Volume - 7 | Issue - 3 | september 2025
Published
25 July, 2025
Cloud computing is an area that can improve the digitalization, performance, and competitiveness of small and medium-sized enterprises. In some cases, however, the failure to embrace security, compliance, and risk management measures can hinder such benefits. Through previous research findings and qualitative studies available in the literature, this paper reviews various issues faced by SMEs after migrating to the cloud. As the analysis of key topics indicates, the subject matter of data breaches and data encryption is of considerable importance for data protection and security. The issues most critical to SMEs, especially with regard to regulatory compliance, are GDPR, PCI DSS, data sovereignty, and auditing. The inability to make internal reforms and integration difficulties of cloud solutions with current systems are hindering the implementation of IT policies. These problems are even more pronounced when there are limited funds and other resources, including a low budget, a lack of understanding of how to use cybersecurity tools, and poorly trained or experienced personnel. This essay calls for anticipatory, tailored cybersecurity measures, formal change management, and reskilling. In order to have a safer and more efficient SME cloud environment, the SMEs, the cloud service providers, and the lawmakers must come together in a multiparty initiative.
KeywordsGDPR SMEs PCI DSS cybersecurity Cloud
