DAS Employee Data Migration Risk Assessment Case Study
VerifiedAdded on 2025/06/23
|16
|4051
|366
AI Summary
Desklib provides solved assignments and past papers to help students succeed.
Assessment item 2
Case study risk assessment
Student Name:
Student ID:
Case study risk assessment
Student Name:
Student ID:
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Introduction
The assignment is based on the risk assessment. It is based on eth a case study of the Department
of Administrative Services. For almost every business, security and privacy of the employee data
is a major point of concern. The report will provide a detailed description of the threats and risks
to the data of employees in the process of migration. This will cover the security and privacy
issues and consideration of the employee data. This is followed by issues with a digital identity
that is adopted by the DAS in the given scenario. The report mainly has three sections. In the
first section, the report will include security of the data of employees while migrating to the SaaS
application. The second section of the report will deal with the privacy issues of the data of the
employee. The final section includes issues with digital identity.
The assignment is based on the risk assessment. It is based on eth a case study of the Department
of Administrative Services. For almost every business, security and privacy of the employee data
is a major point of concern. The report will provide a detailed description of the threats and risks
to the data of employees in the process of migration. This will cover the security and privacy
issues and consideration of the employee data. This is followed by issues with a digital identity
that is adopted by the DAS in the given scenario. The report mainly has three sections. In the
first section, the report will include security of the data of employees while migrating to the SaaS
application. The second section of the report will deal with the privacy issues of the data of the
employee. The final section includes issues with digital identity.
Contents
Introduction......................................................................................................................................2
Security of the employee data..........................................................................................................4
Data security threats and risks in In-House HR database............................................................4
Data security threats and risks after migration on the SaaS system............................................6
Assessment of severity................................................................................................................7
Privacy of employee data.................................................................................................................8
Threats and risks to the data privacy that is stored in-house database........................................8
Risks and threats to the data after migration on the SaaS application.......................................10
Severity of risk...........................................................................................................................11
Digital identity issues....................................................................................................................13
Conclusion.....................................................................................................................................14
References......................................................................................................................................15
List of tables
Table 1 Severity assessment of the security risks............................................................................7
Introduction......................................................................................................................................2
Security of the employee data..........................................................................................................4
Data security threats and risks in In-House HR database............................................................4
Data security threats and risks after migration on the SaaS system............................................6
Assessment of severity................................................................................................................7
Privacy of employee data.................................................................................................................8
Threats and risks to the data privacy that is stored in-house database........................................8
Risks and threats to the data after migration on the SaaS application.......................................10
Severity of risk...........................................................................................................................11
Digital identity issues....................................................................................................................13
Conclusion.....................................................................................................................................14
References......................................................................................................................................15
List of tables
Table 1 Severity assessment of the security risks............................................................................7
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Security of the employee data
Data security threats and risks in the In-House HR database
There are many threats to the information and data that is presented in the in-house database. The
database contains the data of employee which includes the personal data of employee such as
name, post, work, phone number, email address, project details, address, etc. Attackers and the
hackers always seek for an opportunity to steal the data and most of the sensitive data is
presented and stores in the datacenters and databases. Poor security policies and security
mechanisms can lead to a major attack (Smith, 2018). In the house, databases are easy to source
for the information. By using this information attacker may perform unauthorized activities in
the system, damage the system operation, delete, modify or alter the data, etc. DAS uses the
shared service approach that may cause a major security risk because the security data is
accessible from one single location. There are the following risks and threats that can affect data
security:
Excessive privilege
Malware attack
Natural disaster
Denial of service attack
Platform vulnerabilities
Lack of backup
SQL injection attack
Social engineering
Unencrypted data
Excessive privileges: If the employee has default privileges that are not required or exceed the
requirement of the job, then it can be abused. The original and authorized privileges of the
database can be abused by the authorized person for unauthorized reasons.
SQL injection attack: Basically the major database injection attacks are divided into two
categories that are SQL injection attack, NoSQL injection attack. SQL injection attack uses the
database queries to steal, modify, delete and alter the data available in the database (Osborne,
2013).
Malware attacks: Malware stands for malicious software. These are the software that has a
malicious program which is able to perform unwanted and risky activities in the system in order
to steal the data or modify the system. Malware includes a virus, Trojans, worms, spyware,
ransomware, etc.
Natural disaster: Natural disasters are the most unpredictable attack for the data situated in the
database. A natural disaster can be flood, earthquake, fire, etc.
Data security threats and risks in the In-House HR database
There are many threats to the information and data that is presented in the in-house database. The
database contains the data of employee which includes the personal data of employee such as
name, post, work, phone number, email address, project details, address, etc. Attackers and the
hackers always seek for an opportunity to steal the data and most of the sensitive data is
presented and stores in the datacenters and databases. Poor security policies and security
mechanisms can lead to a major attack (Smith, 2018). In the house, databases are easy to source
for the information. By using this information attacker may perform unauthorized activities in
the system, damage the system operation, delete, modify or alter the data, etc. DAS uses the
shared service approach that may cause a major security risk because the security data is
accessible from one single location. There are the following risks and threats that can affect data
security:
Excessive privilege
Malware attack
Natural disaster
Denial of service attack
Platform vulnerabilities
Lack of backup
SQL injection attack
Social engineering
Unencrypted data
Excessive privileges: If the employee has default privileges that are not required or exceed the
requirement of the job, then it can be abused. The original and authorized privileges of the
database can be abused by the authorized person for unauthorized reasons.
SQL injection attack: Basically the major database injection attacks are divided into two
categories that are SQL injection attack, NoSQL injection attack. SQL injection attack uses the
database queries to steal, modify, delete and alter the data available in the database (Osborne,
2013).
Malware attacks: Malware stands for malicious software. These are the software that has a
malicious program which is able to perform unwanted and risky activities in the system in order
to steal the data or modify the system. Malware includes a virus, Trojans, worms, spyware,
ransomware, etc.
Natural disaster: Natural disasters are the most unpredictable attack for the data situated in the
database. A natural disaster can be flood, earthquake, fire, etc.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Social Engineering: This technique use eth manipulation of the people, in order to steal the
information and data of the employee. The attacker tricks the person to get access to the database
or the system to gain access to the information that is sensitive and crucial. Through this, the
attacker can also insert the malicious code into the system that can cause risk to the data for the
long term (Evans, 2016).
Lack of backup: This is the major risk to the security of the data. This happens when sufficient
and secure data backup is not available. If any disaster occurs, then data backup can be helpful to
recover the employee data. For example, if any natural disaster occurs, then the data may
completely get lost if the backup is not available. Also, another similar risk for this is
unprotected database storage media. Most people do not consider the security of storage media.
This can enable the attacker to steal the backup tape of the database. In most of the scenarios,
backup of in-house databases are performed at the same place, this can be problematic if the
complete area is affected by some disaster.
DoS attack: This stands for denial of service attack. This allows the attacker to deny access to
the data and services to the authorized person. This risk can be caused by the software and
platform vulnerabilities, flooding of network and software capabilities and overloading of the
resource. Basically, the database attack is caused by flooding of the resource.
Platform vulnerabilities: The loopholes in the system / operating systems and software can
enable the unauthorized access, corruption of the employee data and denial of service attack. The
testing and patching phase of the database takes a long time and this is the most suitable time for
the attackers to do malicious activities as this time database remains almost unprotected. For
example, the database which has default permission and configuration can be easily exploited.
Unencrypted data: The major risk for the security of the data is encrypted data. If the data is not
encrypted then the attacker can easily access this and perform malicious activities (Maurer,
2019).
information and data of the employee. The attacker tricks the person to get access to the database
or the system to gain access to the information that is sensitive and crucial. Through this, the
attacker can also insert the malicious code into the system that can cause risk to the data for the
long term (Evans, 2016).
Lack of backup: This is the major risk to the security of the data. This happens when sufficient
and secure data backup is not available. If any disaster occurs, then data backup can be helpful to
recover the employee data. For example, if any natural disaster occurs, then the data may
completely get lost if the backup is not available. Also, another similar risk for this is
unprotected database storage media. Most people do not consider the security of storage media.
This can enable the attacker to steal the backup tape of the database. In most of the scenarios,
backup of in-house databases are performed at the same place, this can be problematic if the
complete area is affected by some disaster.
DoS attack: This stands for denial of service attack. This allows the attacker to deny access to
the data and services to the authorized person. This risk can be caused by the software and
platform vulnerabilities, flooding of network and software capabilities and overloading of the
resource. Basically, the database attack is caused by flooding of the resource.
Platform vulnerabilities: The loopholes in the system / operating systems and software can
enable the unauthorized access, corruption of the employee data and denial of service attack. The
testing and patching phase of the database takes a long time and this is the most suitable time for
the attackers to do malicious activities as this time database remains almost unprotected. For
example, the database which has default permission and configuration can be easily exploited.
Unencrypted data: The major risk for the security of the data is encrypted data. If the data is not
encrypted then the attacker can easily access this and perform malicious activities (Maurer,
2019).
Data security threats and risks after migration on the SaaS system
Although using the SaaS application improve the security, performance, and efficiency of the
system. But there is also some risk to the data available in the SaaS environment. The security
attacks caused because the system is connected to the internet. This enables the attacker to
perform malicious activities in the system. Most of the security risks are similar to the house
environment.
The SaaS application uses the software and it has loopholes. These loopholes can be used by the
attacker to gain access to the employee data. The major risk with the cloud solution is that
migration cause lack of visibility of the data. The data center of the cloud is situated in
California. The configuration, maintenance and data processing of the employee data is done
from India. This distance between India and California can cause major issues. If the data travel
unprotected between this duration then this may easily allow the attacker to change the data. This
can be done using the man-in-middle attack (Wilson, 2016). As given in the scenario that the
data of the employee can be accessible by using the link that is presented in the intranet. It causes
a serious issue; if the intranet gets compromised by the attacker then this link can also be
accessed by the attacker. This allows the attacker to steal the complete the data. During the
migration process, most of the data remain unprotected this enables the attacker to steal the
employee data. The migration process can also cause a loss of information or data. With the
adoption of a cloud solution, there may be a chance that the data is stored at the wrong location.
This is called semantic risk. Vendor-lock in is the major issue with the SaaS solution adoption.
This refers that if the cloud service provider stops working or goes out of the business then it can
cause serious issues. This provides a set of application program interface that is exposed and
enables the user to manage and interact with the cloud services. Sometimes these APIs can also
be vulnerable and cause serious issues and compromise the information and data (Brodkin,
2010). Denial of service attack can also occur in the Cloud environment and can affect the
security of the data. Storing the data in the SaaS application is also affected by the malware
attacks. These are able to perform different activities that are malicious and harmful to employee
data. The basic risk for the security of the risk is data access risk. The information is provided to
the third party, this makes the data out of the control of DAS. Poor authentication enables the
attacker to perform security attacks like dictionary and brute force attack to gain access to data.
The DAS payroll is managed in the public cloud environment. The public cloud environment has
various risks and issues associated with it. The employee data is uploaded according to the AEST
time standard. The difference between the time standard can also cause serious issues to the data
(Coles, 2019).
Although using the SaaS application improve the security, performance, and efficiency of the
system. But there is also some risk to the data available in the SaaS environment. The security
attacks caused because the system is connected to the internet. This enables the attacker to
perform malicious activities in the system. Most of the security risks are similar to the house
environment.
The SaaS application uses the software and it has loopholes. These loopholes can be used by the
attacker to gain access to the employee data. The major risk with the cloud solution is that
migration cause lack of visibility of the data. The data center of the cloud is situated in
California. The configuration, maintenance and data processing of the employee data is done
from India. This distance between India and California can cause major issues. If the data travel
unprotected between this duration then this may easily allow the attacker to change the data. This
can be done using the man-in-middle attack (Wilson, 2016). As given in the scenario that the
data of the employee can be accessible by using the link that is presented in the intranet. It causes
a serious issue; if the intranet gets compromised by the attacker then this link can also be
accessed by the attacker. This allows the attacker to steal the complete the data. During the
migration process, most of the data remain unprotected this enables the attacker to steal the
employee data. The migration process can also cause a loss of information or data. With the
adoption of a cloud solution, there may be a chance that the data is stored at the wrong location.
This is called semantic risk. Vendor-lock in is the major issue with the SaaS solution adoption.
This refers that if the cloud service provider stops working or goes out of the business then it can
cause serious issues. This provides a set of application program interface that is exposed and
enables the user to manage and interact with the cloud services. Sometimes these APIs can also
be vulnerable and cause serious issues and compromise the information and data (Brodkin,
2010). Denial of service attack can also occur in the Cloud environment and can affect the
security of the data. Storing the data in the SaaS application is also affected by the malware
attacks. These are able to perform different activities that are malicious and harmful to employee
data. The basic risk for the security of the risk is data access risk. The information is provided to
the third party, this makes the data out of the control of DAS. Poor authentication enables the
attacker to perform security attacks like dictionary and brute force attack to gain access to data.
The DAS payroll is managed in the public cloud environment. The public cloud environment has
various risks and issues associated with it. The employee data is uploaded according to the AEST
time standard. The difference between the time standard can also cause serious issues to the data
(Coles, 2019).
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Assessment of severity
Table 1 Severity assessment of the security risks
Risk and threats Likelihood Impact Risk level
Malware Likely Severe High
Excessive privilege Possible Severe High
Lack of backup Likely Significant Moderate
SQL injection Unlikely Minor High
Unencrypted data Unlikely Significant Low
Natural disaster Possible Severe High
Vendor lock-in Likely Severe High
Legal issues Possible Minor Low
Semantic Risks Likely Significant Moderate
The assessment of the severity helps to analyze the likelihood, risk level and impact of the
threats and risks.
Table 1 Severity assessment of the security risks
Risk and threats Likelihood Impact Risk level
Malware Likely Severe High
Excessive privilege Possible Severe High
Lack of backup Likely Significant Moderate
SQL injection Unlikely Minor High
Unencrypted data Unlikely Significant Low
Natural disaster Possible Severe High
Vendor lock-in Likely Severe High
Legal issues Possible Minor Low
Semantic Risks Likely Significant Moderate
The assessment of the severity helps to analyze the likelihood, risk level and impact of the
threats and risks.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Privacy of employee data
Threats and risks to the data privacy that is stored in-house database
The existing threats, as well as the risks to the privacy of the data information presented in the
HR information, are as follows:
The Data Access Risk: the cloud computing application of the HR database is not much secure
which can protect the powerful data attacks. The attackers can easily access the data which is
shifted to the SaaS-based software. The cloud software which is totally based on the cloud is not
much secure enough the attackers perform several attacks on the database and can access the
private information of the different employees in order to steal the private data of the employees.
Privilege misuse: the privileges which are provided to the HR of the particular firm should be
misused by the attackers after getting access to the database which is totally based on the cloud.
The cloud-based HR databases are not secure enough so the attackers can perform the attack on
the database and can easily misuse the different privileges which are provided to the HR of the
firm.
Denial of Service Attacks: the DOS attack is on the cloud-based HR database system should be
responsible of changing all the access permissions of the legitimate user itself in order to prevent
them to access the attackers also can block the network of the databases so the HR would not be
able to store anything on the database or it can block the database system totally. The
Employee’s private data which has been presented in the database can also be modified or
deleted by the attackers.
Privacy Breaches: Attackers after hacking the HR Database can easily access all the employee-
related data which is private as well as confidential. This may cause huge risk factors to the
employee’s privacy. For example- the bank details of the employees are presented in the HR
database. The attackers can access the bank data and can easily access the bank accounts of the
employees and steal all their salary (Schulman, 2019).
Chatbots insertion in database: the attackers can insert the several chatbots in the employee
data which is used to sometime misguide the candidates who are going to be hired by the firm.
The chatbots also can provide malicious information to the candidates as well as the employees
so that they might get distracted or makes wrong decisions which lead to failure of work.
Data Security risks: the attackers after accessing the personal and private information of the
different employees can make confidential information of the employees publicly leaked or can
sell the information to other companies or unauthorized personnel. The data security of the
employees is a great risk which the cloud system is having so that the attackers might access the
personal data of the employees of the firm (NG, 2019).
Threats and risks to the data privacy that is stored in-house database
The existing threats, as well as the risks to the privacy of the data information presented in the
HR information, are as follows:
The Data Access Risk: the cloud computing application of the HR database is not much secure
which can protect the powerful data attacks. The attackers can easily access the data which is
shifted to the SaaS-based software. The cloud software which is totally based on the cloud is not
much secure enough the attackers perform several attacks on the database and can access the
private information of the different employees in order to steal the private data of the employees.
Privilege misuse: the privileges which are provided to the HR of the particular firm should be
misused by the attackers after getting access to the database which is totally based on the cloud.
The cloud-based HR databases are not secure enough so the attackers can perform the attack on
the database and can easily misuse the different privileges which are provided to the HR of the
firm.
Denial of Service Attacks: the DOS attack is on the cloud-based HR database system should be
responsible of changing all the access permissions of the legitimate user itself in order to prevent
them to access the attackers also can block the network of the databases so the HR would not be
able to store anything on the database or it can block the database system totally. The
Employee’s private data which has been presented in the database can also be modified or
deleted by the attackers.
Privacy Breaches: Attackers after hacking the HR Database can easily access all the employee-
related data which is private as well as confidential. This may cause huge risk factors to the
employee’s privacy. For example- the bank details of the employees are presented in the HR
database. The attackers can access the bank data and can easily access the bank accounts of the
employees and steal all their salary (Schulman, 2019).
Chatbots insertion in database: the attackers can insert the several chatbots in the employee
data which is used to sometime misguide the candidates who are going to be hired by the firm.
The chatbots also can provide malicious information to the candidates as well as the employees
so that they might get distracted or makes wrong decisions which lead to failure of work.
Data Security risks: the attackers after accessing the personal and private information of the
different employees can make confidential information of the employees publicly leaked or can
sell the information to other companies or unauthorized personnel. The data security of the
employees is a great risk which the cloud system is having so that the attackers might access the
personal data of the employees of the firm (NG, 2019).
Stolen Backups: the database backups are also stored by the firms in order to maintain the data
of the ex-employees so the attackers can also take the access of the backups and steal the backup
data in order to steal the data the attackers might do several things in order to misguide the ex-
employees of the firm.
of the ex-employees so the attackers can also take the access of the backups and steal the backup
data in order to steal the data the attackers might do several things in order to misguide the ex-
employees of the firm.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Risks and threats to the data after migration on the SaaS application:
Yes, there are many other types of risks and threats to the privacy of the employee after the
employees of the firm have been migrated to the SaaS application. They are as follows:
Weak Identity management: the weak identity of the employees have been managed in order to
provide them the different access rights so that the employees can access only those applications
which are only for their work purposes but the SaaS-based application doesn’t properly manage
the identity of the users in order to provide them the access permissions.
Weak standards: the weak standards of the cloud-based database system has been consisting of
the weak security credentials so each and every user might access the data and can easily control
the data which is presented over the HR database because the security structure of the cloud-
based devices is much weaker.
Less Secrecy: the secrecy of the data should not be much secure in order to maintain the secrecy
of the employee data. The data is not much secure when it comes to the secrecy. The attackers
can easily access the data of the different employees and can steal the employee data (Hoelscher,
2018).
Easy Accessibility: the cloud server is anyone’s server which is accessible by each and every
person. The easy accessibility of the data is much more dangerous for the different users so that
the users might easily access the data of the employees. The employee can not be able to secure
their private and confidential information which is stored on the HR database based on the cloud
SaaS platform.
Lesser authentication and authorization: the authentication and authorization of the database
are not much secure in the HR database. The attackers can attack and can easily access the
information to the different users so the data is not much secure the attackers can easily break the
authentication security of the cloud-based database systems (Morrow, 2018).
Complexity strains: this is also one of the major threats which have been involved in the cloud-
based application. The complexity strains have been increased in the IT staff when the
employees have been migrated from the particular place to the SaaS environment. The cloud-
based database applications are not much secure due to the data maintenance the complexity
issues are been created. So the SaaS environment needs to improvise the security of the systems.
Malicious software insertion in database: the attackers can insert the several chatbots in the
employee data which is used to sometime misguide the candidates who are going to be hired by
the firm. The chatbots also can provide malicious information to the candidates as well as the
employees so that they might get distracted or makes wrong decisions which lead to failure of
work (Kicklighter, 2018).
Yes, there are many other types of risks and threats to the privacy of the employee after the
employees of the firm have been migrated to the SaaS application. They are as follows:
Weak Identity management: the weak identity of the employees have been managed in order to
provide them the different access rights so that the employees can access only those applications
which are only for their work purposes but the SaaS-based application doesn’t properly manage
the identity of the users in order to provide them the access permissions.
Weak standards: the weak standards of the cloud-based database system has been consisting of
the weak security credentials so each and every user might access the data and can easily control
the data which is presented over the HR database because the security structure of the cloud-
based devices is much weaker.
Less Secrecy: the secrecy of the data should not be much secure in order to maintain the secrecy
of the employee data. The data is not much secure when it comes to the secrecy. The attackers
can easily access the data of the different employees and can steal the employee data (Hoelscher,
2018).
Easy Accessibility: the cloud server is anyone’s server which is accessible by each and every
person. The easy accessibility of the data is much more dangerous for the different users so that
the users might easily access the data of the employees. The employee can not be able to secure
their private and confidential information which is stored on the HR database based on the cloud
SaaS platform.
Lesser authentication and authorization: the authentication and authorization of the database
are not much secure in the HR database. The attackers can attack and can easily access the
information to the different users so the data is not much secure the attackers can easily break the
authentication security of the cloud-based database systems (Morrow, 2018).
Complexity strains: this is also one of the major threats which have been involved in the cloud-
based application. The complexity strains have been increased in the IT staff when the
employees have been migrated from the particular place to the SaaS environment. The cloud-
based database applications are not much secure due to the data maintenance the complexity
issues are been created. So the SaaS environment needs to improvise the security of the systems.
Malicious software insertion in database: the attackers can insert the several chatbots in the
employee data which is used to sometime misguide the candidates who are going to be hired by
the firm. The chatbots also can provide malicious information to the candidates as well as the
employees so that they might get distracted or makes wrong decisions which lead to failure of
work (Kicklighter, 2018).
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Severity of risk
The risks which are been emerged due to the particular issues given above may result in the data
leakage. The private and confidential data of the employees have been stolen by the different
attackers very easily because the system based on the cloud is not much secure and can be easily
accessible by each and every person. The HR database is not much secure because it is totally
based on the cloud and consists of the lesser authentication policies which leads to being the
accessibility of the resources much easier. The resources of the HR database which consists of
the different security aspects is not much secure because of the server which can be accessible by
each and every person worldwide which leads to the major threat to the employee data, as a
result, the data leakage of the employees may cause major problems for the employees. In order
to manage the risks, the following steps are to be taken:
Improvise the functionality: the risks due to the migration of the employees to the SaaS
environment should be improvised in order to manage the functionality of the system it should
be improved in order to maintain the proper records and the system will become much secure
when the structure of the functionality has been improvised by the different users. The
functionality requirements should be improvised by the so that the system can easily secure the
private data of the employees and maintain it properly.
Reliability: the system must be checked before purchasing it that whether it is reliable or not.
The reliability of the system has been measured in terms of the working capability of the system.
The system should be properly working and maintained properly by the company so in order to
maintain the security so the system will become much more reliable and reduce the data-related
threats. The different faults should be tolerated by the system much more easily in order to be a
reliable system.
Efficiency: the working efficiency of the system should be improvised in order to be the much
more efficient the system must be efficient enough so that in order to enough tolerable all the
risks and faults so the data of the employees should be properly maintained and protected in
order to be much more secure and efficient enough so that the data can’t be easily accessible by
the different attackers.
Maintain proper backup: the proper backups of the data should be maintained in order to much
secure. The data should be protected by taking the backups of the confidential and private data of
the different employees. The backup is used when the data of the employees have been lost. The
HR can take the backup of the database in order to maintain it and recover the data as and when
needed.
Reduction of the redundancy: the redundancy of the data means the data duplication. The
redundancy of the data should be reduced by assigning the keys to the data whether it should be
the primary key or foreign key. The duplicated data should be removed in order to maintain the
accuracy and maintainability of the data.
The risks which are been emerged due to the particular issues given above may result in the data
leakage. The private and confidential data of the employees have been stolen by the different
attackers very easily because the system based on the cloud is not much secure and can be easily
accessible by each and every person. The HR database is not much secure because it is totally
based on the cloud and consists of the lesser authentication policies which leads to being the
accessibility of the resources much easier. The resources of the HR database which consists of
the different security aspects is not much secure because of the server which can be accessible by
each and every person worldwide which leads to the major threat to the employee data, as a
result, the data leakage of the employees may cause major problems for the employees. In order
to manage the risks, the following steps are to be taken:
Improvise the functionality: the risks due to the migration of the employees to the SaaS
environment should be improvised in order to manage the functionality of the system it should
be improved in order to maintain the proper records and the system will become much secure
when the structure of the functionality has been improvised by the different users. The
functionality requirements should be improvised by the so that the system can easily secure the
private data of the employees and maintain it properly.
Reliability: the system must be checked before purchasing it that whether it is reliable or not.
The reliability of the system has been measured in terms of the working capability of the system.
The system should be properly working and maintained properly by the company so in order to
maintain the security so the system will become much more reliable and reduce the data-related
threats. The different faults should be tolerated by the system much more easily in order to be a
reliable system.
Efficiency: the working efficiency of the system should be improvised in order to be the much
more efficient the system must be efficient enough so that in order to enough tolerable all the
risks and faults so the data of the employees should be properly maintained and protected in
order to be much more secure and efficient enough so that the data can’t be easily accessible by
the different attackers.
Maintain proper backup: the proper backups of the data should be maintained in order to much
secure. The data should be protected by taking the backups of the confidential and private data of
the different employees. The backup is used when the data of the employees have been lost. The
HR can take the backup of the database in order to maintain it and recover the data as and when
needed.
Reduction of the redundancy: the redundancy of the data means the data duplication. The
redundancy of the data should be reduced by assigning the keys to the data whether it should be
the primary key or foreign key. The duplicated data should be removed in order to maintain the
accuracy and maintainability of the data.
Firewall: the firewall should be installed in each and every system so that the users must be able
to maintain the security of the database system. The firewall should be installed on the system
servers in order to maintain the privacy of the employee records which have been maintained by
the HR using the database system which is totally based on the SaaS environment of the cloud
computing platform in order to make the application much more secure and authorized.
Risk avoidance: the system should be able enough to avoid the different types of the risks in
order to avoid the risk the cloud computing systems should be managed properly in order to
avoid the different types of risks which are been occurred by the attacks. The system must be
enough secure so in order to avoid the risks. The risks have been avoided in order to maintain
security measures.
to maintain the security of the database system. The firewall should be installed on the system
servers in order to maintain the privacy of the employee records which have been maintained by
the HR using the database system which is totally based on the SaaS environment of the cloud
computing platform in order to make the application much more secure and authorized.
Risk avoidance: the system should be able enough to avoid the different types of the risks in
order to avoid the risk the cloud computing systems should be managed properly in order to
avoid the different types of risks which are been occurred by the attacks. The system must be
enough secure so in order to avoid the risks. The risks have been avoided in order to maintain
security measures.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 16
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.