Cloud computing has been gaining popularity for the last few decades. In fact, small as well as large organizations have realized the potential of cloud in saving costs of procurement, installation and maintaining data storage systems.
Synchronized sectors, including banking, have realized such benefits in utilizing cloud computing. It is imperative for organizations to make rational decisions before transferring data and information to the cloud.
Despite the variety of advantages, the concept has presented to the end-users, there is also a range of risks associated with data and information security and privacy. However, limited research has been conducted, considering that the concept is relatively new.
This study explores the confidentiality, information integrity, data theft, information loss, data location, data deletion, malicious insiders and account hijacking as well as data segregation.
By utilizing this literature, the researcher aims to propose ways in which privacy and security of data can be guaranteed.
Cloud computing can be regarded as the transfer and storage of data in shared networks. Contemporarily, customers loose personal data and information to malicious individuals.
Thus, this study has been motivated by the increasing use of cloud services that expose data to potential mishandling and disclosure.
The research hence seeks to make appropriate mitigation recommendations against data security and privacy on clouds. In clarifying this study, the risks involved with clouding require further research.
That is, there is a variety of gaps in previous works, as they have not sufficiently addressed data security and privacy. In order to accomplish this, the research method utilized in this research require existing literature on cloud computing.
The researcher’s knowledge of cloud computing was also imperative. Limited knowledge by stakeholders necessitated the analysis of cloud computing unit.
According to literature review, the client organization risks the information and data being exposed by the host’s staff. Electronic Privacy Information Center (EPIC) has addressed such concerns. Cloud computing involves storing data and information on shared networks.
Hence, research questions included whether the concept has been previously threatened. The methodology utilized sought to consider whether existing literature has sufficient information on data security and privacy on clouds or not.
The research found three main cloud-computing platforms namely Software as a Service (SaaS), Platform as a Service (PaaS) and Infrastructure as a Service (IaaS).
The information security concerns that organizations require to address before engaging a cloud-computing provider include confidentiality, information integrity, data theft, information loss, data location, data deletion, malicious insiders, account hijacking and data segregation.
This research argues that the priority of the customer in utilizing cloud service converts from that of installing and maintaining the equipment to service accessibility, the degree of performance of the cloud, data privacy, information security and data control to save costs.
In view of this, the research recommends that the first step towards ensuring confidentiality, security and privacy of data and information stored in cloud is to ensure that agreements of service include these provisions.
The agreements should also stipulate circumstances that may make the provider to disclose part or full information to third parties, including government authorities as information and data has been disclosed to unauthorized individuals in the past.
The study also argues that cloud hosts have mishandled client information in the past, including Facebook and Google. It then recommends auditing in closing the gaps.
The research is essential theoretically in the sense that it creates a platform for further research. Inherently, it makes practical contributions that should be considered to moderate against data or information privacy and security.
The research concludes that there is dire need for further research into privacy and security issues with regard to cloud computing.