Cloud leakage in higher education in South Africa: A case of University of Technology

Tshepiso Ntloedibe; Thato Foko; Mmatshuene A. Segooa

doi:10.4102/sajim.v26i1.1783

Original Research

Cloud leakage in higher education in South Africa: A case of University of Technology

Tshepiso Ntloedibe, Thato Foko, Mmatshuene A. Segooa

About the author(s)

Tshepiso Ntloedibe, Department of Informatics, Faculty of Information & Communication Technology, Tshwane University of Technology, Tshwane, South Africa
Thato Foko, Department of Informatics, Faculty of Information & Communication Technology, Tshwane University of Technology, Tshwane, South Africa
Mmatshuene A. Segooa, Department of Informatics, Faculty of Information & Communication Technology, Tshwane University of Technology, Tshwane, South Africa

Full Text:

HTML | EPUB | XML | PDF (670KB)

Abstract

Background: Users with knowledge of an organisation can pose risks to Cloud Computing, including current and past employees and external stakeholders with access to the organisation’s cloud. These insiders may engage in intentional or unintentional disruptive behaviors, causing significant harm to the organisation. A study focused on insider threats in South African higher education examined the tactics used by cybersecurity leaders to enforce cybersecurity policies.

Objectives: The goal of this study was to develop a comprehensive insider mitigation framework for cloud leakage in a South African University.

Method: The study employed qualitative methodologies and a case study approach. Open-ended interviews were conducted to collect data from the participants. The collected data was coded and analysed using ATLAS.ti 22.

Results: The study’s findings revealed that some of the major sources of cloud leakage are a lack of effective training, ineffective information security (IS) policy regulation, and the implementation of information security awareness workshops that provided advice on how information security should be managed in the university.

Conclusion: Insider threats pose a serious risk to organisations. To mitigate this threat, it is crucial for organisations to establish strong security policies and closely monitor employee activities. By conducting a thorough assessment of insider threats, organisations can enhance their understanding of this dynamic threat and strengthen their defenses.

Contribution: Although every employee is ultimately responsible for an organisation’s security, the most effective IS programmes demonstrate strong top-level leadership by setting a ‘tone at the top’ and promoting the benefits of IS through careful policy and guidance.

Keywords

cloud computing; data leakage; insider threat; information security; information systems security policies

JEL Codes

O30: General

Sustainable Development Goal

Goal 4: Quality education

Metrics

Total abstract views: 529
Total article views: 370

Crossref Citations

No related citations found.

African Online Scientific Information Systems (Pty) Ltd t/a AOSIS
Reg No: 2002/002017/07
International Tel: +27 21 975 2602
5 Hafele Street, Durbanville, Cape Town, 7550, South Africa
publishing(AT)aosis.co.za replace (AT) with @

All articles published in this journal are licensed under the Creative Commons Attribution 4.0 International (CC BY 4.0) license, unless otherwise stated.
Website design & content: ©2024 AOSIS (Pty) Ltd. All rights reserved. No unauthorised duplication allowed.
By continuing to use this website, you agree to our Privacy Policy, Terms of Use and Security Policy.

________

Subscribe to our newsletter

Get specific, domain-collection newsletters detailing the latest CPD courses, scholarly research and call-for-papers in your field.

South African Journal of Information Management | ISSN: 2078-1865 (PRINT) | ISSN: 1560-683X (ONLINE)