meta name="DC.contributor" content="Sunil Bhalgama ">

Optimizing Cloud Computing Security through IT Governance


EOI: 10.11242/viva-tech.01.05.001

Download Full Text here



Citation

Prof.Pradnya Mhatre,Vinayak Gudalkar,Sunil Bhalgama,"Optimizing Cloud Computing Security through IT Governance", VIVA-IJRI Volume 1, Issue 7, Article 1, pp. 1-14, 2023. Published by Master of Computer Application Department, VIVA Institute of Technology, Virar, India.

Abstract

In recent years, the proliferation of cloud computing services has transformed the landscape of IT infrastructure, offering unprecedented flexibility, scalability, and cost-effectiveness. However, this shift towards cloud-based solutions has also introduced new challenges in terms of security and governance. This abstract proposes a comprehensive approach to optimizing cloud computing security through effective IT governance frameworks.The abstract begins by outlining the key security concerns associated with cloud computing, including data breaches, unauthorized access, and compliance issues. It then highlights the critical role of IT governance in mitigating these risks by establishing clear policies, procedures, and controls for cloud adoption and usage.Drawing on established principles of IT governance, such as those outlined in frameworks like COBIT and ISO 27001, the abstract presents a structured approach to enhancing cloud security. This approach encompasses the following key components:1.Risk Management,2.Compliance Management,3.Vendor Management,4. Access Control,5.Security Monitoring and Incident Response.

Keywords

Access Controls, Business Alignment, Cloud Computing, Cloud Computing, Compliance , Cloud Service Providers, Data Privacy,Governance Frameworks,Information Security, IT Governance , Risk Management,Security,Security Policies

References

  1. [1]https://www.semanticscholar.org/paper/Business-value-through-controlled-IT%3A-toward-an-of-Buchwald-Urbach/f73d851602dfdb10db015163cc93c87a379887eb
  2. [2]https://www.researchgate.net/publication/311985890_On_Development_of_Platform_for_Organization_Security_Threat_Analytics_and_Management_POSTAM_Using_Rule-Based_Approach
  3. [3]https://www.researchgate.net/publication/304341289_Critical_Factors_of_Cloud_Computing_Adoption_in_Organizations_An_Empirical_Study
  4. [4] In their publication titled "Establishing IT governance" in Strategic Finance (Volume 99, Issue 8, pp. 62-63, February 2018), B. C. M. A. Nathan, S. Hare, and P. C. M. A. Raju discuss the process of implementing IT governance.
  5. [5] "Effective information technology (IT) governance mechanisms: An IT outsourcing perspective," published in Information Systems Frontiers (Volume 14, pp. 179-193, 2012), S. Ali and P. Green explore the efficacy of IT governance mechanisms, particularly from the standpoint of IT outsourcing.
  6. [6] J. C. F. Tai, E. T. G. Wang, and H.-Y. Yeh, "A study of IS assets, IS ambidexterity, and IS alignment: the dynamic managerial capability perspective," Information & Management, 2018.
  7. [7] "Applying IT Governance Balanced Scorecard and Importance-performance Analysis for Providing IT Governance Strategy in University," featured in Information Management & Computer Security (Volume 21, pp. 228-249, 2013), K. Jairak and P.
  8. [8] J. Magnusson and B. Bygstad, "Why I act differently: studying patterns of legitimation among CIOs through motive talk," Inf. Technol. People, vol. 26, pp. 265-282, 2013.
  9. [9] A. A. Ettish, S. M. El-Gazzar, and R. A. Jacob, "Integrating internal control frameworks for effective corporate information technology governance," (in English), Journal of Information Systems and Technology Management: JISTEM, vol. 14, no. 3, pp. 361-3
  10. [10]R. v. Solms and S. H. B. v. Solms, "Information security governance: Due care," Computers & Security, vol. 25, pp. 494-497, 2006.
  11. [11] R. V. Aguilera, W. Q. Judge, and S. A. Terjesen, "Corporate governance deviance," Academy of Management Review, Article vol. 43, no. 1, pp. 87-109, 2018.
  12. [12] Y. C. Zhu, P. Liu, and J. T. Wang, "Enterprise data security research in public cloud computing," Applied Mechanics and Materials, vol. 198- 199, pp. 435-438, 2012.
  13. [13] M. Bayramusta and V. A. Nasir, "A fad or future of IT?: A comprehensive literature review on the cloud computing research," International Journal of Information Management, vol. 36, pp. 635-644, 2016.
  14. [14] R. von Solms and M. Willett, "Cloud computing assurance – a review of literature guidance," (in English), Information and Computer Security, vol. 25, no. 1, pp. 26-46, 20172018-08-29 2017.
  15. [15] RightScale Inc. (2018). RightScale 2018 state of the cloud report uncovers cloud adoption trends. Available: https://www.rightscale.com/press-releases/rightscale-2018-state-of-thecloud-report