Cloud IPP & Security Issues and Risk Managment Matrix
PLEASE READ CAREFULLY
- Please cite your work in your responses
- Please use APA (7th edition) formatting
- All questions and each part of the question should be answered in detail (Go into depth)
- Response to questions must demonstrate understanding and application of concepts covered in class,
- Use in-text citations and at LEAST 2 resources per discussion from the school materials that I provided to support all answers.
- No grammatical errors; Complete sentences are used. Proper formatting is used. Citations are used according to APA
- The use of course materials to support ideas is HIGHLY RECOMMENDED
- Lastly, Responses MUST be organized (Should be logical and easy to follow)
SPEP 1: Identify Potential Privacy Issues and Mitigation Measures
Now that you have identified the guidelines most applicable to your organization, it is time to discuss privacy protections that may apply.
BallotOnline is now a global organization and may need to contend with several sets of privacy laws since these laws vary from country to country.
Sophia has recommended that you focus on European Union (EU) privacy requirements for now, including the General Data Protection Regulation (GDPR), since those are considered to be the most challenging for compliance. Many companies opt to host data for their European customers entirely within facilities in the European Union, and the companies implement restrictions to prevent data for EU citizens from crossing borders into non-EU zones. This is the approach that you have been asked to take and where you should focus your efforts. Note that some cloud providers, such as Amazon, have received special approval from EU authorities to permit data transfer outside of the EU.
Research EU privacy requirements, identify the requirements that apply to your project and why they apply, and compile your recommendations for complying with these requirements.
STEP 2: Create Risk Management Matrix
Now that you have identified and described the types of risks that may apply to your organization, create a risk management matrix to assess/analyze that risk and make recommendations for risk mitigation measures.
This Sample Risk Assessment for Cloud Computing will give you an example of a completed risk matrix.
Use the risk management matrix template to identify risks and write a brief summary explaining how to understand the data. Submit it for feedback using the steps described below.
Step 3: Describe Cloud Security Issues
Now that you have completed the risk analysis, you can start to identify cloud and network security issues that may apply in BallotOnline's operating environment, including data in transit vulnerabilities and multifactor authentication.
Consider cloud computing risks, network security design, information security, data classifications, and identity management issues.
Besides the risk management matrix in step 2, your research and recommendations to your colleagues must cover the following.
· What network security issues could you encounter?
· What (if any) data classification issues are there to consider?
· What identity management issues need to be considered?
· How would you share responsibilities for securing your project with the Service Provider?
· How does Cloud security compare to on-prem security?
· Are there any other potential cloud security issues that you should identify?
Your answer in the word document should be logical and easy to follow: Your goal should be to convey this critical information to your colleagues in a concise, yet thorough manner.