Abstract:
Over the last decade the cloud has created a major impact on the global IT
ecosystem. Due to positive characteristics such as fast deployment, scalability, cost
effectiveness and many more, cloud implementations are growing by the day.
However security remains the number one barrier in cloud adoption for CIOs as per
several surveys conducted on cloud adoption.
When considering the research done on cloud security, most have focused on
the security dependency according to the cloud service model (IaaS, PaaS, SaaS),
and the cloud deployment models(Public, Private, Hybrid, Community). Research
has also been done on security issues inherent to cloud deployments and how to
overcome them. The Cloud Security Alliance (CSA), one of the leading
organizations on cloud security together with the IEEE as presented 12 domains of
cloud security that should be focused on, six of the domains would be considered as
the base guidelines.
The motivation behind this research was to provide a set of security
guidelines and processes for local IT firms to adhere to when migrating to the cloud,
in order to improve cloud adoption. The research was based on six domains of
security provided by the CSA and security guidelines were developed along with the
input of additional resources and security incidents.
A step by step process for security assessment and implementation are
presented along with security risk assessment matrix that will aid an organization to
decide which resources are to be migrated to the cloud. The main contribution from
