SECURITY CHALLENGES OF CLOUD COMPUTING: A CRITICAL REVIEW OF THE NIGERIAN CLOUD COMPUTING POLICY

Thoma Ali Gaga, Uchenna Kizito Obi

Abstract


The Nigerian government through National Information Technology Development Agency(NITDA)put out a cloud computing policy which is expected to ensure a 30% increase in the adoption of cloud computing by 2024 among Federal Public Institutions (FPIs) and Small medium enterprise (SMEs) which provide digital-enabled services to the citizens (Pantami, 2019).

Cloud computing is a growing paradigm that proffers new solutions on ways to deliver computing services and resources over the internet. These services are managed by third parties at remote site and subscribers’ pay for services and resources using a pay as you use model.

Information and Communication Technology (ICT) professionals in Nigerian government agencies are concerned with the security challenges of cloud computing and a decline in cloud adoption may prevent the government from taking advantage of the fast-growing technology.

Information gathered from related literature on cloud computing identified security challenges as a major factorlimiting its adoption in Nigeria. The security challenges limiting cloud computing adoption can be categorized into cyber security threats resulting to data loss and violation of privacy,cloud administrator and user account hijacking, lack of Regulatory body to handle cases of accountability between cloud service providers and users.

This research critically reviewed the Nigerian cloud computing policy with regards to security.

The purpose of reviewing the Nigerian cloud computing policy is to identify strategies NITDA used to avoid the security challenges of cloud computing through the cloud computing policy. The United Kingdom (UK) cloud computing policy (one government cloud strategy) was also reviewed to identify strategies used to avoid the security challenges of cloud computing.  

NITDA used data classification to implement information security in cloud computing environment. The Nigerian cloud computing policy also highlighted some standard compliance certification for cloud service providers to help enforce security. Data was classified into four categories as regards to security. National security information holds the highest priority while sensitive government or business/citizen data, routine government business data and public or non-confidential data follows with diminishing priority.  NITDA categorized classified data into three groups: Routine government business data, sensitive business and citizen data and public/non-confidential data. Protecting this data requires the use of industry standard security on public cloud solutions. Protecting sensitive government or business/citizen data requires the use of a private or hybrid cloud solution with enhanced security controls. Protecting national security information requires custom hardened on-premises systems (local data center).

Review of the United Kingdom cloud computing policy (one government cloud strategy) identified ways used to mitigate the security challenges of cloud computing in the UK, Nigerian cloud policies can be enhanced from the lessons learnt from the UK experiences.


Full Text:

PDF

References


Al-Isma’Ili, S., Li, M., Shen, J., & He, Q. (2016). Cloud computing adoption determinants:

An analysis of Australian SMEs. Pacific Asia Conference on Information Systems, PACIS 2016 - Proceedings.

A., P. (2000). Technology Readiness Index (TRI): A Multipleitem Scale To Measure Readiness To Embrace New Technologies. Journal Of Service Research, 2:307(May).

Baker, J. (2018). oo f re ct Pr. November. https://doi.org/10.1007/978-1-4419-6108-2

Bel, J. L. Le. (2006). Article information :

Bakare, A. (2020). The Challenges of Adopting Cloud Computing in Nigerian Government Organizations. Minneapolis: Walden Dissertations and Doctoral Studies; Walden University.

Cloud guide for the public sector - GOV.UK. (2020, March 22). Guidance Cloud Guide for the Public Sector. https://www.gov.uk/government/publications/cloud-guide-for-the-public-sector/cloud-guide-for-the-public-sector

Creating and implementing a cloud hosting strategy - GOV.UK. (2020). https://www.gov.uk/guidance/creating-and-implementing-a-cloud-hosting-strategy

Dutta, Peng & Choudhary. (2013). Risks in Enterprise Cloud Computing: The Perspective of it Experts. Journal of Computer Information Systems, 39-48.

Engel, L. (2014). Cloud Computing Definition, Ref Architecture, & General Use Cases Transcript. IEEE, 1-23.

Eveland, J. (2016). Technological Innovation as a Process. January 1990.

fusch, P., & Ness, L. (2015). Are We There Yet? Data Saturation in Qualitative Research. The Qualitative Report, 1408-1416.

Government Cloud First policy - GOV.UK. (n.d.). Retrieved January 28, 2021, from https://www.gov.uk/guidance/government-cloud-first-policy

Government of Canada Cloud Adoption Strategy: 2018 update - Canada.ca. (n.d.). Retrieved January 22, 2021, from https://www.canada.ca/en/government/system/digital-government/digital-government-innovations/cloud-services/government-canada-cloud-adoption-strategy.html

Government of Canada Right Cloud Selection Guidance - Canada.ca. (n.d.). Retrieved January 24, 2021, from https://www.canada.ca/en/government/system/digital-government/digital-government-innovations/cloud-services/government-canada-right-cloud-selection-guidance.html

Hentschel, R., Leyh, C., & Petznick, A. (2018). Current cloud challenges in Germany: the perspective of cloud service providers. Journal of Cloud Computing, 7(1). https://doi.org/10.1186/s13677-018-0107-6

Loske, Widjaja, Benlian, & Buxmann. (2014). Perceived IT security risks in cloud adoption: the role of perceptual incongruence between users and providers. Twenty Second European Conference on Information Systems, 276 - 296.

Mathew, N., & Mahmoud Hendy. (2013 ). Dimensions Of Security Threats In Cloud Computing: A Case Study. Review of Business Information Systems, 4-21.

Muhammed, K., Zaharaddeen, il, Rumana, K., & Turaki, A. M. (2014). Cloud Computing Adoption in Nigeria: Challenges and Benefits. International Journal of Scientific and Research Publications, 5(7), 2250–3153. www.ijsrp.org

National Bureau of Statistics. (2019). Nigerian Gross Domestic Product Report. Nigeria: National Bureau of Statistics.

Nicho & Hendy. (2013). Dimensions Of Security Threats In Cloud Computing: A Case Study. The Clute Institute, 159-170.

NITDA. (n.d.). Background – NITDA. Retrieved January 16, 2021, from https://nitda.gov.ng/background/

NITDA. (2019). Nigeria Cloud Computing PolicyNo Title. 1–33.

Obodoeze, C. F., Okoye, F., & Asogwa, T. C. (2014). Cloud Computing in Nigeria: Prospects, Challenges and Operation Framework. International Journal of Engineering Research &Technology (IJERT), 3(6), 2107–2113. http://www.ijert.org/view-pdf/10402/cloud-computing-in-nigeria-prospects-challenges-and-operation-framework

Oguntala, G., Abd-Alhameed, P. R., & Odeyemi, D. J. (2017). Systematic Analysis of Enterprise Perception towards Cloud Adoption in the African States: The Nigerian Perspective. The African Journal of Information Systems, 213 - 229.

Otuka, R., Preston, D., & Pimenidis, E. (2014). The use and challenges of cloud computing services in SMEs in Nigeria. Proceedings of the 8th European Conference on Information Management and Evaluation, ECIME 2014, January 2014, 325–332.

Palinkas, L., Sarah, H., Carla, G., Jennifer, W., Naihua, D., & Hoagwood, K. (2013). Purposeful Sampling for Qualitative Data Collection and Analysis. Administration and Policy in Mental Health and Mental Health Services Research, 533-544.

Popović, K., & Hocenski, Ž. (2010). Cloud computing security issues and challenges. Croatia: Institute of Automation and Process Computing.

Rohan, J., & Jagli, D. (2017). Cloud Computing and Security Issues. Journal of Engineering Research and Application, 31-38.

Turab, N. M., Taleb, A. A., & Masadeh, S. R. (2013). CLOUD COMPUTING CHALLENGES AND SOLUTIONS. International Journal of Computer Networks & Communications (IJCNC) Vol.5, No.5, 209 -216.

Uchenna, P., Godwin, N., Oliver, O., & Eze, U. (2015). The security of user: Demystifying fear to cloud model and service adoption and deployment. International Journal Of Academic Research, 223-233.

What Are Cloud Policies? | CloudHealth by VMware. (n.d.). Retrieved January 16, 2021, from https://www.cloudhealthtech.com/blog/what-are-cloud-policies


Refbacks

  • There are currently no refbacks.


 

 

 

 

ISSN: 

 

   

 

Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.