The aim of the report is to share personal and ethical implications for maintaining the cloud privacy and security. The report will discuss about all the issues that arises with privacy and security from ethical point of view. This report will help the NGO to understand the ethical implications that arises with the cloud security and privacy. The charity team has formed alliance with a community plan that provides cloud connection. The objective of the project is to assess the threats and risks for the PII data. The proposal for the PII strategy needs to be figured out. The strategy that is needed to develop for protecting the digital identity and the governance plan (Zissis & Lekkas, 2014). The report will analyse the factors and check the usefulness of adopting the MySupport approach. These will also determine whether these will impact the behaviour of an individual.
Privacy is the main concern of every organization. This becomes very much necessary to maintain the privacy when moving to different server. As the organization is an NGO and deals with helping the needed people and aims at providing complete centre and help towards them, thus I is their responsibility to provide privacy towards the people within their organization. This becomes a great challenge for the cloud server to maintain the privacy towards the personal data of the employees and the people associated with them. The NGO work s for providing support services and Takes responsibility of those people who are suffering from mental health. The organization has shifted to cloud server and has included a digital id access that will differentiate all the clients from each other and will contain all the details regarding to the employees and the clients (Wang et al., 2015). Moving to cloud server will help to store the documents of everyone related to the NGO and will help in storing and accessing the data easily. These is very much necessary to maintain the integrity of the information stored within the organization. There are several models that re offered by the cloud computing and every architecture provides different features. Even it allows pay per use business model that is the organization needs pay only for the resources that they are using.
The cloud server won’t charge for the resources that are not being used. With implementation of new technologies, the organization faces several challenges. This is very much necessary to overcome the challenges. The main aim of the cloud server is to store the documents with providing highest privacy. Privacy refers to the right to self-determination that is an individual have the right to know about the personal details that are known by others. An individual possess all the rights and has the right t question the organization in case of any information gets leaked. The aim of implementing cloud computing model is to enable convenient and on demand network access that will help in providing the management efforts rapidly (Takabi, Joshi & Ahn, 2014). There are five essential features, four deployment models and three delivery models. The five features that determine the cloud computing are ubiquitous network access, local independent resource pooling, on demand self-service, rapid elasticity and measured services , these all the features help in creating a server that will provide transparent and seamless service. The three cloud service delivery model are SaaS , PaaS and IaaS. Protecting the confidentiality for the details is a major concern. This is very much necessary to maintain privacy as these will impact both in terms of avoiding the ethics and personal rights of an individual. This is necessary to understand that in case the information gets leaked these will impact and cause a huge damage for the organization. This is the main aim of the organization to maintain the privacy and store all the information in a safe way. In order to provide maximum privacy towards the data of the clients and the employees within the organization (Srinivasan, 2014). MySupport approach will be beneficial as the cloud ha implemented fundamental protection right in order to maintain the privacy of the data stored and is named as the privacy design principle. This includes several objectives that will help in decision making and this includes:
Data minimization: these becomes very much necessary to minimize the steps involved in collecting, processing and using the personal data. These will decrease the use of time and will be beneficial for both the clients and the employees within the organization.
Controllability: these becomes very much necessary to provide the control over their personal data. The users should have the right to control the data within the organization (So, 2015).
Transparency: the system needs to be transparent, so that users can know about the working. The operation taking place within the cloud server should always be monitored by the members of the organization.
User friendly systems: these is necessary to develop and transfer to a server that will be user friendly and will help the user to easy functioning.
Data confidentiality: the designing of the cloud server should be done in such a way that it will allow access only to those who have the authorization. This will help to maintain the confidentiality of the data stored within the organization.
Data quality: apart from all this, the data needs to maintain with good quality in terms of technical. The access always should be granted to the users in case of the accessing the necessary data (Ryan, 2015).
Use limitation: there should be a limitation for using the data stored within the organization. This will restrict the users and will prevent unauthorized person from having the access.
The types of attacks that will harm the privacy maintained by the organization for the information of employees and clients. These are as follows:
Service abuse: this means that the attackers aims at abusing the cloud service and gathers the data and or destroy the data gathered from the users. The data abuse can be done by the other users of by the attackers. Duplication also causes harm as these is referred to the case in which one data is being stored within the cloud and is being used by several users for different times (Rittinghouse & Ransome, 2016). This will help in saving the cost and also will save the storage but these will also provide easy access to the attackers.
Averting attack: with shifting to the cloud computing server, it allows to share huge number of resources on the internet. Cloud system should be able to avert the Denial of service attacks.
Identity management: these becomes very much difficult to understand the working of the cloud and the privacy provided when third party enters.
Cloud computing is an emerging technology for the organization those aims at managing the documents easily with less effort. Thus this is necessary to maintain the privacy within the organization. Data breaching will lead to harm individual’s data and is also against the ethics of every organization. This is against ethics to access someone else information or breach them. As the organization deals with the people who are mentally ill or suffering through mental disorders. So any alteration in their information can cause serious damage (Rimal, Choi & Lumb, 2014). Thus it is essential to sort and manage the data in such a way that it will not harm anyone’s emotions. The organization needs to perform activity that will be ethically correct and will not harm any individual rights. Every individual has the right to maintain the privacy and in case the privacy is being violated they ha e the right to fill case against the organization.
With the implication of cloud computing in the organization it is necessary to understand the security provided by the server. The data security needs to be maintained so that data does not gets breached. The access of the data should be given only to the authorized person. This will help in maintaining the security (Popovi? & Hocenski, 2015). This is the responsibility of the organization to rectify all the doubts related to the cloud. Some of the major security concerns includes the following:
Loss of governance: While using the cloud infrastructure the clients are associated with putting the control over the data in the hands of the Cloud provider and this give arise to numerous issues might be having an adverse effect upon the security. Besides this at the same time the SLAs might also not be associated with offering a commitment that is needed in order to provide this kind of services by being a part of the cloud provider (Ogigau-Neamtiu, 2014). This initially leads to the formation of a gap in the security defences. Besides this there might also arise the risks related to compliance and this mainly happens because the process of achieving certification might put to risk because of the migration to the cloud. There are two major responsible for this and this includes the following:
Lock-in: There exists a little amount of offerings related to the ways by which the tools, standard data formats or procedures which are capable of guaranteeing the probability of the data, application and the services. This is initially responsible for making it difficult for the customers to migrate from one of the provider to another or migration of the data and the services back to the In house IT environment (Itani, Kayssi & Chehab, 2017). This initially leads to the dependency upon a particular cloud provider for provisioning of the services specially when it is regarding the data probability and this mainly happens because most of the fundamental aspects are not in enabled condition (Chen & Zhao, 2017).
Isolation Failure: The characteristics of cloud computing are of multi-tenancy and are of shared nature. Besides this the risk category is associated with covering the failures related to the mechanisms which are associated with separating the storage, memory, routing the reputation that exists between the various tenants (Bertino et al., 2014). But despite of this the attacks upon the resource isolation mechanism is very little and besides those it is much more difficult for the attacker to attack this than the traditional Oss.
Compromise of the management interface: By making use of the internet or the mediated access to the larger set of assets it is possible to have access of the customer management interfaces present in the public cloud providers (Asma, Chaurasia & Mokhtar, 2015). This is initially responsible for posing an increased amount of risk especially when they are combined with the vulnerabilities related to the remote access and web browser.
Protection of the data: Different and numerous data protection risks are put forward by the cloud computing and similar things happen for the cloud providers as well. There exist many cases where it is seen that the effective checking of the data handling process that the cloud providers are having becomes difficult for the cloud customers. This type of problem generally gets exacerbated whenever multiple transfers of the data takes place (Almulla & Yeun, 2015).
Incomplete or insecure deletion of the data: whenever there exists the request related to deletion of a cloud resource might not be associated with providing results in true wiping of the data and this is common for most of the operating systems. It might seem to be impossible to delete a cloud resource in a timely manner, which mainly happens because of eth existence of multiple copies that are stored however are not available (Asma, Chaurasia & Mokhtar, 2015). This might also happen because of the fact that the disk that is to be destroyed might be storing data from the other clients as well. In cases where it is seen that there exists multi-tenancies or when the hardware resources are being reused might be responsible for putting forward a high amount of risk for the customers than the hardware dedicated towards it.
Malicious insider: This is another major security risk that is faced while using the clouds. Damage might also be caused due to the malicious users existing inside the system and this type of damage is often far greater. There are certain roles played by individuals that are of extremely high risk (Almorsy, Grundy & Müller, 2016).
Security expectations of the customers: there might exist a great amount of difference in the level of security from the customer’s perspective and the actual security that is provided by the cloud providers. This might also happen due to the actual temptation that the cloud providers have in order to decrease the cost by means of sacrificing certain security related aspects.
From the above report it can be said that implementation of the cloud computing will help in improving the efficiency. The data can be easily stored within the organization. In order to improve the privacy and the security within the organization it is necessary to understand the need of the privacy and security. The organization needs to understand the importance of privacy and security within the organization. In order to improve the working and maintaining proper security, it is recommended for the organization to implement some strategies that will help in protecting the rights and integrity of the data stored within the organization. The NGO has planned to have digital identity that will help the people of organization to easily distinguish between clients. The digital id implemented needs to get scanned before accessing any data. Thus, this will ensure that the data is being accessed by only authorized people. The best recommendations that can be provided to the customers includes providing assurance towards the cloud customer. It is necessary to take steps in order to mitigate the risks faced by the customer and the provider.
The organization needs to have the following documents prepared ,this are as assess the service provided by the cloud server, the different models offered by the cloud server, assurance from the best cloud provider and reducing the burden from cloud providers. These is the responsibility of the organization to prepare a security check list that will cover every requirements including policy issues, legal issues, technical issue and the physical issue. The organization can make the digital identity process much better. Every verification step should include the following steps identity proofing, once the client is allowed to get access and the identity gets proofed. That is the digital identity once get accepted than the user will be allowed to move to the next step. After this the next step involves authentication. The last step is the authorisation. This step involves allowing the user to access the data stored within the cloud server once this gets approved. Few recommendation that will help in identifying the users details are:
The recommendations are necessary for the NGO, so that they can manage the details and information even in a better way. These is very much necessary to maintain the privacy and security towards the data stored within the organization. As this data stored belongs to the employees and clients. Thus this needs to be kept safely without altering. The digital identity will help to maintain the integrity of an individual and all the data will be stored safely. Without authentication, no one will be allowed to access the data.
Conclusion
From the above report it can be concluded that there is a need of implementing privacy and security within the organization. This is necessary to understand that these two features are the important one. Every organization aims at providing best services towards their customer. This is the responsibility of the organization to provide highest security and privacy towards the information. The report has discussed about the need of privacy and the security, maintained within the document. The later part of the report has given the recommendation that will help in maintain the integrity of the data. In addition to this, the NGO has implemented digital identity that will help them identifying the clients and will allow the authorization accordingly.
Reference
Almorsy, M., Grundy, J., & Müller, I. (2016). An analysis of the cloud computing security problem. arXiv preprint arXiv:1609.01107.
Almulla, S. A., & Yeun, C. Y. (2015, March). Cloud computing security management. In Engineering Systems Management and Its Applications (ICESMA), 2010 Second International Conference on (pp. 1-7). IEEE.
Asma, A., Chaurasia, M. A., & Mokhtar, H. (2015). Cloud Computing Security Issues. International Journal of Application or Innovation in Engineering & Management, 1(2), 141-147.
Bertino, E., Paci, F., Ferrini, R., & Shang, N. (2014). Privacy-preserving digital identity management for cloud computing. IEEE Data Eng. Bull., 32(1), 21-27.
Chang, D. Y., Benantar, M., Chang, J. Y. C., & Venkataramappa, V. (2014). U.S. Patent No. 8,769,622. Washington, DC: U.S. Patent and Trademark Office.
Chen, D., & Zhao, H. (2017, March). Data security and privacy protection issues in cloud computing. In Computer Science and Electronics Engineering (ICCSEE), 2012 International Conference on (Vol. 1, pp. 647-651). IEEE.
Itani, W., Kayssi, A., & Chehab, A. (2017, December). Privacy as a service: Privacy-aware data storage and processing in cloud computing architectures. In Dependable, Autonomic and Secure Computing, 2009. DASC’09. Eighth IEEE International Conference on (pp. 711-716). IEEE.
Krutz, R. L., & Vines, R. D. (2014). Cloud security: A comprehensive guide to secure cloud computing. Wiley Publishing.
Ogigau-Neamtiu, F. (2014). Cloud computing security issues. Journal of Defense Resources Management, 3(2), 141.
Popovi?, K., & Hocenski, Ž. (2015, May). Cloud computing security issues and challenges. In MIPRO, 2010 proceedings of the 33rd international convention (pp. 344-349). IEEE.
Rimal, B. P., Choi, E., & Lumb, I. (2014, August). A taxonomy and survey of cloud computing systems. In INC, IMS and IDC, 2009. NCM’09. Fifth International Joint Conference on (pp. 44-51). Ieee.
Rittinghouse, J. W., & Ransome, J. F. (2016). Cloud computing: implementation, management, and security. CRC press.
Robison, W. J. (2013). Free at what cost: Cloud computing privacy under the stored communications act. Geo. Lj, 98, 1195.
Ryan, M. D. (2015). Cloud computing privacy concerns on our doorstep. Communications of the ACM, 54(1), 36-38.
So, K. (2015). Cloud computing security issues and challenges. International Journal of Computer Networks, 3(5), 247-55.
Srinivasan, S. (2014). Cloud computing security. In Cloud Computing Basics (pp. 81-100). Springer, New York, NY.
Takabi, H., Joshi, J. B., & Ahn, G. J. (2014). Security and privacy challenges in cloud computing environments. IEEE Security & Privacy, (6), 24-31.
Wang, C., Wang, Q., Ren, K., & Lou, W. (2014, March). Privacy-preserving public auditing for data storage security in cloud computing. In Infocom, 2010 proceedings ieee (pp. 1-9). Ieee.
Wang, J., Zhao, Y., Jiang, S., & Le, J. (2015, May). Providing privacy preserving in cloud computing. In Human System Interactions (HSI), 2010 3rd Conference on (pp. 472-475). IEEE.
Zissis, D., & Lekkas, D. (2014). Addressing cloud computing security issues. Future Generation computer systems, 28(3), 583-592.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download