The case for cloud service trustmarks and assurance-as-a-service

Cloud computing represents a significant economic opportunity for Europe. However, this growth is threatened by adoption barriers largely related to trust. This position paper examines trust and confidence issues in cloud computing and advances a case for addressing them through the implementation of a novel trustmark scheme for cloud service providers. The proposed trustmark would be both active and dynamic featuring multi-modal information about the performance of the underlying cloud service. The trustmarks would be informed by live performance data from the cloud service provider, or ideally an independent third-party accountability and assurance service that would communicate up-to-date information relating to service performance and dependability. By combining assurance measures with a remediation scheme, cloud service providers could both signal dependability to customers and the wider marketplace and provide customers, auditors and regulators with a mechanism for determining accountability in the event of failure or non-compliance. As a result, the trustmarks would convey to consumers of cloud services and other stakeholders that strong assurance and accountability measures are in place for the service in question and thereby address trust and confidence issues in cloud computing

Innovative public governance through cloud computing: Information privacy, business models and performance measurement challenges

Purpose: The purpose of this paper is to identify and analyze challenges and to discuss proposed solutions for innovative public governance through cloud computing. Innovative technologies, such as federation of services and cloud computing, can greatly contribute to the provision of e-government services, through scaleable and flexible systems. Furthermore, they can facilitate in reducing costs and overcoming public information segmentation. Nonetheless, when public agencies use these technologies, they encounter several associated organizational and technical changes, as well as significant challenges. Design/methodology/approach: We followed a multidisciplinary perspective (social, behavioral, business and technical) and conducted a conceptual analysis for analyzing the associated challenges. We conducted focus group interviews in two countries for evaluating the performance models that resulted from the conceptual analysis. Findings: This study identifies and analyzes several challenges that may emerge while adopting innovative technologies for public governance and e-government services. Furthermore, it presents suggested solutions deriving from the experience of designing a related platform for public governance, including issues of privacy requirements, proposed business models and key performance indicators for public services on cloud computing. Research limitations/implications: The challenges and solutions discussed are based on the experience gained by designing one platform. However, we rely on issues and challenges collected from four countries. Practical implications: The identification of challenges for innovative design of e-government services through a central portal in Europe and using service federation is expected to inform practitioners in different roles about significant changes across multiple levels that are implied and may accelerate the challenges' resolution. Originality/value: This is the first study that discusses from multiple perspectives and through empirical investigation the challenges to realize public governance through innovative technologies. The results emerge from an actual portal that will function at a European level. © Emerald Group Publishing Limited

Online Personal Data Processing and EU Data Protection Reform. CEPS Task Force Report, April 2013

This report sheds light on the fundamental questions and underlying tensions between current policy objectives, compliance strategies and global trends in online personal data processing, assessing the existing and future framework in terms of effective regulation and public policy. Based on the discussions among the members of the CEPS Digital Forum and independent research carried out by the rapporteurs, policy conclusions are derived with the aim of making EU data protection policy more fit for purpose in today’s online technological context. This report constructively engages with the EU data protection framework, but does not provide a textual analysis of the EU data protection reform proposal as such

Advanced Cloud Privacy Threat Modeling

Privacy-preservation for sensitive data has become a challenging issue in cloud computing. Threat modeling as a part of requirements engineering in secure software development provides a structured approach for identifying attacks and proposing countermeasures against the exploitation of vulnerabilities in a system . This paper describes an extension of Cloud Privacy Threat Modeling (CPTM) methodology for privacy threat modeling in relation to processing sensitive data in cloud computing environments. It describes the modeling methodology that involved applying Method Engineering to specify characteristics of a cloud privacy threat modeling methodology, different steps in the proposed methodology and corresponding products. We believe that the extended methodology facilitates the application of a privacy-preserving cloud software development approach from requirements engineering to design

Examining the implications of the anti-money laundering and countering financing of Terrorism Act 2009 on New Zealand accounting firms

Money laundering is the act of introducing illicitly gained funds into the economy to assist in concealing their origin. On October 1 2018, it became mandatory for most New Zealand accounting firms to comply with the Anti-Money Laundering and Countering Financing of Terrorism Act 2009. The purpose of this act is to help detect and deter money laundering within New Zealand. The AML/CFT Act creates additional requirements for accounting firms and has severe penalties for non-compliance. This led to the research question of ‘What are the implications of the AML/CFT Act 2009 on New Zealand Accounting firms?’ For this research, interviews were conducted with accounting firms to help identify the costs and implications associated with the AML/CFT requirements. The results revealed that despite the October 1 deadline, accounting firms are still implementing programs. The new requirements were unclear and underestimated by firms. Large money and time costs were reported by all the interview participants and they all feel that the new requirements are excessive. As the AML/CFT Act is still new, it would be beneficial to explore further research in the future that examines the actual impact of maintaining the AML/CFT programs

Strategic planning for a SME

The purpose of this research is to find competitive advantages for an organisation and prepare a long-term strategic planning for the SME. In a New Zealand context, small business enterprises play vital roles in business and the economic sector. However, most small business do not have specific competitive advantage and long-term strategies to compete in the market. Both qualitative and quantitative approaches have been used as mixed method research. Interviews and surveys have been done. Using those methods, researchers are intended to use the most effective implementation methodology to find out the best solution to the problem and cause of a SME. Location and customer satisfaction have been identified as the prime factors for the firm to run the business successfully. The business has been operating smoothly without using any further strategies to compete in the market. Recommendations involve pricing, advertising and stock management

Sales training

This project involves discovering how sales training works and the impacts of sales training. The goal is to show how sales training can help a business grow and to set benchmarks in the market. After the negative impact in the performance of sales representatives of a national company in the sales industry, their management made decisions about changes which need to be taken to get good results from sales training. The method which has been used to complete this study is desktop training, which includes self-experiences and secondary data. It is necessary to have appropriate and successful training which delivers the best to the company. The main aim of this research is to study and analyse the training procedure and processes in a business, since the training process involves more activities that require mental strength with the willingness to perform well with learning. The overall study of the process includes investigating lack of training, practice time and overcoming doubts raised by the customer at the time of performing the job. Hence, it is recommended that businesses should deliver new strategies and conduct more training sessions and online modules, leading to the success and growth of employees