Cloud Inspector: A Tool-Based Approach for Public Administrations to Establish Information Security Processes Towards Public Clouds

Michael Diener; Thomas Bolz

doi:10.5220/0011694900003405

Cloud Inspector: A Tool-Based Approach for Public Administrations to Establish Information Security Processes Towards Public Clouds

Michael Diener, Thomas Bolz

2023

Abstract

Digitization is on the rise in Europe’s public administrations. Since the Covid-19 pandemic began, public cloud services have become essential in this domain. However, there are still security concerns about the usage of external cloud resources in business processes of public authorities, although numerous technical concepts for improving security are already available. In this paper, we focus on internal processes of information security management systems (ISMS) in public administrations. We identified potential challenges such as a lack of knowledge about cloud security and unclear roles and responsibilities when using ISMS tools in this application domain. As a possible solution, we present a tool-based approach that is based on an easyto-use online questionnaire, which can be automatically evaluated based on predefined sentiments. With this approach, we can provide the required visibility into the status quo of public cloud security while integrating various stakeholders within public administrations into a holistic ISMS process.

Download

Paper Citation

in Harvard Style

Diener M. and Bolz T. (2023). Cloud Inspector: A Tool-Based Approach for Public Administrations to Establish Information Security Processes Towards Public Clouds. In Proceedings of the 9th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-624-8, pages 543-551. DOI: 10.5220/0011694900003405

in Bibtex Style

@conference{icissp23,
author={Michael Diener and Thomas Bolz},
title={Cloud Inspector: A Tool-Based Approach for Public Administrations to Establish Information Security Processes Towards Public Clouds},
booktitle={Proceedings of the 9th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2023},
pages={543-551},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0011694900003405},
isbn={978-989-758-624-8},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 9th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Cloud Inspector: A Tool-Based Approach for Public Administrations to Establish Information Security Processes Towards Public Clouds
SN - 978-989-758-624-8
AU - Diener M.
AU - Bolz T.
PY - 2023
SP - 543
EP - 551
DO - 10.5220/0011694900003405