Gianfranco Elena,Christopher W. Johnson

DOI: https://doi.org/10.48550/arXiv.1509.06536

2015-09-22

Computers and Society

Abstract:Cloud computing is revolutionising the way software services are procured and used by Government organizations and SMEs. Quantitative risk assessment of Cloud services is complex and undermined by specific security concerns regarding data confidentiality, integrity and availability. This study explores how the gap between the quantitative risk assessment and the perception of the risk can produce a bias in the decision-making process about Cloud computing adoption. The risk perception of experts in Cloud computing (N=37) and laypeople (N=81) about ten Cloud computing services was investigated using the psychometric paradigm. Results suggest that the risk perception of Cloud services can be represented by two components, called dread risk and unknown risk, which may explain up to 46% of the variance. Other factors influencing the risk perception were perceived benefits, trust in regulatory authorities and technology attitude. This study suggests some implications that could support Government and non-Government organizations in their strategies for Cloud computing adoption.

Ndukwe Ukeje,Jairo Gutierrez,Krassie Petrova

DOI: https://doi.org/10.1007/s10207-023-00797-6

2024-01-04

International Journal of Information Security

Abstract:The advent of new technologies and applications coupled with the COVID-19 pandemic tremendously increased cloud computing adoption in private and public institutions (government) and raised the demand for communication and access to a shared pool of resources and storage capabilities. Governments across the globe are moving to the cloud to improve services, reduce costs, and increase effectiveness and efficiency while fostering innovation and citizen engagement. However, information security and privacy concerns raised in the past remain significant to government adoption and utilisation of cloud computing. The study conducts a systematic literature review (SLR) using the Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) approach to examine information security and privacy as the fundamental challenges to government intention to adopt cloud computing. This study screened 758 articles and included 33 articles that revealed information security and privacy as critical factors and barriers to adopting cloud computing through a systematic evaluation (PRISMA approach). The combined two factors contributed 70% of the significant gaps to the cloud computing adoption challenges. In contrast, the individual contribution of information security and privacy as a significant gap to the challenges of cloud adoption yielded 9% and 12%, respectively. Furthermore, 9% of the authors recognised the need for a framework to address the challenges but could not attempt to develop the framework. The study contributes to the information security body of knowledge, PRISMA studies and provides direction in proposing strategies and frameworks to tackle information security and privacy challenges as future research.

computer science, information systems, theory & methods, software engineering

Nathalie Brender,Iliya Markov

DOI: https://doi.org/10.1016/j.ijinfomgt.2013.05.004

IF: 18.958

2013-10-01

International Journal of Information Management

Abstract:In today's economic turmoil, the pay-per-use pricing model of cloud computing, its flexibility and scalability and the potential for better security and availability levels are alluring to both SMEs and large enterprises. However, cloud computing is fraught with security risks which need to be carefully evaluated before any engagement in this area. This article elaborates on the most important risks inherent to the cloud such as information security, regulatory compliance, data location, investigative support, provider lock-in and disaster recovery. We focus on risk and control analysis in relation to a sample of Swiss companies with regard to their prospective adoption of public cloud services. We observe a sufficient degree of risk awareness with a focus on those risks that are relevant to the IT function to be migrated to the cloud. Moreover, the recommendations as to the adoption of cloud services depend on the company's size with larger and more technologically advanced companies being better prepared for the cloud. As an exploratory first step, the results of this study would allow us to design and implement broader research into cloud computing risk management in Switzerland.

information science & library science

Scott Paquette,Paul T. Jaeger,Susan C. Wilson

DOI: https://doi.org/10.1016/j.giq.2010.01.002

IF: 8.49

2010-07-01

Government Information Quarterly

Abstract:Cloud computing, which refers to an emerging computing model where machines in large data centers can be used to deliver services in a scalable manner, has become popular for corporations in need of inexpensive, large scale computing. Recently, the United States government has begun to utilize cloud computing architectures, platforms, and applications to deliver services and meet the needs of their constituents. Surrounding the use of cloud computing are many risks that can have major impacts on the information and services supported by this technology. This paper discusses the current use of cloud computing in government, and the risks–tangible and intangible–associated with its use. Examining specific cases of government cloud computing, this paper explores the level of understanding of the risks by the departments and agencies that implement this technology. This paper argues that a defined risk management program focused on cloud computing is an essential part of the government IT environment.

information science & library science

Nattakarn Phaphoom,Xiaofeng Wang,Sarah Samuel,Sven Helmer,Pekka Abrahamsson

DOI: https://doi.org/10.1016/j.jss.2015.02.002

2017-12-02

Abstract:In the context of cloud computing, risks associated with underlying technologies, risks involving service models and outsourcing, and enterprise readiness have been recognized as potential barriers for the adoption. To accelerate cloud adoption, the concrete barriers negatively influencing the adoption decision need to be identified. Our study aims at understanding the impact of technical and security-related barriers on the organizational decision to adopt the cloud. We analyzed data collected through a web survey of 352 individuals working for enterprises consisting of decision makers as well as employees from other levels within an organization. The comparison of adopter and non-adopter sample reveals three potential adoption inhibitor, security, data privacy, and portability. The result from our logistic regression analysis confirms the criticality of the security concern, which results in an up to 26-fold increase in the non-adoption likelihood. Our study underlines the importance of the technical and security perspectives for research investigating the adoption of technology.

Software Engineering

Umar Ali,Amjad Mehmood,Muhammad Faran Majeed,Siraj Muhammad,Muhammad Kamal Khan,Houbing Song,Khalid Mahmood Malik

DOI: https://doi.org/10.1007/s11036-018-1132-x

2018-01-01

Mobile Networks and Applications

Abstract:The world is going to be more and more digital with effective utilization of information and communication technologies in government services to provide services to their citizens. In developing countries, public cloud is now considered a powerful platform, for providing scalable and cost effective public services to the citizens, due to their limited resources and budget. Public cloud has been adopted by both developed and developing countries for providing e-government services. User’s adoption is equally essential just like the government’s adoption of new services. Government needs to assess the user’s behavior intention and use behavior before choosing public cloud as platform for their innovative citizen’s services also known as government to citizen’s services (G2C). As citizen’s information is stored on public cloud, which is provided by a third party, so user’s concerns about privacy of information may affect the adoption of these services. The aim of this study is to find out the privacy factors that influence the adoption of e-government services by choosing and recommend suitable technology adoption model. As a methodology, the Unified Theory of Acceptance and Use of Technology (UTAUT) Model was amended to add two additional privacy variables from e-commerce domain i.e., Perceived Internal Privacy Risk (PIPR) and Cloud Information Privacy Concern (CIPC). Thus the new model included in addition to PIPR and CIPC, its own four elements of performance expectancy (PE), Effort Expectancy (EE), Social Influence (SI), and Facilitating Condition (FC). The data was collected from respondents who had used both public cloud and e-government services. Structure Equation Modeling (SEM) was used to investigate the effect of all variables on Behavior Intention (BI) and Use Behavior (UB). The findings show that Performance Expectancy (PE), Effort Expectancy (EE) and Social Influence (SI) had positive effects on user’s Behavior Intention (BI) while Cloud Information Privacy Concerns (CIPC) and Perceived Internet Privacy Risks (PIPR) had negative effects on Behavior Intention (BI). The Facilitating Conditions (FC) and Behavior Intention (BI) had a strong positive effect on User Behavior (UB).

Mariam Kiran,Ming Jiang,Django Armstrong,Karim Djemame

DOI: https://doi.org/10.1109/dasc.2011.89

2011-01-01

Abstract:The principles of risk management have been introduced in grid computing to help document and anticipate certain risks and manage them to ensure job executions are successful. Clouds are more complex environments with further concerns like risk, trust, eco-efficiency, green, security or cost. In this paper we present ongoing research work to analyze and address the risk factor in clouds with the aim of optimizing cloud services. The main contribution of this work is the presentation of a methodology for performing risk assessment in cloud environments including the target use cases, risk identification, mitigation and monitoring. Together with the corresponding mitigation strategies, the methodology provides technological assurance that will lead to a high confidence of Cloud service consumers on one side, and a cost effective and reliable productivity of cloud Service/Infrastructure Providers on the other side. The design of the risk assessment framework and its software toolkit implementation are part of the research and development work of the OPTIMIS (Optimized Infrastructure Services) project whose objective is to enable an open and dependable Cloud Service Ecosystem that delivers IT services that are adaptable, reliable, auditable and sustainable both ecologically and economically. The paper presents some preliminary results on the risk assessment of a Service/Infrastructure Provider at the cloud service deployment stage.

Fredrick Kanobe,SP Sambo,Billy Mathias Kalema

DOI: https://doi.org/10.35970/jinita.v4i1.1292

2022-06-30

Journal of Innovation Information Technology and Application (JINITA)

Abstract:The study aimed at exploring the critical enablers to the development and usage of information security governance frameworks for cloud computing in Uganda. The study was motivated by the continuous information security governance challenges in the Public Cloud. The theoretical frameworks that underpinned this study included; Contingency management theory, the Risk Management framework, the Technological Organisational and Environmental (TOE) model and the Information Security Governance model. This study adopted a quantitative research approach to obtain data through a survey. Five key factors for information security governance were identified: a) Technological factors: flexibility, scalability, availability, agility, data protection governance, trust of cloud, data source, maintenance, data retention and policy. b) Organisation: size and structure of the organisation, top management support. c) Environmental factors: governance and regulation, marketing, vendor, resource availability, obsoleteness. d) Individual: user resistance, attitude, skills, belief and learnability. e) Risk management and control factors: risk assessment, disaster recovery, access and authorisation control, monitoring, auditing, and process risk control. The study contributes to theory and practice in information security. The developed framework and its accompanying model helped to inform public departments, organisational top management and information security strategies to avoid excessive information risks and potential regulatory compliance failures in public cloud. The study was inclined on subjective information security, which alone may not fully address all information security problems in a public cloud. Therefore, it is recommendable that future research studies on objective security in public cloud

Karim Djemame,Django J. Armstrong,Mariam Kiran,Ming Jiang

2011-01-01

Abstract:As the realization of Cloud computing environments advances from a simple and single private Cloud towards a more complex Cloud Service Ecosystem consisting of multiple coexisting public or hybrid Clouds, there are emerging high level concerns such as risk, trust, ecological, security, cost and legal factors that underpin the non-functional properties of the ecosystem. These concerns are beyond the traditional focus of providing functionalities at levels close to a single Cloud infrastructure such as hardware resource virtualization. In this paper we present ongoing research work to analyze and address the risk factor in such a Cloud Service Ecosystem for the purpose of optimizing Cloud service. The main contributions of the work are the design and implementation of an effective and efficient risk assessment framework (methodologies of risk identification, evaluation, mitigation and monitoring) for Cloud service provision. Together with the corresponding mitigation strategies, the framework provides technological assurance that will lead to a higher confidence of Cloud service consumers on one side and a cost-effective and reliable productivity of Cloud Service Provider (SP) and resources organized by individual Infrastructure Provider (IP) on the other side. The design of the risk assessment framework and its software toolkit implementation is part of the research and development work of the OPTIMIS (Optimized Infrastructure Services) project whose objective is to enable an open and dependable Cloud Service Ecosystem that delivers IT services that are adaptable, reliable, auditable and sustainable both ecologically and economically.

Omar Ali,Anup Shrestha,Valmira Osmanaj,Shahnawaz Muhammed

DOI: https://doi.org/10.1108/itp-03-2019-0119

2020-04-28

Information Technology and People

Abstract:Purpose The significance of cloud services in information technology (IT) is increasing as a means of achieving enhanced productivity, efficiency and cost reduction. Through cloud-based service, the reliability and scalability of an organization’s systems can be enhanced since organizations such as local governments are able to concentrate on their main business strategies. This research seeks to identify critical factors that may have an impact on the acceptance of cloud-based services, where the organizational context is based on local governments in Australia. Design/methodology/approach To formulate a more comprehensive IT innovation adoption model for cloud technology, factors from the technology-organizational-environment framework, desires framework and diffusion of innovation model were integrated. Data was obtained from 480 IT staff working in 47 local government organizations. Findings The research results show that the factors which had a statistically significant and positive impact on the adoption of cloud-based services in local governments were compatibility, complexity, cost, security concerns, expected benefits and organization size. It is likely that the outcomes from this research will provide insights to any organization seeking to make investment decisions on the adoption of cloud-based services. Research limitations/implications Limitations include generalizability of the findings since the data is restricted to local government areas in Queensland, Australia. Further, the sample mostly included individuals with managerial positions and may not completely capture the cloud adoption factors relevant for front line IT employees. Another limitation is the possible omission of factors that may be relevant but not considered due to the selected theories. Lastly, this research did not differentiate between different types of cloud adoption such as private, public, community and hybrid models that are possible in this context. Originality/value The paper provides a combination framework of cloud-based service adoption based on a literature review on cloud adoption from an IS perspective. It adapts integrated model to establish a more comprehensive innovation adoption framework for cloud technology.

information science & library science

Karim Djemame,Benno Barnitzke,Marcelo Corrales,Mariam Kiran,Ming Jiang,Django Armstrong,Nikolaus Forgó,Iheanyi Nwankwo

DOI: https://doi.org/10.1098/rsta.2012.0075

2013-01-01

Abstract:Cloud computing technologies have reached a high level of development, yet a number of obstacles still exist that must be overcome before widespread commercial adoption can become a reality. In a cloud environment, end users requesting services and cloud providers negotiate service-level agreements (SLAs) that provide explicit statements of all expectations and obligations of the participants. If cloud computing is to experience widespread commercial adoption, then incorporating risk assessment techniques is essential during SLA negotiation and service operation. This article focuses on the legal issues surrounding risk assessment in cloud computing. Specifically, it analyses risk regarding data protection and security, and presents the requirements of an inherent risk inventory. The usefulness of such a risk inventory is described in the context of the OPTIMIS project.

Mark Stieninger,Dietmar Nedbal,Werner Wetzlinger,Gerold Wagner,Michael A. Erskine

DOI: https://doi.org/10.12821/ijispm060101

2022-01-31

International Journal of Information Systems and Project Management

Abstract:Cloud computing presents an opportunity for organizations to leverage affordable, scalable, and agile technologies. However, even with the demonstrated value of cloud computing, organizations have been hesitant to adopt such technologies. Based on a multi-theoretical research model, this paper provides an empirical study targeted to better understand the adoption of cloud services. An online survey addressing the factors derived from literature for three specific popular cloud application types (cloud storage, cloud mail and cloud office) was undertaken. The research model was analyzed by using variance-based structural equation modelling. Results show that the factors of compatibility, relative advantage, security & trust, as well as, a lower level of complexity lead to a more positive attitude towards cloud adoption. Complexity, compatibility, image and security & trust have direct and indirect effects on relative advantage. These factors further explain a large part of the attitude towards cloud adoption but not of its usage.

Jamelia M. Anderson-Princen

DOI: https://doi.org/10.1007/s40804-022-00252-4

IF: 1.79

2022-06-21

European Business Organization Law Review

Abstract:Cloud applications are becoming central and critical to the delivery of financial services. Despite their significance, banks face increased exposure to transaction risks related to the use of cloud services and internal and external pressures to improve their risk management practices. In this study, we use a unique data set from a bank's cloud register to examine the effectiveness of internal governance on an ongoing cloud outsourcing transaction between a bank and cloud service provider. We employ structural equation modeling and a simple linear regression to test for transaction misalignment and causes of governance inefficiencies. We find that a strong degree of misalignment is largely due to poor design of internal controls and a weak control system that does not provide acceptable indications of residual risk likelihood. The findings indicate that cloud risks are driven not only by agency costs, but also by firm-specific risks which contribute to a number of transaction uncertainties and governance misalignment.

law,business

Fatima A. Alali,Chia-Lun Yeh

DOI: https://doi.org/10.2308/isys-50229

2012-06-01

Journal of Information Systems

Abstract:ABSTRACT We provide an overview of cloud computing: evolution, benefits, and challenges. Then we examine the risk characteristics identified in accounting and auditing literature by comparing a hand-collected sample of cloud computing companies with a matched sample of non-cloud computing companies. The study uses a comprehensive set of factors used in accounting and auditing literature to describe client business risk, audit risk, and auditor-related risk. Unsurprisingly, the findings show that large companies in the historically high-risk information technology industries provide cloud computing. More interestingly, the results show that cloud computing is more leveraged, and more likely to have a material weakness and longer audit tenure. Cloud computing companies are also more likely to restate their financial statement after providing cloud technologies. Some of the risk variables we used in the study are not statistically significant in capturing the risks of cloud providers (e.g., security, privacy, availability, confidentiality). The study contributes to the literature in IT outsourcing in general, and in cloud computing more specifically. The study also responds to the recent call for insightful research in cloud computing.

business, finance

Yiyang Bian,Lele Kang,J. Leon Zhao

DOI: https://doi.org/10.1108/intr-05-2019-0187

IF: 5.9

2020-01-01

Internet Research

Abstract:PurposeThe purpose of this paper is to investigate organizational information technology (IT) deployment from a dual decision-making perspective. This study builds on rational choice theory to characterize how the costs and values of incumbent IT and those of the corresponding new cloud computing influence a company's dual decision of discontinuance and acceptance.Design/methodology/approachThis study chooses cloud computing as the research context, since it is one of the most well-accepted ITs in current practice. By using survey methodology, the data were collected from organizations around the world. Our hypotheses were examined via multimethod analyses, including the partial least squares, the multinomial log it regression and the analysis of variance.FindingsThis research reveals that organizations often follow the dual decision-making process in IT deployment regarding a non-cloud, hybrid structure and full-cloud considers incumbent IT discontinuance and new cloud computing acceptance. These results indicate that organizations may embrace cloud computing because of its perceived high system compatibility and low support costs. Meanwhile, security threats remain the primary obstacles to conducting business in the cloud.Originality/valuePrevious studies mainly focus on a single aspect and do not reveal the intricacies of the interactions between the reduction of incumbent IT and the addition of new IT. To address this gap in the body of knowledge, our study proposes a dual decision model based on a dialectical understanding of new and incumbent IT mechanisms instead of a singular IT acceptance model.

Masky Mackita,Soo-Young Shin,Tae-Young Choe

DOI: https://doi.org/10.3390/fi11090195

2019-09-10

Future Internet

Abstract:Many companies are adapting cloud computing technology because moving to the cloud has an array of benefits. During decision-making, having processed for adopting cloud computing, the importance of risk management is progressively recognized. However, traditional risk management methods cannot be applied directly to cloud computing when data are transmitted and processed by external providers. When they are directly applied, risk management processes can fail by ignoring the distributed nature of cloud computing and leaving numerous risks unidentified. In order to fix this backdrop, this paper introduces a new risk management method, Enterprise Risk Management for Operationally Critical Threat, Asset, and Vulnerability Evaluation (ERMOCTAVE), which combines Enterprise Risk Management and Operationally Critical Threat, Asset, and Vulnerability Evaluation for mitigating risks that can arise with cloud computing. ERMOCTAVE is composed of two risk management methods by combining each component with another processes for comprehensive perception of risks. In order to explain ERMOCTAVE in detail, a case study scenario is presented where an Internet seller migrates some modules to Microsoft Azure cloud. The functionality comparison with ENISA and Microsoft cloud risk assessment shows that ERMOCTAVE has additional features, such as key objectives and strategies, critical assets, and risk measurement criteria.

Chi-Hoon Song,Ji-Hwan Lee,Taewoo Roh

DOI: https://doi.org/10.1080/10447318.2024.2327219

IF: 4.92

2024-03-19

International Journal of Human-Computer Interaction

Abstract:Cloud computing is spreading rapidly, but little research has been conducted to understand the effects of the protective perspective on acceptance by individuals. The goal of this study was to explore the impact of protective behavior on individuals' adoption of cloud computing. Specifically, the study will concentrate on personal cloud storage service (CSS), widely recognized as a protective technology. Our theoretical framework endeavored to combine protection motivation theory with the extended unified theory of acceptance and use of technology and focused on the effect of threat in the context of CSS. This study tested two proposed models (Model A, Model B) by structural equation modeling using data from 392 individuals. Data were collected for people in voluntary CSS-usage settings through an online survey. Model A and model B explained 61.0% and 60.4% of the variance in the behavioral intention to accept CSS, respectively. Results showed that CSS adoption is a protective measure against data loss and identified that threat influence CSS adoption. Threat elements directly do not influence behavioral intention to adopt CSS. Threat elements mostly acted as antecedents of independent variables; perceived severity and perceived vulnerability directly influenced technology attributes (performance expectancy, effort expectancy), and showed slightly different results in contextual attributes (facilitating conditions, social influence) and consumer attributes (hedonic motivation, habits). Our study offers a unique perspective for researchers and professionals in understanding the impact of threat factors on information technology domains where protective technologies are operated. Thus, we recommend that academics and business practitioners in the realm of cloud computing should consider user's protective motivation view of adopting CSS when designing, developing, delivering and spreading it.

computer science, cybernetics,ergonomics

Xue-mei XIE,Yu-xi ZHAO

DOI: https://doi.org/10.1016/s1005-8885(13)60211-3

2013-01-01

The Journal of China Universities of Posts and Telecommunications

Abstract:This paper reviews the literature about cloud computing, and establishes a framework for industry chain of personal cloud computing which is based on the current cloud industry chain in China. Then it summarizes the potential risks of personal cloud from the angle of user perception, including risk identification, qualitative evaluation, and risk handling strategy. Finally, according to the existing related policy or regulation scheme, this paper proposes some suggestions and optimization strategies about the personal cloud computing.

Norah Abokhodair,Hazel Taylor,Surry Jones Mowery,Jitsuko Hasegawa

DOI: https://doi.org/10.48550/arXiv.1604.00737

2016-04-13

Abstract:Cloud computing projects have many implications, including issues such as security, compliance, funding, cohesion with existing systems, operational resource requirements, and number of employees involved. In order to gain a better understanding of why businesses are interested in adopting cloud services in spite of these potential difficulties, we interviewed senior IT personnel at five different organizations about their processes related to cloud decisions, their thoughts before and during the process, and the outcome of their endeavor. Our results provide insights from their perspectives into the similarities and differences among the organizations and the implications of going into the cloud. We conclude with a list of recommended questions and areas to consider for use by other organizations looking into adopting cloud services. The ultimate goal is to help businesses considering a cloud computing project by providing advice from other organizations based on their experience.

Computers and Society

Asnath Nyachiro,Dr. Kennedy Ondimu,Dr. Gabriel Mafura

DOI: https://doi.org/10.24940/ijird/2023/v12/i2/feb23001

2023-05-16

International Journal of Innovative Research and Development

Abstract:Cloud computing has transformed the aspect of distributed computing from many other prevailing methods by offering more unlimited benefits, like cutting down computing costs and allowing more capacity and agility. It is viewed as a game-changer in how information technology is provided since it allows computer resources like storage, processing capacity, network infrastructure, and applications to be offered as a service via the Internet. In business, it seems to have become strategic, with the potential for use in crucial parts of an organization's IT infrastructure, as it offers a potential alternative to traditional Enterprise Resource Planning (ERP) systems. Most Kenyan research institutes' systems experienced certain flaws and recognized incidents of system rigidity, which prevented these institutions from efficiently meeting their mandate, especially when they desired to access services from home via the Internet. The Research design that was utilized in the study was a survey research design. The study employed a systematic review approach that examined the current literature on cloud computing adoption strategy. The systematic literature review revealed that existing research was dominated by issues of the characteristics/peculiarities and IT environments of research institutions in Kenya and if they were amenable to cloud solutions, the current cloud computing technologies, adoption approaches and drivers fostering cloud computing and the adoption strategy that met the requirements for cloud computing for Kenyan research institutions. The present research was reviewed for knowledge gap identification purposes and future research opportunities. The researcher developed an adoption strategy favorable to research Institutions that was flexible to the provision of cloud computing resources, enhanced greater cloud computing efficiency, reduced capital expenditure in hardware and software and increased the performance of the research Institution's operations, provided the efficiency of data and information and supported the effectiveness of the management activities since the cloud strategies discussed did not promote cooperation, agility, scalability and flexibility and saving costs by using calculating resources efficiently and optimally. This study employed a purposive sampling approach that picked a sample size of twenty respondents from the KMFRI and related organizations. The analytical review of specifically identified studies exposed the kind of challenges that existed and gave an indication that cloud computing was applicable for Kenyan Research Institutions because of the organization size, possession of required skills to make use of cloud-based services, Government regulations, industry regulations and internal policies necessitated the move to cloud computing strategy. The cloud service providers have adequate capacity to run the services and are ready with the services they provide. Researchers noted that all the research Institutions have dedicated ICT personnel and ICT Policies. Efficient service delivery means there is easy access to any research information from the cloud at any time and anywhere. Using Factor Analysis, variable weights for various study constructs (Technological, Internal and External Contexts) were used to develop the adoption strategy for cloud computing (ASCC). The recommendations of the study from the developed strategy showed that the network infrastructure should be more developed so that the Kenyan Research Institutions can be connected to high-speed Internet to allow for sharing of information, which will ensure efficient service delivery using cloud computing services. The study also recommended that Kenyan Research Institutes train their customers and suppliers on using cloud computing services for efficient service delivery and the adoption strategy for cloud computing (ASCC) to achieve efficiency in service delivery. Areas for further related studies can be conducted to determine the long-term impact of the developed adoption strategy for adopting cloud computing in Kenyan research Institutions. Also, further studies could carry out to determine ways of improving the developed adoption strategy for the adoption of cloud computing in Kenyan Research.