User Account

All Pages

Establish the existing threats and risks to the security

Assignment Help Computer Network Security
Reference no: EM132847347 , Length: word count:3000

ITC568 Cloud Privacy and Security - Charles Sturt University

Learning outcome 1: be able to examine the legal, business and privacy requirements for a cloud deployment model.

Learning outcome 2: be able to evaluate the risk management requirements for a cloud deployment model.

Learning outcome 3: be able to critically analyse the legal, ethical and business concerns for the security and privacy of data to be deployed to the cloud.

Assessment item 2 - Case Study Risk Assessment

Scenario

The Department of Administrative Services (DAS) provides a number of services to other departments in an Australian State Government. These services include HR and personnel management, payroll, contract tendering management, contractor management, and procurement. These services have all been provided from the Department's own data centres.
As a result of a change in Government policy, DAS is moving to a "Shared Services" approach. This approach will mean that DAS will centralise a number of services for the whole of Government (WofG). The result of this move will be that each Department or Agency that runs one of these services for its own users, will be required to migrate its data to DAS so that it can be consolidated into one of the DAS centralised databases. DAS will then provide these consolidated services to all other Departments and Agencies within the Government.
Another Government policy mandates a "Cloud first" approach to the process of updating or acquiring software or services. Following these strategic policy changes from Government, DAS has decided to:

• Purchase a HR and personnel management application from a US based company that provides a SaaS solution.

The application will provide DAS with a HR suite that will provide a complete HR suite which will also include performance management. The application provider has advised that the company's main database is located in a Cloud datacentre based in California in the United States, with a replica database located in a cloud datacentre in Dublin, Ireland. However, all data processing, configuration, maintenance, updates and feature releases are provided from the application provider's processing centre in Bangalore, India.

Employee data will be uploaded from DAS daily at 12:00 AEST. This will be initially transferred to Bangalore in India for processing before being loaded into the main provider database in California.

Employees will be able to access their HR and Performance Management information through a link placed on the DAS intranet. Each employee will use their internal agency digital ID to authenticate to the HR and Performance management system. The internal digital ID is generated by each agency's Active Directory instance and is used for internal authentication and authorisation.

• Move the DAS payroll to a COTS (Commercial Off The Shelf) application that it will manage in a public cloud;
You may wish to consider the Cloud Security Alliance 2019 Cloud Security Complexity report as part of your response.

Tasks
You have been engaged to provide a risk assessment for the planned move to s HR SaaS application offering.
You are to write a report that assesses the risk to DAS in the following areas:
1. Consider the data and information that DAS holds on its employees in the current HR system.
a. Establish the existing threats and risks to the security of that data and information contained in the in house HR database.
b. Are there any other risks and threats to the employee data after migration to
an SaaS application?

c. Assess the resulting severity of risk and threat to employee data.

2. Consider the privacy of the data for those employees who will move to an SaaS application.
a. Establish the existing threats and risks to the privacy of that data and information contained in the in house HR database.
b. Are there any other risks and threats to the privacy of the employee data after migration to an SaaS application?
c. Assess the resulting severity of risk and threat to the privacy of employee data.
3. What are the threats and risks to the digital identities of Government employees from the move to SaaS applications?

You are to provide a written report with the following headings:
• Security of Employee Data
• Privacy of Employee Data
• Digital Identity Issues
As a rough guide, the report should be no more than about 3,000 words.

Attachment:- Cloud Privacy and Security.rar

Reference no: EM132847347

Questions Cloud

Compare and contrast mcgregor theory x and theory y : Compare and contrast McGregor's Theory X and Theory Y and Herzberg'S Two Factor Theory in the context of employee motivation.
Develop an implementation plan for employee health : You work for a small business, ABC Stationery, which supplies office supplies to small and medium-sized businesses within the South East Queensland market
Calculate the unit variable cost : The owner, Kenneth Felinas, asked you to assist him in estimating his maintenance costs. Using the high-low method, calculate the unit variable cost
What is an organizational theory issue : What is an organizational theory issue with the public health sector?
Establish the existing threats and risks to the security : Establish the existing threats and risks to the security of that data and information contained in the in house HR database - Consider the privacy of the data
Impact of cultural diversity on employees performance : Does cultural diversity have an impact on people's attitude as well? must talk about your own experiences at Private sector.
Awareness of management theories-practice of management : Discuss how an awareness of management theories can influence the practice of management.
Explain learning theory and complexity theory : What benefits do management theories offer when implemented by managers? Especially learning theory and complexity theory please
Make strategic offensive attacks : Describe a scenario where TWO companies chose to make strategic offensive attacks using one of the seven offensive strategic options?

Reviews

Write a Review

Computer Network Security Questions & Answers

  An overview of wireless lan security - term paper

Computer Science or Information Technology deals with Wireless LAN Security. Wireless LAN Security is gaining importance in the recent times. This report talks about how vulnerable are wireless LAN networks without any security measures and also talk..

  Computer networks and security against hackers

This case study about a company named Magna International, a Canada based global supplier of automotive components, modules and systems. Along with the company analysis have been made in this assignment.

  New attack models

The Internet evolution is and is very fast and the Internet exposes the connected computers to attacks and the subsequent losses are in rise.

  Islamic Calligraphy

Islamic calligraphy or Arabic calligraphy is a primary form of art for Islamic visual expression and creativity.

  A comprehensive study about web-based email implementation

Conduct a comprehensive study about web-based email implementation in gmail. Optionally, you may use sniffer like wireshark or your choice to analyze the communication traffic.

  Retention policy and litigation hold notices

The purpose of this project is to provide you with an opportunity to create a document retention policy. You will also learn how to serve a litigation hold notice for an educational institute.

  Tools to enhance password protection

A report on Tools to enhance Password Protection.

  Analyse security procedures

Analyse security procedures

  Write a report on denial of service

Write a report on DENIAL OF SERVICE (DoS).

  Phising email

Phising email It is multipart, what are the two parts? The HTML part, is it inviting the recepient to click somewhere? What is the email proporting to do when the link is clicked?

  Express the shannon-hartley capacity theorem

Express the Shannon-Hartley capacity theorem in terms of where is the Energy/bit and is the psd of white noise.

  Modern symmetric encryption schemes

Pseudo-random generators, pseudo-random functions and pseudo-random permutations

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd