Evaluative standard that address cloud-specific virtualization security concerns
Cloud computing is an emerging technology that offers an efficient delivery of computing resources through pooling of storage, network and software. These computing resources are critical to business functions, since they aid in storage and processing of data. Lack of effective cloud-computing standards has made it difficult for cloud customers to effectively evaluate different cloud offering as well as limiting interoperability among cloud platforms and therefore causing inconsistency in areas of security. From the reviewed literature, different approaches to virtualization have been adopted to offer flexibility in terms of securing customer‘s data and offering access control granularity. These include software, partial and hardware virtualization. The descriptive research method used was conducted using survey questionnaires with cloud users as the target population. The research seeks to find out how people implement virtualization and the challenges they face. Their perception on security of their data in the cloud as well as how they would like to amended to safe guard this data. The survey results are analyzed qualitatively and results presented in various forms. This research finds out that though there are some form of rule that guide virtualization, these have been compromised due to lack of strict enforcement. As a result, research focuses on standard which proposes guidelines and general principles for initiating, implementing, maintaining, and improving information security management within an organization. Therefore this research proposes an approach that established a new security layer that ensures compliance and enforcement of standards to address security concerns related to virtualization as applied in the cloud.