Privacy and Security Report: Employee Data and Cloud Computing
VerifiedAdded on 2023/06/08
|17
|4604
|375
Report
AI Summary
This report, prepared for a community-based charity, analyzes the privacy and security implications of migrating to a SaaS cloud environment. The charity, which provides services to disadvantaged individuals, is considering adopting a community cloud for its applications and data storage, including sensitive employee and client information. The report addresses the risks associated with employee data in HR databases, including data breaches, data loss, and database hijacking. It also examines the threats to employee data when migrating to a SaaS application, such as the interconnectedness of systems and potential data loss during migration. Furthermore, the report delves into the privacy concerns surrounding employee data, discussing vulnerabilities, weak auditing, denial of service attacks, and the importance of data categorization, encryption, and limiting social media use. Finally, it assesses the risks to employee data after migrating to SaaS, including unauthorized access. The report provides a comprehensive overview of the challenges the charity faces and proposes security and privacy policies to mitigate these risks.
Running Head: PRIVACY AND SECURITY
PRIVACY AND SECURITY
Name of Student
Name of University
Author Note
PRIVACY AND SECURITY
Name of Student
Name of University
Author Note
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
1PRIVACY AND SECURITY
Table of Contents
Introduction......................................................................................................................................2
Discussion........................................................................................................................................3
Security of Employee data...........................................................................................................3
Privacy of Employee Data...........................................................................................................6
Digital Identity Issue....................................................................................................................9
Provider Solution Issues............................................................................................................10
Data Sensitivity..........................................................................................................................11
Conclusion.....................................................................................................................................12
References......................................................................................................................................13
Table of Contents
Introduction......................................................................................................................................2
Discussion........................................................................................................................................3
Security of Employee data...........................................................................................................3
Privacy of Employee Data...........................................................................................................6
Digital Identity Issue....................................................................................................................9
Provider Solution Issues............................................................................................................10
Data Sensitivity..........................................................................................................................11
Conclusion.....................................................................................................................................12
References......................................................................................................................................13
2PRIVACY AND SECURITY
Introduction
Community based charity locates and provides training services, support services, mental
health services and accommodation to the people suffering from various disadvantages. The
community has decided to join a community cloud provided by a public cloud vendor for
providing a number of applications to their support staffs as well as administrative users. The
data contained in the applications are time sensitive and confidential. The community can also be
used for storing the data possessed by charity. A database working on the SaaS model of cloud
computing can be used to hold the data. The charity has selected me as their Principal consultant.
I am supposed to prepare this report, which would propose the security and privacy policies for
the usage of the charity. This report would also contain the risks that charity might face while
planning moves in the field of HR.
Cloud computing is of great use to various organizations. The charity has decided to
implement SaaS to their operations. SaaS, also known as Software as services allows users to use
various applications by accessing internet. These applications are supposed to be cloud-based.
SaaS is used on the policy of Pay-as-you-go (Rittinghouse & Ransome, 2016). In this policy, the
users only pay for service they use, neither less nor more. Organization rents the service from a
local service provider and users utilize them by connecting it by accessing internet. One of the
most important advantages provided by SaaS is that it allows the employees of an organization to
mobilize their work. They can connect with these applications from any device that has the
ability to access internet. Along with providing advantages, SaaS also provide some risks to the
organizations. These threats are mentioned below the discussion part of the report.
Introduction
Community based charity locates and provides training services, support services, mental
health services and accommodation to the people suffering from various disadvantages. The
community has decided to join a community cloud provided by a public cloud vendor for
providing a number of applications to their support staffs as well as administrative users. The
data contained in the applications are time sensitive and confidential. The community can also be
used for storing the data possessed by charity. A database working on the SaaS model of cloud
computing can be used to hold the data. The charity has selected me as their Principal consultant.
I am supposed to prepare this report, which would propose the security and privacy policies for
the usage of the charity. This report would also contain the risks that charity might face while
planning moves in the field of HR.
Cloud computing is of great use to various organizations. The charity has decided to
implement SaaS to their operations. SaaS, also known as Software as services allows users to use
various applications by accessing internet. These applications are supposed to be cloud-based.
SaaS is used on the policy of Pay-as-you-go (Rittinghouse & Ransome, 2016). In this policy, the
users only pay for service they use, neither less nor more. Organization rents the service from a
local service provider and users utilize them by connecting it by accessing internet. One of the
most important advantages provided by SaaS is that it allows the employees of an organization to
mobilize their work. They can connect with these applications from any device that has the
ability to access internet. Along with providing advantages, SaaS also provide some risks to the
organizations. These threats are mentioned below the discussion part of the report.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
3PRIVACY AND SECURITY
Discussion
Security of Employee data
Risks on employee data in HR database: HR is one of the heads of an organization who
has a huge amount of data saved in database. The data is regarding, employees, how employees
work, various departments in the organization, number of people needed to be recruited, the
recruitment process and many more (Botta, De Donato & Persico, 2016). This data is of much
importance to the HR as well as organization. The data in HR database of great importance and
should be secured from cyber criminals who might steal the data and use it for bad purposes.
Every organization invests a huge lump sum of money to secure the data from criminals but they
find some or the other to hack accounts and steal the desired data (Botta, De Donato & Persico,
2016). Securing data in HR database is no easy task. It results in various threats to the
organization. These threats are mentioned below.
Data breaches: data breaches are considered as one of the common risks faced by various
organizations. They mainly take place in databases, which support cloud. Data breaching
can be defined as stealing of information that had been stored in cloud. Cyber criminals
that tend to steal confidential information regarding an organization or a user usually
carry out data breaching (Almorsy, Grundy & Müller, 2016). The information that can be
stolen from an organization can be details regarding its employees, data about its
operations, new technologies introduced by them and many more. The data that can be
stolen from an individual might be credit card numbers, atm pins, phone numbers,
addresses and many more. Usually people tend to save data like name, address, and credit
or debit card details on sites that deals with financial transactions, this leads to data
Discussion
Security of Employee data
Risks on employee data in HR database: HR is one of the heads of an organization who
has a huge amount of data saved in database. The data is regarding, employees, how employees
work, various departments in the organization, number of people needed to be recruited, the
recruitment process and many more (Botta, De Donato & Persico, 2016). This data is of much
importance to the HR as well as organization. The data in HR database of great importance and
should be secured from cyber criminals who might steal the data and use it for bad purposes.
Every organization invests a huge lump sum of money to secure the data from criminals but they
find some or the other to hack accounts and steal the desired data (Botta, De Donato & Persico,
2016). Securing data in HR database is no easy task. It results in various threats to the
organization. These threats are mentioned below.
Data breaches: data breaches are considered as one of the common risks faced by various
organizations. They mainly take place in databases, which support cloud. Data breaching
can be defined as stealing of information that had been stored in cloud. Cyber criminals
that tend to steal confidential information regarding an organization or a user usually
carry out data breaching (Almorsy, Grundy & Müller, 2016). The information that can be
stolen from an organization can be details regarding its employees, data about its
operations, new technologies introduced by them and many more. The data that can be
stolen from an individual might be credit card numbers, atm pins, phone numbers,
addresses and many more. Usually people tend to save data like name, address, and credit
or debit card details on sites that deals with financial transactions, this leads to data
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4PRIVACY AND SECURITY
breaches. As a result, it affects a huge mass of employees. Theft of employees’ data leads
to huge damages to the organization and users. Charity would face a disastrous damage if
data regarding employees were stolen (Almorsy, Grundy & Müller, 2016. Employees
have data saved in HR database in order to help Human resource manager to understand
regarding the operations of the charity.
Data loss: data volume of an organization keeps increasing as the company succeeds
gradually; this dramatically increases the risk of data loss. International Data Corp states
that the global data sphere would reach 163 zerrabytes by 2025 (Chang & Ramachandran,
2016). Data loss can occur in many ways major reason being the cyber criminals who
tend peep into the database and steal them. It may also occur when some sort of technical
issues take place in the database. Most of the data is saved in the cloud so if the
organization does not have back of these data and the gets lost from the cloud it would be
lost forever.
Hijack of the database: the database of an HR includes a huge amount of information,
which would be of great use to the organization (Rao & Selvamani, 2015). If the account
of an HR is hacked, the hackers might steal a huge amount of information by changing
the user password. This would disallow the user to access his own account.
Risks to employee data on migration to SaaS application: nowadays data security is the
main concern of the companies. Most of the organizations move their applications into SaaS and
some are still in the run to integrate it to their business (Rao & Selvamani, 2015). Every SaaS
provide offers various set of capabilities to secure data. The capabilities are useful to the
organization depending on its requirements. The organizations can customize the platform by
adding the desired requirement. Integration of business with SaaS provides various advantages to
breaches. As a result, it affects a huge mass of employees. Theft of employees’ data leads
to huge damages to the organization and users. Charity would face a disastrous damage if
data regarding employees were stolen (Almorsy, Grundy & Müller, 2016. Employees
have data saved in HR database in order to help Human resource manager to understand
regarding the operations of the charity.
Data loss: data volume of an organization keeps increasing as the company succeeds
gradually; this dramatically increases the risk of data loss. International Data Corp states
that the global data sphere would reach 163 zerrabytes by 2025 (Chang & Ramachandran,
2016). Data loss can occur in many ways major reason being the cyber criminals who
tend peep into the database and steal them. It may also occur when some sort of technical
issues take place in the database. Most of the data is saved in the cloud so if the
organization does not have back of these data and the gets lost from the cloud it would be
lost forever.
Hijack of the database: the database of an HR includes a huge amount of information,
which would be of great use to the organization (Rao & Selvamani, 2015). If the account
of an HR is hacked, the hackers might steal a huge amount of information by changing
the user password. This would disallow the user to access his own account.
Risks to employee data on migration to SaaS application: nowadays data security is the
main concern of the companies. Most of the organizations move their applications into SaaS and
some are still in the run to integrate it to their business (Rao & Selvamani, 2015). Every SaaS
provide offers various set of capabilities to secure data. The capabilities are useful to the
organization depending on its requirements. The organizations can customize the platform by
adding the desired requirement. Integration of business with SaaS provides various advantages to
5PRIVACY AND SECURITY
the organization, along with that it also provide some threats to the employee data. The major
disadvantage of SaaS is that it connects all the systems together. As a result, if some issue occurs
in one part of the system, the whole system breaks down along with the systems connected to it.
The charity might lose data while it migrates its system to SaaS. This would not allow the
organizations to transfer the sensitive data (Zhang, Chen & Wong, 2017). Most of the service
providers assure that the data of the organization would not be lost, but in case it is lost for any
reason, they would not be held responsible for it. A proper research has to be carried out by the
organization before integrating their systems with SaaS.
Consequences of the risks: data regarding employees might be lost for some reason. This
creates a problem for the organization as well as its operation. The consequences of the lost data
on organizations are as follows.
Time consuming: the loss of important data from an organization might lead to time
waste. If sensitive data regarding operations, financial transactions or similar to that are
lost, it is tough for the organization to proceed in its operations (Zhang, Chen & Xiang,
2018). They would take steps to retrieve the data. They would request the service
providers to retrieve the data if possible. The providers would try to get the data back but
they cannot assure regarding the same. This process is very time consuming. It might take
some days or some months.
Information loss: the information regarding employees is very important for the
organization as mentioned above. Loss of the information would be a tragedy for the
organization (Baek, Vu & Liu, 2015). Sensitive information such as record of financial
transactions undergone by the organizations is very helpful for future reference. Loosing
this information should be avoided by taking important steps by the charity.
the organization, along with that it also provide some threats to the employee data. The major
disadvantage of SaaS is that it connects all the systems together. As a result, if some issue occurs
in one part of the system, the whole system breaks down along with the systems connected to it.
The charity might lose data while it migrates its system to SaaS. This would not allow the
organizations to transfer the sensitive data (Zhang, Chen & Wong, 2017). Most of the service
providers assure that the data of the organization would not be lost, but in case it is lost for any
reason, they would not be held responsible for it. A proper research has to be carried out by the
organization before integrating their systems with SaaS.
Consequences of the risks: data regarding employees might be lost for some reason. This
creates a problem for the organization as well as its operation. The consequences of the lost data
on organizations are as follows.
Time consuming: the loss of important data from an organization might lead to time
waste. If sensitive data regarding operations, financial transactions or similar to that are
lost, it is tough for the organization to proceed in its operations (Zhang, Chen & Xiang,
2018). They would take steps to retrieve the data. They would request the service
providers to retrieve the data if possible. The providers would try to get the data back but
they cannot assure regarding the same. This process is very time consuming. It might take
some days or some months.
Information loss: the information regarding employees is very important for the
organization as mentioned above. Loss of the information would be a tragedy for the
organization (Baek, Vu & Liu, 2015). Sensitive information such as record of financial
transactions undergone by the organizations is very helpful for future reference. Loosing
this information should be avoided by taking important steps by the charity.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
6PRIVACY AND SECURITY
Privacy of Employee Data
Threats on data in HR database: HR database contains huge number of information,
which is useful for organization as well as employees. Various risks can be occurred to the
employee data present in the HR database. These threats are as follows:
Platform vulnerabilities: vulnerabilities in operating system might result in access and
then corruption of unauthorized data. An example of this is that the Blaster worm had
taken advantage of Windows 2000 vulnerability (Wei, Zhu & Cao, 2014). This was done
in order to disable targeted servers. This kind of vulnerabilities might cause in the HR
database of the charity and it would be harmful for the employees and the charity.
Weak audit: weak auditing represents the risks in factors such as deterrence, compliance,
detection recovery and forensics (Sun, Zhang & Xiong, 2014). Weak auditing results in
degradation of the performance of the database, which creates a way for attacks by
hackers.
Denial of service: denial of service might take place by many ways. Common techniques
of DoS are buffer overflows, network flooding, resource consumption and data
corruption (Ali, Khan & Vasilakos, 2015). Denial of service attack is very common
among various organizations and it denies user the access to data.
Monitoring data access: data access is usually not monitored by anyone. The data saved
in HR database is very useful for employees and thus they are provided the access to data
(Novotny, DePaul & Sankalia, 2015). This data access is never monitored and this might
cause in internal theft of data. Internal theft of data is very harmful for the charity as
whole as well as the employees. HR should monitor the access to data in order to prevent
Privacy of Employee Data
Threats on data in HR database: HR database contains huge number of information,
which is useful for organization as well as employees. Various risks can be occurred to the
employee data present in the HR database. These threats are as follows:
Platform vulnerabilities: vulnerabilities in operating system might result in access and
then corruption of unauthorized data. An example of this is that the Blaster worm had
taken advantage of Windows 2000 vulnerability (Wei, Zhu & Cao, 2014). This was done
in order to disable targeted servers. This kind of vulnerabilities might cause in the HR
database of the charity and it would be harmful for the employees and the charity.
Weak audit: weak auditing represents the risks in factors such as deterrence, compliance,
detection recovery and forensics (Sun, Zhang & Xiong, 2014). Weak auditing results in
degradation of the performance of the database, which creates a way for attacks by
hackers.
Denial of service: denial of service might take place by many ways. Common techniques
of DoS are buffer overflows, network flooding, resource consumption and data
corruption (Ali, Khan & Vasilakos, 2015). Denial of service attack is very common
among various organizations and it denies user the access to data.
Monitoring data access: data access is usually not monitored by anyone. The data saved
in HR database is very useful for employees and thus they are provided the access to data
(Novotny, DePaul & Sankalia, 2015). This data access is never monitored and this might
cause in internal theft of data. Internal theft of data is very harmful for the charity as
whole as well as the employees. HR should monitor the access to data in order to prevent
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7PRIVACY AND SECURITY
its theft. The employees that actually need the data should be allowed to access it, and the
ones who do not need should not be allowed the access to it.
Categories of data: the data saved in a database are stored randomly. This leads a way to
the threat of not getting the access of a particular data when needed (Chang, Kuo &
Ramachandran, 2016). Data should be categorized according to their types like the data
regarding operations, financial transactions, plan, ways to implement those plans and
many more. Categorizing data into various parts help in retrieving the data when needed.
Encryption: encryption of sensitive data is a part of securing data, which is ignored by
organizations very often. Every organization contains some sensitive data such as data
regarding their strategies, operations, transactions carried out by them and many more.
No encryption to sensitive data increases the risk of it being stolen by criminals
(Pasupuleti, Ramalingam & Buyya, 2016). In the charity must encrypt its sensitive data in
order to overcome this issue. Encryption of data would not give the access to data without
the decryption key. This would not allow the hackers to decrypt data and steal it or
misuse it.
Social media: the involvement of social media in business has been very common
nowadays. Organizations allow the employees to access the social media sites for various
purposes (Zhao & Liu, 2014). Social media is also used to gain information. Sometimes
employees post on social sites regarding their busy schedule at work or share about their
work. This, results in people who are not related to the organization know about the
organization that they are not supposed to know. Criminals may take the advantage of
this information and hack the site of the organization in order to gain sensitive data. In
order to prevent this, the use of social media in workplace should be limited.
its theft. The employees that actually need the data should be allowed to access it, and the
ones who do not need should not be allowed the access to it.
Categories of data: the data saved in a database are stored randomly. This leads a way to
the threat of not getting the access of a particular data when needed (Chang, Kuo &
Ramachandran, 2016). Data should be categorized according to their types like the data
regarding operations, financial transactions, plan, ways to implement those plans and
many more. Categorizing data into various parts help in retrieving the data when needed.
Encryption: encryption of sensitive data is a part of securing data, which is ignored by
organizations very often. Every organization contains some sensitive data such as data
regarding their strategies, operations, transactions carried out by them and many more.
No encryption to sensitive data increases the risk of it being stolen by criminals
(Pasupuleti, Ramalingam & Buyya, 2016). In the charity must encrypt its sensitive data in
order to overcome this issue. Encryption of data would not give the access to data without
the decryption key. This would not allow the hackers to decrypt data and steal it or
misuse it.
Social media: the involvement of social media in business has been very common
nowadays. Organizations allow the employees to access the social media sites for various
purposes (Zhao & Liu, 2014). Social media is also used to gain information. Sometimes
employees post on social sites regarding their busy schedule at work or share about their
work. This, results in people who are not related to the organization know about the
organization that they are not supposed to know. Criminals may take the advantage of
this information and hack the site of the organization in order to gain sensitive data. In
order to prevent this, the use of social media in workplace should be limited.
8PRIVACY AND SECURITY
Risks to employee data after migrating to SaaS: migrating the system to SaaS would be
very helpful for the charity. Most of the organization has integrated their business with SaaS.
SaaS service providers assure that the data would be safe. There are means by which employee
data might get lost or stolen. The risks to employee data after migrating to SaaS are in huge
number. They are mentioned below
Access to employees: after migrating to SaaS, the data would be saved in cloud. This data
might be accessible by others if they know the user id and password. Usually employees
are allowed to access the data of other employees (Inukollu, Arsi & Ravuri, 2014). This
might lead to problem for the employees. Someone might use the data of other employee
for ill purpose. The employees should not be allowed to access the data of other
employees without any valid reason. The level of access to the data should be limited.
Data transparency: the service providers claim that the service provided by them is better
than the service provided by others and they would not face any data breaches. They also
say that they would keep the data of the organization safe, safer than the employees
would keep (Samanthula, Elmehdwi & Howser, 2015). It should be remembered by the
organization that not all the service providers value what they say. If data breaching takes
place, they would not be responsible for it.
Consequences of the risks: the risks occurred to the employee data would have various
consequences on the employees and the organization. These consequences are as follows
Investment in data security: the risks to employee data would result in lot of investment
on the data security. It would make the charity even more conscious that the security of
employees depends on their own usage and their responsibility towards it (Sookhak, Gani
Risks to employee data after migrating to SaaS: migrating the system to SaaS would be
very helpful for the charity. Most of the organization has integrated their business with SaaS.
SaaS service providers assure that the data would be safe. There are means by which employee
data might get lost or stolen. The risks to employee data after migrating to SaaS are in huge
number. They are mentioned below
Access to employees: after migrating to SaaS, the data would be saved in cloud. This data
might be accessible by others if they know the user id and password. Usually employees
are allowed to access the data of other employees (Inukollu, Arsi & Ravuri, 2014). This
might lead to problem for the employees. Someone might use the data of other employee
for ill purpose. The employees should not be allowed to access the data of other
employees without any valid reason. The level of access to the data should be limited.
Data transparency: the service providers claim that the service provided by them is better
than the service provided by others and they would not face any data breaches. They also
say that they would keep the data of the organization safe, safer than the employees
would keep (Samanthula, Elmehdwi & Howser, 2015). It should be remembered by the
organization that not all the service providers value what they say. If data breaching takes
place, they would not be responsible for it.
Consequences of the risks: the risks occurred to the employee data would have various
consequences on the employees and the organization. These consequences are as follows
Investment in data security: the risks to employee data would result in lot of investment
on the data security. It would make the charity even more conscious that the security of
employees depends on their own usage and their responsibility towards it (Sookhak, Gani
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
9PRIVACY AND SECURITY
& Talebian, 2015). They should keep their data in such a way that any unauthorized user
cannot access it. The investment data security would be beneficial for the employees as
well as the organization.
Limiting the use of social media: the risks to employee data being exposed through social
media are high as mentioned above. This risk can be overcome by limiting the use of
social media to the employees (Manuel, 2015). The charity would take steps so that all
the employees are allowed to post on the website of the charity, only selected people
would be allowed to do so and they would not be posting regarding something sensitive
or confidential about the company.
Digital Identity Issue
Digital identity is very useful for various organizations. It helps in securing the personal
data of a user. It helps the user create a fake identity with the help of that identity the user would
be able to use various applications without any fear of personal data getting lost (Chang,
Benantar & Chang, 2014). The department of organization that deals with financial transactions
carried out by users and the company itself attracts the hackers. The actual threat in using digital
identity is that it might be hacked similar to the real identity. Identity theft is the major threat
imposed by digital identity. Hackers might use a digital identity in order to mislead the digital
identity of the user. Phishing is a very common threat among organizations. In this kind of threat,
a particular website is attacked and users using that website are invited to log in to the website
using their digital identities (Li, Li & Chen, 2015). Data theft is a dangerous threat faced by
people using digital identity.
& Talebian, 2015). They should keep their data in such a way that any unauthorized user
cannot access it. The investment data security would be beneficial for the employees as
well as the organization.
Limiting the use of social media: the risks to employee data being exposed through social
media are high as mentioned above. This risk can be overcome by limiting the use of
social media to the employees (Manuel, 2015). The charity would take steps so that all
the employees are allowed to post on the website of the charity, only selected people
would be allowed to do so and they would not be posting regarding something sensitive
or confidential about the company.
Digital Identity Issue
Digital identity is very useful for various organizations. It helps in securing the personal
data of a user. It helps the user create a fake identity with the help of that identity the user would
be able to use various applications without any fear of personal data getting lost (Chang,
Benantar & Chang, 2014). The department of organization that deals with financial transactions
carried out by users and the company itself attracts the hackers. The actual threat in using digital
identity is that it might be hacked similar to the real identity. Identity theft is the major threat
imposed by digital identity. Hackers might use a digital identity in order to mislead the digital
identity of the user. Phishing is a very common threat among organizations. In this kind of threat,
a particular website is attacked and users using that website are invited to log in to the website
using their digital identities (Li, Li & Chen, 2015). Data theft is a dangerous threat faced by
people using digital identity.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10PRIVACY AND SECURITY
Provider Solution Issues
The migration to SaaS can be done without the identified threats by following various
steps. These steps are as follows
Know about the service provider: this one of the most important step that should be
carried out before taking service from the provider. The organization should research
about the provider very well (Oliveira, Thomas & Espadanal, 2014). It should know
about its history. It should research about the organizations to which it has provided
services and the quality of service that it provide. It should also check for some
references. If other organizations refer, that vendor that indicates the provider is good.
Different accounts: the employees should have different accounts where they can keep
their data. Having various accounts of same user makes it complicated for the
organization to handle the data (Rasheed, 2014). Whenever an employee joins, a new
user has to be added as a result id and passwords are to be created. When an employee
leaves, these ids are to be deleted so that there is less number of ids that the charity has to
deal with. This makes the work of the organization easier.
Updating applications: the applications used by the charity should be updated regularly.
Backdated software might be a target for the cyber criminals.
Measure the use: this part of the organization is very often avoided. The charity should
check the usage of cloud services. The usage of cloud services should be cost effective. If
it were not cost effective, it would not be worthwhile for the organization.
Provider Solution Issues
The migration to SaaS can be done without the identified threats by following various
steps. These steps are as follows
Know about the service provider: this one of the most important step that should be
carried out before taking service from the provider. The organization should research
about the provider very well (Oliveira, Thomas & Espadanal, 2014). It should know
about its history. It should research about the organizations to which it has provided
services and the quality of service that it provide. It should also check for some
references. If other organizations refer, that vendor that indicates the provider is good.
Different accounts: the employees should have different accounts where they can keep
their data. Having various accounts of same user makes it complicated for the
organization to handle the data (Rasheed, 2014). Whenever an employee joins, a new
user has to be added as a result id and passwords are to be created. When an employee
leaves, these ids are to be deleted so that there is less number of ids that the charity has to
deal with. This makes the work of the organization easier.
Updating applications: the applications used by the charity should be updated regularly.
Backdated software might be a target for the cyber criminals.
Measure the use: this part of the organization is very often avoided. The charity should
check the usage of cloud services. The usage of cloud services should be cost effective. If
it were not cost effective, it would not be worthwhile for the organization.
11PRIVACY AND SECURITY
Data Sensitivity
Some issues of ethics, jurisdiction or data sensitivity should be followed by the charity.
They are as follows
Respect: every employee in the charily should be respected irrespective of their cast, sex,
creed and religion (Rasheed, 2014). Respected provided to the employees’ would make
them loyal towards the company. They would take their job seriously and show their
dedication towards their work.
Team: an organization can function properly if it divides the total number of employees
in various teams according to their specifications (Shen, Zhou & He, 2017). Team spirit
brings about a sense of competition among the employees as well as teams. This
encourages them to work with more dedication and enthusiasm.
Positive attitude: positive attitude among the employees is very important (Shen, Zhou &
He, 2017). This encourages the employees to work harder and make their organization
among the best ones.
Dress code: a definite dress code should be maintained among the organization. This data
should be kept hidden from the outsiders.
Promise keeping: before an employee joins an organization, he is promised some things
in return of the employee’s honestly, loyalty, integrity and dedication towards the
organization (Rasheed, 2014). These policies are kept confidential among the manager or
HR and the employees. The promises should be kept. This would encourage the
employees to dedicate their hard work to their organization. This would also result in job
satisfaction among the employees.
Data Sensitivity
Some issues of ethics, jurisdiction or data sensitivity should be followed by the charity.
They are as follows
Respect: every employee in the charily should be respected irrespective of their cast, sex,
creed and religion (Rasheed, 2014). Respected provided to the employees’ would make
them loyal towards the company. They would take their job seriously and show their
dedication towards their work.
Team: an organization can function properly if it divides the total number of employees
in various teams according to their specifications (Shen, Zhou & He, 2017). Team spirit
brings about a sense of competition among the employees as well as teams. This
encourages them to work with more dedication and enthusiasm.
Positive attitude: positive attitude among the employees is very important (Shen, Zhou &
He, 2017). This encourages the employees to work harder and make their organization
among the best ones.
Dress code: a definite dress code should be maintained among the organization. This data
should be kept hidden from the outsiders.
Promise keeping: before an employee joins an organization, he is promised some things
in return of the employee’s honestly, loyalty, integrity and dedication towards the
organization (Rasheed, 2014). These policies are kept confidential among the manager or
HR and the employees. The promises should be kept. This would encourage the
employees to dedicate their hard work to their organization. This would also result in job
satisfaction among the employees.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 17
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.