Date of Conferral

6-12-2024

Date of Award

June 2024

Degree

Doctor of Information Technology (D.I.T.)

School

Information Systems and Technology

Advisor

Ayegbeni Igonor

Abstract

Cloud computing provides data storage and access services to end users and enterprises but requires effective access controls to protect privileged information from unauthorized and malicious users. Enterprises adopt and integrate cloud computing into their business operations due to its cost-effective and on-demand delivery of computing resources over remote networks but face the challenge of adequate strategies and policies to implement identity and access management securely. Grounded in the Unified Theory of Acceptance and Use of Technology, the purpose of this qualitative multiple case study was to explore strategies used by information technology cybersecurity professionals to improve identity and access management in the cloud. The participants were 10 IT cybersecurity professionals, each with at least 3 years of experience in managing and implementing cloud security strategies and employed within the contiguous United States. Data were collected using semi-structured interviews and a review of publicly available information and analyzed using methodological triangulation. The results identified seven primary themes: (a) data protection, (b) authentication and authorization, (c) input and output handling, (d) error handling and logging, (e) configuration and operations, (f) session management, and (g) access control methods. A key recommendation is for enterprises to manage the human factor which can be unintentional human error or a disgruntled employee. The implications for positive social change include the potential to provide cloud service providers with strategies to secure their infrastructures and protect the private information of users and society from cyber criminals.

Download

Share

 
COinS