As the main of this research is to understand the level of data security requirements for cloud computing in the perspective of small organizations, the corresponding business managers are asked regarding the security requirements and the respective opinions are given in this section as below
When the business development managers are asked regarding the level of security requirements for their data, one of the managers replied that “We required a perfect protection mechanism for the personal data and confidential data of the organizations”. From his reply it is clear that, most of the organizations share their data to the service providers of cloud computing and seeks more security towards their confidential and personal data and need a proper protection mechanism towards their organizational data at different level of security. When one of the business development managers is asked regarding this question, he replied like “We need different level of authentication for the organizational data and this should includes different roles like data processor and data controller”.
From the opinion of this business manager it is clear that, data protection across the cloud services should include different level of authentication and even the manager is insisting for different roles across the data protection. Data controller and data processor should pay the required responsibility while providing the required security to the personal and organizational data that was shared across the cloud services.
One of the managers replied to this question like “A proper visibility to our database operations is required and we need a day to day log for all the database access done from the service providers”. From this opinion of the business development managers it is clear that visibility to the database operations is required for almost all the organizations and this visibility helps the organizations to ensure their data is not misused or copied by any intruders or third parties and even the service providers of the cloud computing should ensure that they provide a clear log which contain all the day to day operations of the data to the organizations. One of the business development managers when asked the same question, he replied that “All our information should be categorized into different levels and each level should be assigned with different security levels while accessing the data”.
From his opinion, it can be understood that, if the cloud service providers can give ample facilities to the information being accessed by the third parities it would become the major security threat and thus different levels of security is required against the organization information. The whole information of the organization should be categorized into various levels and the topmost levels of information should be accessible to only limited users and thus the low level information need not have more security and with this implementation the organizations can gain more confidence on the cloud service providers.
One of the business development managers replied to the question like “A perfect security model should be implemented for our data and this should prevent the illegal access and updates to the organizational data”. It can be concluded from his statement that, there are different security models to protect the data of the organizations and if the service providers can implement these security models, the data of the companies can be protected in a professional manner.
When the business development managers are asked the question like, does the service providers ensure the required security levels, one of the managers replied that “Our service providers implements the latest security models and these include encryption and other sophisticated methods to ensure our data security”. From this statement it can be analyzed that, even the service providers are striving a lot to ensure the data security of their clients and they are implementing all the possible latest technologies in protecting the data of the customers.
There are different models that can be used against the data protection of the organizations and all most each of them is implemented by the cloud service providers. One of the business development managers replied to the question like “Service providers always take the inputs from us in this context and they are almost successful in providing the data security” and from this statement it is clear that, almost all the cloud service providers are taking the right steps in providing the required data protection for the customers.
One of the managers replied to the same question like “Our service providers maintains all the possible data breaches and escalates us before taking the necessary actions towards these possibilities”. From this statement it can be concluded that, a perfect list of all the possible security threats is maintained by the service providers and they take all the precautions to get rid of these situations. When the same question is asked to one of the business development mangers, he replied that, “Service providers applies the multi layer approach to protect the data of our organization and provides access only to the privileged employees” and from this statement it can be understood that, always applying the multi-layer approach for the data protection is the primary step to be taken. Always a certain privileges should be set against the users and employees for a limited access.
One of the business development managers replied to the question like “Different security areas are provided by the service providers within the data protection and a prefect authentication is provided for our data”. From this statement it can be analyzed that, a separate security area is provided to the client data and a proper authentication is required to access this area and most of the service providers are following this to ensure the data protection of the organizations. From the overall analysis it can be concluded that, almost every service provider is striving a lot to ensure maximum protection to the data of the customers and organizations and implementing all the possible solutions in this context.