Cloud computing data breaches: a socio-technical review of literature
As more and more personal, enterprise and government data, services and infrastructure moves to the cloud for storage and processing, the potential for data breaches increases. Already major corporations that have outsourced some of their IT requirements to the cloud have become victims of cyber attacks. Who is responsible and how to respond to these data breaches are just two pertinent questions facing cloud computing stakeholders who have entered an agreement on cloud services. This paper reviews literature in the domain of cloud computing data breaches using a socio-technical approach. Socio-technical theory encapsulates three major dimensions- the social, the technical, and the environmental. The outcomes of the search are presented in a thematic analysis. The 7 key themes identified from the literature included: security, data availability, privacy, trust, data flow, service level agreements, and regulation. The paper considers complex issues, pre-empting the need for a better way to deal with breaches that not only affect the enterprise and cloud computing provider, but more importantly, end-users who rely on online services and have had their credentials compromised.