Roles played by the security professionals to ensure the data security
If the service providers can maintain a separate data block to store the data of the individual organizations, then this problem can be solved to some extent. There could be chances of service provider downtimes and in those cases, the clients should be connected to their respective data all the time and even the service providers should not involve the third parties during the downtime of the actual servers to recover the data and if this is the case, the third parties will hack the data of the organizations and it has happened many times with the famous cloud service providers. Service providers should make a visible layer to the organizations such that the organizations can view their data operations without any restrictions and also a log should be prepared against all the day to day data operations and share to the clients as well and maintaining the private clouds would be the optimal solution to have more access and security to the client’s data and also sharing only few parts of the data to the service providers is also the possible solution in this context. Creating a security alliance with the service providers can be considered as the best solution in this context as they can discuss the security threats and issues in the audit process on a regular interval with the service providers and thus getting updated with all the issues.
Limitations
Following are the limitations of the research done in this project
- Business value of the organizations could not be estimated in this research
- More technical specifications could have been covered to enhance the research more
- Only data security is considered in this research, where the system security also plays an important role in deciding the cloud performance
Future work
There is some scope to improve the research done in this project and the key aspects are as listed below
- More security models can be reviewed in future and also direct research can be done towards this.
- More number of companies can be considered from different business areas and the research can be extended to gather more information towards the serious threats against their data
- An extended research can be done towards the security alliance aspects in future to understand the plan of action by the small organizations to improve the data security.
- In future few service providers can also be interviewed to gain more knowledge on the current security measures taken by them and also their future plans towards this aspect.