In response to the demand for cloud computing security, this thesis investigates the factors that influence employees’ use of information security enabled or facilitated by cloud computing through three independent but related studies. The first study examines the status of contemporary information systems security research in the last ten years with citation and co-citation analysis. Using the data collected in the SCI and SSCI, this study identified the most important publications as well as the most influential scholars and journals in information systems security, and mapped the major research paradigms on the subject. The results of the study help illustrate the invisible network of knowledge production in information systems security and provide valuable understanding for the change of research paradigm of information systems security studies. The second study suggests that although a large volume of literature on cloud computing is available. The subject is still under development and offers great potentials for further research and applications. It is believed that a review of the state-of-art research and applications in cloud computing security would encourage further research on cloud computing technologies. This paper thus reviews the prior literature on the subject using a classification scheme to identify the theory and practice and future research directions. 164 articles are analyzed and classified based on the scheme that consists of five distinct categories: cloud computing theory and research, SaaS, PaaS, IaaS, and cloud computing authentication and encryption. In addition, a comprehensive list of references is presented. It is hoped that the findings of this research would provide useful insights into the anatomy of cloud computing literature and be a good source for anyone who is interested in cloud computing. The third study distinguishes between internal and external information resource and examines the backgrounds and outcomes of their use from a job-related perspective on security. Based on survey data collected from nine companies in Taiwan, it is found that employees tend to use internal information system resources when their tasks depend on security behavioral intentions. On the other hand, they are more likely to use external cloud computing resources when faced with complex and non-routine tasks. Furthermore, internal information resources help employees’ performance in replication and adaptation, while external cloud computing resources helps the performance in adaptation and innovation. The papers reviewed in this dissertation vary in subjects and research methods, while they have one feature in common -- the focus on the use of cloud computing and information security qualitative and quantitative methods for analysis. The three studies in this dissertation look into the questions regarding the information security available on the cloud computing, and issues of privacy concern, trust, self-efficacy, subjective norm and perceived threat. It finds that trust is the main concern on the information systems security, and the management of historical record would facilitate future research and applications.