Critical security and privacy related factors influencing the adoption of cloud computing in Australian small and medium-sized enterprises

<p>The past decade has offered enormous opportunities for cloud computing-based businesses. However, with increasing cloud computing adoption, security and privacy threats to the cloud have also increased. Accordingly, organisations of all sizes hold concerns regarding cloud security and privacy, including small and-medium sized enterprises (SMEs). There is little understanding of the relationships between cloud computing adoption and the security and privacy requirements of SMEs. It is essential to for to enrich their technology enabled business through effective security in the cloud. Thus, the purpose of this thesis is to investigate the critical security and privacy related factors that influence cloud computing adoption by Australian SMEs.</p> <p>Based on a structured evaluation of the related literature, an integrated conceptual framework was developed inspired by three theoretical theories, namely the technology-organisation environment (TOE) framework, the human organisation and technology fit (HOT-fit) framework and institutional theory. This framework links to technical, social, organisational, and environmental contexts and associated cloud computing adaptation by SMEs. The framework includes eight key factors: skilled personnel, technology readiness, perceived security benefits, data security concerns, data privacy concerns, legal compliance, cloud security standards, and trust in cloud service providers.</p> <p>A quantitative method was adopted, incorporating a cross-sectional survey strategy. An online survey was used to collect data from the Australian SME sample frame selected using a simple random method. The main study involved collecting data from 346 SMEs across all states and territories in Australia. Various statistical techniques were used in the data analysis process and partial least squares structural equation modelling (PLS-SEM) was adopted for testing and validating the proposed conceptual framework for the adoption of cloud computing in Australian SMEs.</p> <p>Results indicate that security and privacy related requirements significantly impact on cloud computing adoption by Australian SMEs. In addition, skilled personnel, technology readiness and trust in cloud service providers factors are critical determinants that drive the adoption of cloud computing among Australian SMEs. On the other hand, data security concerns and privacy concerns act are inhibitors for SMEs’ decisions to adopt cloud computing, but not once the technology has been adopted. Cloud computing adoption among SMEs of different sizes was found to be a statistically significant difference.</p> <p>The major contribution of this study is the extension of existing information technology (IT) adoption literature to the context of security and privacy, and cloud computing. Additionally, the findings provide a more holistic view of the organisational perspective on cloud computing adoption integrating the factors of human, organisational, technological, environmental and social issues into a single framework. From a practical perspective, the research findings provide important implications for technology consultants, cloud service providers, cloud software vendors, government, and regulatory authorities. In particular, Australian SMEs can benefit from understanding how security and privacy requirements impact cloud computing adoption and continuous use.</p>