in the region. On the other hand, there are some limitation of the
centralized database provided by Department of Administrative Services.
Excessive privileges
The centralized database system has helped in providing excessive privileges to the users
if the database. Therefore, due to excessive privileges provided, limitations might occur in the
database. The access of the database is done buy all the employees of the company that makes
the data and information unsecure (Neves et al., 2014). Anyone can access nay data and the
centralized database offered by the Department of Administrative Services. This is one of the
major problem of the Department of Administrative Services centralized database. Therefore, all
the payroll and accounting information of the employees and other staffs in the organization are
open for all the employees using centralized database. The security of the data and information
of the employees gets minimal it the use of the shared approach of the Department of
Administrative Services in the Australian government (Koks et al., 2015). Due to excessive
privileges, users are provided generic access to the data and information of the employees
causing loss to the companies in the market. The database might be analysed and alternated by
CLOUD PRIVACY AND SECURITY
other staffs in the organization. The Australian government is able to provide a consolidated
service to the employees of the companies by the use of the shared approach of the Department
of Administrative Services.
Security risk and threats in data and information in DAS
The Department of Administrative Services is able to provide a centralized database
services to the Australian Government (Smith et al., 2015). The data and information can be
accessed from anywhere in the region. On the other hand, there are some limitation of the
centralized database provided by Department of Administrative Services.
Excessive privileges
The centralized database system has helped in providing excessive privileges to the users
if the database. Therefore, due to excessive privileges provided, limitations might occur in the
database. The access of the database is done buy all the employees of the company that makes
the data and information unsecure (Neves et al., 2014). Anyone can access nay data and the
centralized database offered by the Department of Administrative Services. This is one of the
major problem of the Department of Administrative Services centralized database. Therefore, all
the payroll and accounting information of the employees and other staffs in the organization are
open for all the employees using centralized database. The security of the data and information
of the employees gets minimal it the use of the shared approach of the Department of
Administrative Services in the Australian government (Koks et al., 2015). Due to excessive
privileges, users are provided generic access to the data and information of the employees
causing loss to the companies in the market. The database might be analysed and alternated by
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7
CLOUD PRIVACY AND SECURITY
the users and thus the data and information gets open for all the employees in the company. This
might cause litigious to the users of the centralized database.
Privilege Abuse
There are legitimate databases issues in an unauthorized way that can be accessed by the
users of the company in the market. There are many personal information of the employees in
the databases that are private for other employees in the company. The Department of
Administrative Services has allowed the users to access all the information of the employees and
other staffs. This has caused a big problem for the users of the databases (DeMarco & Lister,
2013). There are various personal information of the employees stored in the centralized
database that are shared with different users in the organizations. The login credentials including
user id and password are saved in the database that can be accessed by other employees in the
organization. This can be quite dangerous for the user for accessing the profile of other
employees in the organization.
Input Injection in Database
There are two types of database injection including SQL Injection and NoSQL Injection.
The SQL injection attacks involve the unauthorized statement that are made in the database
during the input session in web application (Marcelino-Sádaba et al., 2014). The NoSQL
injection attacks is done by injecting malicious statements in the Big Data components.
Therefore, both the type of injection attacks in database breaches the data and information of the
employees in the organization. These attacks are almost same kind of attack in the database.
Malware
CLOUD PRIVACY AND SECURITY
the users and thus the data and information gets open for all the employees in the company. This
might cause litigious to the users of the centralized database.
Privilege Abuse
There are legitimate databases issues in an unauthorized way that can be accessed by the
users of the company in the market. There are many personal information of the employees in
the databases that are private for other employees in the company. The Department of
Administrative Services has allowed the users to access all the information of the employees and
other staffs. This has caused a big problem for the users of the databases (DeMarco & Lister,
2013). There are various personal information of the employees stored in the centralized
database that are shared with different users in the organizations. The login credentials including
user id and password are saved in the database that can be accessed by other employees in the
organization. This can be quite dangerous for the user for accessing the profile of other
employees in the organization.
Input Injection in Database
There are two types of database injection including SQL Injection and NoSQL Injection.
The SQL injection attacks involve the unauthorized statement that are made in the database
during the input session in web application (Marcelino-Sádaba et al., 2014). The NoSQL
injection attacks is done by injecting malicious statements in the Big Data components.
Therefore, both the type of injection attacks in database breaches the data and information of the
employees in the organization. These attacks are almost same kind of attack in the database.
Malware
8
CLOUD PRIVACY AND SECURITY
As mentioned by Christopher et al., (2017), various malwares and viruses are injected in
the database that tracks the data and information stored in the database. Various hackers use
viruses and malwares to create phishing mails that breaches the data form the database of the
organization (Pritchard & PMP, 2014). This malwares damages the table in the databases and
tracks the data and information regarding the employees of the company in the market. The
Department of Administrative Services have a low security protocol installed in the database that
create a prone chance of data breach in the database. These malwares can crash the whole
database and the company loses all the data and information. The hardware problem is one of the
major problem in the database. As commented by Burke, (2013), the recovery process of the data
and information from the database is a difficult process. Therefore, the malware attack is a high-
level risk for the database system in Department of Administrative Services.
Other security risks after implementing SaaS application
The security concern of the data is driven by the involvement of the third party
compromising the security, access and control over the application. Many organizations are
concerned with the security of their data and information in the company database. The
collection of huge amount of data and information of the employees and other staffs of the
company move to the cloud storage. As mentioned by Carvalho & Rabechini Junior, (2015), the
cloud storage helps in providing a large amount of storage online. Therefore, many companies
are moving towards the cloud computing services. One of these services is Software as a Service
(SaaS). In this context, Australian government have shifted to the cloud-computing concept for
storing data and information of the employees. It has shifted to SaaS application and purchased a
HR personnel management application from company using the SaaS application. This has
CLOUD PRIVACY AND SECURITY
As mentioned by Christopher et al., (2017), various malwares and viruses are injected in
the database that tracks the data and information stored in the database. Various hackers use
viruses and malwares to create phishing mails that breaches the data form the database of the
organization (Pritchard & PMP, 2014). This malwares damages the table in the databases and
tracks the data and information regarding the employees of the company in the market. The
Department of Administrative Services have a low security protocol installed in the database that
create a prone chance of data breach in the database. These malwares can crash the whole
database and the company loses all the data and information. The hardware problem is one of the
major problem in the database. As commented by Burke, (2013), the recovery process of the data
and information from the database is a difficult process. Therefore, the malware attack is a high-
level risk for the database system in Department of Administrative Services.
Other security risks after implementing SaaS application
The security concern of the data is driven by the involvement of the third party
compromising the security, access and control over the application. Many organizations are
concerned with the security of their data and information in the company database. The
collection of huge amount of data and information of the employees and other staffs of the
company move to the cloud storage. As mentioned by Carvalho & Rabechini Junior, (2015), the
cloud storage helps in providing a large amount of storage online. Therefore, many companies
are moving towards the cloud computing services. One of these services is Software as a Service
(SaaS). In this context, Australian government have shifted to the cloud-computing concept for
storing data and information of the employees. It has shifted to SaaS application and purchased a
HR personnel management application from company using the SaaS application. This has
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
9
CLOUD PRIVACY AND SECURITY
provided various advantages in this context. On the other hand, there are some security risk in
this application.
Security of the Employee data
The application consist of all the data and information of the employee in the
organization. All the employee data and information regarding up gradation in the office are
stored in the application. The security of the employee data and information are in danger of
being breached. The hackers can hack the application and access all the information of the
employee in the company. This can cause a huge loss to the employee and company (Schwalbe,
2015).
Figure 2: SaaS
(Source: Haimes, 2015)
CLOUD PRIVACY AND SECURITY
provided various advantages in this context. On the other hand, there are some security risk in
this application.
Security of the Employee data
The application consist of all the data and information of the employee in the
organization. All the employee data and information regarding up gradation in the office are
stored in the application. The security of the employee data and information are in danger of
being breached. The hackers can hack the application and access all the information of the
employee in the company. This can cause a huge loss to the employee and company (Schwalbe,
2015).
Figure 2: SaaS
(Source: Haimes, 2015)
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10
CLOUD PRIVACY AND SECURITY
The security of the employee data and information is maintained by the different security
protocols installed in the cloud-computing server and SaaS application in the server. These
security protocols helps in providing some legal policies that can be implemented in the
following SaaS application discussed in the report. As mentioned by Haimes, (2015), this helps
in maintaining the security of the data and information of the employee and other staffs in the
company.
Privacy of the Employee data
The privacy of the data and information of the employee is tracked. There are various
sensitive data of the employee including the phone number and address of the employee might
be hacked by the intruders. As stated by Teller & Kock, (2013), the cloud deployment model
provides various security protocols for different risks. The SaaS application of the company
might not be able to provide all the services of the cloud computing in the company. The private
data of the employee in the Department of Administrative Services have been hacked by the
intruders. The private data and information of the employee are important to be secured by
providing proper security protocol in the cloud server. The SaaS application provide different
software for the service in the company. This software can be used for providing the security to
the private data of the employee and other employee of the company (Kerzner, 2013).
Digital Identity Issue
The employees of the company have been provided with a digital identity card that
validates the presence of the employee in the company. The digital id contains all the personal
information of the employee detailed with the organization. Therefore, the security of the digital
ID card is important for the employee. As commented by The Digital identity of the employee is
important for the authentication in the organization. They used to input the data using their
CLOUD PRIVACY AND SECURITY
The security of the employee data and information is maintained by the different security
protocols installed in the cloud-computing server and SaaS application in the server. These
security protocols helps in providing some legal policies that can be implemented in the
following SaaS application discussed in the report. As mentioned by Haimes, (2015), this helps
in maintaining the security of the data and information of the employee and other staffs in the
company.
Privacy of the Employee data
The privacy of the data and information of the employee is tracked. There are various
sensitive data of the employee including the phone number and address of the employee might
be hacked by the intruders. As stated by Teller & Kock, (2013), the cloud deployment model
provides various security protocols for different risks. The SaaS application of the company
might not be able to provide all the services of the cloud computing in the company. The private
data of the employee in the Department of Administrative Services have been hacked by the
intruders. The private data and information of the employee are important to be secured by
providing proper security protocol in the cloud server. The SaaS application provide different
software for the service in the company. This software can be used for providing the security to
the private data of the employee and other employee of the company (Kerzner, 2013).
Digital Identity Issue
The employees of the company have been provided with a digital identity card that
validates the presence of the employee in the company. The digital id contains all the personal
information of the employee detailed with the organization. Therefore, the security of the digital
ID card is important for the employee. As commented by The Digital identity of the employee is
important for the authentication in the organization. They used to input the data using their
11
CLOUD PRIVACY AND SECURITY
digital identity card into the application. The loss in the digital identity might cause a huge loss
to the company. The risk management of the company have to analyses the digital identity card
for making the data and information secure.
Figure 3: Risks in SaaS
(Source: Ndungo, Tobias & Florence, 2017)
CLOUD PRIVACY AND SECURITY
digital identity card into the application. The loss in the digital identity might cause a huge loss
to the company. The risk management of the company have to analyses the digital identity card
for making the data and information secure.
Figure 3: Risks in SaaS
(Source: Ndungo, Tobias & Florence, 2017)
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 27
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.