Auditing security for the Cloud
Author:
Dragos Marian MANGIUC
JEL:
L86
DOI:
10.20869/AUDITF/2016/135/302
Keywords:
Cloud computing security, Software as
a Service, Platform as a Service, Infrastructure as a
Service, Security audit
Abstract:
Following the pattern of any major paradigm shift in the
history of computing, the migration to cloud-based
computing has known both praise and criticism. As its
advantages, especially for the small and medium-sized
companies, are too obvious to be doubted or
questioned, the critics mainly focus on the drawbacks.
Among the drawbacks, security is considered to be the
most important.
The paper proposes an outline of the real image behind
the many cloud computing security-related myths and
misconceptions that an auditor has to deal with. The
research is based on the literature review in the field of
cloud-based computing and it is built starting from a
synthesis of results achieved by means of a thorough
analysis of the recent opinions and experience of
Romanian and foreign auditors that were available for
interviews. The main purpose of the paper is to find
whether cloud-systems are more or less secure than
traditional in-house systems from an auditor’s
perspective. The paper is part of a broader research
process in the field of cloud computing and the
neighboring technologies.
Abstract(102KB)
Article(276KB)