Threats mitigation measures and security of cloud based enterprise resource planning systems in Kenya

Abstract

Implementation of cloud computing and Enterprise Resource Planning (ERP) Systems has found widespread usage in large and mid-sized institutions worldwide. There has been a rapid increase in implementation of these systems in management and administration of various organizations. Despite the implementation most of the organization have faced various challeges and threats which have become a security issue. This study sought to assess the threats mitigation measures and security of cloud based enterprise resource planning system in Kenya. The specific objectives of the study were to establish the security threat mitigating measures employed by the organizations using cloud based ERP systems and to determine the relationship between security threat mitigation measures and security levels of cloud systems used in organizations. The study adopted a descriptive research design. The design was used in this study because it can answer questions such as “what is” or “what was”. The target population for this study included organizations in Kenya that utilize cloud based ERP systems which made a sample size of 53 organizations drawn from across the various sectors of the economy. The study collected primary data using questionnaires. Data was analyzed by the use of descriptive statistics using SPSS and presented through percentages, means, standard deviations and frequencies. Further the data was regressed to obtain t - values , p-values , specific coefficients and intercepts, standard errors among other values at given significance levels. The study found that found that use of two factor authentication for access to data center was the highly used measure in information security. The study also found that use of two factor authentication for access to data center was the highly contributed to the security level. The study concluded that controlled access to data storage centers contributes the most to the security of cloud based enterprise resource planning system followed by third party security validation. The study also concluded that data security levels have improved in that data has been protected from manifestation of viruses. The study recommends that more to be done to establish the compatibility between cloud solutions with enterprises’ legacy systems and business needs, as well as the impact of trying or using cloud solutions on organizational culture, staff skills, and work practices. It also recommended that cloud computing adoption processes should be well documented and more attention should be directed at this area to explore the challenges faced in each stage of the process.