The Risk Management Strategy of Applying Cloud Computing

It is inevitable that Cloud Computing will trigger off some loss exposures. Unfortunately, not much of scientific and objective researches had been focused on the identification and evaluation of loss exposures stemming from applications of Cloud Computing. In order to fill this research gap, this study attempts to identify and analyze loss exposures of Cloud Computing by scientific and objective methods which provide the necessary information to administrators in support of decisions of risk management. In conclusion, this study has identified "Social Engineering", "Cross-Cloud Compatibility" and "Mistakes are made by employees intentionally or accidentally" are high priority risks to be treated. The findings also revealed that people who work in the field of information or Cloud Computing are somehow ignorant of where the risks in Cloud Computing lie due to its novelty and complication.

[1]  Roger Clarke,et al.  User Requirements for Cloud Computing Architecture , 2010, 2010 10th IEEE/ACM International Conference on Cluster, Cloud and Grid Computing.

[2]  Sung-Hoon Lim,et al.  Risks in the North Korean Special Economic Zone: Context, Identification, and Assessment , 2011 .

[3]  Thomas L. Saaty,et al.  Diagnosis with Dependent Symptoms: Bayes Theorem and the Analytic Hierarchy Process , 1998, Oper. Res..

[4]  Jimmy J. Lin,et al.  Where is the Cloud? Geography, Economics, Environment, and Jurisdiction in Cloud Computing , 2009, First Monday.

[5]  Louis Anthony Cox,et al.  What's Wrong with Risk Matrices? , 2008, Risk analysis : an official publication of the Society for Risk Analysis.

[6]  Heikki Mannila,et al.  Principles of Data Mining , 2001, Undergraduate Topics in Computer Science.

[7]  S A McEwen,et al.  A Risk Assessment Model to Evaluate the Role of Fecal Contamination in Recreational Water on the Incidence of Cryptosporidiosis at the Community Level in Ontario , 2010, Risk analysis : an official publication of the Society for Risk Analysis.

[8]  Terje Aven,et al.  The Role of Quantitative Risk Assessments for Characterizing Risk and Uncertainty and Delineating Appropriate Risk Management Options, with Special Emphasis on Terrorism Risk , 2009, Risk analysis : an official publication of the Society for Risk Analysis.

[9]  Wogene Kasa Principles of Risk Management and Insurance , 2013 .

[10]  Markus Jakobsson,et al.  Controlling data in the cloud: outsourcing computation without outsourcing control , 2009, CCSW '09.

[11]  Janice C. Sipior,et al.  The Internet Jurisdiction Risk of Cloud Computing , 2010, Inf. Syst. Manag..

[12]  L. Whitman,et al.  Methodology to mitigate supplier risk in an aerospace supply chain , 2004 .

[13]  Neil Stinchcombe Technology: Cloud computing in the spotlight , 2009 .

[14]  Göran Bengtsson,et al.  Ecological, Groundwater, and Human Health Risk Assessment in a Mining Region of Nicaragua , 2010, Risk analysis : an official publication of the Society for Risk Analysis.

[15]  T. L. Saaty,et al.  Decision making with dependence and feedback , 2001 .

[16]  Thomas L. Saaty,et al.  Decision making with dependence and feedback : the analytic network process : the organization and prioritization of complexity , 1996 .

[17]  M. Zaharia,et al.  Above the Clouds : A View of Cloud Computing , 2009 .

[18]  Colin F. Camerer,et al.  Taking Risks: The Management of Uncertainty , 1988 .

[19]  SultanNabil Ahmed Reaching for the "cloud" , 2011 .

[20]  T. Saaty,et al.  The Analytic Hierarchy Process , 1985 .

[21]  V. Kavitha,et al.  A survey on security issues in service delivery models of cloud computing , 2011, J. Netw. Comput. Appl..

[22]  Dimitrios Zissis,et al.  Addressing cloud computing security issues , 2012, Future Gener. Comput. Syst..

[23]  Paul T. Jaeger,et al.  Identifying the security risks associated with governmental use of cloud computing , 2010, Gov. Inf. Q..

[24]  Neal Leavitt,et al.  Is Cloud Computing Really Ready for Prime Time? , 2009, Computer.

[25]  Roger Clarke,et al.  Privacy and consumer risks in cloud computing , 2010, Comput. Law Secur. Rev..

[26]  Kenneth R. MacCrimmon,et al.  Taking Risks, the Management of Uncertainty , 1987 .

[27]  Nabil Ahmed Sultan,et al.  International Journal of Information Management , 2010 .

[28]  L. Drennan,et al.  Principles of Risk Management and Insurance (8th edition) , 2003 .

[29]  M. Bohanec,et al.  The Analytic Hierarchy Process , 2004 .

[30]  Joseph Sarkis,et al.  Analyzing organizational project alternatives for agile manufacturing processes: An analytical network approach , 1999 .

[31]  Paul T. Jaeger,et al.  Where is the cloud , 2009 .

[32]  Georg Lackermair,et al.  Hybrid cloud architectures for the online commerce , 2011, WCIT.