Running Head: CLOUD COMPUTING

Cloud Computing Adoption in Higher Education

Kelly Chambers
Siena Heights University
October 20, 2016

CLOUD COMPUTING

2
Abstract

Cloud computing has entered the spotlight in the past two decades, especially for higher
education organizations with shrinking generals fund looking to decrease technology costs while
still growing and staying current with both teaching and administrative technologies. Cloud
computing has transformed business, government and education at a rapid pace; for an
organization to successfully and comfortably adopt the cloud platform, they must first identify
and minimize cloud related threats. For higher education organizations, this also means
addressing the cloud related threats that are specific to your unique organizational structure. The
development of the cloud service models has provided organizations an efficient way to scale
technology services, but the shift from on premises server to hosted service based technology is
radically changing the role of the modern day technology leader. Focus is moving away from
physical device management and is now more focused on being an organization security
advocate. This paper presents an overview and study of cloud computing, with emphasis on
security threats, security issues, currently utilized cloud technologies and security solutions.

CLOUD COMPUTING

Introduction
Cloud computing is a new technology which has emerged in the last decade. According to
the definition by NIST, cloud computing is a model that can provide distributed, rapidly
provisioned and configurable computing resources (such as servers, storage, applications,
networks and other services), which are on-demand, rapid elastic and measured, to whom have
network connections (Mell & Grance, 2009, p.50). Because of the obvious scalability,
flexibility, availability and low cost of cloud services, there is a rapid trend of adopting cloud
computing among enterprises and educational organizations in the last few years.
Outline
This paper will focus on qualitative and quantitative analysis performed on the topic of
data breach risks for higher educational organizations using cloud data delivery for Student
Information Systems (SIS) from information published over the last decade with a specific focus
on the following research questions:

To what degree does cloud hosting a Student Information Systems (SIS) increase overall

likelihood of a data breach?

To what degree does lack of regulation increase external data breach risks?
To what degree does lack of cyber training increase internal account compromises and

data breaches?
To what degree does lack of trust in cloud computing effect adoption rates in higher

education?
What are the practical research implications for decreasing data breach risks?

Review of the Literature

Understanding Cloud Computing in Higher Education

CLOUD COMPUTING

Type of Cloud Services

Within higher education, Katz, Goldstein, and Yanosky (2009), leading technology
researchers for EDUCAUSE have categorized cloud computing into three platforms;
development, delivery, and application-led. Development is the use of on-demand cloud-based
development tools which are often available at minimal cost or free of charge, often referred to
as open-source development software. These use industry common source code to create
applications that can be accessed both online as well as on mobile devices. Application-led is the
use of cloud applications to deploy applications to organizational devices. This platform allows
educational and other organizations to have control over which cloud applications are being
deployed as well as offer content filtering of web-based applications.
Delivery, which is the main focus of this literature review, consists of contracted hosting
of data and server infrastructure. This platform removes the physical hosting of organization data
and enterprise applications from on premises data centers to hosted servers and web-based
applications. This area often serves as one of the highest technology costs for higher education
organizations, second only to network infrastructure which makes it a prime target for cost
reductions and cloud hosting discussions. Cloud computing is still in an emergent stage,
therefore the definition and types of services being offered is still changing and being redefined
as technologies evolves. It is predicted that by 2018 cloud computing will achieve maximum
mainstream adoption within the higher education sector and that for many, their hands may be
forced as higher education enterprise solutions no longer allow for self-hosting (Katz et al., 2009,
p.26).

Benefits of Cloud Services

CLOUD COMPUTING

The key benefit of cloud computing according to AlZain, Soh, and Pardede (2013) is that
services can become available whenever and wherever needed with simple internet access. With
the dawn of consumer technologies, smartphones, and social applications, expectations from
consumers has become twenty-four seven service access. Additionally, it is also meant to reduce
the cost for organizations providing services drastically through service scaling or by combining
and centralizing like services across multiple organizations (AlZain et al., 2013).
According to AlZain et al. (2013) moving to this platform is stated to have two main
benefits; decreased overall technology costs and increased access and ease of use for technology
services. Students come to campus with their own devices and expectations about how and when
they want to use them and a desire to create, deliver, and share content campus-wide. Katz et al.
(2009) echoes that for higher education, the current trending financial crisis, the focus on
managing information technology costs and return on investment together with an understanding
that markets and consumers have a web-delivery expectation are what is driving cloud adoption.
However, research conducted by Han (2011) does not indicate that cloud hosting will be a
long-term cost savings. He determined that the cost-savings is dependent on doing appropriate
research into the cost-model used by the hosting provider. As he explains cloud infrastructure is
more about a low commitment, pay-per-use model. This solution only reduces cost if the average
yearly pay-as-use model is lower than your onsite scalability. In education, Student Information
System application and storage is a long-term commitment, so pay-per-use might not reduce
cost. He ultimately found that the value of the cloud was the availability and flexibility but that
locally managed storage is still an attractive solution in a typical database storage scenario.

Benefits of Cloud Services for Higher Education

CLOUD COMPUTING

For higher education as Militaru, Niculescu, and Teaha (2013) indicate cloud computing
can provide critical resources for teaching, research and learning both cost-effectively and in a
highly flexible way (p. 219). Furthermore they explain that the cloud convergences two trends,
information technology efficiency and organizational agility plus can dramatically improve the
quality of higher education services while enhancing internal efficiencies, as well as improve
education capabilities. Universities can save costs through the use of older and less powerful
computers; additionally expensive maintenance issues can be jettisoned by cloud computing
solutions. These savings can then be redirected to the primary purpose of higher education,
quality instruction and student support (Militaru et al., 2013, p. 215).
Additionally, Katz et al. (2009) further explains that by moving to the cloud universities
will reduce their technology infrastructure cost and make smarter use of energy thereby reducing
their technology driven carbon footprint. In addition, higher education has limited ability to pay
competitive wages to attract scarce information technology talent; institutions in rural areas have
a hard time even finding staff while institutions in urban areas have a hard time retaining them
due to fierce competition. Ever-changing information technology environments are yet another
factor affecting staffing; new solutions are developed every day, infrastructures needed to
support these solutions are constantly evolving, and technology organizations are expected to
respond with increasing agility to every new opportunity. Moving to the cloud allows them to tap
into talented well-paid technology staff that they otherwise would be unable to obtain (Katz et
al., 2009, p.27).
Additionally, according to Fain (2015) with multiple higher education organizations
utilizing the same cloud hosting providers, the benefit of data standardization could should begin
to be realized. Thirty-seven percent of college students transfer at least once within six year.

CLOUD COMPUTING

Students often cross state lines, nearly a quarter of them transfer from four-year institutions and
leave the state. Having standardized data systems can reduce the effort for both the exited and
accepting educational institution, allowing them to easily share student records and completion
and retention statistics which are now critical to both state and federal funding guidelines. Higher
education institutions want to realize the full potential of their data to better inform strategic
decisions about the future (Fain, 2015, p. 8).
For the educators themselves, Hershock (2012) believes that the cloud computing arena
offers vast educational tools at low to no cost to the organization and poses far less risk than
storing institutional data in the cloud. Students demonstrated significantly greater learning
achievements, in terms of recall of basic information and critical thinking, when collaborating
than when working autonomously and online collaboration tools can significantly improve
student collaboration. Additionally, learning about new technologies can help instructors
innovate and increase their efficiency in course management (Hershock, 2012, p. 7).
Risks of Cloud Services
Katz et al. (2009) explains there are some distressing security issues that need to be
addressed when moving sensitive higher education data to a public and shared cloud
environment. According to Militaru et al. (2013) there are two core concerns effecting trust and
adoption of the cloud in higher education. The first, loss of control over data or fear that if the
cloud provider stopped providing services, the organization could experience difficulties in
accessing critical data. In addition, there is a lack of transparency on how, when, why, where and
by who their data is accessed, increasing fear of potential data breaches. They conclude that, the
trust (security and privacy in cloud computing) has a direct effect on adoption of cloud
computing in higher education institutions (Militaru et al., 2013, p. 216).

CLOUD COMPUTING

According to Katz et al. (2009) higher education organizations for this reason are
relatively late adopters of the delivery platform or contracted hosting of data and infrastructure;
this relates chiefly to the unique policy environment that regulates the acquisition, storage, and
dissemination of higher education information (FERPA, HIPAA, GLB, and others) (p. 3).
Higher education technology leaders have to consider the confidentiality, integrity and
availability of organization data when using a hosted provider versus on premises hardware and
services. When they look at data storage on premises the sensitive data of the organization lives
within the physical border of the school and access is controlled and managed by employees of
the institution. With the public cloud organizational data is stored outside the enterprise and
access is managed in most cases by an offsite provider and its employees (Katz et al., 2009,
p.29). Sharma and Trivedi (2014) express the reality of cloud data hosting, which concerns most
higher education leaders, data stored in the cloud has a higher risk of being accessed by untheorized person during storage as well as transmission (p. 224).
Additionally, Sharma et al. (2014) continues by explaining that cloud hosting data brings
to light the concern that many organizations fear data integrity and loss when moving to a cloud
hosting system for their data. When outsourcing the day-to-day management of data, you are no
longer internally able to do integrity monitoring which many feel increases the likelihood of data
corruption. Additionally many fear the time it will take for data recovery with a cloud provider in
the event of a disaster will infringe on their ability to meet existing customer expectations
(Sharma et al., 2014).
Ko (2015) explains that security threats to organizational data in the past decade have
evolved from desktop-based viruses to email-based worms to now browser botnets. Modern
attacks are now largely browser-based and as a result organizations must enact a robust web-

CLOUD COMPUTING

based security protocol in order to reduce risk with browser-based data access. What was once
an email-borne virus is now increasingly being replaced by sophisticated command and control
malware transforming by the second, infecting users through browser-based Web 2.0
applications (Ko, 2015, p. 27).
Compromised credentials are the leading cause for data breaches in both on premises and
cloud environments according to Skyhigh Networks data; however the likelihood of cyber
exposure is far greater within a cloud environment (Cloud adoption, 2015). AlZain et al. (2013)
explains that there are many ways credentials can be compromised, including malware attacks,
phishing and spear phishing schemes, and re-use of passwords on third-party sites. They also
state that the new cloud scene exacerbates potential data exposure by adding to the complexity
and creating more options for more people to access organizational data. Skyhigh Networks, a
leader in cloud security development, states that, on average, organizations experience 5.1
incidents each month in which an unauthorized third party exploits stolen account credentials to
gain access to corporate data stored in a cloud service. Slightly more than two thirds of
organizations experience account compromises each month across all sectors (Cloud Adoption,
2015, p. 12).
Contrary, Leong (2016), a Gartner researcher, explains that through a conducted analysis
of over 650 on premises and cloud hosted data centers it was found that the concept that the
cloud is less secure is a myth. He agrees that the most common cause for a data breach is
compromised credentials however found the likelihood of this compromise equal across both
platforms. He also found that for many public organizations cloud-based data centers are often
more secure than their in-house data centers; this is because cloud service providers can put in
place strong physical security measures and data is protected not only from those trying to steal it

CLOUD COMPUTING

10

but also from equipment failure through digital security and disaster recovery systems (Leong,
2016).
The Higher Risk for Higher Education
According to a 2015 study by the Ponemon Institute, the average total cost of a data
breach to an organization is $3.79 million; for education institutions the average cost per lost or
stolen student record can be upwards of $300. At this figure, even a small breach is a worst-case
scenario for higher education organizations who are already dealing with limited operational
budgets. Several higher education institution breaches have recently taken place, including
Washington State University, Southern New Hampshire University, and Arkansas State
University (Ponemon Institute, 2015).
According to Shipley (2015) colleges and universities have become high-priority targets
for data because they retain vast numbers of student records with enough personally identifiable
information to create credit files. Additionally, they are also the most difficult networks and
systems to defend as universities and colleges are not the kinds of institutions that adjust rapidly
to changes in network and security protocols due to the high costs and major investment that
would impact spending on their ultimate goal, educating students.
Further, colleges and universities have access to third-party research, intelligence, or
intellectual property, high-speed networks and immense computation capability available making
them an exceptional starting point to use to attack other establishments. Additionally their efforts
to teach the next generation of security and programming experts can be their own threat; on
campus students with legitimate network access can have the intelligence to attempt to attack and
compromise their systems. One of North Americas oldest colleges, University of New
Brunswick in Fredericton, found that every day there are millions of attempts to breach the
network; as many as 83 attempts a second happen to remotely intrude the systems on their

CLOUD COMPUTING

11

network as well as hundreds of thousands of copies of malware and phishing attempts being sent
to faculty and staff (Shipley et al., 2015, p.27).
Higher education institutions are stated to be at higher risk of these costly breaches than
their for-profit counterparts due to lack of protective regulations according to Rastogi, Gloria,
and Hendler (2015). Their finding shows that as cloud services have grown in education and
industry, current legal standards and regulations have not developed and transformed at the same
rate. Additionally they explain that state, federal and international cloud policies, such as the
Stored Computer Act (SCA) focus primary on right to privacy in terms of the average citizen
making independent business transactions. They further determined that current policies do not
take into account the greater regulations imposed by acts such as Family Educational Rights and
Privacy Act (FERPA) and Health Insurance Portability and Accountability (HIPAA). They
conclude that as a result cloud providers have not developed with these considerations in mind
(Rastogi et al., 2015).
The 2015 Ponemon Institute study further indicates that thirty-seven percent of all
breaches for higher education are due to internal user errors including data share errors,
compromising their accounts through phishing scams and using unencrypted devices to access
sensitive data. These breaches are in large part due to lack of cyber security training in higher
education settings; people are the greatest source of IT security problems (Ponemon Institute,
2015).
Payne (2002) derived that from available statistics the majority of security breaches on
campuses are caused by insiders, and the damage they levy on their organizations can be much
more severe than anything brought by hackers on the other side of the world. His findings state
that forty-seven percent of all breaches were caused by malicious hacks; the remaining fifty-

CLOUD COMPUTING

12

three percent of attackers were not immediately detected or prevented by network surveillance
because the attacker was using legitimate credentials obtained through compromised accounts.
Universities within the United States are at higher risk than their foreign counterparts.
The United States is most likely to have malicious or criminal attacks. India and Brazil have the
most data breaches due to system glitches. Additionally breaches due to human error are highest
in the United States and Canada (Ponemon Institute, 2015).
Reducing Risk in Cloud Computing
According to Sultan (2010) having a clear and concise service level agreement (SLA)
with a cloud hosting vendor is one of the most important actions to take to reduce the risk of any
cloud data hosting implementation. He concludes that this serves as both the blueprint and
warranty for cloud computing. A service level agreement (SLA) describes levels of service using
various attributes such as availability, serviceability or performance. The SLA specifies
thresholds and financial penalties associated with violations of these thresholds. Well-designed
SLAs can significantly contribute to avoiding conflict and can facilitate the resolution of an issue
before it escalates into a dispute. Trappler (2010) also states that for higher education this
contract affirms ownership of its data stored and rights for retrieval, their obligation for system
infrastructure, security standards, rights to audit their compliance, encrypting desires, and
disaster recovery plans.
Wayner (2010) explains universally and regulated cloud computing security standards
have yet to emerge beyond those for monetary transactions. He declares that increasing
regulation will have both pros and cons for higher education organizations. He states that while
regulation and potential fines forces providers to implement holistic risk-based security, stricter
regulatory environments experiences increased opportunity costs of doing business. He

CLOUD COMPUTING

13

concludes that governing bodies need to strike a balance between the need for greater cloud
computing security without increasing cost to the point that the cloud computing cost benefit is
lost.
Organizations, according to Chaudhry (2015), must begin to re-think security in very
fundamental way. As organization move data to the cloud, to reduce treat and risk of exposure,
the must also accept the limitations of existing on premises security practices. To address this
risk he believes organizations should look toward adopting a Cloud Security Architecture; this is
access to off-sight, on-demand, point-of-use security perimeters that enforce organizational
policies and provide cutting-edge threat management capabilities that are in line with the
organizations cloud computing needs. This is a migration away from on premises security
appliances to allowing another host, a cloud security service provider to take on cloud security
for the organization. Given their focus and resource availability, these providers are far more
likely to be able to react to ongoing security threats than a small in house technology department
(Chaudhry, 2015, p. 8-14).
Jaeger (2008) also concludes that any organization planning to venture into using any
form of cloud data storage should create a robust Cloud Computing Policy. This policy is a key
learning tool for the organization and serves as a catalyst for cyber training. These type of
policies also serve to ensure that sensitive data is not inappropriately shared or stored using
public cloud computing and file sharing services; it limits and explains that only the organization
designated data shares should be used.
Jaeger (2008) further states that cloud security policies ensure that leadership selects
vendors who can provide appropriate levels of protection and recovery and outlines all
compliance and regulatory requirements that a potential or current vendor should adhere to. They

CLOUD COMPUTING

14

are also critical for communication of cloud and data security expectations to all members of the
organization. They often outline password policies, mobile and remote access limitations as well
as ensuring that cloud data and services adhere to guidelines already outlined within organization
Acceptable Use Policies.
Fisher (2016) concluded that higher education institutions are also primary targets of
cyberattacks due to student and financial data, intellectual property, and valuable research. He
explains that school-wide cybersecurity training programs are the key to radically improving the
security of your institution. As he explains people pose the largest risk with any data system,
including those hosted in the cloud; given that compromised credentials are the most common
cause for a data breach educating staff about risks and threats can reduce likelihood of a costly
breach by as much as 45 percent.
Awareness, according to Fisher (2015), is the first step in reducing the number of data
breaches that occur. The majority of individuals understand that by having their personal
information online that they are taking a risk of that information being compromised. However,
they do not seem to carry this same concern when accessing other individuals information
through work provided online applications. This is a large concern for higher education when
staff have access to vast number of student records. Training programs focus on best practices for
password creation and maintenance, what to look for to identify phishing and malware schemes
and software and security policies that are unique to the organization. Increasing the campuswide awareness is a key and low cost investment that can be made by universities which can
provide great risk reduction (Fisher, 2016).
Beeman (2015) explains that higher education needs to begin to understand that to be
prepared for the cloud world they need not model themselves after for-profit business which has

CLOUD COMPUTING

15

been the focus model thus far. They tend to have large sums to invest in cyber security
evaluation, plus hire costly consolation firms to audit and attempt penetration testing. His believe
is that movements in health care information security are more relevant. Many health care
organizations complete regular and formal peer reviews of each others technological security
and compliance. While higher education has promoted peer review only for teaching and
curriculum. Additionally, he believes this same model would be a more cost effective way for
higher education organizations to evaluate themselves in terms of cyber safety.
Conclusion
Summary
This review describes many of the findings related to the challenges cloud computing
presents to higher education organizations adoption of this new frontier of technology. The
information presented indicates that organization data is at increased likelihood for exposure
when housed within the cloud and these exposures lead to high economic impact for universities
and colleges and effect adoption rates for new schools. As organizations adopt more cloud
services, products, and systems, it becomes clear that future work is needed to create stronger
security standards for cloud computing providers and users accessing data in the cloud. The
current shortcomings make cloud computing a vulnerable option for higher education leaders
seeking ways to reduce their overall technology costs.
State of Research
The body of research on cloud computing in higher education is relatively young
spanning only the last 14 years starting with the foundation data collection and research
conducted by Richard Katz, founder and chairman of EduData and writer for ECAR and
EDUCAUSE contributor. His early work summarizes insights and a framework for thinking

CLOUD COMPUTING

16

about cloud computing usage, safety, and the potential emergent role it plays for public and
private clouds (Katz et al., 2009).
Even with the increased number of studies conducted over that past decade, there is still
much research to be done in determining the safety of cloud hosting for Student Information
Systems (SIS). Based on the research for this literature review, most available information is
focused primarily on cloud computing for the private sector; while many of the issues and
conclusions can be applied across both private and public organizations, research specific to the
additional regulations and cost constraints for public institutions such as higher education seems
to be scarce.
Call to Action
Cloud hosting a Student Information System (SIS) in an organization is not without risk,
and the research indicates that while there is value to be gained, one must balance the benefits
and risks and take appropriate actions to minimize those risks. Cloud hosting is not something
that can be taken on lightly. The decision to embrace cloud computing technology is a risk-based
decision, not a technology-based decision. It requires research and long term planning on the part
of the leadership looking toward cloud services. Organizations wishing to move forward with
cloud hosting need to ensure that proper cyber security professional development takes place.
They also need to begin advocating both locally and nationally for better security regulations for
hosted student data systems.

CLOUD COMPUTING

17
References

AlZain, M. A., Soh, B., & Pardede, E. (2013). A survey on data security issues in cloud
computing: from single to multi-clouds. Journal of Software, 8(5), 1068+. Retrieved
October 04, 2016 from http://go.galegroup.com.ezproxy.sienaheights.edu:2048/ps/i.do?
p=GPS&sw=w&u=lom_sienahul&v=2.1&it=r&id=GALE
%7CA351435581&asid=153016c5a94af9c9ce3ff623d4ec8ccc
Beeman, J. (2015, April 13). Cybersecurity in Higher Ed: Searching for a better model.
Educause Review: Security Matters, 5(1), 22-24. Retrieved October 17, 2016 from
http://er.educause.edu/articles/2015/4/cybersecurity-in-higher-ed-searching-for-a-bettermodel
Chaudhry, J. (2015). The essential guide to cloud security: With practical tips to reduce costs
and improve security. Hoboken, New Jersey: Wiley Publishing.
Cloud adoption & risk report. (2015). Retrieved September 9, 2016, from
http://info.skyhighnetworks.com/rs/274-AUP214/images/WP_Skyhigh_Cloud_Adoption_Risk_Report_Q4_2015.pdf
Fain, P. (2015, July 8). More than a third of college students transfer; make sharing easier with
cloud technology. Inside Higher Ed, 14(2),8-9. Retrieved October 14, 2016 from
https://www.insidehighered.com /2015/07/08/more-third-college-students-transfer-makesharing-easier
Fisher, C. (2016, February 10). Why cybersecurity training for higher education workers is
critical. Educause Review: Security Matters, 4(1), 32-33. Retrieved October 04, 2016
from http://er.educause.edu/securitymatters/2016/2/why-cybersecurity-training-forhigher-education-workers-is-critical

CLOUD COMPUTING

18

Han, Y. (2011, December). Cloud computing: Case studies and total costs of ownership.
Information Technology and Libraries, 30(4), 198+. Retrieved October 04, 2016
http://go.galegroup.com.ezproxy.sienaheights.edu:2048/ps/i.do?
p=GPS&sw=w&u=lom_sienahul&v=2.1&it=r&id=GALE
%7CA272739698&asid=3b37c990b8266a26052633134a0a0daf
Hershock, C. (2012, December). Teaching in the cloud: Leveraging online collaboration tools to
enhance student engagement. CRLT Occasional Papers, 31(1), 2-11. Retrieved October
14, 2016 from
http://www.crlt.umich.edu/sites/default/files/resource_files/CRLT_no31.pdf
Jaeger, P. (2008). Cloud computing and information policy: Creating a guide to the cloud.
Journal of Information Technology and Politics, 5(3), 15-17
Katz, R., Goldstein, P., & Yanosky, R. (2009, January). Cloud computing in higher education.
Retrieved September 08, 2016, from
http://net.educause.edu/section_params/conf/ccw10/highered.pdf
Katz, R., Goldstein, P., & Yanosky, R. (2009, June). Demystifying cloud computing for higher
education. Ecar Research Bulletin, 19(1), 26-32. Retrieved October 01, 2016, from
www.educause.edu/research-and-publications/149199
Ko R., & Choo R. (2015). The cloud security ecosystem: Technical, legal, business and
management issues. Rockland, MA: Syngress Publishing.
Leong, L., (2016, February 12). 15 Reasons to migrate your data center to the public cloud
infrastructure. Retrieved September 28, 2016, from
https://www.gartner.com/doc/3210019

CLOUD COMPUTING

19

Mell, P. & Grance, T. (2009, March 17). The NIST definition of cloud computing. National
Institute Standard Technology, 53(6), 16-15
Militaru, G., Niculescu, C., & Teaha, C. (2013, November). Critical success factors for cloud
computing adoption in higher education institutions: A theoretical and empirical
investigation. Paper presented at the (6) 213-220. Retrieved September 08, 2016, from
http://search.proquest.com.ezproxy.sienaheights.edu:2048/docview/1537389653?
accountid=28644
Payne, S. (2003, November 26). Computer and network security in higher education. Educause
Review, 4(7), 89-104. Retrieved September 08, 2016, from
https://library.educause.edu/~/media/files/library/2003/1/pub7008k-pdf.pdf
Ponemon Institute (2015, May). 2015 cost of data breach study: Global analysis. Retrieved
September 28, 2016, from https://nhlearningsolutions.com/Portals/0/Documents/2015Cost-of-Data-Breach-Study.PDF
Rastogi, N., G., M., & Hendler, J. (2015). Security and privacy of performing data analytics in
the cloud: A three-way handshake of technology, policy, and management. Journal of
Information Policy, 5, 129-154. doi:1. Retrieved October 04, 2016 from
http://www.jstor.org/stable/10.5325/jinfopoli.5.2015.0129 doi:1
Sharma, R., & Trivedi, R. K. (2014, April 01). Literature review: Cloud computing security
issues, solution and technologies. IJER International Journal of Engineering Research,
3(4), 221-225. doi:10.17950/ijer/v3s4/408
Shipley, D. (2015, September 28). The cyber siege of higher education in North America.
Educause Review, 4(7), 26-29. Retrieved September 08, 2016, from
http://er.educause.edu/blogs/2015/9/the-cyber-siege-of-higher-education-in-north-america

CLOUD COMPUTING

20

Sultan, N. (2010, May). Cloud computing for education: A new dawn? International Journal of
Information Management, 30(2), 109-116
Trappler, T. (2010, June 24). If it's in the cloud, get it on paper: Cloud computing contract issues.
Retrieved October 04, 2016 from http://er.educause.edu/articles/2010/6/if-its-in-thecloud-get-it-on-paper-cloud-computing-contract-issues
Wayner, P. (2010, May). Should encryption be regulated? Politics, not technology, may
hamstring the use of cloud data encryption in the U.S. Byte, 18(6), 129+. Retrieved
October 04, 2016 from http://go.galegroup.com/ps/i.do?
p=CDB&sw=w&u=lom_sienahul&v=2.1&it=r&id=GALE
%7CA13726072&asid=e0924c972899b4d9ec699e9f0045a4a0