Efficient management of security and privacy issues in mobile cloud environment

Mobile cloud computing is becoming more and more popular among mobile users and developers who can see a direct benefit to overcome the resource limitations in mobile devices - be it battery life, memory space or processing power. The widespread adoption of programmable smart mobile devices and connecting to public domain of internet as well as cloud service providers provide newer privacy as well as security challenges across enterprises. Data loss from stolen or decommissioned mobile devices, unsecured information exchange through rouge access points and access of vulnerable network fetch privacy as well as security threats of mobile cloud computing. Data breaches, account hijacking, insecure API exposure, denial of services, malicious insider attacks, loss of encryption key, virtual machine isolation bring forth some of the additional security and privacy threats. In this paper, we have attempted to enumerate several privacy plus security threats and put forth best practices and recommendations as preventive as well counter measures on incidence. We have evaluated the provisioning of services such as Security as a Service (SecaaS) in different scenarios and practices based on the requirement of individual applications.