How to utilize the IaaS cloud safely? Developing cloud security for cloud adoption in the Middle East

Master's Thesis from the year 2018 in the subject Computer Science - IT-Security, grade: B, Anglia Ruskin University, course: Dissertation, language: English, abstract: Information Security is very important for businesses and national security of any country. In the Middle East, especially with the current geopolitical tensions and unbalanced situation resulting from terrorism rising, cybersecurity is very important to protect the nation¿s economy and security.

This research investigates with a deep look inside hybrid cloud security deployments, which is new to the Middle East region with focusing on Infrastructure as service security (IaaS). Furthermore, it assesses the current practice when it comes to cloud data adoption in an IaaS environment, whether it is on-premises or hosted by a third party, dedicated or shared across multitenant.

This research aims to develop two templates to be followed by IT professionals whether they have the required expertise for cloud adoption or not to guide them through the whole data cloud adoption process. According to the risk appetite of the organization and their acceptable risk level, the template is chosen.

These templates contain a guide to design the cloud security infrastructures, the placement of information in different IaaS deployment models (e.g. private IaaS, public IaaS, community IaaS, etc.), and what controls recommended to establish controls and governance in the cloud realm. These templates were developed based on the recommendation and guidelines National Institute of Standards and Technology (NIST), Cloud Security Alliance (CSA), and European Union Agency for Network and Information Security (ENISA).