Managing data security risk in model software as a service (SAAS). Asia-Pacific Journal of Information Technology and Multimedia, 7 (1): 9. pp. 99-117. ISSN 2289-2192 (2018)
Abstract
Software as a Service (SaaS) model has been frequently applied in organisation that used cloud services. SaaS is
a new information technology that provides dynamic services through Internet to the user. Alhough this technology is beneficial and cost-effective for information technology hosting, it also introduced new threats and risks, particularly in user’s information security. The paper identifies risk in data security of the SaaS Model and
their respective mitigation control based on ISO/IEC 27001:2013 standard. A qualitative case study was conducted at a public sector agency involving three types of data collection, interviews, observations and document analysis. We identified seven risk of data security for SaaS Model namely data privacy, data integrity,data availability, data control, data encryption, data violation, and data access. The findings can be used to develop SaaS implementation guidelines or policies, particularly in data security.
| Item Type: | Article |
|---|---|
| Keywords: | Risk management, Data security, Information security as a Service, SAAS, Cloud computing |
| Taxonomy: | By Subject > Computer & Mathematical Sciences > Computer Technology and Networking |
| Local Content Hub: | Subjects > Computer and Mathematical Sciences |
| Depositing User: | Wan Hamid Wan Fatimah |
| Date Deposited: | 23 Feb 2021 17:50 |
| Last Modified: | 16 Mar 2021 03:04 |
| Related URLs: |
Actions (login required)
 |
View Item |