It as an IT model that enables ubiquitous services or services that are everywhere, it offers convenient network access that is on demand to a shared pool configurable computing resources (e.g., networks, servers, storage, applications, and services) (Mell, Grance, & Grance, n.d.). It is swapping the traditional way of in-house data centres that are storing the organization’s IT resources, where the IT infrastructure are located in the data centres of the organization, data centres are customarily situated in the building of the main campus of the organization. (Vaquero, Rodero-merino, Caceres, & Lindner, 2009). Studies that have been conducted are actually demonstrating the fact that if an organization is embracing the idea of cloud computing, cloud computing can be very economical or cost-effective. The reason behind about being economical is because an organization can access their IT resources they need to run businesses over the internet only. With Cloud computing an organization does not need to purchase IT infrastructure and employ personnel to manage it (Low & Chen, 2011). It is alleged that the adoption of cloud computing has been mounting since far back as 2008. Just like any type of technology cloud computing comes up with its advantages and disadvantages as well.
One of the advantages of Cloud computing is Information Security. In cloud Computing Information Security can be well-defined as a comprehensive set of policies, technologies, and controls that are that are implemented to secure data, applications and the related Infrastructure.
Cloud security concerns can be separated into two comprehensive classifications. The ones that are faced by the Cloud Service Provider (CSP) and the ones that are faced by the Cloud users, however the security responsibilities are shared between the two. The CSP’s responsibility is to make sure that the infrastructure, data and applications are well secured. The users must make it a point that their application use strong passwords and authentication measures. When an organization decides to implement the idea of Cloud computing it actually losses its capacity to have physical access to the servers that are accommodating its information and the highly sensitive data is at a high risk.
Then the questions come up and ask “How is the organization going to make sure that its data is protected from any precarious activities?” this is one of the questions that this study will seek to investigate and answer. In most cases when addressing Information Security factors threats human factor is often disregarded. In 2015, it is alleged that 60% of the attackers were insiders, and one third of those were not intentional, it was because of users who inadvertently provided access to an attacker or disrespected the policies of the company. Cloud security is both the responsibility of the CSP and also the responsibility of User. So it is vital to equip both of with strict and strong information security measure.