Security and Privacy Risk Assessment for DAS Management Presentation

Verified

Added on 2022/11/13

AI Summary

This presentation provides a comprehensive risk assessment of security and privacy concerns for the Department of Administrative Services (DAS), focusing on the use of SaaS applications, specifically BambooHR. It explores the implications of security and privacy breaches, the sensitivity of data, and issues related to data sovereignty. The assessment examines the challenges faced by HR departments, the operational solutions offered by BambooHR, and the impact of operational location on data security. The presentation also identifies various threats to employee data and discusses mitigation strategies. Furthermore, it addresses the privacy implications of data management, data sensitivity, and the importance of trade secrets. The analysis covers data sovereignty issues within DAS and concludes with recommendations for mitigating identified risks, including alerting and metrics, centralized logging, redundancy, firewalls, backups, 2-factor authentication, and security awareness programs. The presentation aims to provide a clear understanding of the risks and potential solutions for managing data security and privacy within DAS.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

DAS
MANAGEMENT
SECURITY AND PRIVACY RISK ASSESSMENT
FOR DAS

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Introduction
• The presentation is on Department of Administrative Service
• It is discussed about the risk assessment of privacy and security
assessment
• The selected software used is BambooHR
• BambooHR uses SaaS software

Introduction
• Implications related to security are discussed
• Implications related to privacy are also discussed
• Sensitivity of data are discussed in the presentation
• Issues which are related to sovereignty are also discussed
• In the end a conclusion is drawn in the presentation

DAS Management
A department of Australian government which deals with:
• Valuation service
• Transport service (Metraux et al., 2016).
• Disposal of goods
• Storage service

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

SaaS application - BambooHR
• BambooHR is a SaaS application
• It provides solution regarding HR department (Cherinka & Prezzama,
2015).
• Perform task with focus
• Perform task with security

Problem faced by HR
• Increase in data redundancy
• Complexity increases for HR (Omran & Anan, 2019).
• Makes harder to navigate

Operation by BambooHR
• Handles numerous solution related to operation
• Helps to perform HR activity in compact way
• Helps to increase the agility of organisation
• Helps to increase efficiency of organisation

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Managing security posture of
DAS
By using the software of operational solution the data of
DAS can be managed. The software provide:
• Role-based access
• Data encryption
This provides security in DAS

Operational location of
BambooHR
• Provides current location
• Gives update in location change
The application provides enough support by proving the
current location of the data which is very important

Affect of operational location on
DAS
• Provide support to the HR department of the organisation
• Get access of the current location
• Gets update for the change in location
• Increase security of data
• Security perspective increase in DAS

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Reason for threat on employee
data
Various type of threat include:
• Phishing
• Weak password
• Disability of security control
• Unauthorised installation

Effect on DAS due to the threat
• Loss of data
• Effect on reputation of the organisation
• HR department failure
• Security loss of organisation

Operational solution mitigate
threat
Tools provided by BambooHR help to mitigate threat:
• Time tracking
• Paid Time Off
• Application tracking system
• Employee record workflow
• Analytics mobile app

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Operational location mitigate
threat
With the support of the application the organisation get the update of
the location (Morschett, Schramm-Klein & Zentes, 2015). In case of
the change in the location the organisation gets the instant update of
the location which mitigate various threat for the organisation

Privacy implication of data
• To provide data privacy
• Security of data
• Preventing data from wrong hand

Privacy implication by location
process
• Data managed in particular location
• Authorirised person have the access authority
• Location is locked with password (Guo & Ma, 2018).
• High security provided in the location

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Data sensitivity
• Information with protection against unwarranted disclosure
• Have access to data sensitivity
• Protection of sensitivity in legal reason
• Protection of sensitivity for ethical reason
• Pertaining personal privacy

Trade secret – An issue of data
sensitivity
• DAS performs shared business strategy
In this case if DAS gets the data collection from the other
organisation they will not be dependent on that organisation
any further (Kukutai & Taylor, 2016). This is the importance
of trade secret.

Issues of Trade secret
As the data are shared in between the organisation. Both have access to
the data collection. Thus,
• Privacy issue of secret data
• Secret data gets unwanted access
• Cause bad effect in the organisation
• Reputation issue of the organisation

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Importance of BambooHR in
trade secret
• Maintains the privacy for secret data
• Data are divded in sections (Polimeni et al., 2016).
• Access password are integrated for secret data access
• Apply SaaS software to maintain data sensitivity

Data Sovereignty
This is the problem for the data which are available in the
internet. The problem that can arise in this case are:
• Issues in location
• Performance of due diligence
• Transparency in demand vendor

Data sovereignty in DAS
• Das is already involved in the shared industry
• Data are available in the cloud service
Thus due this particular reasons it cause high risk regarding the data
available in the internet (Papanthymou & Darra, 2018). Thus DAS have
certain issues regarding data sovereignty

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Conclusion
• The presentation provide a clear idea on the topic
• SaaS software helps to mitigate the privacy issue
• The issues are explained in this presentation
• The mitigating techniques are explained here

Recommendation
There are a number of techniques which can be used for mitigating any type of
issues. The techniques are listed here:
• Alerting and metrics
• Centralised logging
• Redundancy

Recommendation
• Firewalls
• Backup
• 2-Factor Authentication
• A program for security awareness

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Reference
• Cherinka, R., & Prezzama, J. (2015). Innovative approaches to building comprehensive
talent pipelines: Helping to grow a strong and diverse professional
workforce. Systemics, Cybernetics and Informatics, 13(6), 82-86.
• Guo, Z., & Ma, D. (2018). A model of competition between perpetual software and
software as a service. MIS Quarterly, 42(1), 1.
• Kukutai, T., & Taylor, J. (2016). Data sovereignty for indigenous peoples: current
practice and future needs. In Indigenous data sovereignty: Toward an agenda. ANU
Press.
• Metraux, S., Culhane, D., Raphael, S., White, M., Pearson, C., Hirsch, E., ... & Cleghorn,
J. S. (2016). Assessing homeless population size through the use of emergency and
transitional shelter services in 1998: results from the analysis of administrative data
from nine US jurisdictions. Public Health Reports.

Reference
• Morschett, D., Schramm-Klein, H., & Zentes, J. (2015). Strategic international management
(pp. 978-3658078836). Springer.
• Omran, K., & Anan, N. (2019). The Impact of the IT Determinants on the Extent Use of E-
HRM: Exploratory study for the internet service providers (ISP) in Egypt. INTERNATIONAL
JOURNAL OF ACADEMIC RESEARCH IN BUSINESS AND SOCIAL SCIENCES, 9(3).
• Papanthymou, A., & Darra, M. (2018). The Implementation of Total Quality Management in
Greek Higher Education: The Case of Electronic Administrative Services. International
Education Studies, 11(7), 26-42.
• Polimeni, J. R., Bhat, H., Witzel, T., Benner, T., Feiweier, T., Inati, S. J., ... & Wald, L. L.
(2016). Reducing sensitivity losses due to respiration and motion in accelerated echo planar
imaging by reordering the autocalibration data acquisition. Magnetic resonance in
medicine, 75(2), 665-679.