Cloud Security Challenges: Investigating Policies, Standards, and Guidelines in a Fortune 500 Organization
George Grispos, William Bradley Glisson, Tim Storer
TL;DR
This paper presents a case study on a Fortune 500 company's security documentation, highlighting gaps and challenges in policies, standards, and guidelines for adopting cloud computing.
Contribution
It provides empirical insights into real-world security documentation issues and emphasizes the importance of auditing policies for cloud adoption in large organizations.
Findings
175 statements inadequate for cloud security
1123 relevant security statements analyzed
Highlights need for improved cloud-specific policies
Abstract
Cloud computing is quickly becoming pervasive in today's globally integrated networks. The cloud offers organizations opportunities to potentially deploy software and data solutions that are accessible through numerous mechanisms, in a multitude of settings, at a reduced cost with increased reliability and scalability. The increasingly pervasive and ubiquitous nature of the cloud creates an environment that is potentially conducive to security risks. While previous discussions have focused on security and privacy issues in the cloud from the end-users perspective, minimal empirical research has been conducted from the perspective of a corporate environment case study. This paper presents the results of an initial case study identifying real-world information security documentation issues for a Global Fortune 500 organization, should the organization decide to implement cloud computing…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsCloud Data Security Solutions · Blockchain Technology Applications and Security · Cloud Computing and Resource Management