Orchestrating Data Leaks in Multi Cloud: Projects in Controlled Environments Approach
DOI:
https://doi.org/10.59461/ijdiic.v4i4.230Keywords:
Hybrid Cloud Security , Data Leakage Risk , Misconfigured APIs , PRINCE2 FrameworkAbstract
Hybrid cloud environments offer organizations essential flexibility and scalability by integrating private and public infrastructure, but this complexity introduces the core research problem: a greatly expanded attack surface and inconsistent application of security controls, leading to critical vulnerabilities and data exposure risks. The study employed a mixed-methods design, analyzing extensive secondary data through quantitative findings combined with qualitative thematic analysis of security reports. The key results quantified the main contributors to data leakage, finding misconfigured APIs as the leading threat (35%), followed by endpoint vulnerabilities (30%), and encryption failures (25%). While efficient AES-256 encryption is common, the research noted critical challenges in key management and the continued use of outdated protocols. Furthermore, inadequate use of secure API management frameworks was highlighted as significantly increasing the risk of unauthorized access. The implications of these findings led to the development of a project management framework that addresses these gaps. This framework integrates cloud-specific solutions—including end-to-end encryption, secure API configurations, automated compliance monitoring, and advanced endpoint detection and response (EDR) tools—within a PRINCE2 method. This proposed multi-layer approach provides proactive risk management, effectively bridging architectural gaps and improving the overall security posture against technical and compliance issues across the hybrid environment.
Downloads
References
S. U. Khan and N. Ullah, “Challenges in the adoption of hybrid cloud: an exploratory study using systematic literature review,” J Eng, vol. 2016, no. 5, pp. 107–118, May 2016, doi: 10.1049/joe.2016.0089.
S. Basu et al., “Cloud computing security challenges & solutions-A survey,” in 2018 IEEE 8th Annual Computing and Communication Workshop and Conference (CCWC), IEEE, Jan. 2018, pp. 347–356. doi: 10.1109/CCWC.2018.8301700.
V. Braun and V. Clarke, “Using thematic analysis in psychology,” Qual Res Psychol, vol. 3, no. 2, pp. 77–101, Jan. 2006, doi: 10.1191/1478088706qp063oa.
Hitesh Premshankar Rai, Pavan Ogeti, Narendra Sharad Fadnavis, Gireesh Bhaulal Patil, and Uday Krishna Padyana, “Integrating Public and Private Clouds: The Future of Hybrid Cloud Solutions,” Univers Res Reports, vol. 8, no. 2, pp. 143–153, Aug. 2024, doi: 10.36676/urr.v9.i4.1320.
A. Castleberry and A. Nolen, “Thematic analysis of qualitative research data: Is it as easy as it sounds?,” Curr Pharm Teach Learn, vol. 10, no. 6, pp. 807–815, Jun. 2018, doi: 10.1016/j.cptl.2018.03.019.
Koushik S. and A. P. Patil, “An Approach to Ensure Secure Inter-Cloud Data and Application Migration Using End-to-End Encryption and Content Verification,” Int J Ambient Comput Intell, vol. 13, no. 1, pp. 1–21, Apr. 2022, doi: 10.4018/IJACI.293148.
M. Dawood, S. Tu, C. Xiao, H. Alasmary, M. Waqas, and S. U. Rehman, “Cyberattacks and Security of Cloud Computing: A Complete Guideline,” Symmetry (Basel), vol. 15, no. 11, p. 1981, Oct. 2023, doi: 10.3390/sym15111981.
R. J. Robinson, “Insights on Cloud Security Management,” Cloud Comput Data Sci, pp. 212–222, Jul. 2023, doi: 10.37256/ccds.4220233292.
R. J. Robinson, “IoT Solutions for Smart Parking- Sigfox Technology,” Comput Sci Eng An Int J, vol. 14, no. 2, pp. 01-13, Apr. 2024, doi: 10.5121/cseij.2024.14201.
H. Pitkar, “Cloud Security Automation Through Symmetry: Threat Detection and Response,” Symmetry (Basel), vol. 17, no. 6, p. 859, Jun. 2025, doi: 10.3390/sym17060859.
S. Ali et al., “Security and privacy in multi-cloud and hybrid cloud environments: Challenges, strategies, and future directions,” Comput Secur, vol. 157, p. 104599, Oct. 2025, doi: 10.1016/j.cose.2025.104599.
G. C. Silva, L. M. Rose, and R. Calinescu, “A Systematic Review of Cloud Lock-In Solutions,” in 2013 IEEE 5th International Conference on Cloud Computing Technology and Science, IEEE, Dec. 2013, pp. 363–368. doi: 10.1109/CloudCom.2013.130.
D. K. Shetty et al., “Analyzing AI regulation through literature and current trends,” J Open Innov Technol Mark Complex, vol. 11, no. 1, p. 100508, Mar. 2025, doi: 10.1016/j.joitmc.2025.100508.
H. Kamma, “A Comparative Analysis of Resource Management and Cost Efficiency in AWS, Google Cloud and Microsoft Azure,” Int J Innov Res Sci Eng Technol, vol. 14, no. 02, Feb. 2025, doi: 10.15680/IJIRSET.2025.1402008.
D. Seth, M. Najana, and P. Ranjan, “Compliance and Regulatory Challenges in Cloud Computing: A Sector-Wise Analysis,” Int J Glob Innov Solut, Jun. 2024, doi: 10.21428/e90189c8.68b5dea5.
R. J. Robinson, “Cloud systems with its security, privacy and trust claims to a sustainable solution,” in 2023 3rd International Conference on Electrical, Computer, Communications and Mechatronics Engineering (ICECCME), IEEE, Jul. 2023, pp. 1–6. doi: 10.1109/ICECCME57830.2023.10252796.
Jillian A. Tullis Owen, C. Ellis & E. Goffman “Naturalistic Inquiry,” in The SAGE Encyclopedia of Qualitative Research Methods, 2455 Teller Road, Thousand Oaks California 91320 United States: SAGE Publications, Inc., 2008. doi: 10.4135/9781412963909.n280.
F. Jimmy, “Cloud security posture management: tools and techniques,” J Knowl Learn Sci Technol ISSN 2959-6386, vol. 2, no. 3, Nov. 2023, doi: 10.60087/jklst.vol2.n3.p622.
A. Warrier, “Securing and Scaling API Gateways in Hybrid Environments,” J Artif Intell Mach Learn Data Sci, vol. 3, no. 3, pp. 2914–2920, Sep. 2025, doi: 10.51219/JAIMLD/Arjun-warrier/607.
L. S. Nowell, J. M. Norris, D. E. White, and N. J. Moules, “Thematic Analysis,” Int J Qual Methods, vol. 16, no. 1, Dec. 2017, doi: 10.1177/1609406917733847.
R. Saxena and E. Gayathri, “A study on vulnerable risks in security of cloud computing and proposal of its remedies,” J Phys Conf Ser, vol. 2040, no. 1, p. 012008, Oct. 2021, doi: 10.1088/1742-6596/2040/1/012008.
R. J. Robinson and E. Onyango, “Cutting-edge AI Techniques for Remarkable New Product Promotions,” in 2024 International Conference on Artificial Intelligence, Computer, Data Sciences and Applications (ACDSA), IEEE, Feb. 2024, pp. 1–6. doi: 10.1109/ACDSA59508.2024.10467567.
H. J. Singh and S. Bawa, “Scalable Metadata Management Techniques for Ultra-Large Distributed Storage Systems -- A Systematic Review,” ACM Comput Surv, vol. 51, no. 4, pp. 1–37, Jul. 2019, doi: 10.1145/3212686.
D. Dhinakaran, N. Jagadish Kumar, N. P. Ponnuviji, and B. Praveen kumar, “Safeguarding confidentiality and privacy in cloud-enabled healthcare systems with spectrasafe encryption and dynamic k-anonymity algorithm,” Expert Syst Appl, vol. 279, p. 127584, Jun. 2025, doi: 10.1016/j.eswa.2025.127584.
S. U. Khan, H. U. Khan, N. Ullah, and R. A. Khan, “Challenges and Their Practices in Adoption of Hybrid Cloud Computing: An Analytical Hierarchy Approach,” Secur Commun Networks, vol. 2021, pp. 1–20, Sep. 2021, doi: 10.1155/2021/1024139.
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Rachel John Robinson
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
