Research Area:  Cloud Security
Cloud computing is a relatively new paradigm that presents significant business benefits and enormous opportunities for small and micro enterprises. As the information technology (IT) landscape evolves, SMEs need to find effective strategies for meeting business demands However, many SMEs are reluctant to adopt cloud computing technology due to the inherent security, privacy, and trust issues, as well as regulatory risks and compliance implications. Preliminary studies show increasing numbers of cybersecurity attacks targeting SMEs in cloud environments (Symantec, 2016; U.S. State of Cybercrime Survey, 2013; Verizon.com, 2016). To address the security threats, there is need to establish best practices, standards, and guidelines that SMEs can follow. The aim of this study is to develop effective cloud security strategies for SMEs. The study addresses two research objectives: (i) to identify the security threats and challenges facing SMEs in cloud environments and determine the best mitigation strategies and, (ii) to develop a security strategy framework for SMEs in the context of cloud computing. The study followed the design research paradigm incorporating an extensive literature review which informed the development of the proposed model for SME security in the cloud. The overarching contribution of this study is the proposed model, which integrates four strategic components: Cloud Model, Security Model, Compliance Model, and Security Major Component. Although there is no single path for business success with cloud computing, the proposed model can serve as a guide for best practices and strategies for SMEs when deploying cloud-based solutions
Name of the Researcher:  Rayan Omar S Abuhasha
Name of the Supervisor(s):  Anna Shillabeer
Year of Completion:  2017
University:  Flinders University
Thesis Link:   Home Page Url