Data Security Framework for Protecting Data in Transit and Data at Rest in the Cloud

Abstract

Data stored in the cloud is particularly vulnerable to attacks, especially when at rest or in transit. This makes the security of data in the cloud in terms of its integrity, confidentiality and availability a major security concern. While existing studies on cloud data security have garnered attention from cybersecurity researchers, there has been limited focus on developing a comprehensive data security framework that integrates both technical and social measures. The general objective of the study was to develop a data security framework for protecting data at rest and data in transit in the cloud. The qualitative research approach was chosen using interviews, archival records and physical artefacts as the source of data for the study. Using the purposive sampling technique, ten cyber security experts within the banking sector with not less than five years of practice were selected. Thematic analysis was used in analysing the collected data which led to the identification of the factors for the development of the framework. The study developed the framework for protecting data at rest and data in motion in the cloud based on the encryption technologies, installation of firewalls and antivirus as well as access control techniques. First Homomorphic encryption technologies were implemented in the framework to secure both storage devices and web connections. Other security factors were installation of firewall and antivirus. The findings revealed that access and usage control strategies integrate user identification and authentication. Additionally, these strategies incorporate safeguards for confidentiality, data integrity, and non-repudiation, securing both data-at-rest and data-in-motion. The findings also indicated that audit trails provide electronic records that offer security support documentation and history that is used to authenticate operational actions and mitigate challenges with non-compliance. Additionally, the findings emphasized the importance of social strategies such as staff training and industry collaboration in enhancing data security. These strategies aim to raise awareness of security threats and inform best practices for securing organizational data. The study recommends that banks consider both technical and social aspects when implementing data protection security measures especially implementing homomorphic encryption to secure data and implement Cyber Security training policies.