(2023) To Cloud or not to Cloud: A Qualitative Study on Self-Hosters’ Motivation, Operation, and Security Mindset.
![[img]](https://publications.cispa.saarland/style/images/fileicons/text.png) |
Text
FIXED_USENIX23__To_Cloud_or_not_to_Cloud__A_Qualitative_Study_on_Self_Hosters__Motivation__Operation__and_Security_Mindsetpdf.pdf Download (261kB) |
Abstract
Despite readily available cloud services, some people decide to self-host internal or external services for themselves or their organization. In doing so, a broad spectrum of commercial, institutional, and private self-hosters take responsibility for their data, security, and reliability of their operations. Currently, little is known about what motivates these self- hosters, how they operate and secure their services, and which challenges they face. To improve the understanding of self-hosters’ security mindsets and practices, we conducted a largescale survey (NS=994) with users of a popular self-hosting suite and in-depth follow-up interviews with selected commercial, non-profit, and private users (NI =41). We found exemplary behavior in all user groups; however, we also found a significant part of self-hosters who approach security in an unstructured way, regardless of social or organizational embeddedness. Vague catch-all concepts such as firewalls and backups dominate the landscape, without proper reflection on the threats they help mitigate. At times, self-hosters engage in creative tactics to compensate for a potential lack of expertise or experience.
| Item Type: | Conference or Workshop Item (A Paper) (Paper) |
|---|---|
| Divisions: | Katharina Krombholz (Human-Oriented Security, HOS) |
| Conference: | USENIX-Security Usenix Security Symposium |
| Depositing User: | Lea Gröber |
| Date Deposited: | 09 Aug 2023 18:43 |
| Last Modified: | 09 Aug 2023 18:43 |
| Primary Research Area: | NRA5: Empirical & Behavioral Security |
| URI: | https://publications.cispa.saarland/id/eprint/4005 |
Actions
Actions (login required)
 |
View Item |