User Account

All Pages

Develop a personally identifiable information

Assignment Help Computer Network Security
Reference no: EM132119440

Scenario

You are the principal consultant for a community based Charity. The Charity is involved in locating and providing accommodation, mental health services, training and support services to disadvantaged people in the community.

The Charity has joined a community cloud provided by a public cloud vendor in order to access a number of applications for their 500 support staff and administrative users. A small number of the Charity's applications are mission critical and the data that those applications use is both confidential and time sensitive.

The community cloud would also be used to store the Charity's 200TB of data. The data would be held in a SaaS database run by the public cloud vendor. The Charity's data contains a considerable amount of confidential information about the people to whom the Charity provides services.

The Charity collects Pll data on the clients who use its services so that it can assist them to manage their different service requirements. This Pll data also includes holding some digital identity data for some of the more disadvantaged clients, particularly if they also have mental health issues.

The charity has now started its move to the Cloud and is in the process of implementing the following services:
- A SaaS HR and Personnel management suite,
- A COTS Payroll solution that is implemented in the AWS Cloud,
- A PaaS SharePoint platform that forms the basis of the charity's Intranet platform.

You team has workshopped and researched the Threat and Risk analysis for these projects and has developed the policy strategies and controls for Privacy and Data Protection which are required.

The charity has been approached by the Australian Government to trial the centralisation of support services to clients of the charity. This would include such services as income support for clients who are disadvantaged, homeless, or in need of mental health support. Normally, this would require the client interacting with at least three separate government agencies as well as with the charity.

The Government has now decided that they want to centralise the application and continued administration of these services from a number of different agencies into one single portal run by the charity. The Government's strategy is that the process of support applications and administration for virtually all support services follows an almost identical workflow, even though some of the data may differ for different types of services. Their aim is to have a single workflow for all support services, with some additional steps in case of special requirements for a particular type of service. Ultimately, if this trial is successful, the Government will roll out this program to all citizens.The Government also sees the opportunity to gain a better view of what support services these citizens need, and wants to link that data to other data that they hold about each citizen. In order to achieve this, the Government plans to make the charity's clients register on the MySupport portal and create their own informal digital identity. This will allow all the support services, applications, supporting data, documents, renewal dates, and other associated information for each individual digital identity to be available for viewing on a single page. This data, particularly when linked to a citizen's digital identity, can then be used for more effective planning and decision making by Government and other public agencies.

The plan also has the advantage of simplifying the process of applying for support services and ensuring that they have timely administration for the charity's clients so that they only need to go to a single web portal to acquire the support that they require.

Tasks
After the successful engagement of your team to develop privacy and personal data protection strategies for the charity, the team has now been engaged to develop a Personally Identifiable Information (PII) privacy and personal data protection strategy for the charity.

Team Setup
This assignment is the last of the team assignments for this subject. The rationale for using a team approach is that most IT policy formulations are normally conducted by teams of between 2-5 Architects, Information Security experts, Operations and Business leaders for each problem. You are already assigned to a team and the team, as a whole, will be responsible for the development of the policies.

Team Member Responsibilities
Each team member will be assessed on:
- The final privacy and personal data protection strategies presented by the team;
- The individual contributions that they have made to the policy formulation.

This will be shown by the entries that they have made in the Team forum;

Team members should note that:
- A total of 20% of the total marks for this assignment are for individual contributions. These include:
Contributions to the development of privacy and data protection policies, and
Reasoning behind the development of privacy and data protection policies
- A team member without any individual contributions in the Team Forum will be regarded as having not contributed to the risk assessment. This will result in either reduced marks or no marks being awarded to that team member for this assignment.

The task:

Your team is to:
1. Develop a Threat and Risk Assessment (TRA) for Pll data for the MySupport portal. This TRA should consider both the privacy and data protection aspects of Pll data in the portal.
2. Develop a Pll strategy proposal for the MySupport portal. The strategy should consider the threats and risks to both Privacy and data protection for the P11 data collected in the MySupport portal as well as possible controls to mitigate the identified risks.
3. Develop a strategy to protect the informal Digital Identity that a user may create in the MySupport portal. You should consider both the privacy and data protection aspects for a digital identity as well as possible controls to mitigate the identified risks.
4. Develop an outline plan for the Governance of:
1. Pll data and digital identities for users of the MyLicence portal.
2. Personal data and P11 data for DAS users of the HR Personnel Management suite.
3. Pll data and financial data for users and DAS staff in the COTS payroll suite.
5. Create a PowerPoint slide deck that gives a comprehensive overview of the above tasks. This slide deck is not to exceed 30 slides.

Presentation
The team is to submit the following documents to complete this assessment:
- A PowerPoint presentation that gives a comprehensive overview of the four (4) tasks.
The presentation should be a maximum of 30 slides, including introduction, conclusions and recommendations.
Each slide should have speaking notes in the Notes section which expand on the information in the slide.
The slides should give refer to the additional information contained in the appendices.
Images and quotations used in slides must be referenced on that slide. The slide deck does not require a reference list.
- The TRA is to be attached in a separate Word document marked as Appendix A. The TRA can be presented in tabular format or similar.
- The Pll strategy is to be attached in a separate Word document marked as Appendix B. This document should be fully referenced in APA 6th edition format, and should not exceed 5 pages.
- The Digital Identity is to be attached in a separate Word document marked as Appendix C. This document should be fully referenced in APA 6th edition format, and should not exceed 5 pages.
- The Governance plan is to be attached in a separate Word document marked as Appendix D. This document should be fully referenced in APA 6th edition format, and should not exceed 10 pages.
- A copy of the discussions in the team Wiki or forum should be exported into a single Word document marked as Appendix E.

This assessment task will assess the following learning outcome/s:
- be able to examine the legal, business and privacy requirements for a cloud deployment model.
. be able to evaluate the risk management requirements for a cloud deployment model.
- be able to critically analyse the legal, ethical and business concerns for the security and privacy of data to be deployed to the cloud.
- be able to develop and present a series of proposed security controls to manage the security and privacy of data deployed to the cloud.
- be able to develop and present a cloud governance framework to underpin the cloud operations for an enterprise.

Identifying, assessing and explaining threats, security and risk for computer applications in the real world requires that you interact with colleagues, peers and various stakeholders, therefore team work has been incorporated into these assessments to facilitate this.

Reference no: EM132119440

Questions Cloud

What tactics were used to quell rebellion : Describe a typical voyage (from the enslaved point of view) on a slave ship from Africa to the New World.
Reserach paper on wireless network security : prepare reserach paper on WIRELESS NETWORK SECURITY - Research Problem and Reorganized Collected Literature
What points are emphasized : What points are emphasized? What points are de-emphasized? What verbal and visual techniques are used to highlight or minimize information
Calculate contribution to profit of the children department : Niklos Boot Co. sells men's, women's, and children's boots. Calculate the contribution to profit of the children's department
Develop a personally identifiable information : Develop privacy and personal data protection strategies for the charity, the team has now been engaged to develop a Personally Identifiable Information
Same plane or perpendicular planes : For the molecule allene, H2 C = C = CH2, give the hybridization of each carbon atom. Will the hydrogen atoms be in the same plane or perpendicular planes?
Overlap of the atomic orbitals involved in the bonds : Use valence bond theory to explain the bonding in F2, HF, and ClBr. Sketch the overlap of the atomic orbitals involved in the bonds.
What was the selling price of the bonds : Marillion Company issued $900,000 of 10% bonds at 108. Prepare a schedule showing the computation - What was the selling price of the bonds
Write a memo on human rights in islam : Write a memo on human rights in Islam (specifically the rights of women and religious minorities) in the twentieth and twenty-first centuries.

Reviews

len2119440

9/22/2018 12:46:41 AM

Thorough development of governance plan showing proficient logical analysis Thorough overview that shows excellent proficient analysis and planning Detailed development of governance plan showing good logical analysis Detailed overview that shows good logical analysis and planning Adequate development of governance plan showing satisfactory logical analysis Adequate overview that shows satisfactory logical analysis and planning Inadequate development of governance plan and little or no logical analysis Inadequate overview that shows little or no analysis or planning

len2119440

9/22/2018 12:46:20 AM

Q4 Outline Governance plan (20 marks) Q5 PowerPoint presentation (10 marks) Quality of Wiki/forum interaction (20 marks) Presentation & Referencing Presentation Comprehensive development of policy covering all aspects, with excellent analysis of digital identity issues Comprehensive development of governance plan showing excellent logical analysis Comprehensive overview that shows excellent logical analysis and planning Proactively initiates and facilitates discussion, explicitly using appropriate strategies and tools.

len2119440

9/22/2018 12:45:43 AM

Comprehensive Thorough Detailed Adequate Inadequate development of development of development of development of development of policy covering all policy covering policy covering policy covering policy covering aspects, with most aspects, most aspects, some aspects, few aspects, excellent with proficient with good with some with little or no discussion of discussion of discussion of discussion of discussion of threats and risks threats and risks threats and risks threats and risks threats and risks to Pll data to Pll data to Pll data to Pll data to Pll data

len2119440

9/22/2018 12:45:31 AM

Question HD DI CR PS FL Thorough D d Adequate Inadequate etaile Comprehensive evaluation and evaluation and evaluation and ti evaluation and matching of evaluation and matching of matching of of Ql. TRA for Pll matching of threats to Pll matching h threats to Pll threats to Pll t t Pll data (10 marks) threats to Pll data data with reatso data with data with few with controls controls data with controls controls controls showing excellent showing wing good showing showing little or sho logical analysis proficient satisfactory no logical ical analysis logical analysis log logical analysis analysis

len2119440

9/22/2018 12:45:07 AM

• The TRA is to be attached in a separate Word document marked as Appendix A. The TRA can be presented in tabular format or similar. • The Pll strategy is to be attached in a separate Word document marked as Appendix B. This document should be fully referenced in APA 6th edition format, and should not exceed 5 pages. • The Digital Identity is to be attached in a separate Word document marked as Appendix C. This document should be fully referenced in APA 6th edition format, and should not exceed 5 pages. • The Governance plan is to be attached in a separate Word document marked as Appendix D. This document should be fully referenced in APA 6th edition format, and should not exceed 10 pages. • A copy of the discussions in the team Wiki or forum should be exported into a single Word document marked as Appendix E. All parts of the submission are to be loaded into the Team File Exchange Area in Interact.

len2119440

9/22/2018 12:44:56 AM

The team is to submit the following documents to complete this assessment: • A PowerPoint presentation that gives a comprehensive overview of the four (4) tasks. The presentation should be a maximum of 30 slides, including introduction, conclusions and recommendations. Each slide should have speaking notes in the Notes section which expand on the information in the slide. The slides should give refer to the additional information contained in the appendices. Images and quotations used in slides must be referenced on that slide. The slide deck does not require a reference list.

Write a Review

Computer Network Security Questions & Answers

  Telecommunications and network security

Topic: TELECOMMUNICATIONS AND NETWORK SECURITY. An evaluation of the pros and cons associated with each of the options presented to the user

  Develop skills to independently think of innovation

Analyse critically,three current or future security issues in IoT - Create a 3 - 5 minutes presentation and present your work during the Lab

  What classess java provide to make network programming

IPv6 uses addresses that are 16 bytes long (128 bits ).  How many addresses is that per person in the world? and What classes does Java provide to make network programming easier

  List the user groups and access rights for the network

Discuss additional security measures that you plan to implement for the network to meet the needs. List the user groups and access rights for the network. Include your justification for the user policy.

  Write the word statistic without the repeated letters

Write the word "statistic" without the repeated letters. The number of letters that remain the same will depend upon the choice of the keyword.

  Why should people care about password security

Why should people care about password security -  Can computer hacking be justified under extraordinary circumstances.

  What is the importance of statistical data analysis?

What is the importance of statistical data analysis?

  Identify the ip address of both the client and the server

Identify the IP address of both the client and the server? What port numbers have been used by each and what is their type? Briefly explain each rule in the rule base that you have created.

  What is the purpose of the work breakdown structure

What is the purpose of the work breakdown structure

  Paper about cyber security and identify assess and propose

Please refer to the latest document about cyber security and identify assess and propose: Risk related indicators and governance solutions, vulnerability assessment for cyber security

  Draw the protocol layers of the gateway

1. An IP network is connected to a Novell IPX via a gateway as shown below. Draw the protocol layers of the gateway.

  Case study on attacking more than just the enterprise

Question 1: Evaluate the recent trend toward attacking small and medium businesses and identify the benefits that these types of businesses have which attract attackers. Question 2: Compare and contrast the digital forensic operations of small-siz..

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd