IDEAS home Printed from https://ideas.repec.org/a/bjf/journl/v10y2025i2p409-424.html
   My bibliography  Save this article

Cloud Security Challenges and Framework Development for Kenyan Fintechs

Author

Listed:
  • Omondi Alex Omieno

    (African Institute for Mathematical Sciences (AIMS), Senegal)

  • Dr. James Mwikya Reuben

    (School of Pure and Applied Sciences, Kirinyaga University, Kenya)

  • Togdé Ngarenon

    (African Institute for Mathematical Sciences (AIMS), Senegal)

Abstract

The rapid adoption of cloud computing by FINTECHs in Kenya has brought significant operational advantages, but it has also exposed these organizations to serious security challenges. This study addresses the critical security issues faced by Kenyan FINTECHs, focusing on internal threats and data destruction. The research objectives were to investigate the cloud security challenges Kenyan FINTECHs faced and develop a security assessment framework to address these challenges. Using a mixed-method approach, the study collected data through questionnaires and experimental analysis of the OwnCloud platform. The findings revealed that internal threats, such as rogue administrators, and data destruction issues, such as incomplete deletion, are major concerns. A security assessment framework was developed and validated against international standards like NIST CSF 2.0, COBIT, ITIL, and ISO. The framework provides a structured approach to identifying and mitigating cloud security risks, offering a practical tool for FINTECHs to enhance their cloud security infrastructure. The study recommends increased awareness and training for employees, improved collaboration with cloud providers, and the implementation of robust security policies to address these challenges.

Suggested Citation

  • Omondi Alex Omieno & Dr. James Mwikya Reuben & Togdé Ngarenon, 2025. "Cloud Security Challenges and Framework Development for Kenyan Fintechs," International Journal of Research and Innovation in Applied Science, International Journal of Research and Innovation in Applied Science (IJRIAS), vol. 10(2), pages 409-424, February.
    • Handle: RePEc:bjf:journl:v:10:y:2025:i:2:p:409-424
    as

    Download full text from publisher

    File URL: https://www.rsisinternational.org/journals/ijrias/digital-library/volume-10-issue-2/409-424.pdf
    Download Restriction: no
    File URL: https://rsisinternational.org/journals/ijrias/articles/cloud-security-challenges-and-framework-development-for-kenyan-fintechs/
    Download Restriction: no
    ---><---

    More about this item

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:bjf:journl:v:10:y:2025:i:2:p:409-424. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Dr. Renu Malsaria (email available below). General contact details of provider: https://rsisinternational.org/journals/ijrias/ .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.