Cloud Service Provider Security Readiness Model: The Malaysian Perspective

Abstract

The growing trend of cloud computing has attracted many organizations on the technology because of the ability to provide scalable and flexible services, cost efficiency and data availability. However, security concerns remain the major barrier to the adoption of cloud services. Particular concerns about loss of control and governance are caused by unreliable and non-transparent cloud service providers. Therefore, compliance with cloud-specific standards is highly recommended to cloud service providers (CSPs) to ensure the security of customer's data and all resources are well-protected. The aim of this study is to develop a conceptual model that is able to assess the level of readiness of CSP to comply with cloud-specific standards ISO/IEC 27017. The CSR model consists of control mapping methods according to 7 domain categories. To prove the efficiency of the model, the assessment to indicate the level of the CSP readiness will be discussed in this paper.