A framework for critical security factors that influence the decision of cloud adoption by Saudi government agencies

This paper investigates the critical security factors that influence the decision to adopt cloud computing by Saudi government agencies. A framework was proposed for three categories, Social Factors category, Cloud Security Risks Category and Perceived Cloud Security Benefits that includes well-known cloud security features. The framework factors were identified by critically reviewing studies found in the literature together with factors from the industrial standards within the context of Saudi Arabia. An experiment study was conducted in five government agencies in Saudi Arabia by interview and questionnaire with experts in order to improve and confirm the framework. All the factors in the proposed framework were found to be statistically significant. An additional factor identified was Failure of client side encryption. Moreover, they suggested including this factor as a potential risk under Security Risk Factors Category. The initial framework was updated based on the expert reviews and questionnaires. The results were analysed via one-sample t-test with the data integrity analysed via Cronbach's alpha. The outcome indicated the majority of cloud security adoption framework categories were statistically significant. Potential future study directions and contributions are discussed.