Poster: Perceptions of Handling Sensitive Data in Cloud Office Applications

Dominik Wermke, Christian Stransky, Nicolas Huaman, Niklas Busch, Alexander Krause, Yasemin Acar, and Sascha Fahl
In 41st IEEE Symposium on Security and Privacy, IEEE S&P 2020, May 18-20, 2020
PDF Abstract Poster Bibtex URL

Poster

Abstract

Cloud-based office applications such as Google Docs or Microsoft Office 365 became widely used in recent years, often replacing offline office solutions. The switch to online- hosted office introduces additional security and privacy risks for handling sensitive data and storing documents. Unsuspecting users may not know how, where, or by whom their documents are accessed and stored. Often it is unclear how comfortable end-users are with handling sensitive data in this context. In this poster, we present work in progress investigating the interaction of end-users with cloud office software. For this, we conduct surveys with 200 cloud office users from Germany and the U.S. to investigate their perceptions regarding handling sensitive data in cloud office suites. While still preliminary work, we find that some users’ mental models are incomplete and their understanding of cloud office security and privacy is limited, often caused by a lack of transparency of the services’ operations.

Reference

@misc{poster/oakland/wermke20,
 author = {Dominik Wermke and
Christian Stransky and
Nicolas Huaman and
Niklas Busch and
Alexander Krause and
Yasemin Acar and
Sascha Fahl},
 howpublished = {In 41st IEEE Symposium on Security and Privacy, IEEE S&P 2020, May 18-20, 2020},
 month = {May},
 title = {Poster: Perceptions of Handling Sensitive Data in Cloud Office Applications},
 url = {https://www.ieee-security.org/TC/SP2020/program-posters.html},
 year = {2020}
}