Tuesday, December 24, 2019
Personal, Social And Institutional Power - 1726 Words
1. Define personal, social and institutional power. Give an example of each type of power that is displayed in the movie. a. Personal power is the degree of control an individual has over their own decisions. In Remember the Titans, an example of personal power was when the white boy made a decision to start a fight with Petey Jones (a black boy) because Petey was talking to his girlfriend and threw the first punch. b. Social power is expressed in the way different people relate to each other, or in ââ¬Ësocial dynamicsââ¬â¢. An example of social power in the film is when the ââ¬Ëwhiteââ¬â¢ team captain, Gerry Bertier took the advice of his fellow teammate and ââ¬Ëblackââ¬â¢ team captain when he disciplined one of his team members for not defending adequately. c. Institutional power is when some people have authority over others because of their position of responsibility, usually based on their expertise or experience. Institutional power is when Coach Herman Boone says, ââ¬Å"This is no democracy. It is a dictatorship. I am the law,â⬠as he is the head of power in the football team and was asserting his dominance. 2. Belonging, stereotyping and discrimination are 3 key issues explored in Remember the Titans. Why is it important for young people to develop an understanding of these three concepts in todayââ¬â¢s society? (Link your response with examples from the movie and/or personal experience.) It is essential for adolescents to acquire an awareness of belonging, stereotyping and discrimination asShow MoreRelatedMy Experience With Parenting And Home Schooling1642 Words à |à 7 Pagesmy social location, my academic and professional position, my emotional response, my academic and professional position and my emotional response as well as institutional and interpersonal context and epistemological stance influenced the interview, the data collection and the interpretation of the data. Further, I will briefly talk about what I have learned and comment on how to transform the process. Social location: In conducting the research interview, I recognized the impact my social locationRead MoreLiterature Review : Social Innovation Essay1608 Words à |à 7 Pages Literature Review Social Innovation Developing any organisation which seeks to promote the way in which a social sphere operates, be it in the form of non-profits, social enterprises or any organisational structure, inevitably is an existential process, asking difficult questions around the nature of authentic, valuable social innovation. A somewhat common understanding of social innovation is expressed below: Social innovation refers to innovative activities and services that are motivated byRead MoreFacebook Is A Multi Billion Dollar Corporation1746 Words à |à 7 PagesFacebook is an online social networking platform and a for-profit corporation that was launched in 2004 by Mark Zuckerberg. It allows people to maintain and establish social relationships by generating personal profiles, where they are able to upload pictures, text, videos, music, and add others to their friend list. Users are able to post statuses and comments to their friends and on their own profile pages, sharing and liking certain content through the influence of Facebookââ¬â¢s social occurence. ThisRead MoreThe Political Culture Approach : Comparison Of Almond And Verba1128 Words à |à 5 Pagesconcept of social capital. Summary of Major Arguments In the Civic Culture, Almond and Verba seek to measure the level of political participation of citizens in the United States, Mexico, Great Britain, Germany and Italy, and create a theory of civic culture, a political culture explaining the political involvement of citizens or lack of that in democratic countries. Almond and Verba (1989) discuss the historical origins of the civic culture and the functions thereof in the process of social changeRead MoreThe Impact Of Organizational Politics On Decision Making And Organizational Behaviors945 Words à |à 4 PagesIn order to succeed, one does not only have to obtain the knowledge in their field, but one must have the organizational and political skills (Pfeffer, J., 2010). Organizational politics focuses on the use of power to affect decision making and organizational behaviors. The political behaviors are activities that are not required of someone in their formal role, but that influence, or can attempt to influence pros and cons w ithin a company (Robbins Judge, 2012). Unfortunately, these politics canRead MoreThe Importance Of Motivation And Motivation Theory1401 Words à |à 6 Pagesbelongingness, esteem and Self-Actualization. (Maslow, 1954) Figure 1 Maslowââ¬â¢s hierarchy of needs model Moreover, physiological needs, safety needs and social needs they are belong to deficiency needs, they are all very basic needs. And esteem and self-actualization needs are growth needs, associated with personal growth and fulfillment of personal potential. Also company should use the culture of trust that lead to a positive working relationship and bring employee more opportunities for promotionRead MoreRural Livelihood1463 Words à |à 6 Pagesalleviate the ever increasing problem of rural poverty. Drawing on Chambers and Conway (1992) among others, the IDS teamââ¬â¢s definition of sustainable livelihood is as follows: ââ¬Å"A livelihood comprises the capabilities, assets (including both material and social resources) and activities required for a means of living. A livelihood is sustainable when it can cope with and recover from stresses and shocks maintain or enhance its capabilities and assets, while not undermining the natural resource base.â⬠TheRead MoreHrm And Domestic Hrm Practices1487 Words à |à 6 Pagesis are aware of nationwide and individual cultural differences towards standardization itself. Differences that affect cultural reactions are not only specific to the human practice but also to the standardization. Business use proportions such as power distance and the survival dimension to understand the response of their employees. Aware of this challenge would lead many MNEââ¬â¢s to pursue more modified way of corresponding and applying to a standardized practice. A subsidiary business is one in whichRead MoreStructural Or Institutional Racism Is Formed By The Social, Economic, Political Or Educational Forces Essay1063 Words à |à 5 Pages ââ¬Æ' Structural or institutional racism is formed by the social, economic, political or educational forces that foster discriminatory outcomes or give preference to members of one group over the other deriving its genesis from the concept of race. The biological fact for the race has been invalidated by biologists, but the social aspect of it is formed by the community. The physical traits still possess the meanings of social race identity. It is these social race identities that deliberate placementRead MoreThe Role of Enterprise Social Collaboration in Employee Engagement809 Words à |à 3 Pagesof Enterprise Social Collaboration in Employee Engagement Most banks have employees separated by more than just multiple branch locations - different work experiences, expectations and generational differences create unique cultural issues and challenges in the workforce. Implemented and managed successfully Enterprise Social Collaboration (ESC) can enhance the ââ¬Å"emotional connectionâ⬠between employees, the organization and the customer. HR banking professionals can harness the power of ESC as a tool
Monday, December 16, 2019
Change On Food Production Environmental Sciences Essay Free Essays
Agribusiness is extremely dependent on specific clime conditions. Moderate heating and appropriate C dioxide in the ambiance may assist workss to turn faster. But more terrible clime alteration such as planetary heating, inundations, drouth, and hail may cut down outputs. We will write a custom essay sample on Change On Food Production Environmental Sciences Essay or any similar topic only for you Order Now Harmonizing the study, from 1981 to 1990, the mean planetary temperature has increased 0.48 Aà °C than 100 old ages ago. If nursery gas emanations continue the heating will besides go on, with temperatures projected to increase by 1.4 Aà °C to 5.8 Aà °C between 1990 and 2100. ( Richardson et al. 2011 ) Increases in temperature and C dioxide ( CO2 ) can be good for some harvests in some topographic points. But to recognize these benefits, food degrees, dirt wet, H2O handiness, and other conditions must besides be met. Higher Carbon dioxide degrees can increase outputs. The outputs for some harvests, like wheat and soya beans, could increase by 30 % or more under a doubling of CO2 concentrations. The outputs for other harvests, such as maize, exhibit a much smaller response ( less than 10 % addition ) . However, some factors may antagonize these possible additions in output. For illustration, if temperature exceeds a harvest ââ¬Ës optimum degree or if sufficient H2O and foods are non available, output additions may be reduced or reversed. Crops grown in the United States are critical for the nutrient supply here and around the universe. U.S. exports supply more than 30 % of all wheat, maize, and rice on the planetary market. Changes in temperature, sum of C dioxide ( CO2 ) , and the frequence and strength of extreme conditions could hold important impacts on harvest outputs. Warmer temperatures may do many harvests grow more rapidly, but warmer temperatures could besides cut down outputs. Crops tend to turn faster in warmer conditions. However, for some harvests ( such as grains ) , faster growing reduces the sum of clip that seeds have to turn and maturate. This can cut down outputs ( i.e. , the sum of harvest produced from a given sum of land ) . ( EPA 2012 ) All the job demand to hold fast and effectual ways to be solve good. In the text will speak other state utilize what solution to diminish the harm and to protect the harvest. Global heating has a serious impact on agricultural production, harmonizing to the Consultative Group on International Agricultural Research ( CGIAR ) research study pointed out the exposure of agribusiness to climate warming public presentation of ingestion in the universe ââ¬Ës largest of several major assortments of grain, wheat, cereal, maize and rice are peculiarly sensitive to high temperature, decreased production will do nutrient deficits. ( CGIAR 2012 ) World Agro forestry Centre main ecologist Dr. Lewis aÃâ ? Will Carter study pointed out that the impact of clime alteration on agribusiness in developing states, for illustration, China ââ¬Ës agricultural production, the chief harvests are rice, wheat and maize, warming irrigated and rain-fed spring wheat production decreased by 17.7 % and 31.4 % , severally, the mean maize production will cut 3 % -7 % ; ( Chiras 2012 ) warming will speed up microbic decomposition of dirt organic affair, ensuing in the diminution of d irt birthrate, execution of the pesticide will increase and widen the harvest turning season, so that non merely increase agricultural costs, and affect the safety of the nutrient. ( Cline 2007 ) Solution: straw engineering is a stimulation of dirt birthrate, non merely put an terminal to the air pollution caused by straw combustion, and flesh outing output good to assist better its agricultural production. Warming chiefly due to the atmospheric concentrations of nursery gases ( CO2, CH4, and N2O ) concentration increased CO2 is the chief nursery gas, straw as a bearer stuff, energy and foods, is a valuable natural resource, straw is the straw is non straight feed straight or accretion composting installations into the dirt in a manner, the usage of straw engineering can better dirt belongingss, accelerated adobe ripening and better dirt birthrate by impacting dirt microbic biomass and microbic communities, and alterations in dirt physical and chemical belongingss, such as the many ways to increase the strength of dirt respiration, thereby increasing dirt C dioxide emanations, and can direct compensation the ingestion possible birthrate of the dirt, the biological rhythm acce lerated dirt stuff to advance the growing of good micro-organisms in the dirt better alimentary supply conditions to advance the addition of dirt organic affair and N, P, K and other content, better dirt wet keeping capacity, hiking harvest opposition. On the other manus, the mechanisation of straw including straw chopper compiled force per unit area to field a assortment of signifiers, the whole rod characteristic is convenient, fast, low-cost and big country of aÃâ â⬠¹aÃâ â⬠¹soil birthrate advantage ; it has been one of the more mature engineerings. ( Meng et al. 2008 ) After 1760s Industrial Revolution, release more C dioxide, ensuing in runing snow to do more inundations and influence nutrient production. For illustration Yangtze river is the highest frequence of inundations in China, one of the infestation of serious natural catastrophes, ( Wanfang Data 2012 ) so for work outing the job there are two ways, cut downing C footmark and concept dike in the Crop-growing countries, use the reservoir to command inundation. ( Luo 2002 ) So for cut downing C footmark, first is China authorities encourage mills to emission gas after Purification of C dioxide, second is authorities investing research new energy. If C footmark can cut down success, may non hold excessively many inundations and nutrient production will increase. For forestalling to cut down nutrient production from inundations, China authorities built Three Gorges Project from 1994 for protect the center and lower ranges of the Yangtze River, although Three Gorges Project has Flood control, p ower coevals and transportation, including inundation control, are considered the nucleus benefits of the Three Gorges Project. So make certain protect Crop-growing countries. ( Baidu 2012 ) When the clime alteration, it besides make the drouth Frequent happening, a batch of Crop-growing countries nutrient production sudden cut down, people can increase nutrient production for work outing the job, and there is a scientist did really good in this, he created a new sort of rice, Yuan Longping, Studied of intercrossed rice engineering from 1964, three lines back uping in 1973, bred the first intercrossed rice South High Yielding Combinations first-class No. 2 in 1974, developed in 1975, the success of intercrossed rice cultivation engineering for the big graduated table intercrossed rice laid the foundation. iZhuang 2008i?â⬠° For increasing nutrient production we need to advance the cultivation of Yuan Longping ââ¬Å" intercrossed rice â⬠. Yuan Longping went to eight states recent old ages including the Philippines, the United States, Japan, France, Britain, Italy, Egypt, Australia, has been invited to give talks, Teach techniques, take part in academic conferenc es or proficient cooperation and research international academic activities 19 times. Hybrid rice go to the universe, the United States, Japan, the Philippines, Brazil, Argentina and more than 100 states have introduced intercrossed rice and we need do better. ( CCTV News 2012i?â⬠° Internationally, the effects of clime alteration on agribusiness and nutrient production are likely to be similar to those seen in the United States and China. The effects of clime alteration besides necessitate to be considered along with other germinating factors that affect agricultural production, such as alterations in agriculture patterns and engineering. As the reader understanding from the text, some solutions and make ways are from experts, but non all of the famers have high instruction and high accomplishment to salvage the low nutrient production because of clime alteration. Many husbandmans because there was nââ¬â¢t adequate agricultural cognition lead to cut down the figure of harvest production. Such as China, Farmers mean instruction by deficiency of fixed figure of twelvemonth 7 old ages. In about 490 million rural labour force, the primary school civilization grade and illiteracy semiliterate histories for 40.31 % , the junior in-between school civilization grade of 48.01 % , high school civilization grade of 9.7 % , proficient secondary school civilization degree 2 % , above college civilization degree accounted for merely 0.52 % . ( Dong et al. 2006 ) If can non better the instruction quality of famers that will effects the agribusiness development. These phenomena get the attending of the authorities. A batch of local agribusiness agency has begun to action, they launch a preparation class Teach husbandmans better cultivation of nutrient, and besides reply famer ââ¬Ës inquiry about works the harvest. The agribusiness agency besides distribution of free engineering books to husbandmans about pollution-free veggies cultivation and the quality and safety of agribusiness merchandises. Through the preparation, better the husbandmans ââ¬Ë scientific discipline and engineering quality, developing they rely on scientific discipline and engineering to increase nutrient production. The authorities besides hope famers use their new cognition to make the new assortments can turn up in the different clime, and get the better of the terrible environment alteration to do nutrient production jobs to minimum. ( HNXNC 2012 ) How to cite Change On Food Production Environmental Sciences Essay, Essay examples
Saturday, December 7, 2019
IT Risk Assessment Of Aztek Australian Finance Industry - Samples
Question: Discuss about the IT Risk Assessment Of Aztek Australian Finance Industry. Answer: In this new world of technology cloud computing is playing very important role in transforming this world into digital world. Technologies like Big Data and Cloud computing are enhancing the performance of the organization through improving the operational activities in better and efficient manner. The aim of this report is to assist Aztek on the threats and risks that could be raised due to the implementation of Cloud Computing within the organization. Aztek is a financial industry and most of the finance industries are adopting cloud computing for the betterment of the organization but yet many of the industries are lacking in adopting it. However, this could change the face of file transfer andmanagement system in much cost effective manner and help the Aztek to improve the quality of services in very few time and investment. Cloud computing can be stated as pay-per-use model for enabling available, convenient, on-demand network access to a shared pool of configurable computing resources (e.g.., network, servers, storage, applications, and services) that can be rapidly provisioned and released with minimalmanagement effort or service provider interaction (Erl, Cope Naserpour, 2015). This cloud model promotes availability and is comprised of five key characteristics, three delivery models and four deployment models (Bansal Sharma, 2015). It has the flexibility that provides feature of scaling up or down accessed through pooled computing resources through using the multi-tenant model that can be metered and billed as per the usage of the organization. There are mainly three delivery models for the cloud computing that can be listed as: Information as a service (IaaS), Platform as a service (PaaS), and Software as a service (SaaS). The vendors for the respective service providers are Google Docs and salesforce.com for SaaS, Microsoft Azure and Google App Engine for PaaS, and Amazon EC2, Rackspace, and NYSE Euronext CMCP for the IaaS (Sreeramaneni, Seo Chan, 2017). These cloud service can be delivered through three models that can be described as: Public cloud: This is a cloud service that is being offered and available for everyone over the internet. Private Cloud: This is service is available for the trusted users of the industries. This is either managed by the cloud provider or organization itself. Community Cloud: It is accessible to the members or individuals of a wider community that is composition of more than one industry or firm. Hybrid Cloud: It can be described as the mix of private and public cloud and mitigates the ch allenges that occur in the individual deployments. Aztex should deploy Hybrid model in manner to keep data and information secured and protected (Rani Ranjan, 2014). This will let the organization avail all the services and minimize the risks related to the data security. The following report emphasis on the regulation and compliance of the agreements and services offered by the cloud service provider along with the existing policies of the organization. This report also states various Australian laws or policies that could be implemented or considered while implementing Cloud Computing within the organization. All perspective should be clear between the service provider and the service consumer related to the information security to the information that is being transferred to the cloud. Security posture has been also explained in this report in relation with the IT infrastructure of the Aztek. For themanagement of information security six Ps concept has also been proposed in this report. This report presents a risk assessment for the threats, vulnerabilities and issues raised due to this innovative change in the organization. Aztek should consider following risk assessment before and after implementing cloud computing within the organization. Industry Regulation or Compliance Cloud Computing or hosting cloud applications for the operational activities within the finance industries can be described as a new delivery and sourcing model that is capable of sharing many legal issues. That give birth many legal challenges for the implementation of this technology in the existing system of the firm or the organization that can be listed as: first and the top most prior challenge is the legal compliance issues between the services and protection provided by the third party, is compatible with the existing policies of the organization or not. Second is the Service Legal Agreements or service level performance that should be again aligning with the existing policies of the firm (Gangwar Date, 2016). Cross-border issues raises when the cloud service providers main database system or IT infrastructure is situated in other country and the consumer is availing those services from outside the country. Data protection usage and rights that is one of the most important a spects for any sector of the organization including the financial industries that are availing cloud computing services for their firm or the organization (Srinivasan, 2014). Transition and transition that is often very hard once the organization is connected to the service provider, it becomes much complex to leave them and move to another service provider including the rise in budget. For Australian finance industries there are specific laws that could be related to the cyberspace and cloud computing that can be listed as: Copyright Amendment (Digital Agenda) Act 2000 (Cth) - intellectual property Archives Act, FOI Act Spam Act 2003 Privacy Act 1988 Privacy Amendment (Private Sector) Act 2000 (Cth) Electronic Transactions Acts (Selvadurai, 2013) Telecommunications (Interception) Act 1979 (Cth) Cybercrime Act 2001 (Cth) The policy should be based on considering the impact and consequences on the stakeholders. Internal stake holders such as manager of the Aztec, their staffs, and boards or heads should go thoroughly to the agreement made between the service provider and the government policies (Almosry, Grundy Muller, 2016). However, this will alternatively affect the external stakeholders, which are government agencies, financiers, suppliers and many others. Security Posture Implementing cloud computing into the existing system and using cloud hosted application could lead to issues to the security of the information and data that is being transferred on the cloud. Information related to operational activities and sensitive information related o the employee and transactions of the organization will mitigate on the cloud. Data breaches and other malicious attack could hamper these data and information and priority should be given on mitigating such issues (Rittinghouse Ransome, 2016). However these security issues could managed by application of the principles of information security management that could be explained as six Ps: Planning: It can be stated as the first and most important approach towards Information Security Management. This step includes modelling of the strategies that could be implemented in manner to support the information strategy that involves designing, creating and implementing of the strategies respectively. There are various types of information security planning that includes: Business continuity planning, Incident response planning, Policy planning, Security program planning, Disaster recovery planning Technology rollout planning, Personnel planning, and Risk management planning (Chandra, Challa Hussain, 2014). Policy: There should be certain set of guidelines for the Aztec that dedicates the behaviour within the organization after the migration of data to the cloud and hosting cloud applications. Recommended policies for the cloud computing adoption for Aztek can be put into three categories that are; firstly, ISSP (Issue-Specific Security Policy), secondly, EISP (Enterprise Information Security Policy), SysSPs (System-Specific Policies). Implementation of these policies before or after adopting cloud computing will help in enhancing the information security (Rivery et al., 2015). Programs: The operations involved in the information security management should be executed as a part of the culture of the organization and should be managed separately. Programs such as SETA (Security Education Training and Awareness) should be enrolled in the list of the primary activities within then management system including the physical security programs. This will help in protecting personal credentials and devices that could be connected to the network of the cloud (Aikat et al., 2017). Protection: This could be a vast chapter in the implementation of cloud computing within the existing system of Aztek as it includes risk assessment of the identified threats and issues, tools to minimize the identified threat, control, technologies, and protection mechanism. These mechanisms could be helpful in improving and achieving maximum information security for the data and then information (Haimes et al., 2015). People: The stakeholders including internal, external and cloud service provider are the most critical link for the information security management in the cloud computing adoption. There should be recognition of the roles and the responsibilities of each individual within the organization and should be motivated toward achieving better information security management. This section describes about the security personnel and the security of the personnel including the aspects of the SETA program. Project Management: This includes controlling and identifying the resources that could be applied to the project like new infrastructure or more systems within the premises for adopting cloud computing. Continuously monitoring the progress and motivating the employees to the target stated by the organization. For this case of cloud adoption information system cannot be described as a project rather it can be defined as a process in which each element should be managed as a project (Rao et al., 2016). This should be a chain or series of projects. Operational Categories Security of the information while moving towards cloud adoption is also based on the way of implementation of the technology. There are three common classification based on the implementation, which can be listed as: Management controls: Management security control emphasis on using assessment methods based on the planning made earlier in manner to manage and reduce the risks related to the data security. It can also be described as the management controls as administrative controls. Most common management controls are: Firstly, Risk assessments that could be helpful in making quantitative and qualitative analysis of the risks within the cloud adoption in the organization and will provide helpful output for managing the serious risks. It can be explained as cost and asset values for implementing cloud computing, and risk assessment for that for the monetary values is a quantitative risk assessment (McCrie, 2015). However, qualitative risk assessment is based on the impact and probability of the risks that have been identified during the risk assessment. Second component is vulnerability assessment that is an attempt for discovering the current weaknesses or vulnerabilities. Aztec can implement ad ditional controls for reducing the risks from these vulnerabilities. Third approach involved in this control is Penetration tests, which can be stated as the one step further from then vulnerability assessment that can be helpful in attempting to exploit vulnerabilities that might occur due to the cloud storage (Layton, 2016). An example stating the situation is that vulnerability assessment will discover that the server is not up-to-date but the penetration test will make an attempt in compromising the server through exploiting several of the un-patched vulnerabilities. Operational Controls: It could be helpful in ensuring the operational activities that are being performed using cloud of the Aztek and complying with the overall security plan. Operation controls that are being controlled by the individuals can be listed as: Firstly, Awareness and training; it can be a beneficial aspect for maintaining the information security and minimizing the threats. It could be helpful in understanding password security malware attacks, phishing, and many more. Second control is the configuration and chain management that ensures that the systems are properly configured (Rohdes, 2013). Third control includes contingency plan plans that could ensure the planning and execution are going in right way. Technical Controls: This includes protecting the data and systems from being breached by an unwanted intruder or unauthorized use Risk. This includes proper encryption of the systems, which could be helpful in protecting confidential and sensitive information. Antivirus, anti-malware, IDSs (Intrusion detection systems), updated firewall, and least privilege are recommended in this control (Peppard Ward, 2016). Threats, Vulnerabilities and Consequences Assessment Following is the list of threats vulnerabilities and consequences along with the impact probability and severity that could help in later risk severity matrix that could be a beneficial aspect for the decision-making by the stakeholders: Sl. No. Risks Explanation Probability Impact Priority Risk 1. Supply Chain Failure Cloud service provider sometimes hires the server of another service provider. L M M Risk 2. Interface compromises Using cloud hosted application leads to such issues because the customer management interfaces of the public Cloud service providers are mediate access and accessible to the internet (Albakri et al., 2014). M VH H Risk 3. Conflicts in the Cloud environment When the service provider lacks in providing the offered services and solutions. M M M Risk 4. Lock-in The customer or client got stuck with single service provider because moving to other could cost much more than estimated (Theoharidou, Tsalis Gritzalis, 2013). H M H Risk 5. Intellectual property issues Lacking in proper infrastructure and risks to the data and information. L M M Risk 6. Social Engineering Attacks (Phishing) It can be tricked manipulation through sending malicious coding via mail or any messaging media and hamper the information saved in the system (Theoharidou et al., 2013). M H M Risk 7. Malicious Insider (Cloud Provider) Generally formal stakeholders with credentials can cause such risk. H VH H Risk 8. Ineffective deletion of data or Insecure Generally data is not deleted completely from the cloud. H VH H Risk 9. Loss of Governance Completely dependent on the service provider for own data and information. VH VH VH Risk 10. Technical risks Not meeting the infrastructure requirement leads to such risks M M M Risk 11. Intercepting data in transit Involvement of an intruder while data transfer could intercept the exchange of information (Carlson, 2014). M H M Risk 12. Isolation Failure There are chances of failure in data transfer either not properly uploaded or not encrypted properly. H H M Risk 13. DDOS (Distributed Denial of Service) This is a network attack that happens due to many requests at the same moment from different applications or sources (Latif et al., 2014). M H M Risk 14. Loss of Cryptographic keys Losing decryption code is similar to the loss of data as the user will not be able to recover his or her files. L H M Risk 15. Service Engine Compromised Compromise of the major component could lead to serious risks that in general very less probability (Craig Shackelford, 2013). L VH H Risk 16. EDOS (Economic Denial of Service) Manipulation with the budget planning by an unauthorized user could create distance for the users in availing the complete service that is being offered by the service provider. L H M Risk 17. Cloud-specific network related technical attacks or failures This could cause serious issues while exchanging the files means either uploading or downloading, by consumer or the service provider. The loss in internet connection or failure in establishing proper network. Natural calamities and low bandwidth network are the main reasons for this cause. M M M Risk 18. Natural Disasters Calamities like earthquakes, flooding, tsunamis and many others could affect the infrastructure of the service provider and will alternatively affect the Customers as most of the service providers have different and far locations VL H M Risk 19. Data protection services Legislations and policies of the different country could lead to the issues related with the security of the data and the information that is being saved on the Cloud in different country. Another issue related with it is the data protection authority from different government cannot be accessed (Djemame et al., 2016). H H H Risk 20. Risks from changing jurisdictions Many of the service providers provide their services from outside the country and change in jurisdictions might seize the data. H H H Risk 21. Loss of Backups The above mentioned all the threats could lead to the loss of data and information is power for any organization. There should be proper backup storage for the instances when data losses due to some accident or intrusion. L H M Risk Severity Matrix Probability Very High Risk 9 High Risk 4. Risk 12 Risk 19 Risk 20 Risk 7 Risk 8 Medium Risk. 3 Risk 10 Risk 17 Risk 6 Risk 11 Risk 13 Risk. 2 Low Risk. 1 Risk 5. Risk 14 Risk 16 Risk 21 Risk 15 Very Low Risk 18 Very Low Low Medium High Very High Impact Data Security Issues Cloud computing security can be seen with two perceptive, one from the side of the user and another from the side of the cloud service provide Risk. The service provider should ensure that the server that is being used by them is well maintained secured from external threats and breaches. There should be no window left for the unauthorized user to enter the server and command on it. There should be backup plan from the provider side for the instances when there is breach or data theft, or data loss due to some unwanted events (Hashem et al., 2015). There are chances of identity theft, in this case all the users have been provided with unique credentials. It could give access to the network to the unauthorized user who had already stolen the identity of the individual and alter the data for personal use (Hashizume et al., 2013). Cloud security can be divided into three groups that are Infected Application Data Issues, Data Issues, and Privacy issues. Cloud services provide access to the data from anywhere via connected to the internet that lead to another security issue that is data breach. Since the data is being saved over the internet, it becomes vulnerable to such attacks that could lead to the several issues for the provider and the consume Risk. This could lead to the expose of data, manipulation of data, and even data can be lost due to such intrusions into server. Recently, there are various examples of the cyber-attacks that have caused serious damage globally and data that is being saved on the cloud are much vulnerable to such attacks (Stojmenovic Wen, 2014). This is because the intruder could affect more than one organization at the same time through hacking the server of the service providing Risk. This could also lead to privacy issues as the data and information that is being saved into the cloud will contain very sensitive and personal information of the employee and expose of such data or information. Organizati ons acquire third party for the maintenance of cloud service and their data related to the day-to-day operations, whereas for many cases even cloud service provider acquire third party for the server distribution (Modi et al., 2013). This result in the fourth party involvement and the organization will never know about how much they concern about security policy. This also increases the concern related to the server breaches that could serious loss to the data security. Data loss is most common security issue in adopting cloud computing from third party as the organization becomes completely dependent on the third party after delivering all the informational assets and no one knows when the service provider shut down his services. There are certain natural activities that could also lead to data loss or data corruption such as natural calamities like earthquake, tsunami and many more that could affect the IT infrastructure of the customer or the service provide Risk (Rewagad Pawar, 2013). Amazon and Google are the very recent examples of such case when the thunder lightning causes loss of all the data that were saved. This implies that physical location of the storage is very crucial and important to keep all data safe and protected from losing it. Physical location of data storage is very important and crucial. The involvement of third party role in managing the data and the information leads to some opaque clarification about the way they are pro tecting the information and the place where they are keeping the information. The service provider provides services to more than one organization; it may provide cloud services to the competitors of the Aztek. This leads to the probability that the data is being shared to the competitors and it is a very big issue in all the aspect for any organization (Inukollu, Arsi Ravuri, 2014). It is the responsibility of the service provider to maintain the privacy of the data and there should be not a single chance that information gets exchange between any other user and customer Risk. Solution of the Issues Related to the Data Security Proper research about the service provider: an individual or heads of the organization should firs thoroughly investigate about the background of the service provider whether he is loyal to his agreements or not whether the vendor is experienced, well established, regulated, and standard or not according to the needs of the organization. Cross checking the agreement and Service Level Agreements (SLAs): Before agreeing to the agreements there should be proper compliance of the services that are being offered by the service provider with the existing policies and regulation of the organization (Arora, Parashar Transforming, 2013). Data Backups: This is a measure that should be taken by both the consumer and service provider in manner of precaution if there is any data loss happens due to some unwanted event or activities like natural calamities, terrorist attacks or many more (Ahmed Hossain, 2014). IT Infrastructure of Aztek: Aztek must have proper and advanced infrastructure that could smoothly allow the configuration and installation of hardware components and the software that are being offered by the cloud service provide Risk. It should also installations of routers, proxy servers, software, servers, and firewalls including the infrastructure that could prevent the cyber attacks and intrusions (Hashem et al., 2015). Data encryption: Again this is the precaution that if both the customer and service provider should emphasis on. Initially encrypting the data before uploading the file to the cloud will help in protecting the file even if only intrusion or data breach happens in the server of the service provider or the organization. This encryption should have only decryption code in manner to keep it safe (Almorsy, Grundy Muller, 2016). IT management team should properly define the efficient key strategy and security elements to decide which data should be encrypted and where there is no need of the encryption. Chart preparation regarding data flow: The decision-making can be improved by preparing a flow chart of the data flow. The data analysis should be made thoroughly and there should be proper investigation about where the data is being saved and where it is being transferred and many more (Rao Selvamani, 2015). Cloud Computing Security: Cloud computing security (sometimes referred to simply as "cloud security") is an evolving sub-domain of computer security, network security, and, more broadly, information security (Zhao, Li Liu, 2014). It refers to a broad set of policies, technologies, and controls deployed to protect data, applications, and the associated infrastructure of cloud computing. Conclusion Based on the above report it can be concluded that Aztek can improve many of the operational activities including computing, data storage, data transfer management and many more. Cloud computing is a leading advance technology in the field of Information Technology sectors, that is spreading widely with rapid rate. Implementing Cloud computing into the system of the Aztek could help in enhancing the performance of the organization with much efficiency and accuracy. Implementing cloud computing will ensure the maintenance and it is also cost effective system as the third party will be responsible to manage all the maintenance and provide security for the information and data the customer is sharing with them. However, despite of all the benefits there are certain threats and issues in implementing this into the system that has been stated above along with a risk assessment that could improve the decision making of the executives and improve the data security. References: Ahmed, M., Hossain, M. A. (2014). Cloud computing and security issues in the cloud.International Journal of Network Security Its Applications,6(1), 25. Aikat, J., Akella, A., Chase, J. S., Juels, A., Reiter, M. K., Ristenpart, T., ... Swift, M. (2017). Rethinking Security in the Era of Cloud Computing.IEEE Security Privacy,15(3), 60-69. Albakri, S. H., Shanmugam, B., Samy, G. N., Idris, N. B., Ahmed, A. (2014). Security risk assessment framework for cloud computing environments.Security and Communication Networks,7(11), 2114-2124. Almorsy, M., Grundy, J., Mller, I. (2016). An analysis of the cloud computing security problem.arXiv preprint arXiv:1609.01107. Arora, R., Parashar, A., Transforming, C. C. I. (2013). Secure user data in cloud computing using encryption algorithms.International journal of engineering research and applications,3(4), 1922-1926. Carlson, F. R. (2014). Security analysis of cloud computing.arXiv preprint arXiv:1404.6849. Craig, A. N., Shackelford, S. J. (2013). Hacking the planet, the dalai lama, and you: managing technical vulnerabilities in the Internet through polycentric governance.Fordham Intell. Prop. Media Ent. LJ,24, 381. Djemame, K., Armstrong, D., Guitart, J., Macias, M. (2016). A risk assessment framework for cloud computing.IEEE Transactions on Cloud Computing,4(3), 265-278. Erl, T., Cope, R., Naserpour, A. (2015).Cloud computing design patterns. Prentice Hall Press. Gangwar, H., Date, H. (2016). Critical Factors of Cloud Computing Adoption in Organizations: An Empirical Study.Global Business Review,17(4), 886-904. Hashem, I. A. T., Yaqoob, I., Anuar, N. B., Mokhtar, S., Gani, A., Khan, S. U. (2015). The rise of big data on cloud computing: Review and open research issues.Information Systems,47, 98-115. Hashem, I. A. T., Yaqoob, I., Anuar, N. B., Mokhtar, S., Gani, A., Khan, S. U. (2015). The rise of big data on cloud computing: Review and open research issues.Information Systems,47, 98-115. Hashizume, K., Rosado, D. G., Fernndez-Medina, E., Fernandez, E. B. (2013). An analysis of security issues for cloud computing.Journal of Internet Services and Applications,4(1), 5. Inukollu, V. N., Arsi, S., Ravuri, S. R. (2014). Security issues associated with big data in cloud computing.International Journal of Network Security Its Applications,6(3), 45. Latif, R., Abbas, H., Assar, S., Ali, Q. (2014). Cloud computing risk assessment: a systematic literature review. InFuture Information Technology(pp. 285-295). Springer, Berlin, Heidelberg. Layton, T. P. (2016).Information Security: Design, implementation, measurement, and compliance. CRC Press. McCrie, R. (2015).Security operations management. Butterworth-Heinemann. Mller, I. (2016). An analysis of the cloud computing security problem.arXiv preprint arXiv:1609.01107. Rani, D., Ranjan, R. K. (2014). a comparative study of SaaS, PaaS and IaaS in cloud computing.International Journal of Advanced Research in Computer Science and Software Engineering,4(6), 458-461. Rao, J. R., Chari, S. N., Pendarakis, D., Sailer, R., Stoecklin, M. P., Teiken, W., Wespi, A. (2016). Security 360: Enterprise security for the cognitive era.IBM Journal of Research and Development,60(4), 1-1. Rao, R. V., Selvamani, K. (2015). Data security challenges and its solutions in cloud computing.Procedia Computer Science,48, 204-209. Rewagad, P., Pawar, Y. (2013, April). Use of digital signature with diffie hellman key exchange and AES encryption algorithm to enhance data security in cloud computing. InCommunication Systems and Network Technologies (CSNT), 2013 International Conference on(pp. 437-439). IEEE. Rhodes-Ousley, M. (2013).Information security the complete reference. McGraw Hill Professional. Rittinghouse, J. W., Ransome, J. F. (2016).Cloud computing: implementation, management, and security. CRC press. Rivera, J., Yu, H., Williams, K., Zhan, J., Yua, X. (2015, May). Assessing the security posture of cloud service providers. InProceedings of the 5th International Conference on IS Management and EvaluationICIME(pp. 103-110). Sreeramaneni, A., Seo, B., Chan, K. O. H. (2017). A Business Driven Scalable Cloud Computing Service Platform (PaaSXpert). 15(1), 35-44. Srinivasan, S. (Ed.). (2014).Security, Trust, and Regulatory Aspects of Cloud Computing in Business Environments. IGI Global. Stojmenovic, I., Wen, S. (2014, September). The fog computing paradigm: Scenarios and security issues. InComputer Science and Information Systems (FedCSIS), 2014 Federated Conference on(pp. 1-8). IEEE. Theoharidou, M., Papanikolaou, N., Pearson, S., Gritzalis, D. (2013, December). Privacy risk, security, accountability in the cloud. InCloud Computing Technology and Science (CloudCom), 2013 IEEE 5th International Conference on(Vol. 1, pp. 177-184). IEEE. Theoharidou, M., Tsalis, N., Gritzalis, D. (2013, June). In cloud we trust: Risk-Assessment-as-a-Service. InIFIP International Conference on Trust Management(pp. 100-110). Springer, Berlin, Heidelberg. Zhao, F., Li, C., Liu, C. F. (2014, February). A cloud computing security solution based on fully homomorphic encryption. InAdvanced Communication Technology (ICACT), 2014 16th International Conference on(pp. 485-488). IEEE.
Subscribe to:
Posts (Atom)