Cloud Privacy and Security

Abstract

This subject focuses on issues surrounding cloud computing privacy and security and their application to business. It discusses the governance framework that must underpin and define the processes for determining risk, privacy and security issues for an enterprise which uses a cloud model. It will examine the legal and business requirements for privacy, the need for a risk management assessment of all data used in cloud operations, and the use of security controls to manage the assessed risk. It further examines the major cloud deployment and delivery models to determine how these affect the risk management assessment and subsequent security controls when applied to business.

Syllabus

Governance and auditing for cloud operations.Threats, risk and requirements landscape.Privacy, data and digital identity.Data sensitivity, location and legal jurisdiction.Cloud security approaches and challenges.

Learning outcomes

Upon successful completion of this subject, students should:

be able to examine the legal, business and privacy requirements for a cloud deployment model;

be able to evaluate the risk management requirements for a cloud deployment model;

be able to critically analyse the legal, ethical and business concerns for the security and privacy of data to be deployed to the cloud;

be able to develop and present a series of proposed security controls to manage the security and privacy of data deployed to the cloud;

be able to develop and present a cloud governance framework to underpin the cloud operations for an enterprise.

Assumed knowledge

It is assumed students will have knowledge equivalent to ITC561 Cloud Computing

Enrolment restrictions

Only available to postgraduate students.