Gladwell Murigi^1,, Morrisson Mutuku¹

The idea of storing and managing data on virtualized servers has been brought to life by cloud computing technology allowing apps, individuals and organizations all over the world to connect to data and computing resources anywhere and at any time. Users of cloud computing can share processing power, storage space, bandwidth, memory and software. Because cloud computing is so simple to use, consumers no longer need to invest much in IT infrastructure. However, cloud computing comes with its own challenges with cloud security and privacy being the biggest concerns. Many organizations are uncomfortable with storing their data and applications on systems they do not control. In addition, since cloud services are accessed via internet, there is risk of attack by hackers. It was therefore important to assess security issues and challenges in cloud computing among public institutions in Africa. This study adopted a systematic review of literature. During the selection of studies to be used in a systematic review, the search for empirical studies was done in an extensive manner. Multiple or numerous sources, both printed and computerized were searched.. This study selected studies that were less than 5 years old. In addition, the study selected studies conducted in Kenya, other countries in Africa and around the world. To ensure the quality of the studies, the study selected studies with abstract, introduction, objectives, methods, results/findings and conclusions. The study concludes that challenges and security issues in cloud computing among public institutions include data breach, account hijacking, data loss, denial of service attacks, cloud abuse, malicious insiders, phishing attacks, portability restrictions, backdoor channel attacks, cloud malware injection attacks, shared technology vulnerabilities and lack of confidentiality of corporate data. The researcher therefore recommends that the governments should come up policies to govern and improve cloud computing adoption among public institutions. In addition, the study recommends development of policies to protect data from external hackers and malicious individuals. Policy makers should develop clear policies that require the cloud service providers to safeguard privacy and also security of data they are managing on behalf of institutions. Moreover, the policy makers should come up with policies that guide the provision of penalties to security failures. Also, public institutions should establish an information and communication technology department to come up with strategies to protect data in their organizations.

cloud computing, public institutions, security issues