Table of Contents
Section 1: Definition of Research Project
Dropbox is a widely used online storage service that has attracted both the interests of individuals and businesses on a global scale. The Dropbox data breach is a good reason as to why companies offering cloud-based data storage should learn more about cybersecurity. The entire offense must have primarily contributed to cybersecurity loopholes. The stealing of email addresses and encrypted passwords in Dropbox, as revealed by Bose (2016: par 2), is enough reason to explore public cloud storage data loss and leakage. The data breach serves as an instance of how cybersecurity threats have become a significant concern in the cloud storage domain. Therefore, the research project will cover the security issue and risks of public cloud storage data loss and leakage in Dropbox.
1.1Research Question
In order to establish an understanding of the cloud storage data loss and leakage, we need a research question to guide us through research. According to Furrugia (2010: par 3), developing familiarity with a particular subject can help one come up with a good research question. Thus, an understanding of the cloud-based storage is one way through the research question for the project is derived. Moreover, Hulley et al. (2013: pp. 19-20) outlines the characteristics of a good research question through criteria known as FINER. The mnemonic FINER primarily stands for feasible, interesting, novel, ethical and relevant. Also, it is the specificity of the research question that will enable us to obtain genuinely new knowledge. The identified research question adheres to the FINER criteria and is as follows:
We can do it today.
What are the cybersecurity concerns and potential risk factors that may have caused the public cloud based storage data loss and leakage in Dropbox?
1.2Keywords
Keywords can be described as important concepts in research question. The keywords covered in the research question above include cybersecurity, potential risk factors, and cloud-based storage. However, we can include more since the research will cover solutions to the underlying problem too. Keywords will play a significant role in helping to establish an understanding of what is covered in the research project. Also, keywords can be used to search for content through search engines, such as Google Search, regarding the subject matter. Some of the online applications that may be used during the research project include Google Scholar and Microsoft Academic hence the need for sufficient keywords. It is also imperative to acknowledge that such applications as Google Scholar require good descriptive keywords in order to generate desired research resources (Blank, Rokach, and Shani, 2016: p. 3073). The keywords will be listed under the abstract of the main paper and include:
Cybersecurity; cloud-based storage; data loss and leakage; data storage; Dropbox.
1.3Project Title
The project title for the research is based on the detailed research question above. It is essentially a way of putting the paper into context. The title is:
Security Issue and Risks of Public Cloud-based Storage Data Loss and Leakage in Dropbox
1.4Client, Audience and Motivation
1.4.1 Why the Project is Important
The importance of the project can be attributed to the cybersecurity threats in cloud-based storage. Addressing the solutions to the public cloud-based storage data loss and leakage requires an understanding of the cybersecurity concerns surrounding cloud-based storage. Cloud Security Alliance (CSA) reveal that at least 70 percent of businesses in the world today operate on the cloud, either partially or fully (Ma, 2015: par 1). Moreover, according to the Cloud Security Spotlight Report, “90 percent of organizations are very or moderately concerned about public cloud security.” (Ma, 2015: par 4). These concerns are described by Rashid (2016: N.p) and they include data breaches, compromised credentials and broken authentication, hacked interfaces and APIs, exploited system vulnerabilities, account hijacking, malicious insiders, the APT parasite, permanent data loss, inadequate diligence, cloud service abuses, DoS attacks, and shared technology, shared dangers. Thus, solving the identified list of security threats with the Dropbox data breach as the case study amounts to reducing cybersecurity threats in cloud-based storage.
1.4.2 Who will benefit from the Research Findings?
Persons to benefit from the research findings include business entities and individuals who use cloud-based storage. On more specific perspective, individuals and the small businesses that have already adopted the Dropbox cloud-based storage solution will benefit more. Relatively, the attack on Dropbox involving data breach can be viewed as a challenge that made the company stronger rather than weaker. Also, given that the research will explore the potential risk factors that might have led to the attack, vulnerabilities and loopholes will be discovered and the resultant information is critical to managers in the Dropbox business. An analysis of potential security risk factors and cybersecurity loopholes may be used to improve operations and security. Thus, the Dropbox business will also benefit from research finding and the benefits can be extended to similar businesses.
1.4.3 How Benefits will be experienced
Since research creates new knowledge, two groups would be interested in knowing and applying the finding of the research. That is the consumers (small businesses and individuals) and businesses offering cloud-based storage (Dropbox). By establishing an understanding of the cybersecurity concerns and potential risk factors that may have caused the public cloud-based storage data loss and leakage in Dropbox, benefits will be realized by applying the solutions to the identified issues. Businesses like Dropbox will benefit from the identified threats since they will find it easy to determine solutions to the identified problems. The businesses can, therefore, use the research as an input for new research. This can be attributed to Grubler’s idea that researchers can build on knowledge of others (Grubler, 2010: N.p). Moreover, the findings will form a blueprint for Dropbox to conduct further research. For instance, the cloud service traffic hijacking issues faced by Gmail (Google), AT&T voicemail systems, and Google Dropbox in 2012 was the reason for a research that led to the proposal of two-factor authentication scheme by the CSA (Muhammad, 2015: p. 2). Thus, solving one problem through research can be key to solving another problem since most technology-based problems are related in one way or another.
The second group to benefit, consumers, may learn from past experience and take precautionary measures. For instance, a curious Dropbox customer my go through the findings and weight whether or not they should keep using Dropbox or seek services from another company. This is another way of saying that the min research may be used as a parameter for evaluating the efficiency of Dropbox against other cloud-based storage businesses. Through the research, customers will also be informed on how secure their user accounts in order to avoid a repeat of the 2012 data breach incident. For instance, one of the threats facing cloud-based storage to be covered in the main study includes data theft issue. Thus, findings will be informative on the data theft issue so that users can understand the right precautionary measures that can be applied to the threat. This section has covered some of the main benefits that will be achieved by the research project findings.
1.5Primary Research Plan
The research will use mixed methodology hence qualitative and quantitative analysis of data. Qualitative analysis will be applied to surveys while quantitative analysis will be used to analyze generated data. One of the advantages of the mixed methodology is that it provides more comprehensive evidence for studying research problem (Creswell and Clark, 2007: p. 9). The primary methods will include online surveys, analysis of generated data, test experiment, and the use of software applications for demonstration. However, most of the analysis will be achieved through quantitative methodology since more empirical evidence is expected from research findings. Test experiments will involve storage security testing tools such as StorScan, CHAP password tester, GrabiQNs, NASanon, and CIFSShareBF (Beaver, 2006: N.p). Such tools will generate data that can be used for analysis. For instance, the security strength of a cloud-based storage service can be tested to determine whether it is vulnerable or not. Such activities will help produce analytical data for quantitative analysis. Qualitative analysis, on the other hand, will be achieved through data obtained from online surveys. The use of the qualitative method is one way of capturing extensive data for exploratory purposes. This is because there may be some causes of the Dropbox data breach that are administrative related and cannot, therefore, be detected through test experiments.
A detailed research plan for the project may involve: 1) Identifying any vulnerabilities in the cloud-based storage. 2) Testing for cybersecurity loopholes in Dropbox using a tool such as the CHAP password tester. 3) Identifying a different cloud-based storage application that is similar to Dropbox and conducting another cybersecurity loopholes test. 4) Comparing the two/more applications based on recorded results. 4) Analyzing test results/findings through quantitative methodology. 5) Comparison of data and summary of findings. However, the underlying limitation is that the project will be testing the current Dropbox which is a better version compared to the one that was attacked in 2012. However, the good thing is that results will still be obtained relative to other similar applications. Moreover, the qualitative methodology will play a significant role in taking us to the 2012 context in which the case study was compromised.
- Beaver, K., 2006. Five must-have storage security testing tools.
- Blank, I., Rokach, L. and Shani, G., 2016. Leveraging metadata to recommend keywords for academic papers. Journal of the Association for Information Science and Technology, 67(12), pp.3073-3091.
- Bose, S., 2016. ‘Here’s What the Dropbox Breach Should Teach Small Business About Cybersecurity.’ Small Business Trends. [Online]
- Creswell, J.W. and Clark, V.L.P., 2007. Designing and conducting mixed methods research.
- Farrugia, P., Petrisor, B.A., Farrokhyar, F. and Bhandari, M., 2010. Research questions, hypotheses and objectives. Canadian Journal of Surgery, 53(4), p.278.
- Grübler, A. ed., 2010. Technological change and the environment. Routledge.
- Hulley, S.B., Cummings, S.R., Browner, W.S., Grady, D.G. and Newman, T.B., 2013. Designing clinical research. Lippincott Williams & Wilkins.
- Ma, J., 2015. ‘Top 10 Security Concerns for Cloud-Based Services.’
- Rashid, Y., F., 2016. ‘The dirty dozen: 12 cloud security threats.’
- Shafiq, Z.A. and Muhammad, A., 2015. ‘A survey on Cloud Computing Security Challenges and Issues.’