Wtàt fxvâÜ|àç tÇw cÜ|ätvç

XÇw@âáxÜ cxÜáÑxvà|äx Éy tÇ \Çá|z{à |ÇàÉ Åt}ÉÜ `tÜ~xà|Çz

V{tÄÄxÇzxá ytvxw uç VÄÉâw VÉÅÑâà|Çz ixÇwÉÜá

Submitted to

UNIVERSITY OF WALES LAMPETER

In partial fulfilment of the requirement for the degree of

MASTER OF BUSINESS ADMINISTRATION

(Marketing)

Under the Professional Guidance of

Prof. MARTIN KENDER

By

RAJIV UTTAMCHANDANI

Student ID: 084129-81

University ID: 28002330

June 2010

i

DECLARATION

This work has not previously been accepted in substance for any degree and is not

being concurrently submitted in candidature for any degree.

I, Rajiv Uttamchandani, the undersigned, hereby confirm this dissertation submitted

for the partial fulfilment of the requirements for the Master’s Degree in Business

Administration (MBA) – Marketing, is my own and expressed in my own words. The

findings obtained from this study are a result of my own investigation and has not be

previously submitted in any college / university for any degree. The work of other

authors used within this research are stated explicitly and acknowledged at the point

of their use. A complete list of references has been appended towards the conclusion

of the research.

I hereby give my consent for my dissertation, if accepted, to be available for

photocopying and for inter-library loan, and for the title and summary to be made

available to outside organisations.

Signed: ……………………………………….

Date: …………………………………………

ii

ACKNOWLEDGEMENT

I am delighted in taking this opportunity to thank all those who made this research

study possible. This dissertation right from the outset is an outcome of the motivation

bestowed upon me by many special people who took time off their busy schedules

and guided me throughout this period.

Strategists like Teddy Foster, also a lecturer at College of Technology London, and

experts in the field of Information Technology, Simon Hall and Nipun Mistry with

their sheer experience guided me at the initial stages well-before this research could

manifest. I am thankful to the staff members of the College of Technology London,

for participating in the pilot survey to test the questionnaire design. I am also indebted

to Dr. Jill Venus from the University of Wales Lampeter, for helping me spur up the

performance towards the closing phase of the research. Her statement “Usually I do

not check Marketing dissertations. However, I would be waiting to see this piece of

work” was enough to encourage me keep up with the hard-work and dedication to be

able to conclude this research work with the same passion as it began.

I owe my deepest gratitude to Professor. Martin Kender, my supervisor and guide

throughout the course of this research. His professional guidance and expertise about

business research methods was immaculate, to say the least. I am obliged to have

attended all the intellectual supervision sessions during this entire period enhancing

my knowledge about business research methods and do justice to the topic of this

study.

I would also like to thank my family and friends, back home for their continued

support and motivation which was inspirational in keeping me determined to do well

right the way through.

iii

ABSTRACT

The purpose of this research was to identify and explore the end-users perspective towards marketing challenges of security and privacy, a core issue which has emerged with the introduction of Cloud Computing. The presence of these challenges has made it difficult for the cloud-vendors to penetrate into the market in spite of the hype “Cloud-Computing” has received. This study helps the cloud-vendors to identify the end-user characteristics, their beliefs, attitudes and perceptions in reference to the acceptance of cloud services in the midst of the security and privacy concerns revolving around this technology. The researcher has reviewed literature about acceptance of technology like the Technology Acceptance Model, Theory of Reasoned Action, followed by focussing on marketing literature available on High-Tech Innovations. Understanding the High-Tech Marketing environment was pivotal in determining the different kinds of uncertainties from organisations viewpoint, which influence the Cloud-computing end-users. However, most of the authors have ignored the end-users perspective in their studies. This investigation commenced by joining end-users through Google® Groups and LinkedIn® discussion forums. The webinars were a mode of entry tool to grasp knowledge about characteristics of the end-users. The primary data collection method employed for this research was survey questionnaire to reach and gather responses from as many end-users as possible which can represent a sample of the research population considering the growing number of end-users of Cloud Computing. The findings demonstrate the effects of culture, different factors considered by end-users based on their characteristics in the acceptance of Cloud computing, not only as a secured option, but also one which can protect confidential data. The research contributes significantly as it studies end-user behaviour in acceptance of cloud computing which has paved the road-ahead for cloud-vendors in adapting, planning and developing a sound business plan for successful adoption of cloud computing technology solutions. Through this study, the enormous popularity of this technology is further extended, as its focus is on suiting the needs of end-users, which is one of the key determinants of successful adoption of technology.

iv

TABLE OF CONTENTS

CHAPTER NAMES PAGE NO

1. INTRODUCTION …………………………………………………………........ 1

1.1. What is Cloud Computing? …….................................................. 2 1.2. Using Cloud Computing? .………………………………………………. 3 1.3. Research Overview ………………………………………………………. 5

2. LITERATURE REVIEW ……………………………………………………. 8

2.1. Technological Changes ......…………………………………………… 8 2.2. Marketing Theories relevant to acceptance of technology......... 11

2.2.1. Characterizing High-Tech Marketing Environments ……… 11 2.2.2. Diffusion of Innovations Theory………………………………... 14 2.2.3. Theory of Reasoned Action and

Technology Acceptance Model ……………………………...... 16 2.2.4. High-Efforts Hierarchy of Effects ……………………………... 16

2.3. The New Cloud Model ………………………………………………...... 19 2.3.1. Communication-as-a-Service ……………………………...….. 19 2.3.2. Infrastructure-as-a-Service …………………………….….…... 20 2.3.3. Platform-as-a-Service ……………………………………..…….. 21 2.3.4. Software-as-a-Service …………………………………..………. 21

2.4. Privacy and Security Issues ………………………………….……….. 22 2.5. The Role of Open-source Software and Virtualization…………... 26

2.6. Culture and Technology ………………………………………………… 27

3. RESEARCH METHODOLOGY ……………………………………………. 30

3.1. Research Approach : Inductive ………………..……………………… 30 3.2. Research Philosophy: Interpretivism ……………………................ 31 3.3. Research Strategy ………………………………………………………. 31

3.3.1. Quantitative Research ……………………………………………. 32 3.3.2. Participants …………………………………………………………. 32 3.3.3. Gaining Access …………………………………………………….. 33 3.3.4. Sampling: Self-Selection Sampling …………………………….. 33 3.3.5. Questionnaire Design ……………………………………………... 34 3.3.6. Data Analysis & Data Presentation …………………………….. 36 3.3.7. Reliability & Validity ……………………………………………….. 37 3.3.8. Ethical Consideration ……………………………………………… 38

v

4. FINDINGS ………………………………………………………………………… 40

4.1. Key Facts …………………………………………………………………… 41 4.2. Respondent Statistics …………………………………………………… 42 4.3. Survey Responses ……………………………………………………….. 42

5. DISCUSSION AND ANALYSIS ……………………………………………….. 54

6. CONCLUSION …………………………………………………………………... 83

6.1. Research Aims – Restated ……………………………………………… 83 6.2. Summary of the Findings ……………………………………………….. 84 6.3. Significance of the Research ………………………………………….. 86

7. RECOMMENDATIONS …………………………………………………………. 89 8. LIMITATIONS OF THE RESEARCH ………………………………………….. 91

9. AREAS OF FURTHER RESEARCH …………………………………………… 92

REFERENCES ……………………………………………………………………. 94

APPENDICES………..………………………………………………………….… 103 RECORD OF MEETINGS ……………………………………………………….. 108

vi

TABLE OF FIGURES

FIGURE 1.1: WHAT IS CLOUD AND WHAT’S IN IT? …………………………………… 2

FIGURE 2.1: THE TECHNOLOGY S-CURVE ………...………………………………….. 10

FIGURE 2.2: CHARACTERIZING HIGH-TECH MARKETING ENVIRONMENTS ….. 12

FIGURE 2.3: STAGES IN THE DIFFUSION OF INNOVATION ………………………… 15

FIGURE 2.4: THE NEW CLOUD MODEL ………………………………………………….. 21

FIGURE 2.5: ISSUES RELATED TO CLOUD COMPUTING ……………………………. 25

FIGURE 2.6: VIRTUALIZATION ……………………………………………………………. 22

FIGURE 3.1: TYPES OF QUESTIONNAIRES …………………………………………….. 35

FIGURE 4.1: PRIMARY FINDINGS - AGE RATIO ……………………………………….. 42

FIGURE 4.2: PRIMARY FINDINGS - GENDER RATIO ………………………………….. 43

FIGURE 4.3: PRIMARY FINDINGS - ETHNIC BACKGROUND………………………… 44

FIGURE 4.4: PRIMARY FINDINGS - LINGUISTIC PREFERENCES……………………. 45

FIGURE 4.5: PRIMARY FINDINGS - CLOUD-COMPUTING AWARENESS………….. 46

FIGURE 4.6: PRIMARY FINDINGS - USAGE DETERMINANTS……………………….. 47

FIGURE 4.7: PRIMARY FACTORS CONSIDERED

BEFORE TECHNOLOGY ACCEPTANCE ………………………………... 48

FIGURE 4.8: INDIVIDUAL INNOVATIVENESS …………………………………………. 49

FIGURE 4.9: TECHNOLOGY-ACCEPTANCE FACTORS………………………………. 50

FIGURE 4.10: SECURITY DILEMMA ………………………………………………………. 51

FIGURE 4.11: PRIVACY DILEMMA ………………………………………………………… 52

FIGURE 4.12: SECURITY MEASURES ……………………………………………………. 53

FIGURE 5.1: USE OF OPEN-ACCESS, FLEXIBLE STORAGE AT COST OF RISKS

FOR SENSITIVE DATA ……………………………………………………… 56

FIGURE 5.2: USE OF OPEN-ACCESS, FLEXIBLE STORAGE AT COST OF RISKS

FOR NON-SENSITIVE DATA ……………………………………………….. 57

FIGURE 5.3: NO INTERFERENCE PREFERRED AGAINST

FREE STORAGE – SENSITIVE DATA …………………………………….. 58

FIGURE 5.4: NO INTERFERENCE PREFERRED AGAINST

FREE STORAGE – NON-SENSITIVE DATA ……………………………... 59

FIGURE 5.5: USING WEB-SPACE WHICH OFFERS UPLOADING EASE

SENSITIVE DATA…………………………………………………………….. 60

FIGURE 5.6: USING WEB-SPACE WHICH OFFERS UPLOADING EASE

NON-SENSITIVE DATA……………………………………………………… 60

FIGURE 5.7: OBSERVING PEER EXPERIENCES & FEELING SECURED –

SENSITIVE DATA …………………………………………………………… 61

FIGURE 5.8: OBSERVING PEER EXPERIENCES & FEELING SECURED

NON-SENSITIVE DATA ……………………………………………………. 62

vii

viii

FIGURE 5.9: IMPORTANCE OF KNOWLEDGE ABOUT PHYSICAL DATA

LOCATION TO END-USERS BASED ON THEIR WEB USAGE ……….. 64

FIGURE 5.10: IMPORTANCE OF KNOWLEDGE ABOUT PHYSICAL DATA

LOCATION TO END-USERS BASED ON THEIR AWARENESS...…….. 65

FIGURE 5.11: IMPORTANCE OF KNOWLEDGE ABOUT PHYSICAL DATA

LOCATION TO END-USERS BASED ON THEIR INNOVATIVENESS… 66

FIGURE 5.12: IMPORTANCE OF SECURITY MEASURES BASED ON

INDIVIDUAL INNOVATIVENESS ………………………………………… 67

FIGURE 5.13: IMPORTANCE OF SECURITY MEASURES ON ALL END-USERS…. 68

FIGURE 5.14: CULTURE-WISE DISTRIBUTION OF END-USERS WILLINGNESS TO

USE OPEN-ACCESS FLEXIBLE SOLUTIONS EVEN AT RISK OF DATA SHARING… 71

FIGURE 5.15: CULTURE-WISE DISTRIBUTION OF END-USERS WANTING NO

INTERFERENCE WITH PERSONAL DATA ………………………………………………… 71

FIGURE 5.16: CULTURE-WISE DISTRIBUTION OF END-USERS

PREFERRING TO USE WEB-SPACE DUE TO ITS EASE IN UPLOADING …………... 73

FIGURE 5.17: CULTURE-WISE DISTRIBUTION OF END-USERS WHO OBSERVE

OTHERS EXPERIENCES IN FEELING SECURED ABOUT PRIVACY RISKS ………... 74

FIGURE 5.18: FACTORS INFLUENCING END-USERS AT THE INITIAL STAGE OF

NEWLY DEVELOPED TECHNOLOGY ……………………………………………………… 76

FIGURE 5.19: FACTORS INFLUENCING END-USERS WHILE ACCEPTING /

REJECTING A NEW TECHNOLOGY ………………………………………………………… 78

FIGURE 5.20: GENDER-WISE DISTRIBUTION OF UNCERTAINTY FACTORS ……. 79

FIGURE 5.21: AGE-WISE DISTRIBUTION OF UNCERTAINTY FACTORS …………. 80

- 1 -

1. INTRODUCTION

In the past few years, many technological advances have benefited mankind, whether

be it, scientific inventions or medical aids, innovations such as electric cars or

exciting developments from IT industry. Most technical advancements bloom, while

some fade away more or less on a daily basis. This dissertation touches upon one such

major change in computing called Cloud Computing, a form of data storage that will

amend the way of storing information and running applications, completely different

than what we currently do on a desktop computer.

Cloud Computing has developed from a promising business model to one of the

fastest growing segments in the IT industry. Technological changes seen since the

advent of World Wide Web, for instance; where every page used to look identical

with similar HTML coding, were transformed when frames were introduced, followed

by tabs, adding flash images, etc. resulting in dynamic and exciting web pages that are

no longer the dull, less effective and standardised pages when it first came into scene

in 1994. Currently, we are in an identical state of development with Cloud

Computing. Authors such as Miller (2009), suggest the emergence of cloud

computing comparable with the electricity revolution, a century ago. According to

him, before the introduction of electric utilities, most businesses produced their own

electricity using stand-alone generators. However, once the electric grid was invented,

those businesses switched from these stand-alone generators to new electrical units,

thereby not only reducing costs but presenting greater reliability than conventional

generators.

A decade or two from now could witness a completely new revolution in this form of

technology, provided some key marketing challenges are addressed from the end-user

perspective. These challenges are being studied here by studying end-users

characteristics. Before looking into this primary reason for conducting this research,

it is vital to comprehend what does the term ‘Cloud Computing’ mean and how is it

different from current technology of computing we us in our day to day life.

1.1. WHAT IS CLOUD COMPUTING?

The term “cloud” usually a metaphor for the internet is the key to the definition of

Cloud Computing. Cloud is a huge group of interconnected computers which can be

personal computers or network servers. This group of multiple computers serves

beyond a single company or enterprise. Unlike traditional computing also known as

‘desktop computing’ where software applications are executed on each computer, in

Cloud Computing, they are all stored on servers accessed via the internet. Similarly,

files such as word documents, spreadsheets, presentations and applications are

accessed through the internet. In case of a computer breakdown, the software and

applications are still accessible by other users by logging on to the internet. The basic

difference between both the computing models is simply that traditional desktop

computing is PC-centric while Cloud Computing is user-centric and document-

centric. In this way, cloud computing facilitates a shift from PC paradigm to a user-

centric and a document-specific environment, from software application to tasks these

applications can perform, from data which isolated as it is stored on PC in the form of

data that can be accessed via an active internet connection on any device from

anywhere in the world.

Wyld (2009) defines the term “Cloud Computing, as a computing service that is

delivered over the Internet, on demand, from a remote location, rather than residing

on one’s own desktop, laptop, mobile device, or even on an organization’s servers.”

Figure 1.1 – What is Cloud and what’s in it?

Source: White Paper - Cloud Computing, Maximum PC

- 2 -

- 3 -

Brown (2009) affirms Cloud Computing as “a data-processing infrastructure in which

the application software and often the data itself, is stored permanently not on your

PC but rather a remote server that is connected to the Internet”.

1.2. USING CLOUD COMPUTING

In the midst of the growing popularity of the internet, and the ever-increasing number

of users logging on from several locations, from numerous different organisations, it

was expected to collaborate on projects spanning across multiple companies and

geographical boundaries. To enable this, such projects were hosted in the “cloud”,

which made accessing it possible from virtually any Internet-enabled location.

(Miller, 2009)

Use of cloud computing is evident in our day-to-day lives when using the internet.

Accessing social networking websites, checking e-mails, uploading pictures, posting

videos or files such as spreadsheets, presentations, or documents online is evidence to

the fact that one has made an entry into the territory of this new technology without

being really aware about it. Brockman (2009), cited remarks by technology futurist

Paul Saffo stating “A lot of people are in the cloud and don’t even realise it.”

E-mail services such as Gmail store your mails on the Google servers rather than the

physical machines. This enables an end-user (any internet user) to access their e-mails

from any location provided he / she has access to the internet and a device with web-

access functionality. Consequently, whether knowingly or unknowingly we have been

using cloud services.

Cloud computing presents us with numerous benefits which have a high potential,

both to the end-users as well as the developers. Reduced maintenance costs, increase

in the amount of storage space, higher processing power to run the applications,

improved economies of scale, decrease in the overall IT (Information Technology)

infrastructure costs are just to name a few for the developers.

- 4 -

In addition to this, the end-users also benefit by obtaining better upgrade offers, but

more importantly there is a benefit of group collaboration where a number of people

can work on the same project at the same time for e.g. a presentation where all

changes made by all users are evident to the ones in the group thereby saving time and

improved visibility.

On the other hand, like everything in IT, Cloud also has its demerits indicating need

for certain challenges to be addressed before such a gigantic technological change can

materialize. Although there are many technical challenges associated with the advent

of Cloud computing, this research will primarily focus on certain technical issues

which directly or indirectly has an impact on its marketing. This section highlights

and examines these challenges in brief, some of which will be later inspected in detail

in Chapter 2.

a) Challenge of Inter-operability: Every buyer of an IT solution is concerned

with a new technology and wants to find an answer to know if they would be

stuck with that, where that refers to an operating system, a kind of computer

or a software version. Similarly, an internet outage or similar issues may

disable a client (end-user) to access the applications unless it is store on local

servers. A good internet connection capacity is important to make Cloud

Computing viable unless local clouds are being used involving Virtualization.

b) Challenge of High Reliability: In September 2009, Gmail experienced its

longest outage for hundred minutes (Schwartz, 2008a). This kind of an outage

from an e-mail service provider does transmit major uncertainties in the minds

of decision-making IT personnel over the feasibility of a larger proposal of

switching from desktop function to the target cloud segment (Gralla, 2009).

Similarly, if a user is accessing their data through a website that enables access

through Cloud computing and has similar accessibility problems irrespective

of a secure and reliable internet connection does face the challenge of

reliability. No access means low reliability.

- 5 -

c) Challenge of Data security and Privacy: Data is stored off-site, which

provides an opportunity for it to be compromised. While cloud vendors, seek

to maintain the data safe, there’s always a possibility of a security lapse.

Contrary to that, some analysts view it as a benefit to small-scale companies,

as their movement to cloud would enable them to increase the level of their

security through the movement of their data and applications on the cloud as

the resources are shared across the client-base of the cloud vendor.

In addition, Schwartz (2008), points out that cloud vendors can invest more in

security which can be spread over the entire client-base resulting into improved

security considerably rather than investment by an individual firm for themselves.

None-the-less, security and privacy are major challenges which will be further

investigated in this research.

1.3. RESEARCH OVERVIEW

This research aimed at identifying and exploring the real challenges particularly the

ones threatening the end-users in accepting Cloud-computing technology. Much

literature has been available discussing threats such as data security and privacy

which is causing major marketing issues faced by Cloud Computing vendors,

however testing it from an end-user perspective is the primary intention behind this

research. By the end of the research, the following objectives are met:

a) Research Objectives

To identify what kind of security challenges are really a threat to use of Cloud

Computing from an organisation point of view by studying end-user

behaviour.

To recognize real threats / issues from an end-user point of view in the

acceptance of a new technology such as Cloud Computing.

- 6 -

To verify the impact of culture when threats such as data security and data

privacy are being analysed in relation to the economies of scale and time value

of money.

To study consumer (end-user) behaviour and perceptions about data

confidentiality security and privacy when their data is stored by deploying a

Cloud solution.

To establish the key variables considered by the end user in accepting cloud as

a solution over the threats in an effort to combat the uncertainty which

hampers the acceptance of Cloud computing as a new form of technology.

To determine major factors that ensures security and privacy protection and

restores confidence in the minds of end-users to adapt to the new Cloud

technology.

To analyse the impact of using open source software and virtualization

techniques in order for Cloud computing to its full potential in cases of a

security breach, identity theft, internet outage etc.

b) Research Questions

The research questions below are aimed at exploring, identifying and tackling

marketing challenges associated with technological changes in the form of computing,

i.e. with the introduction of Cloud computing. The end-user perspective is used to

validate certain key issues about acceptance of Cloud Computing technology.

1. How important it is from an end-user perspective to keep their data

secured, in relation to reducing their infrastructural, implementation and

maintenance cost by deploying a suitable Cloud solution?

- 7 -

2. Does a customer of Cloud solution, (end-user), with limited technical

knowledge of cloud solutions care, if their data is stored on the same

server along with his competitor’s data keeping in mind the benefits these

solutions have to offer such as economies of scale, reaping time value of

money, etc.?

3. Which layers of security will address the primary issue of security by

ensuring data stored on internet using cloud solutions is completely

secured and accessible without depending on internet and the customer’s

view on using open-source software and virtualization techniques to

ensure smooth transition from desktop to cloud computing?

4. Do the cultural differences affect the beliefs of users keeping data

confidential vis-à-vis sharing personal details as long as required service is

delivered at affordable price and suits the needs of the organisation /

individual?

5. Whether uncertainty avoidance can help end-users in the decision-making

process and how do end-users perceive technology?

6. What is the significance of privacy in relation to Cloud-based information

systems and how can one ensure that required data is shared while PII

(Personal Identifiable Information) is protected?

These questions set the foundation for this research to study end-user behaviour and

combat the issues of security and privacy by understanding their perspective towards

the present layers of security and privacy, which is discussed in Chapter 2.

- 8 -

2. LITERATURE REVIEW

The importance of any research and its outcomes found thereafter will always be

judged in correspondence to other people’s research and their findings. Tranfield et. al

(2008) supports this belief by suggesting researchers to ‘map and assess the existing

intellectual territory’, to establish the nature of previous researches which have been

published in the selected topic area, and possibly discover current researches being

carried out.

This chapter commences by reviewing the literature from a broader dimension about

technological advances, marketing theories in acceptance of technology, narrowing

down to the Cloud model, assessing its security and privacy issues and ultimately

evaluating the role of culture in technology acceptance as end-users behaviour and

their perceptions will be studied.

2.1. TECHNOLOGICAL CHANGES

Technology has played an enormous role in building our society the way it is today.

The rate of such technological progress is often classified into two phases: “Invention

(a scientific breakthrough) and innovation (commercialisation of the invention)” – A

distinction highlighted in the book “Open Innovtions” by Chesbrough et. al (2006)

where Nelson and Winter (1982) have credited this classification to Schumpeter

(1934).

With an array of products already present in the market for sale, organisations keep

innovating and launching new and improved variances. By introducing a new gadget

like mobile phones, or latest models of cars, or these organisations are changing the

way we live all the time. Innovations in the medical field help mankind to counteract

against the deadliest of diseases. Remarkably, these innovations are continuously on-

going. “Innovation won’t go away – it is not the next big thing- it is always there”, a

statement cited in a special report. (Getting Creative, Special Report – Business Week

August 2005)

- 9 -

Ettlie (2006) highlights three reasons why technological changes have gained

importance over the years, viz.

Technology-driven change is “everywhere and always present”

Value captured from new technology is “challenging and never guaranteed”

In today’s competitive environments, technology is used by most

organisations as a tool in their “success strategies”

On the contrary, authors such as March and Simon (1958), emphasize on two

important factors, internal pressures and external pressures which initiate such

technological changes in most organisations, but not all.

Internal pressures – Changes in the aspiration level of team members.

External pressures – Unexpected environmental changes.

Much of the literature suggests that technological innovations are linked to

organisational innovations. More and more adaptation to newer means of

technological innovations, from an organisation leads to more operational changes in

administrative procedures – different organisational structure, fresh strategies

resulting into huge benefits to such organisations. On the other hand, failure of

technological changes may crop up when either too much technology is being adopted

quickly or insufficient amount of technology is implemented to keep pace with the

competitive environment.

Based on discussion so far, it is evident technology sets up the path for organisations

to flourish and grow and maintain competitive sustainable advantage over its

competitors. What remains to be seen is why do some organisations seem to be more

innovative? How do some organisations maintain their innovative behaviour, while

others hesitate?

Christensen(1992) came up with the study of the Technology S-curve. It suggests

high potential at the beginning of technology life-cycle with the increase in efforts

(Resources, Time and Engineering) spent which later diminishes with the advent of

new technology.

Next Generation Of Technology

1 2 3 4

Time, Resources and Engineering Effort Spent

Prod

uct P

erforman

ceFigure 2.1 – The Technology S-Curve

Source: Adopted from Clayton Christensen (1992)

In the above Figure 2.1, Point 1 is where new technology is invented. As seen above,

technological change is continuous, until Point 2, where the existing technology is

being constantly improved till it reaches its peak at Point 3, where the existing

technology reaches its maturity with given efforts, and / or increasing engineering

efforts. After this Point 3, it has diminishing returns to performance of the technology.

The dotted S-curve denotes the invention of new technology, this technology cycle is

observed to be recurring all over again. Point 4 is when the new technology reaches

its peak, until new technology again comes into play.

Studies by Sahal (1991) supported the above view in his book, “Patterns of

Technological Innovation”. He was the first one to demonstrate with empirical

evidence that with passage of time, there is a steady progress of technology as its

potential is understood.

- 10 -

- 11 -

2.2. Marketing theories relevant to acceptance of

new technology

Marketing of high-technology is not similar to that of traditional consumer products.

Although the standard approach to marketing and the marketing-mix “4 Ps” has a lot

of relevance, however, it still needs to be modified due to the presence of some

important factors when dealing with new technology.

These factors are highlighted when studying the characteristics of such high-tech

marketing environments. Studies by Moriarity et.al (1989), Gardner, D (1990) and

Moore, G (2002) established certain characteristics that all high-technology industries

share in common are discussed in the sub-section below:

2.2.1 Characterizing High-Tech Marketing Environments

The three common characteristics of high-tech marketing environment are:

i. Market Uncertainty

ii. Technological Uncertainty

iii. Competitive Volatility

Figure 2.2 – Characterizing High-Tech Marketing Environments

Source: Adopted from Mohr et.al (2005)

The Figure 2.2 above demonstrates how marketing of high-tech products and

innovations take place when these three common variables intersect.

i. Market Uncertainty – may result due to the following factors:-

a) Customer’s insecurity about what needs or issues will be addressed by

the given technology: Such an uncertainty, doubt or fear in consumer’s

mind may delay the adoption of such technology. In context to this

research, particularly the end-user may not be aware of what Cloud

computing has to offer, which will address the issue of security and

privacy. At the same time, it would offer best data storage solutions to

satisfy their needs of data storage.

b) Changing needs of the customers: In a dynamic environment, customer

needs are changing rapidly. For instance a patient who used to treat the

same disease with the intake of an allopathic medication and may alter to

homeopathic treatment for the same disease or illness the next year.

- 12 -

- 13 -

c) Lack of industry standards: In-appropriate or lack of industry standards

for a new innovation / technology in a market affects consumer’s

decision to adapt to a new technology. Aley, J. (2003) emphasized these

factors which lead to slow adoption of 3G wireless technology.

According to him, 3G technology was adopted by many customers after

a lot of careful considerations about the CDMA – (Code Division

Multiple Access) and W-CDMA (Wideband Code Division Multiple

Access as both these interfaces were a part of 3G technology but they

were region specific which meant that if CDMA works in one region, it

may not work in another.

d) Estimating the pace of technology spread: Knowing the rate at which

technology will spread helps marketer to avoid any market uncertainties.

e) Recognizing Market Potential: helps high-tech product / technology

manufacturer to avoid any errors in forecasting and ensure accurate

production for timely availability of goods and services.

ii. Technological Uncertainty – is “not knowing whether the technology – or

the company providing it – can deliver on its promise to meet specific needs”

(Moriarity et. al, 1989) Technological uncertainty can be addressed by

answering the following questions, whether

a) New technology will deliver as promised?

b) Delivery will be as per time-table for availability?

c) Effective service will be provided in case of any concern?

d) Side-effects or Un-anticipated consequences are taken into account?

e) Viability of technology over new development makes the current

technology obsolete?

- 14 -

iii. Competitive Volatility: refers to the alternations in the competitive

environments. Determining companies competitors, their products / services,

tools utilised by their competitive firms to compete against them. Sources of

such competitive volatility are:

a) Recognizing the competitors of the future

b) Knowing their tactics

c) Identifying which of their own products will the company compete with,

after identifying and analysing the competitors and their tactics?

2.2.2 Diffusion of Innovations Theory Model

In his comprehensive study of Diffusion of Innovations, 4th ed., Rogers (1995)

produced a theory for the adoption of innovations among individuals and

organisations. This theory concentrated on a few key elements such as:

i. Innovations: Some innovations spread quickly and adopted by adopters as they

perceive the new technology to be possessing certain characteristics such as

being trial-able, relatively more advantageous, compatible with industry

standards, least complicated, and having observable results, thereby reducing

uncertainties associated with a new technology.

ii. Communication Channels: play a pivotal role in the adoption of an innovation or

technology as most individuals evaluate an innovation by the feedback from their

near-peers who have adopted the technology before them, and not necessarily

based on results of scientific researches by a professional.

iii. Time: The time element used in Diffusion of Innovations Theory is involved in

three separate modes

a) Innovation-Decision Process: The innovation-decision making process

(Figure 2.3) indicates the 5-staged process where an individual (or decision-

maker) seeks information, moves from first body of knowledge about an

innovation, to shaping an opinion or attitude about it, in deciding about

adopting or rejecting the idea to implement, and finally confirming their

decision

Figure 2.3– Stages in Diffusion of Innovation

Source: Rodgers (1995), 4th Ed. originally (1962)

b) Innovativeness of an individual: Every individual is bound to adopt

technology sooner or later. However, the degree to which they adopt is

relatively different which represents the innovativeness of an individual.

Time spent in adopting an innovation is bound to differ in most cases and

hence this theory categorizes individuals into five classifications namely:

Innovators, Early adopters, Early majority, Late majority and Laggards.

c) Rate of Adoption: refers to relative speed with which the members of a

social system adopt a particular innovation.

iv. Social System: refers to the members of a particular group who are jointly-

engaged towards solving a common issue by working towards accomplishing a

common goal.

- 15 -

- 16 -

2.2.3 Theory of Reasoned Action & Technology Acceptance Model

Theory of Reasoned Action (TRA), a study associated with Fishbein and Ajzen

(1975) linked behaviour to quite a few elements like attitudes, beliefs and

behavioural intentions. Individual behaviour was identified to be an outcome of

behavioural intentions which was ultimately determined by an individual’s attitude.

Based on the general concept of TRA, a new model called Technology Acceptance

Model (TAM) was developed by Davis (1989). TAM suggested that a number of

factors influence the decision-making process for a consumer to decide as to how

and when they will use or adopt new technology. The two main factors i.e.

Perceived Usefulness (PU) refers to the extent to which a person believes that using

a system will improve his / her performance and Perceived Ease-of-use (PEOU),

defined as “degree to which a person believes that using a particular systems will be

free from any effort.”

2.2.4 The High-Effort Hierarchy of Effects

Hoyer, W.D and Maccinis, D.J (2009) realized that consumers decision on adoption

or rejection of a new technology depends on whether they are prevention-focussed

or promotion focussed. Some consumers, who are more concerned about protection

and safety, will end up resisting the temptation to adopt a new technology. Similarly

the author identifies promotional-based consumers, who value growth, advancement

and the promotions offered by the new technology, especially when the risks are

insignificant.

The High-Effort Hierarchy of Effects refers to the high-involvement of the

consumers before deciding to adopt new technology by searching for the required

information, attitude development, and selection or confirmation of choices, similar

to the innovation-decision process discussed above on Page 15.

- 17 -

There are various uses of technological products and numerous countries have

adopted such innovations. However, the technological paradoxical concept remains

firm on the belief that there may be global products but there are no global people.

Hofstede’s (2007) model of cultural values is useful as there is no global language

by which we can reach global consumers.

Lewis et. Al (2003), studied a variety of theoretical models portraying the beliefs

which constituted the determinants of acceptance of target technology. Various

models of IT such as TAM and TRA discussed above support that beliefs of

individual dominate their usage behaviour while other studies have recognized the

importance of finding determinants of such beliefs. Beliefs seem to have a deep

impact on subsequent individual behaviour towards the acceptance technology

hence observing how beliefs were formed was investigated consequently.

Perceptions: An individual perceives characteristics of technology in many ways

from the vantage point of their own cognitive processes developing beliefs about

them. Vast amounts of literatures support the importance of beliefs in consumer

behaviour for technology acceptance explaining both system usages (Adams et. Al.

1992; Moore and Benbasat 1991) and usage intentions (Davis et Al. 1989;

Mathieson 1991)

Generally, perceived usefulness and perceived ease of use have been two

prominent variables arising of these studies in the field of acceptance of technology,

This raises a question about individual differences being account for.

How do individuals construct different beliefs about a specific technology or what

factors causes such differences?

Literature suggests that certain factors which constitute of these differences are as

follows:

- 18 -

Institutional Factors: have been subjects of interest in Information Systems

research. Organizational attributes have been studied including user training

(Fuerst and Cheney 1982; Leonard-Barton 1987; Raymond 1988; Sanders and

Courtney 1985); knowledge management (Boynton et al. 1994; Pennings and

Harianto 1992) and organizational support (Delone 1988, Leonard-Barton and

Deschamps 1988; Monge et.al 1992). Although, as seen above numerous scholars

have emphasised about managerial commitment, much is still desired into what

constructs these beliefs.

Social Factors: Fulk (1993) and Schmitz (1991) demonstrated the extent to which

others view technology can also serve as a positive influence on one’s own beliefs

and perception about usefulness of the technology.

Individual Factors: Self-efficacy or an individual’s perception of his own ability to

use the technology has its academic roots from Social Cognitive theory by Bandura

(1986). Personal Innovativeness refers to the extent to which an individual will try

out new technology (Agarwal and Prasad, 1998)

Venkatesh et.al (2003) seconded the above influence on technology acceptance

along with addition factors such as:

Long-term consequences: are those “outcomes that have a pay-off in the future”

Relative Advantage over previous technology: is the degree to which a new

technology is advantageous over the predecessor

Status Symbol or Image: is the extent to which a new technology is perceived to

improve one’s image or status in the society

Visibility amongst peers: The result demonstrability or visibility of results is

another core construct in building a positive / negative influence over accepting that

technology.

- 19 -

2.3. THE NEW CLOUD MODEL

With an attempt to compete in a confined space, every organisation is utilising

available resources optimally and reducing their activities which are not central to the

key business strategy. This has led to the emergence of the new Cloud model

In retrospect to the traditional model where organisations purchase a licence for each

application the new cloud computing model charges on the basis of its use similar to

Pay-per-use, thereby offering an assortment of applications and services available to

use as per the end-user requirements.

Experts in implementation of Cloud Computing have presented different ways how

organisations can utilise different web services. Most commonly used web services

form the new Cloud model. They are:

2.3.1 Communication-as-a-Service (CaaS)

Communication-as-a-Service is a type of cloud-based service where its providers

(cloud vendors) provide services such as VoIP, Instant Messaging, and video-

conferencing facility to their customers. The responsibility of these vendors is to

ensure smooth functionality of communication by managing hardware and software

required for such services. CaaS model helps the business customers to select the

most appropriate communication model within their organization on a pay-as-you-go

basis

In 2007, Gartner’s press release indicated that CaaS market is expected to sum up to

$2.3 billion in 2011. Least or no management on part of the customer is one of the

key features of a CaaS. Furthermore, maintenance and managing expenses for the

communication infrastructure is shared across the customer-base of the cloud vendor

which allows the customers to leverage an enterprise-class communications solution

and allocate remaining financial and other assets where businesses can use them in the

best possible manner.

- 20 -

2.3.2 Infrastructure-as-a-Service (IaaS)

Infrastructure-as-a-Service also known as ‘Everything-as-a-Service’ means using the

machines and systems provided by a cloud-service provider. Whilst, the cloud

providers handle the transition and hosting of chosen applications on their

infrastructure, the customers own and manage their applications. Post deployment of

IaaS as a cloud solution, the providers are involved in maintaining and managing their

infrastructure.

Components such as computer hardware, computer network, internet connectivity,

platform virtualization environments for running-client specific virtual machines are

usually a part of provider-owned implementations infrastructure. Service-level

agreements between customers and providers determine the pace at which providers

will ensure delivery of services through IaaS, while utility computing through billing

helps customers to track their usage of IaaS. Resources such as data center space,

servers, network equipments, etc. are not necessarily purchased, but rented by IaaS

customers. Customers are charged for the resources consumed

2.3.3 Platform-as-a-Service (PaaS)

Cloud computing has evolved to encompass platforms for building and running

customized web-applications, a model known as Platform-as-a-Service. This model

formulates an architecture including all facilities essential for supporting the life-cycle

of building and delivering web-applications and services available through the

internet, without any software downloads or installation for developers, IT managers

or end-users.

Distinct from the IaaS model, where users may use specific operating systems with

mandatory applications running, the PaaS developers are focussed on the web-

development aspect provided by the platform and not with the kind of operating

systems used. It sets the focus on innovation rather than infrastructure, thereby

allowing organisations to plan their finances and invest more in creation of new and

improved web-applications without upsetting their infrastructure needs. Developers

around the globe, through internet have access to unlimited computing power through

which they can build dominant web applications and deploy them to users

worldwide.

2.3.4 Software-as-a-Service (SaaS)

Software-as-a-Service is a term used, when a vendor provides software to a user

which they want to use. The traditional concept of software distribution, where we

buy a licensed copy of software for use is referred to as Software as a Product.

SaaS as a software distribution model is rapidly gaining attention in which various

applications are hosted by the cloud vendors and made available to customers over the

internet. SaaS is frequently associated with pay-as-you-go payment model where the

users choose from a range of application available and pay for its usage

Figure 2.4 – The Cloud Model

Unlike Paas, where you develop your own applications, SaaS offers the software /

application to the end-users. Many users have limited knowledge how and why the

software application is being developed, and focuses mainly on using the software.

SaaS is ideal in such circumstances, supporting features such as multi-tenancy, i.e.

supporting multiple-users to access software concurrently, which is what separates it

apart from traditional models of software distribution.

- 21 -

- 22 -

2.4. PRIVACY AND SECURITY ISSUES

Today we are surrounded by global information infrastructure systems, which

remotely connect two or more parties worldwide. Humans are interconnected

remotely through services like World Wide Web which results into vast amounts of

data being shared leading to increasing concerns of personal identifiable information

being at risk. Challenge of Privacy in relation to cloud systems is to share the data

while protecting Personal Identifiable Information (PII). The capacity to control the

information, an individual discloses about themselves on the internet, and who may

access such information has been a rising concern. Rittinghouse and Ransome (2010)

state “another privacy concern is whether websites which are visited collect, store,

and possibly share personally identifiable information about users”

According to the TRUST’es survey in December 2008 and results by the Poneman

Institute, privacy was identified as the key differentiator in cyber world. “Consumer

perceptions are not superficial, but are in fact the result of diligent and successful

execution of thoughtful privacy strategies.” said the chairman of Poneman Institute,

Dr. Larry Poneman who believes consumer trust is the basis of business. “Consumers

want to do business with brands they believe they can trust.”

Based on the studies above, privacy can be viewed as an important business issue

focussing on protecting the personally identifiable information from inappropriate and

unauthorised methods of data collection, usage and leakage, consequently preventing

the loss of customers trust and avoiding frauds such as identity theft, phishing and e-

mail spamming.

According to Bagehi and Atluri (2006), privacy of information can be protected by

investigating into different aspects such as:

a) Data Protection Requirement composition – which takes into

consideration data owner, data holder and any possible privacy law

- 23 -

b) Security and Privacy Specification and Secondary Usage control – in

order to identify under what circumstances an individual can trust others for

security and privacy. Digital certificates issues by given entities certifying

the holders of information with properties such as accreditation and in

addition given user the ability to constraint possible secondary uses of their

information

c) Inference and Linking attacks protection – to confirm that information

released is not open to channels allowing attackers to infer sensitive personal

information

Jahankhani et. al (2009), emphasized security concerns before Cloud Computing

can be adopted as a solution for many organizations. According to their studies,

people may be apprehensive in adopting this technology due to lack of control over

factors such as:

a) Using applications over an unfamiliar platform

b) Infrastructure and hardware being used

c) Location of the data being stored

d) Secondary usage of their data

In a cloud environment, applications designed for users of social networking

sites, or for a large manufacturing company’s logistics team members, needs to

provide access to only “authorised, authenticated users and only those users need to

be able to trust that their data is secured” (Sun Microsystems, 2009)

Velte et.al (2010) pointed out people using cloud services fail to understand the

security and privacy implications of their e-mail accounts, their social networking

user accounts and even recognise that these services are considered cloud services.

Moreover, any regulation will affect other cloud services. Their studies also

highlight a combination of security techniques allowing users to secure their data

when moving their data to a cloud vendor. These techniques are:

- 24 -

a) Encryption: is a process of encoding data with a series of complex algorithms

which can be decoded only through an encryption key. Although, cracking

coded information is possible, however, most hackers find it difficult due to

the amount of processing power needed for it to be cracked.

b) Authentication Processes: helps user creating a username and password.

c) Authorization Practices: are activities such as generating lists of people who

are authorised to access the information on cloud servers. In addition certain

organisations have multi-level authorisation practices where limited access

may be available at a sub-ordinate level, whilst a IT head may be able to

access all the information.

However, in spite of these techniques, the security concerns are not completed

addressed. Having said that, if there is a disaster in the organisation where all the data

is lost, implementing a Cloud solution with the data backed up on Cloud server will

benefit as all the data will not be lost.

Authors like Worthen and Vascellaro (2009) and Kaplan (2009), view cloud services

as more reliable and secured than individual organisations offerings. The only

difference as they see is that if a company’s e-mail system crashes, it does not make

the headline while any outage or data breach by Gmail, Apple or Amazon cloud

service hits the front cover of the local newspaper.

A survey amongst 244 IT Executives, conducted by the IDC Enterprise Panel,

reflected IDC’s (2008a) findings, shown in Figure 2.5 below, highlighting security as

the major concern amongst other, where 74.6% participants chose Security as the

primary issues associated in adoption of Cloud computing solution.

Figure 2.5: Issues related to Cloud Computing

Source: IDC findings, 2008a

- 25 -

- 26 -

2.5. THE ROLE OF OPEN SOFTWARE SOURCE &

VIRTUALIZATION

Open source software requires collaboration between organisations, their suppliers,

customers or creators of related products to bridge software R&D in order to invent a

shared technology (software application). These are called open source software as

they are shared technology available to buyer at little or no cost. Over the past decade,

IT firms have been encouraging their users to work together and share user-developed

software which fills the gaps for their proprietary models. Open source software

allows its basic software elements such as virtual machine images and appliances to

be created from basic components thereby providing the developers an ease to

assemble large applications.

Nevertheless, IT firms face the risk of such collaboration as too much encouragement

to users can also reduce the availability of vendors to achieve proprietary lock-in, i.e.

making a customer dependent on a vendor for products and services resulting into

inability to switch to another vendor without substantial amount of switching costs.

In context to the Cloud Computing, the Open Source Consortium aims in supporting

the development of standards and interoperability amongst various clouds. Not only

does is support the developments of benchmarking standards, but is also a strong

promoter of using open source software in cloud solutions.

Virtualization cannot be ignored when examining the challenges of Cloud computing

as it acts as a backbone in confronting the business challenges faced by IT decision

makers. Business challenges such as optimum utilisation of the IT infrastructure,

receptiveness in following new business initiatives and flexibly adapting to

organizational changes are in forefront while budgetary constraints and fulfilling

regulatory requisites lay additional pressure in the minds of IT managers.

Virtualization is an elementary technological development which allows experienced

people in the IT industry to set up inventive way out to tackle such business

challenges. For instance, while using computer games, if the virtual memory is

activated, the computer operating system gains more memory than actual physical

installed memory. Likewise, virtualization technologies may be applicable to other IT

infrastructure layers such storage, networks, laptop or server hardware, applications

and operating systems.

Figure 2.6: Virtualization

Source: VMWare Whitepaper (2006) - Virtualization Overview

The Figure 2.6 above presents us with an explanation how this combination of

virtualization technology by employing a VMware Virtualization Layer between

computing, storage and networking hardware and the applications running on it.

- 27 -

- 28 -

2.6. CULTURE AND TECHNOLOGY

The link between individual and culture is best stated by Linton (1945), who states “A

culture is the configuration of learned behaviour and the results of behaviour whose

components elements are shared and transmitted by members of a particular society”

Culture is an integral part of both the individual and the society making routine tasks

simpler than ever before due to unwritten rules understood by participating in a

society. According to Goodenough (1971), “culture is a set of beliefs or standards,

shared by a group of people, which help the individual decide what is, what can be,

how to feel, what to do and how to go about doing it.”

Many scholars such as Agarwal (1999), Igbaria (1990), Melone (1990) and Davis

(1989), realise the importance of considering individuals cultural differences in

acceptance of technology and it usage. Although organizations adopt to new

technology and IT solutions which may fit flawlessly with their aims and business

objectives, however it may not necessarily ensure a guaranteed performance unless

members of the organisation use it effectively. Agarwal (1999), states “Acquiring

appropriate IT is necessary but not sufficient condition for utilizing it effectively”

Intercultural marketing approaches not only limits itself to geographical and national

boundaries, but also accounts for consumer attitudes, lifestyles, their preferences

which are linked to their age, class, occupation, ethnicity, etc. (Usunier and Lee,

2009)

Time-related cultural differences: Time influences the way we act socially.

Individual’s relation with time changes across with the development of new

technology, as with advent of a new technology, the importance of the current one

fades away. Products or services (technology) are created to save time as time is

treated as an economic resource and considered as money. Studies from Jacoby et. al

(1976) and Spears et. Al (2001) have highlighted consumer attitudes towards money

and the money value of times are inseparable from marketing and any economic time

possibility does influence the consumer behaviour positively.

- 29 -

Despite of the popularity of Technology Acceptance Model (TAM) by (Davis, 1989),

it is considered as the most deficient model in explaining use of IT at the individual

level. Since individuals are accustomed by their respective cultures, integration of

such cultural differences with TAM may predict and explain the behaviour towards

new technology (Cloud Computing). Key variables in TAM model other than

perceived usefulness and perceived ease of use, (which are discussed above) are

perceived behavioural control, perceived risk and demographics particularly age and

gender. Perceived risk of adopting Cloud services may refer to protecting privacy and

data security of information stored using such services potentially leading to identity

theft, compromising of confidential data, etc. Perceived behavioural control are linked

to the circumstances of cloud usage, instances where end-users prefer to switch to

cloud vendors for cloud usage for recurring activities leaving behind more important

tasks for their internal IT experts.

In summary, the literature emphasises the central issues of privacy and security lying

with the adoption of the new technology, i.e. Cloud Computing in context of this

research. Uncertainty is a key attribute in the adoption of new technology which will

be tested through this research from the end-user perspective by studying their

perceptions, beliefs and opinions about acceptance of technology. Virtualization and

Open source software’s are key concepts which will be looked into as the research

carries on. Research institutes like Garner have conducted their research on the central

issues from an organisational perspective. It is evident from the literature that security

and privacy issues are present. On the other hand, there are various benefits of

switching to cloud computing as well due to which organizations are promoting this

switch. However, the importance of these issues from an end-user perspective will be

analysed through this research to identify and resolve the marketing challenges

enabling cloud vendors to focus on the concerns of end-users.

- 30 -

3. RESEARCH METHODOLOGY

The aim of this research was to explore the current marketing challenges i.e. Security

and Privacy faced by most data storage companies, particularly Cloud vendors, with

the advent of Cloud computing. While most findings and literature highlights security

and privacy as issues pertaining to Cloud Computing from the organisation

perspective, however much is still desired to be studied about these issues from an

end-user perspective, as to what they think and perceive about confidentiality of their

data, keeping in mind the solutions offered by cloud vendors. The access to Cloud-

Computing end-users was crucial for data gathering purposes in this research. This

began with attending webinars and building connections for data gathering.

Most authors such as Polonsky and Waller (2004), highlight the importance of data

gathering in a research project. The method chosen for any research project will have

profound effects on performance of the remaining activities in any research project.

Weller & Romney (1988), suggest considering special care and attention as choosing

the most appropriate methodology can determine the biggest cost (time and money) of

the research.

3.1. Research Approach : Inductive

This research has adopted an inductive approach. The inductive approach is selected

as it allows for changes by offering a more flexible structure, as the research

progresses. Since the end-user perspective about marketing challenges of security and

privacy in Cloud Computing is being studied, for which there is not much literature

available, an inductive line of investigation is the most appropriate research approach.

According to Easterby-Smith et al.(2008), the choice of the research approach is

important as it assists in enabling the researcher in the following three ways:

a) To take a more vigilant judgment about the research design.

- 31 -

b) To evaluate research strategies and employ the methods which will function and

selectively eliminate the one’s which may not work, and

c) To adapt the research design to cater for constraints such as lack of prior

knowledge of the subject, which was a constraint in this research as Cloud Computing

is a relatively new topic, with very a small number of previous researches, especially

on end-users of Cloud Computing.

3.2. Research Philosophy : Interpretivism

Research philosophy is vital for a researcher to develop knowledge and the nature of

that knowledge. Saunders et al. (2009), examines the different research philosophy

using The Research ‘Onion’ and classifies research philosophies into Positivism,

Realism, Interpretivism and Pragmatism.

The philosophical position chosen for this research was Interpretivism as it takes into

consideration the complexity of humans as social actors in business and management

which cannot be governed by definite ‘laws’ similar to physical sciences in the

positivist position. Additionally, the Interpretivism research philosophy lays

emphasis on conducting research on living human-beings rather than lifeless objects

studied in most scientific research. When studying security and privacy challenges

from an end-user perspective it is critical not to disregard the social element in the

respondents, hence Interpretivism seems to be the most obvious choice.

3.3. Research Strategy

Bryman and Bell (2007) underpin the importance of a research strategy as it lays the

foundation of conducting a business research. This research adopted a Quantitative

research strategy using questionnaire / survey as the primary method of data

collection.

- 32 -

3.3.1. Quantitative research

Quantitative research is described best by Dillon et. Al (1993) as techniques

which involve comparatively larger number of respondents and aim at

generating data which can be generalised over the entire set of research

population. The respondents in this research were mainly end-users who have

been using cloud services and data obtained through surveys has been

proposed to correspond to population as a ‘representative sample’ (Page &

Meyers, 2000) who are presented a series of question using the surveys or

questionnaire method of data collection. Questionnaires are most widely used

when survey strategy is chosen for business and management research. The

most critical part; however is to prepare a good set of questions before

deciding to choose the questions as a method of data collection. These

thoughts are supported by many authors such as Bell, J (2005); Oppenheim

(2000). Considering the descriptive nature of this research to explore security

and privacy issues and the research population being numerous end-users, data

collection through questionnaire tends to be beneficial with standardized

questions, which one can be certain about being interpreted similarly by all

respondents (Robson, 2002)

3.3.2. Participants

As the title suggests, this research could have not been conducted without with

the opinions, suggestions and responses of end-users of Cloud computing who

have used and / or responsible for recruiting individuals in the information

technology industry dealing with Cloud Computing. Thus, professionals such

as IT security consultants, IT product managers, Head of Datacenter &

Information Technology, Chief Technology Officers, IT Helpdesk executives,

software developers, system engineers, marketing managers in Information

systems, SaaS and PaaS professionals, and staff members of College of

Technology London (pilot-survey) were contacted to share their views about

security and privacy (confidentiality) when using Cloud-based services.

- 33 -

3.3.3. Gaining access

The studies from the literature review confirmed that most organisations fear

security and privacy as major hurdle in getting the users adopt to the new

Cloud-based services. What was desired before this research was to confirm it

from the end-users perspective. Before an attempt was made to gain access to

end-users, invitations were sent to online discussion groups like on Google

groups, LinkedIn groups to ensure adequate familiarity of the characteristics

of group members and understanding of the end-users. Saunders et. al (2009)

advocates gaining such knowledge as it enables the researcher to signify to the

prospective respondents during the research “why they should grant access?”

Buchanan et. al (1988), emphasizes the importance of allowing oneself enough

time as physical access to organizations and groups may take up to weeks or

months, which may still results into no access being granted. Utmost care was

given to devote time in building contacts with end-users. This was possible, as

simultaneously with the secondary data desk-research; contacts were being

developed by attending webinar’s and being introduced through LinkedIn,

thereby establishing communication by sending a pre-survey contact with a

clear introductory message to test their desirability in participating for the

research work.

3.3.4. Sampling : Self-Selection Sampling

Most surveys deal with identifying the ‘research population’ for providing

fundamental information to address the research questions. It is often a

challenge to involve all members of the population, hence selecting who

participates in the survey is a key consideration. The primary aim in selecting

the respondents in this research, out of the thousands of others is to ensure

those who are participating represent a sub-set of the research population,

thereby the generalising the findings to that target population with utmost

confidence. (Jill and Johnson, 2002)

- 34 -

The main issue was establishing first contact with the research population. To

being with, webinars on Cloud Computing were attended to get introduced to

prospective respondents, followed by using LinkedIn®, a professional

networking website to join groups and discussion forums where individuals

interested in participating in a research project were short-listed. Using non-

probability sampling, the self-selection sampling was employed for the

research. Saunders et.al (2009) explains self-selection sampling as a method

by which individuals knowledgeable about the topic are identified who desire

to be a part of your survey. Subsequently, the data is collected from those who

respond.

The primary research began by sending a pilot-survey on the 22nd April 2010

to staff members of College of Technology London, user’s of Ampera, a

student administration system used by the college which is based on Cloud

Computing. This was to test the survey questions before it was released after

knowing the initial response. Upon receiving 23 responses within first ten

days, more than 750 invitations through discussion forums and LinkedIn for

participating in the survey questionnaire released on the 1st of May 2010.

These invitations were sent to users of cloud services mainly targeting at

expert end-users, allowing myself to identify the desired end-users who are

willing to respond and knowledgeable about the topic of research.

3.3.5. Questionnaire Design

The questionnaire design was chosen carefully with attention to individual

questions, pleasant outline along with a lucid description of the aim of the

research. This was to ensure positive effect on the response rate and the

reliability and validity of the data collection. Understanding the fact it’s not

just important to attract the respondents through effective design and carefully

chosen questions, but equally vital to plan and execute the administration for

the actual questionnaire was one of the key attributes considered while

conducting the research at various stages.

Figure 3.1: Types of Questionnaires

Source: Saunders et.al, 2009

The next challenge was to choose the questionnaire amongst the different

kinds of questionnaires available as seen above in Figure 3.1. Self-

administered questionnaire design was preferred as it would attract larger

number of respondents, irrespective how geographically dispersed they may

be. Amongst the three types of self-administered questionnaires, internet and

internet-mediated questionnaire was ideal, when compared to postal and

delivery & collection methods simply because they offer better control over

the reach of the desired person as respondent. For instance, when a postal or a

delivery & collection questionnaire is addressed to an employee with an aim to

find out what is the most-time consuming task to help him / her improve their

time-management, you may find out distorted or contaminated responses as

the respondent may even ask one of his colleagues to fill in the same responses

due to lack of supervision or control. In contrast, internet and internet-

mediated questionnaires particularly those which are sent to the official e-mail

or a message through the professional networking website to a particular

account holder, presents considerable command over other forms of survey

designs / questionnaires.

Witmer et. Al (1999), states “internet and internet-mediated questionnaires

offer greatest control because most users read and respond to their own e-mail

at their personal computer”. In addition, Dillman (2007), points out that

“respondents to self-administered questionnaire are unlikely to answer to

- 35 -

- 36 -

please you or because they believe certain responses are more socially

desirable”, thereby reducing data contamination by using this approach

The questionnaire design, (Refer to Appendices) was published using an

online tool offered by SurveyMonkey.com®. The professional version of the

tool was preferred to accommodate for unlimited responses and “filter” and

“cross-tabs” tool option to analyse data using the same. The questions were

classified into 4 sub-sections, i.e.

a) About Yourself,

b) About Technology Awareness – Cloud Computing

c) About Technology Acceptance and Beliefs

d) About Security, Privacy and Confidentiality of data

Classifying the questions not only meant it was presentable, but it also made it

clear for the respondents to anticipate kind of questions and its

comprehensibility to encourage more responses. The questionnaire designed

presented the respondents an opportunity to alter their responses during the

survey as all the questions were not plotted on a single page. The survey was

open for a month from the 22nd April 2010, when the pilot-survey was tested,

until the 21st May 2010.

3.3.6. Data analysis & Data Presentation

The data collected from the survey responses was both quantitative and

qualitative, in a raw form with numbers and variables, conveying very little

sense of it. Qualitative data was pre-coded into categories to process them into

information which can be described. Saunders et. al (2009), explains the use of

developing categories, followed by connecting them to form relevant data.

Excel™ spreadsheet and software package from the internal “filter tool” and

“cross-tabs” within the Survey Monkey Pro® account was used to conduct the

analysis.

- 37 -

Charts, graphs and statistics were some of the quantitative analysis techniques

utilised in exploring, describing, and examining the results of the survey

which was useful in establishing relation and trends within the data obtained.

The data analysed was then presented in the form of pie-charts, vertical bar

charts or column charts, line diagrams to represent trends and horizontal bar

charts.

3.3.7. Reliability & Validity

Most authors like Raimond (1993) and Rogers (1961), express their views on

the importance of the credibility of research findings by aiming to reduce the

possible errors by focussing on reliability and validity of the research design

McBurney and White (2007), defines reliability as “the property of

consistency of a measurement that gives the same result on different

occassions”. Validity is defined as “the property of a measurement that tests

what it is supposed to test.”

Robson (2002), claims there are four threats of reliability which are assessed

to ensure that data collection and the analysis of this research yields consistent

conclusions. Participant / Subject error was reduced by sending the invites at

the same time of the day which was mid-night during weekdays (GMT) as this

seemed to be morning in most parts of the globe wherever the respondents

reside. Similarly, Participant / Subject biases were avoided ever since the

formation of the research design to ensure respondents are given enough

indications to guarantee anonymity. Lastly, to address the threat of validity

related to Observer error and Observer biases, questions included in the

survey had text box to ask the response if they were able to interpret the

research questions and in case of any doubts to ask the researcher for any

clarity.

- 38 -

Similarly, the threats to validity as suggested by Robson (2002) were

considered. Threats to validity such as history of events in the past were

studied. Cloud computing technology has always been in hype and pick of

things. However, at the time of this research no dramatic events were

associated Cloud’s data security and privacy in comparison to 2009 when it

first came into the picture. Respondents were informed about their

participation to be completely voluntary and bearing no effects to their every

day usage addressed the testing and instrumentation threat to validity.

3.3.8. Ethical Consideration

Whilst conducting this research, at every stage the ethical implications were

considered, in particular about preserving the confidentiality of data. Concerns

related to ethics emerged while planning, gaining access, data collection,

analysing and report-writing.

During planning and gaining access stage stage, various methods were

considered and the research design was formulated ensuring the selected

choices for data collection are in sync after considering ethical issues such as

consent of participants, their reaction to the procedure selected to obtain data

from them i.e. if it causes the intended respondents any kind of pressures,

feeling of discomfort, stress, etc.

The anonymity of respondents was practised while data collection was carried

out. This was to ensure concealment of particular viewpoints to protect the

identity of the respondents from being disclosed and their responses therein.

The nature of participating was completely voluntary, providing the

participant the right for withdrawing at any stage of the survey, partially or

completely. This ensured that no pressure if applied on the intended

participants supporting the views of Robson(2002); Sekaran(2003)

- 39 -

As Jankowicz (2005) suggests, irrespective of the approach chosen whether

positivist or interpretivist, special care was taken to maintain the data in a

secure location with a password protection known only to the researcher

ensuring that before data is processed, it is stored securely.

- 40 -

4. FINDINGS

This section presents the findings of the primary research conducted by means of the

questionnaire method. The information presented in this chapter is to be considered as

primary findings as it is data in the raw form. Thus, offering first-hand information

before the analysis is carried out in Chapter 5, where the responses are discussed in

detail before drawing conclusions subsequently. Some key facts facilitate

comprehending these findings are stated below:-

4.1 Key Facts

a) Pilot-testing Survey Responses

The respondents in the initial stage of pilot-survey were mainly known end-users and

staff members of College of Technology London, specifically the one’s who have

been using Ampera, a newly deployed cloud-based student administration system. A

result in Section 2, about awareness of Cloud Computing does indicate that a small

percentage of the end-users who have participated are not aware about the term

“Cloud Computing” or have never heard or used this technology. The response to

Question 5, (Refer to page.46) does reflect 14 respondents are uncertain about this

form of computing. However, it is purely because some of the participants are not

experts end-users and not technically familiar with the term “Cloud Computing”,

although they use it on a day-to-day basis. In order to ensure that these participants do

not loose interest in the survey, or provide distorted responses, adequate information

has been provided to the participant by notifying them a note soon after Question 6

(Refer to page.47)

b) Participant Identity Protection

While this research was descriptive in nature, involving collection of data about views

of expert end-users, their beliefs about technology acceptance, etc. protecting their

personal identifiable information was just as critical as studying their characteristics

such as their ethnicity, age-group, first language / preferred language.

- 41 -

To enable this, the questionnaire design was well-defined with clear instructions and

logical reasoning behind asking the questions. Participants were given the choice at

the beginning of the survey to enter their e-mail address which was not mandatory,

but if the respondent desires to obtain a copy of the survey results, they may opt to fill

their e-mail addresses.

c) Encouraging completed responses with optimum precision

The respondents were acknowledged by sending a Thank you note for their responses

using the LinkedIn and Survey Monkey Compose tool option. The e-mail addresses

captured as stated above were used to encourage the respondents who had partially

completed, to fill in the survey completely. A disclaimer was included in the message

explicitly stating that their e-mail address is confidential and will not be used for any

other purposes. In addition to encouraging responses, the primary findings also

exhibited any open-ended responses from the participants as a comments text-box was

included in the final design of the survey to ensure that if in case the survey options

provided miss any fundamental inputs, the expert respondents can always highlight

the same.

4.2 Respondent Statistics

The particulars mentioned below are in relation to the prospective respondents who

were chosen for this research.

Total Survey Invites - 751

Total Refusals (Opt-outs) - 3

Maximum Response Expected – 748

Total Started Surveys – 155

Total Completed Responses – 122

Percentage of Total Started / Completed Responses – 78.7%

As seen above a total of 122 completed responses were collected out of the possible

maximum of 748 responses. The respondents who opted out were due to lack of

interest or time.

4.3 Survey Results

This section provides the raw data in a tabular format of the number of responses

obtained for each of the questions presented to the respondents. Figures such as line

graphs, pie-charts, area-charts are used to represent the data in percentages.

SECTION 1: ABOUT YOURSELF Please tick / select appropriate options Question 1. Age-group Age Ranges Total 17 / Under 0 18 – 29 years 44 30 – 49 years 68 50 – 64 years 10 65 and above 0

122 Table 4.1 The response to Question 1 indicated the distribution of age-groups of end-users were

mainly young to middle-aged professionals between ages of early 20’s to late 40’s

contributing to 91.8% of the total respondents.

Figure 4.1 – Age Ratio

- 42 -

Question 2. Gender Gender Total

Male 102 Female 20

122 Table 4.2 Most end-users (83.6%) were male professionals as depicted in the Figure 4.2 below.

The number of females who have participated in this research were mainly

contributed during the initial survey (pilot-survey) which included staff members of

the College of Technology London.

Figure 4.2: Gender Ratio

- 43 -

Question 3. Ethnic Background

Ethnicity Total White - British 8 White - Other 25

American 5 European 22 African 2 Asian 10 Indian 37

Chinese 6 Hispanic 1 Brazilian 6

122 Table 4.3 Ethnicity was one of the key characteristics which was captured to study the end-user

behaviour and differences in beliefs, attitudes and towards acceptance of technology,

Cloud-Computing, in context to this research. The three major contributors as

demonstrated in Figure 4.3 were Indians (30.3%), Whites - Other than British (20.5%)

and Europeans (18.0%)

Figure 4.3: Ethnic Background

- 44 -

Similarly, end-user attributes such as their First Language, Preferred Language, etc

were also enquired to analyse results effectively.

Question 4. Please specific your First Language / Preferred Language

Languages Total Kannada 1 Telugu 1

Portuguese 5 Spanish 1

Malayalam 1 Vietnamese 1

Chinese 6 French 10 German 1 Dutch 8

Cantonese 1 Mandarin 1 Finnish 1

Ukranian 1 Urdu 1

Arabic 1 Marathi 1 Tamil 1 Italian 2 Hindi 1

Croatia 1 English 68

TOTAL 115 Non English (NE) 47

NE Preferred English 11 Table 4.4

Figure 4.4: Linguistic Preferences

- 45 -

SECTION 2: ABOUT TECHNOLOGY AWARENESS – CLOUD COMPUTING Question 5. Have you come across the term “Cloud Computing” or ever used such technology? TotalYes, I am aware about it and use it quite oftenly 108 No, I am not aware or used this technology 5 Not sure, I have heard the term, but not sure 9

122 Table 4.5 The awareness of Cloud Computing was evident by observing the responses for

Question 5. The most encouraging sign was that 88.5% of the research population

studied in this research were aware of this technology and oftenly used it. Others who

were not sure or answered No, were unknowingly using Cloud based services without

knowing it.

Figure 4.5: Cloud-Computing Awareness

- 46 -

Question 6. Have you come across the term “Cloud Computing” or ever used such technology? Web e-mail services such as Hotmail, G-mail, Yahoo Mail 120Store pictures / photos 94Store videos 56Web applications such as Google Docs 95Back-up your hard-drive to an online web-site 45Pay-per-Use web services to store your or your organisation data online, for instance a college uses student administration system to store their student records online 40

122Table 4.6 As stated above, the users who opted for No or Not Sure option about the awareness

of the term “Cloud Computing” were presented Question 6. Apparently, all the

respondents did select at least one of the Cloud-based services in response to this

question. Those who had indicated their unfamiliarity with the term were informed

though a note that if they have selected any of the options here, they are either

knowingly or unknowingly using the Cloud-based services.

Figure 4.6: Cloud-service usage determinants

- 47 -

SECTION 2: ABOUT TECHNOLOGY – YOUR BELIEFS & ACCEPTANCE Question 7. When you hear about a cost-effective new technology, you first consider? Suitability to needs 107Compatibility with industry standards 50Deliverable as promised 83Relatively advantageous than the previous one 66Trial options will be offered to you to test it 64Visibility of its results from others 45Post-sales services will be offered by its vendor 37Unanticipated/Side-effects are considered by the vendor 33

120Table 4.7 Majority of end-users, up to 89.2% consider factors such how much of a new

technology will be suitable to meet their needs while only a handful of them consider

vendor’s obligation of offering post-sales services 30.8% and inventiveness of

handling any unanticipated / side-effects of a given technology which stood at 27.5%

Figure 4.7: Primary factors considered before technology acceptance

- 48 -

Question 8. What describes you best amongst the following options in reference to adaptation to new technology? Innovator 36 Early Adopter 45 Early Majority 33 Late Majority 4 Laggards 2

120 Table 4.8 The respondents were asked to describe themselves in the above groups which were coded and descriptions of these codes are as follows: Person who is an initiator, risk-taking, ready to change from current practices An opinion leader, ready to try out new ideas (technology) before others do Person who is thoughtful, careful but accepts changes more swiftly then others A skeptical person who will use technology only after majority is using it Traditional person who will accept technology once it has become mainstream and universally used

Late Majority and Laggards formed the minority which contributed to only 5% of the

total participants, whilst highest majority of 37.5% respondents were Early adopters.

Figure 4.8: Individual Innovativeness

- 49 -

Question 9. Which of the following factors influence you most in accepting / rejecting a new technology?

Proper training, knowledge and organisation's support  60

Social group’s acceptance : Peers/Colleagues point of view  29

Long‐term benefits associated with it  84

Ability to use the technology  77

Status symbol or Brand Image in using it  9

Others  7

TOTAL RESPONSES  119

Table 4.9

The query about the most influential factors generated a 70.6% reaction in favour of

long-term benefits associated with the acceptance / rejection of a new technology. An

astonishing piece of finding was the fact that only 7.6% of the respondents considered

status symbol / brand image as a reason of using it.

50.4%

24.4%

70.6%

64.7%

7.6%

5.9%

0.0%

10.0%

20.0%

30.0%

40.0%

50.0%

60.0%

70.0%

80.0%Proper training, knowledgeand organisation's support

Social group’s acceptance :Peers/Colleagues point ofview

Long‐term benefitsassociated with it

Ability to use thetechnology

Status symbol or BrandImage in using it

Others

Figure 4.9: Technology-Acceptance factors

- 50 -

SECTION 3: About Security & Privacy and Confidentiality of your data QUESTION 10. Consider the two cases below: Case 1: Organisations allow you to use their web-applications for various different purposes, e.g. storing millions of images and share them on Picasa, or uploading personal photos on social networking website such as Facebook, thereby allowing you to use their data storage infrastructure with minimal or no cost Case 2: The data which you actually stored, resides on a physical location unknown to most data storage companies through Cloud service-providers where such data can be shared or hacked by expert hackers On a rating of 1-5, where 1 is Completely Disagree and 5 is Completely Agree, select the option what you believe you would be most appropriate according to you while considering using storage services

Option Vs Choice  DISAGREE NIETHER, NOR  AGREE 

Use of open‐access and flexible data storage facility with minimal or no cost to store your data, irrespective at cost of taking risks  57  19  39 

No interference with personal photos and documents for benefits such as free storage space  45  27  42 

Continue using web‐space as it offers ease in uploading pictures  16  22  77 Observe others experiences and feel secured about such risks and continue to use such services without being concerned about it   31  31  53 

Table 4.10

0.0% 10.0% 20.0% 30.0% 40.0% 50.0% 60.0% 70.0% 80.0% 90.0% 100.0%

Use of open-access and flexible datastorage facility with minimal or no costto store your data, irrespective at cost

of taking risks

No interference with personal photosand documents for benefits such as

free storage space

Continue using web-space as it offersease in uploading pictures

Observe others experiences and feelsecured about such risks and continue

to use such services without beingconcerned about it

Security Dilemma

DISAGREE NIETHER, NOR AGREE

AGREE 33.9% 36.8% 67.0% 46.1%

NIETHER, NOR 16.5% 23.7% 19.1% 27.0%

DISAGREE 49.6% 39.5% 13.9% 27.0%

Use of open-access and flexible data storage facility with minimal

or no cost to store your data,

No interference with personal photos and documents for

benefits such as free storage

Continue using web-space as it offers ease in uploading pictures

Observe others experiences and feel secured about such risks and

continue to use such services

Figure 4.10: Security Dilemma

- 51 -

Question 11. When visiting websites, they may collect and store your personal information to let you access their services, For e.g. Accessing information about air-tickets, etc. According to you as a user, if given a choice rate the privacy measures will you impose to protect your identity?

PRIVACY Vs RATING  IMPORTANT  NIETHER, NOR  UNIMPORTANT

Data Protection  104  5  8 

Right to Control  107  5  5 

Restrict Secondary Use  101  7  6 

Identify website data collection and sharing process  96  15  5 

Issue Digital Certificates  90  16  10 

Inference and Linking Attack Protection  103  10  3 

Table 4.11

The privacy measures highlighted in the literature were tested on the end-users to

analyse their views in relation to protecting themselves from issues such as identity

theft, phishing, etc. Although, users were asked to rate from 1 to 5, their responses are

condensed into groups of importance, neither important nor unimportant and

unimportant. This helps in data analysing as well as presenting it effectively. The area

chart depicts that most privacy related measures are important as highlighted below in

dark. However, the gap keeps widening when factors such as issue of digital

certificates are considered.

Privacy Dilemma

0.0%

20.0%

40.0%

60.0%

80.0%

100.0%

120.0%

UNIMPORTANT

NIETHER, NOR

IMPORTANT

UNIMPORTANT 6.8% 4.3% 5.3% 4.3% 8.6% 2.6%

NIETHER, NOR 4.3% 4.3% 6.1% 12.9% 13.8% 8.6%

IMPORTANT 88.9% 91.5% 88.6% 82.8% 77.6% 88.8%

Data Protection Right to ControlRestrict

Secondary Use

Identify website data collection

and sharing

Issue Digital Certificates

Inference and Linking Attack

Protection

Figure 4.11: Privacy Dilemma

- 52 -

Question 12. When adopting to a Cloud solution, or using cloud web-services what according to you as a user, if given a choice what security measures will you add to your wish-list? (Multiple Choice)

Using these applications and services on a familiar platform such as Windows OS, Linux OS or Apple OS  55Complete knowledge about infrastructure, i.e. hardware used, the systems  39

Location of where your data is store  47Control on secondary usage – to ensure the information entered on the website once is not used again by some other source without your knowledge  72Use of encryption techniques – to encode your data to add an additional layer of security in case the cloud vendors security is hacked  72Use of Authentication Processes – through Open‐source software to create username and password  76

Authorization practices – to create lists of people who are authorised to access information  80

TOTAL RESPONSES  101

54.5%

38.6%

46.5%

71.3% 71.3%75.2%

79.2%

0.0%

10.0%

20.0%

30.0%

40.0%

50.0%

60.0%

70.0%

80.0%

Percentage

Using these applications  and services  on afamiliar platform such as  Windows OS,Linux OS or Apple OS

Complete knowledge about infrastructure,i .e. hardware used, the systems

Location of where your data is  store

Control  on secondary usage – to ensure theinformation entered on the website once isnot used again by some other sourcewithout your knowledge

Use of encryption techniques  – to encodeyour data to add an additional  layer ofsecurity in case the cloud vendors securityis  hacked

Use of Authentication Processes  – throughOpen‐source software to create usernameand password

Authorization practices  – to create l ists  ofpeople who are authorised to accessinformation

Figure 4.12: Security measures

- 53 -

- 54 -

5. DISCUSSION AND ANALYSIS

This chapter involves a discussion of the primary findings in context to the

literature reviewed in Chapter 2. A blend of end-user characteristics such as their

beliefs, perceptions, innovativeness, cultural dimensions are being analysed to

comprehend the layers of security and privacy required to guarantee success in

tackling the marketing challenges associated with this new form of computing.

Data display and analysis approach is the procedure considered to analyse the

data. Miles and Huberman (1994), suggest the use of such an approach as it does

support the use of data into summary diagram or visual displays after data is

organised and assembled, post data collection period, to highlight the findings.

The key findings discussed below, also provide an analysis about the marketing

challenges from an end-user perspective. By studying their characteristics,

behaviour, beliefs and attitudes, these findings present facts about dealing with

Cloud Computing challenges of security and privacy to Cloud vendors.

KEY FINDINGS & DISCUSSION

1. Importance of security measures are relatively higher than reducing the

various costs which are incurred in the absence of cloud solution subject to

sensitivity of data.

Security measures are important, but different for different user’s and different kinds

of data. This was ascertained during this research as the same user may interpret

security measures differently when dealing with different kinds of data. For instance,

a lecturer may use their notes to share amongst his/her students and publish it on a

student portal which improves the learning of a student. However, the lecturer (same

user) may want to encrypt the data, or fear the confidentiality of sharing it when using

an online tool to transmit information to the exams office about assessment of

examination and marks obtained by each student.

- 55 -

This kind of data is considered as sensitive data while data which can be shared is

non-sensitive data.

Participant’s usage was tracked by their responses about their web-based usage

ranging from accessing e-mails, to storing pictures, video, using web-applications

such as Google docs to web services such as pay-per use web services to store

organisation data or backing up their hard-drive on a website. Although, the same

user can select more than one option. However, the one’s who did select the options

of backing up their hard-drive to an online website or using a pay-per-use Cloud

service, were considered to be users of sensitive data. This may be potentially a

limitation of this research which has been acknowledged in the subsequent chapter

about limitations. However, the purpose of segregating sensitive and non-sensitive

data through determining the web-usage of the participants was considered for this

research as it is the first of its kind and the awareness of end-users is unknown. This

approach of differentiating sensitive and non-sensitive data by simply confirming

the web-usage, made it simpler for all the participants to comprehend.

An analytical test, using the cross-tab tool available through the Professional

version of SurveyMonkey.com was carried out between the kinds of data, both

sensitive and non-sensitive along with the kinds of security options considered by

multiple users. This data was further plotted on Excel® spreadsheets using pivot

tables and then represented in graphical format for presenting the data obtained.

The first option was to analyse if the end-users will continue using the open-access,

flexible data storage systems which may involve risks as data is stored and

accessible anywhere, which may be compromised. This was tested with users who

backup their hard-drive data to an online tool and those who use pay-per-use

services to store important organisational data as this kind of data would be

sensitive in comparison to data such as e-mails, pictures, videos, etc.

The Figure 5.1 denotes that almost 50.0% of the users who backup their hard-drive to

an online website and 42.5% of the users who use pay-per-use cloud services,

disagree with the idea of taking risks for the benefit of using open-access, flexible

data storage solution and saving on costs involved.

36.4%

30.0%

13.6%

27.5%

50.0%

42.5%

0.0% 5.0% 10.0% 15.0% 20.0% 25.0% 30.0% 35.0% 40.0% 45.0% 50.0%

Sensitive Data

Agree

NeitherAgree, NorDisagree

Diasgree

Yo

u w

ill u

se o

pen-

acce

ss a

nd fl

exi

ble

da

ta s

tora

ge

faci

lity

with

min

ima

l or

no c

ost

to s

tore

you

r d

ata

wh

ich

is a

cce

ssib

leev

ery

whe

re th

rou

gh

inte

rnet

whi

ch m

ay b

e a

t th

e c

ost

of

taki

ng

ris

ks a

s it

may

be

sh

are

d to

unk

no

wn

use

rs

Use of open-access, flexible data storage systems at cost of risks

Pay-per-Use web services to store your or yourorganisation data online, for instance a collegeuses student administration system to store theirstudent records online

Back-up your hard-drive to an online web-site

Figure 5.1: Use of open-access, flexible storage at cost of risks for Sensitive data

Similarly, a small proportion of 13.6% and 27.5% of hard-drive backup and pay-per-

user services users respectively are neither in favour, nor against using cost-effective

means of data storage which may be at risk. This leaves us with 36.4% end-users who

backup their hard-drive and 30.0% end-users who prefer pay-per-use data solutions

who may still wish to continue taking advantage of costs versus risks.

- 56 -

What was interesting to note, was the end-users with non-sensitive data such as using

e-mails, storing pictures and videos, using web-application like Google docs do

reflect a similar picture as seen below in the Figure 5.2, where almost 50% in each of

the categories of different web-usage indicate their disagreement of taking risks

sharing data at the cost vis-à-vis benefiting from the cost-effectiveness offered by

these solutions.

32.8%

30.8%

30.9%

33.7%

16.8%

18.7%18.2%

16.5%

50.4%

50.6%

50.9%

49.5%

0.0% 10.0% 20.0% 30.0% 40.0% 50.0% 60.0%

Non-Sensitive Data

Agree

NeitherAgree, NorDisagree

Diasgree

Yo

u w

ill u

se o

pen

-acc

ess

and

flex

ible

da

ta s

tora

ge fa

cilit

y w

ithm

inim

al o

r no

co

st to

sto

re y

our

da

ta w

hich

is a

cce

ssib

lee

very

wh

ere

thro

ugh

inte

rne

t whi

ch m

ay

be

at t

he

cost

of

taki

ng

risk

s a

s it

may

be

sha

red

to u

nkn

own

use

rs

Use of open access, flexible data storage systems at cost of risk

Web applications such as Google Docs

Store videos

Store pictures / photos

Web e-mail services such as Hotmail, G-mail,Yahoo Mail

Figure 5.2: Use of open-access, flexible storage at cost of risks for Non-sensitive data

- 57 -

The second option being investigated was to examine if end-users want no

interference with their personal data such as photos and documents, for benefits such

as free storage space and they would rather prefer to send physical hard-copies to

ensure complete data-security.

27.9%

45.0%

23.3%

22.5%

48.9%

32.5%

0.0% 5.0% 10.0% 15.0% 20.0% 25.0% 30.0% 35.0% 40.0% 45.0% 50.0%

Sensitive Data

Agree

NeitherAgree, NorDisagree

Diasgree

You

will

wa

nt n

o in

terf

eren

ce w

ith p

erso

nal

ph

oto

s an

ddo

cum

ents

for

bene

fits

such

as

free

sto

rage

spa

ce, r

athe

rpr

efe

r to

se

nd p

hysi

cal h

ard

-co

pies

to e

nsur

e c

ompl

ete

dat

a-se

curit

y

No Interference for benefits such as free storage space

Pay-per-Use web services to store your or yourorganisation data online, for instance a collegeuses student administration system to store theirstudent records online

Back-up your hard-drive to an online web-site

Figure 5.3: No-interference preferred against free storage – Sensitive Data

As seen in the Figure 5.3 above, there are mixed responses where 45.0% of users of

pay-per-use web-services prefer that there is no interference with their personal data

such as photos and documents for free storage space or minimal cost, while 48.9% of

end-users who backup their hard-drive to an online website rejected the idea of no

interference to be able to save on cost. Another interesting observation is that almost

1/5th of these users are neither in favour nor against such interference which would be

potentially an area of further research which is also evident in users of non-sensitive

data where 1/4th of them reflect similar responses as seen in Figure 5.4 below.

- 58 -

36.6%

31.1%

31.5%

36.4%

24.1%

25.6%

24.1%

23.9%

39.3%

43.3%

44.4%

39.8%

0.0% 5.0% 10.0% 15.0% 20.0% 25.0% 30.0% 35.0% 40.0% 45.0%

Non-sensitive Data

Agree

NeitherAgree, NorDisagree

Diasgree

You

will

wan

t no

inte

rfer

ence

with

per

sona

l pho

tos

and

docu

men

ts fo

r be

nefit

s su

ch a

s fr

ee s

tora

ge s

pace

, rat

her

pref

er to

sen

d ph

ysic

al h

ard-

copi

es to

ens

ure

com

plet

e da

ta-

secu

rity

No Interference for benefits such as free data storage

Web applications such as Google Docs

Store videos

Store pictures / photos

Web e-mail services such as Hotmail, G-mail,Yahoo Mail

Figure 5.4: No-interference preferred against free storage – Non-sensitive Data

The third option was to verify if end-users for sensitive and non-sensitive data will

continue using the web-space which offers free storage space and is relatively easier

than maintaining physical data sets managed by themselves. It is clearly evident in

Figure 5.5 and Figure 5.6 below, both sensitive and non-sensitive data end-users

agree with continuing the use of web-storage space as it offers convenience in

uploading in data such as pictures and documents in comparison to using physical

modes of transfer, to transmit the data. Users of video storage solutions were the most

prominent (78.2%) amongst the non-sensitive data segment who agreed to use such

solutions as they offered expediency. While in the sensitive data segment, user who

commonly back-up their hard-drive to an online website were the major advocates

(72.7%) of Cloud based services.

- 59 -

72.7%

65.0%

13.7%

20.0%

13.6%

15.0%

0.0% 10.0% 20.0% 30.0% 40.0% 50.0% 60.0% 70.0% 80.0%

Sensitive Data

Agree

NeitherAgree, NorDisagree

Diasgree

You

will

co

ntin

ue

to u

se th

eir

web

-spa

ce a

s it

offe

rs e

ase

inu

ploa

ding

pic

ture

s p

refe

rred

thro

ugh

suc

h w

eb-s

ervi

ces

rath

er th

an u

sing

oth

er

mod

es o

f tra

nsf

err

ing

or

sha

ring

pict

ures

Use of web-space as it offers ease in uploading data

Pay-per-Use web services to store your or yourorganisation data online, for instance a collegeuses student administration system to store theirstudent records online

Back-up your hard-drive to an online web-site

Figure 5.5: Using web-space which offers uploading ease – Sensitive Data

67.2%

72.5%

78.2%

65.2%

18.7%

17.6%

14.5%

21.3%

14.1%

9.9%

7.3%

13.5%

0.0% 10.0% 20.0% 30.0% 40.0% 50.0% 60.0% 70.0% 80.0%

Non-sensitive Data

Agree

Neither Agree,Nor Disagree

Diasgree

Yo

u w

ill c

ont

inue

to u

se th

eir

web

-spa

ce a

s it

offe

rs e

ase

inup

load

ing

pic

ture

s p

refe

rred

thro

ugh

such

we

b-se

rvic

esra

ther

than

usi

ng o

the

r m

odes

of t

rans

ferr

ing

or

shar

ing

pict

ure

s

Using web-space as it offers ease in uploading data

Web applications such as Google Docs

Store videos

Store pictures / photos

Web e-mail services such as Hotmail, G-mail,Yahoo Mail

Figure 5.6: Using web-space which offers uploading ease – Non-sensitive Data

- 60 -

52.3%

47.5%

22.7%

30.0%

25.0%

22.5%

0.0% 10.0% 20.0% 30.0% 40.0% 50.0% 60.0%

Sensitive Data

Agree

Neither Agree,Nor Disagree

Diasgree

Yo

u w

ill o

bse

rve

oth

ers

exp

erie

nce

s a

nd

feel

se

cure

d a

bo

ut

such

ris

ks a

nd

cont

inu

e to

use

su

ch s

erv

ice

s w

itho

ut b

ein

gco

nce

rne

d a

bou

t i

Observing peer experiences and feel secured

Pay-per-Use web services to store your or yourorganisation data online, for instance a collegeuses student administration system to store theirstudent records online

Back-up your hard-drive to an online web-site

Figure 5.7: Observing peer experiences & feeling secured - Sensitive Data

The fourth option was used to evaluate if end-users will be influenced by observing

the experiences of their peers, when using the web-services based on Cloud

Computing and the extent to which they would feel secured about using them

especially when security and privacy risks are hindering the adoption of Cloud

Computing technology.

Whilst the ratio of end-users who do observe peer experiences when using these web-

services, and also feel a sense of security, was dominant as against those who disagree

with the statement. However, as seen in the Figure 5.7, it does indicate when the

people who neither agree nor disagree are considered along with those who disagree it

outnumbers the number of people who do agree with feeling secured only because

others are following the technology.

- 61 -

46.0%

47.2%

45.5%

49.5%

26.5%

26.4%

30.9%

29.2%

27.5%

26.4%

23.6%

21.3%

0.0% 5.0% 10.0% 15.0% 20.0% 25.0% 30.0% 35.0% 40.0% 45.0% 50.0%

Non-Sensitive Data

Agree

Neither Agree,Nor Disagree

Diasgree

Yo

u w

ill o

bse

rve

oth

ers

exp

eri

ence

s an

d f

eel s

ecu

red

abo

ut

su

ch r

isks

an

d c

on

tin

ue

to u

se s

uch

ser

vic

esw

ith

ou

t b

ein

g c

on

cern

ed a

bo

ut

iObserving peer experiences and feel secured

Web applications such as Google Docs

Store videos

Store pictures / photos

Web e-mail services such as Hotmail, G-mail,Yahoo Mail

Figure 5.8: Observing peer experiences & feeling secured Non-Sensitive Data

The Figure 5.8, above suggests a similar trend for users of non-sensitive data such as

e-mails, pictures, videos and web-based applications like Google documents which

has the leading number of 49.5% respondents who agree being secured based on their

peers perception.

Based on what has been discussed so far, end-users are often concerned about security

of data, whether the data is sensitive or insensitive. Despite the availability of open-

access, flexible storage systems which reduces the maintenance, infrastructural and

implementation costs, most users are not completely certain about the security

measures provided by cloud vendors considering there are various risks involved as

data may be accessible to anyone as it is available on the internet. These users realise

that it is not possible to have absolutely no interference when it comes to publishing

data such as pictures on the web.

- 62 -

- 63 -

Hence many users do prefer to use the web-space based on peer’s experiences about

security of a particular cloud-service or a selective cloud-vendor. Thus the importance

of security measures varies with the sensitivity of data along with various

considerations as discussed earlier.

2. Knowledge of the physical location of the data is not the most critical

information desired by the end-users but does hold some relevance.

As learnt from the literature in Chapter 2, where authors have highlighted the

significance of knowing the physical location of the data stored, the same was

assessed amongst the end-users. The cross-tab tool and the filter option were

particularly useful to conduct a content analysis where the characteristics of end-users

such as their web usage, their awareness about Cloud services, and their

innovativeness in accepting technology were systematically identified to understand

the intensity of knowledge about the physical location of the data storage.

Web-usage Types Vs Importance of Location

54.5%

55.5%

45.2%

48.2%

47.3%

45.7%

0.0% 10.0% 20.0% 30.0% 40.0% 50.0% 60.0%

Web applications such asGoogle Docs

Store videos

Store pictures / photos

Web e-mail services such asHotmail, G-mail, Yahoo Mail

Pay-per-Use web services tostore your or your organisationdata online

Back-up your hard-drive to anonline web-site

Figure 5.9: The importance of knowledge about physical location to end-users based on their usage

The first characteristic which was studied to analyse the importance of identifying

the physical data location was the end-users different web usages. As seen in the

Figure 5.9, the X-axis denotes the percentage of end-users who feel knowing the

physical data storage location is important whilst the Y-axis highlights the different

kinds of web-services used by these end-users. The range of this importance varies

from 45.2% for users of web e-mail services up to 55.5% of pay-per-use web service

users.

- 64 -

Although, these figures may seem to be worth mentioning, however, it was found

insignificant when other security measures were analysed in following sub-sections.

The second characteristic was studied by integrating the aspect about the Cloud-

Computing awareness of the end-users relative to their opinion about importance of

knowing the physical data location of the data they store on the internet.

43.7%

80.0%

44.4%

0.0%

20.0%

40.0%

60.0%

80.0%

Importance about knowing thelocation of where your data is stored

Importance of Knowledge of Physical Data Location Vs Cloud Computing Awareness

Yes, I am aware about it anduse it quite oftenly

No, I am not aware or used thistechnology

Not sure, I have heard the term,but not sure what it is exactly

Figure 5.10: The importance of knowledge about physical location to end-users based on their

awareness about Cloud Computing

Figure 5.10 exhibits that only 43.7% of aware end-users believe that knowing the

physical location is important security measure while 44.4% of informed users feel

likewise. Although the figure above does denote 80.0% of unaware users consider

physical data location as a vital piece of information in securing the data hosted on the

web, a key consideration is the fact that only 5 out of the 122 participants were in this

category. (Refer to page 42, Table 4.5)

The third characteristic, concerning the rate of innovativeness of an individual was

amongst the last determinant of analysing the importance of knowing the location of

the data stored.

The innovativeness of the end-users is an ideal personality trait in analysing the role

of security measures such as the information about location of the data store or the

lack of it.

- 65 -

52.9%

40.0%46.9%

25.0%

50.0%

0.0%

10.0%

20.0%

30.0%

40.0%

50.0%

60.0%

Importance about knowing the location of whereyour data is stored

Importance of knowledge of physical data location Vs Rate of Innovatiness

Innovator

Early Adopter

Early Majority

Late Majority

Laggards

Figure 5.11: Importance of knowledge about physical location to end-users based on Rate of

Innovativeness of an Individual

The end-users who possess diverse rate of innovativeness, were questioned about

importance of knowing the physical data location as a security measure. As Figure

5.11 signifies, the variation of the least number being 25.0% of Late Majority users

who are skeptical of using a technology unless majority is using it, while 52.9% of

innovators who are risk-bearing and always ready to transform from existing practices

were the most renowned believers of this information which acts as a considerable

factor in securing data over Cloud-based services.

The outcome of this analysis as discussed thus makes it lucid, that knowing the

physical data location of their data does act as an important measure of security in the

minds of most end-users. However, as there are a number of end-users, who disregard

it, suggests that although it is essential to know the location but is not the most critical

security measure to prevent any unwanted sharing of data or avoiding of similar risks,

when adopting a Cloud solution. Subsequent discussions and analysis will further

establish the most critical security measures when other key choices are appraised.

- 66 -

3. Layers of security such as creating Authentication practices and using

Authorisation processes are most vital when the aim of the Cloud service

provider is to ensure maximum security with utmost reliability, followed by

practising encryption and restricting secondary use of data.

The next step in investigating the layers of security while using Cloud solution was to

check the different security measures. As discussed in the literature against the end-

user’s innovativeness in adopting a relatively new technology in data storage

solutions.

Security Measures amongst different individual innovativness

0.0%

20.0%

40.0%

60.0%

80.0%

100.0%

120.0%

Innovator

Early Adopter

Early Majority

Late Majority

LaggardsInnovator 61.8% 32.4% 52.9% 58.8% 67.6% 79.4% 76.5%

Early Adopter 42.2% 35.6% 40.0% 77.8% 71.1% 77.8% 80.0%

Early Majority 59.4% 40.6% 46.9% 75.0% 75.0% 75.0% 78.1%

Late Majority 25.0% 25.0% 25.0% 100.0% 100.0% 75.0% 75.0%

Laggards 50.0% 0.0% 50.0% 50.0% 50.0% 100.0% 100.0%

Use of familiar platforms for web-services /

Having complete knowledge about

infrastructure,

Location of where your data

is store

Control on secondary usage

Use of encryption

techniques – to

Use of Authentication

Processes –

Authorization practices – to create lists of

Figure 5.12: Importance of security measures based on individual innovativeness

As seen in Figure 5.12, the different security measures such as familiarity of

platforms, knowledge about infrastructure, physical location of data storage, control

on secondary usage, use of encryption techniques, authentication processes and

authorisation practices are represented in the graph based on the rate of

innovativeness of the individual end-users.

- 67 -

The primary security measures are mainly, the use of authentication processes at

79.4% amongst Innovators, Authorisation practices at 80.0% and 78.1% amongst

Early Adopters and Early Majority respectively. Similarly amongst the late majority,

use encryption techniques (100.0%) and control on secondary usage (100.0%) were

the most significant layers of security measures. Laggards, also contributed richly

accumulating for 100.0% share of end-users who chose authentication processes

through open-sources software to create usernames and password as well as

authorization practices as the primary layers of security when using web-services or

web-based applications.

78.6%

77.8%

71.8%

71.8%

52.1%

45.3%

35.0%

0.0% 20.0% 40.0% 60.0% 80.0%

Totals

Security Measures Overall

Having complete knowledgeabout infrastructure, i.e.hardware used, the systems

Location of where your data isstore

Use of familiar platforms for web-services / apps

Control on secondary usage

Use of encryption techniques –to encode your data to add anadditional layer of security incase the cloud vendors securityis hacked

Use of Authentication Processes– through Open-source softwareto create username andpassword

Authorization practices – tocreate lists of people who areauthorised to access information

c

Figure 5.13: Importance of security measures on all end-users

- 68 -

- 69 -

Figure 5.13 describes the importance of different security measures amongst all end-

users who have participated in this research. The most critical factors evident are

authorization practices (78.6%) and authentication processes (77.8%) followed by use

of encryption techniques and restricting secondary usage at (71.8%)

- 70 -

4. Cultural differences do play a profound role when data confidentiality and

privacy of Cloud-based solutions are measured.

The end-users who participated in this research were further categorized based on

their ethnicity to highlight the impact played by their cultural differences in the

adoption of technology. The aim of analysing the responses of end-users in a culture-

wise distribution of various privacy choices was to figure out what do end-users from

different ethnic backgrounds, think about data confidentiality and how do they go

about using web-based applications and services based on clouds, considering the

risks of data being accessible anywhere on the internet and possibly shared to

unknown users.

The decision of using an open-access flexible data storage which may be at a risk

amongst different end-users from various ethnicities was amongst the first privacy

choices which was analysed. An important observation before considering the bar-

chart below is out of the 122 respondents, the majority of them fall into the category

of Indians (30.3%), White-Others (20.5%), and Europeans (18.0%), while the

percentage of Hispanic was almost negligible (0.8%) (Refer to Page 40 for details)

The chart in Figure 5.14, below depicts end-users belonging from ethnic backgrounds

associated with most developed countries such as Americans, White-British, White-

Other’s are more sensitive to sharing their data using flexible cloud solutions where

there is any risk involved which is the first of privacy choices analysed in this section.

The figures obtained speaks for itself where 80.0% Americans, 75.0% Whites -

British and 50% of Whites from Other countries disagree with the choice of taking

data sharing risks by adopting to a Cloud solution in order to protect their privacy

rights.

The only exception amongst users from developed countries are European end-users

who are mostly in favour of adopting to a cloud solution even at risks of data sharing,

while 35% of them still disagree.

25.0% 75.0%

33.3% 16.7% 50.0%

20.0% 80.0%

50.0% 15.0% 35.0%

50.0% 50.0%

44.4% 22.3% 33.3%

20.0% 20.0% 60.0%

60.0% 20.0% 20.0%

100.0%

33.3% 33.4% 33.3%

0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%

White – British

White –Other

American

European

African

Asian

Indian

Chinese

Hispanic

Brazilian

Using open-access, flexible data storage solutions at risk of data sharing

Agree Neither Agree, Nor Disagree Diasgree

Diasgree 75.0% 50.0% 80.0% 35.0% 50.0% 33.3% 60.0% 20.0% 0.0% 33.3%

Neither Agree, Nor Disagree 0.0% 16.7% 0.0% 15.0% 0.0% 22.3% 20.0% 20.0% 0.0% 33.4%

Agree 25.0% 33.3% 20.0% 50.0% 50.0% 44.4% 20.0% 60.0% 100.0% 33.3%

White – British

White –Other

American European African Asian Indian Chinese Hispanic Brazilian

Figure 5.14: Culture-wise distribution of end-users willingness to use

Open-access flexible solutions even at risk of data sharing

On the other hand, when responses from end-users, from developing countries were

examined, their denial to using cloud-based web-services and applications was

considerably lower. Asians accounted for 33.3% while only 20.0% of Chinese end-

users were concerned about risks like personal data being shared to unknown people

when uploaded on Cloud-based servers. Indians, amongst this assortment, were most

concerned with such risks and 60.0% refused the proposal of using such solutions

considering the risks involved therein. The responses from end-users representing

South American countries like Brazil chose evenly accounting for 33.3% for all the

three choices.

- 71 -

The second privacy choice involved identifying the different cultural beliefs in

transmitting personal data such as picture through physical distribution by ways of

hard-copies, burning data on CD’s / DVD’s, transmitting through USB sticks and

having no interference what-so-ever in this aspect.

28.5% 71.5%

41.7% 16.6% 41.7%

20.0% 60.0%

30.0% 30.0% 40.0%

50.0% 50.0%

44.4% 11.2% 44.4%

40.0% 28.6% 31.4%

20.0% 60.0% 20.0%

100.0%

50.0% 33.3% 16.7%

0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%

White – British

White –Other

American

European

African

Asian

Indian

Chinese

Hispanic

Brazilian

Users wanting no interference with personal data and prefering to send physical hard-copies

Agree Neither Agree, Nor Disagree Diasgree

Diasgree 71.5% 41.7% 60.0% 40.0% 50.0% 44.4% 31.4% 20.0% 100.0% 16.7%

Neither Agree, Nor Disagree 0.0% 16.6% 20.0% 30.0% 0.0% 11.2% 28.6% 60.0% 0.0% 33.3%

Agree 28.5% 41.7% 0.0% 30.0% 50.0% 44.4% 40.0% 20.0% 0.0% 50.0%

White – British

White –Other American European African Asian Indian Chinese Hispanic Brazilian

Figure 5.15: Culture-wise distribution of end-users wanting no interference with personal data

A similar trend was observed between end-users from developing and developed

countries. For instance, British and Americans respondent show a majority of 71.5%

and 60.0% respectively, disagreeing with the thought of no interference with their

personal data and being strict about protecting their data by following rigid approach

while transferring data. This observation signifies that these end-users prefer

flexibility in storing and transmitting data at the same time are concerned about

protecting it from being available to unknown entities. The other majority are end-

users from Africa (50.0%), Asia (44.4%) and India (40.0%) who agree with no

interference with their personal data.

- 72 -

The third choice to analyse, although may seem identical to the previous two

discussed above. However, the major consideration over testing this choice amongst

end-users belonging to various backgrounds was to key in the importance of use of

web-space due to uploading ease. Although, it can still be argued that similar analysis

is conducted between these variables, however in my view it was important to find

how much would the ease in uploading, be a factor in comparison to the difficulty in

using physical means of data transmission, discussed in the previous privacy choices.

50.0% 25.0% 25.0%

50.0% 25.0% 25.0%

80.0% 20.0%

60.0% 20.0% 20.0%

100.0%

88.9% 11.1%

74.3% 14.3% 11.4%

60.0% 40.0%

100.0%

83.3% 16.7%

0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%

White – British

White –Other

American

European

African

Asian

Indian

Chinese

Hispanic

Brazilian

Users prefering to use web-space as it offers ease in uploading

Agree Neither Agree, Nor Disagree Diasgree

Diasgree 25.0% 25.0% 0.0% 20.0% 0.0% 0.0% 11.4% 0.0% 0.0% 0.0%

Neither Agree, Nor Disagree 25.0% 25.0% 20.0% 20.0% 0.0% 11.1% 14.3% 40.0% 0.0% 16.7%

Agree 50.0% 50.0% 80.0% 60.0% 100.0% 88.9% 74.3% 60.0% 100.0% 83.3%

White – British

White –Other American European African Asian Indian Chinese Hispanic Brazilian

Figure 5.16: Culture-wise distribution of end-users preferring to use web-space due to its

ease in uploading

As seen in Figure 5.16, the end-users belonging to the White ethnicity (both, British

and Others) are the least amongst the group at 50.0% who agree with the ease of

uploading being a dominant factor impacting their need for keeping data confidential /

protect its confidentiality.

- 73 -

Statistics of each of the other representatives imply that ease in uploading is central to

attract web-usage through Cloud-based solution despite of cultural differences.

The final choice, was straight-forward, precise and aimed at identifying end-user

opinions about feeling secured in respect to privacy risks, by observing others

experiences. This analysis would not only be beneficial to address the privacy risks

but also helps to tackle the security issue which is a crucial marketing issue in

adoption of Cloud Computing technology.

37.5% 12.5% 50.0%

16.7% 45.8% 37.5%

60.0% 40.0%

55.0% 30.0% 15.0%

100.0%

55.6% 22.2% 22.2%

57.1% 17.1% 25.8%

60.0% 20.0% 20.0%

100.0%

50.0% 33.3% 16.7%

0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%

White – British

White –Other

American

European

African

Asian

Indian

Chinese

Hispanic

Brazilian

Users who observe others experiences and feel secured about privacy risks

Agree Neither Agree, Nor Disagree Diasgree

Diasgree 50.0% 37.5% 0.0% 15.0% 100.0% 22.2% 25.8% 20.0% 0.0% 16.7%

Neither Agree, Nor Disagree 12.5% 45.8% 40.0% 30.0% 0.0% 22.2% 17.1% 20.0% 0.0% 33.3%

Agree 37.5% 16.7% 60.0% 55.0% 0.0% 55.6% 57.1% 60.0% 100.0% 50.0%

White – British

White –Other American European African Asian Indian Chinese Hispanic Brazilian

Figure 5.17: Culture-wise distribution of end-users who observe others experiences in feeling

secured about privacy risks

Figure 5.17, above shows a complete contrast to the previous choices where

responses of end-users from developing and developed countries were discussed and

analysed. The culture-wise distribution of end-users who feel secured about privacy

risks by observing others experience demonstrated that 60% Americans, 55%

- 74 -

- 75 -

Europeans, 55.6% Asians, 57.1% Indians, 60% Chinese and 100% Hispanic

ethnicities were influenced by peers, colleagues and others more than their

counterparts.

Despite of analysis between the two variables of ethnic background and the privacy

options they prefer, what was desired to diagnose was the cultural impact into the rate

of individual innovativeness.

Culture Vs Innovativeness

Person who is an initiator, risk-taking,

ready to change from

current practices

An opinion leader, ready to

try out new ideas

(technology) before others do

Person who is thoughtful, careful but

accepts changes more swiftly then

others

A skeptical person who will use technology

only after majority is

using it

Traditional person who will

accept technology once it has

become mainstream and universally used

White – British 8.3% 8.9% 3.0% 0.0% 0.0%

White – Other 27.8% 17.8% 12.1% 50.0% 50.0%

American 5.6% 2.2% 3.0% 25.0% 0.0%

European 16.7% 26.7% 9.1% 0.0% 0.0%

African 5.6% 0.0% 0.0% 0.0% 0.0%

Asian 2.8% 6.7% 12.1% 25.0% 50.0%

Indian 30.6% 28.9% 39.4% 0.0% 0.0%

Chinese 2.8% 0.0% 12.1% 0.0% 0.0%

Hispanic 0.0% 0.0% 3.0% 0.0% 0.0%

Brazilian 0.0% 8.9% 6.1% 0.0% 0.0%

Table 5.1: Culture Vs Rate of Individual Innovativeness

The majority of response rates were from end-users belonging to communities such as

Indian, White-Others, Europeans and Americans. As seen in Table 5.1 above, only

concentrating on this majority, their rate of innovativeness varies and hence they are

classified into different groups based on their individual innovativeness. Indian’s

contribute to a majority of Early Majority at 39.4%, Europeans end-users are

primarily Early Adopters with a majority of 26.4%, while 25.0% of American

respondents who participated in this research accounted for mostly late majority who

accept use of technology when the majority has accepted it.

5. The most influential factor initially in the decision making process about

technology acceptance is primarily based on suitability of needs, while they

perceive technology as acceptable if there are long-term sustainable benefits

associated with its acceptance

The respondents were also questioned about the most influential factor when it

comes to first hearing about a cost-effective technology. The reason the question

specifically stated “cost-effective” was to present the option to disregard the cost

factor involved which may be a distinguishing factor based on income-levels of

an end-user. Since this study does not go in-depth in studying individual

characteristics of income levels, which could possibly be an area of further

research.

The results as seen in Figure 5.18, implies that when a new technology comes

into existence, the 89.2% end-users focus on it’s suitability to their needs before

considering making any decision about acceptance or rejection of the same.

89.2%41.7%

69.2%55.0%

53.3%

37.5%30.8%

27.5%

0.0% 10.0% 20.0% 30.0% 40.0% 50.0% 60.0% 70.0% 80.0% 90.0%

Response Percent

Factors initially considered in decision making process about technology acceptance

Whether any unanticipated / side-effects of the new technology are looked upon by the service-providerWhether Post-sales services will be offered by its vendorWhether visibility of its results are seen alreadyWhether any trial options will be offered to you to test itWhether it is relatively advantageous than the previous oneWhether it will deliver as promisedWhether it is compatible with industry standardsWhether it is suitable to your needs

Figure 5.18: Factors influencing end-users at the initial stage of newly developed technology

- 76 -

- 77 -

The next most crucial factor is whether the given technology will deliver as promised.

Cloud vendors, like most marketers make promises to attract the use of Cloud-based

data storage systems.

Based on this reason, end-users as much as 69.2% of the total respondents opted for

deliverability standards as promised.

When you hear about a cost-effective new technology, you first consider? (Multiple Choice)

Response Percent Response Count

Whether it is suitable to your needs 89.2% 107

Whether it is compatible with industry standards 41.7% 50

Whether it will deliver as promised 69.2% 83

Whether it is relatively advantageous than the previous one 55.0% 66

Whether any trial options will be offered to you to test it 53.3% 64

Whether visibility of its results are seen already 37.5% 45

Whether Post-sales services will be offered by its vendor 30.8% 37 Whether any unanticipated / side-effects of the new technology are looked upon by the service-provider

27.5% 33

Table 5.2: Response-percent and Response-Count (Max: 100% or 120 responses, 2 skipped)

The Table 5.2 represents rest of all the other factors such as compatibility with

industry standards, relative advantage over the previous technology, trial-ability

options, visibility of the results of the given technology, post-sales services offers and

any other unanticipated / side-effects being looked upon by the service provider.

The next set of responses were analysed to distinguish the most crucial factors while

accepting / rejecting a new technology. There was an open-ended text-box also

incorporated to capture any factors which may have been overlooked. The end-users

were thereby encouraged to specify any factors not present in the original

questionnaire design.

50.4%

24.4%

70.6%

64.7%

7.6%

5.9%

0.0% 10.0% 20.0% 30.0% 40.0% 50.0% 60.0% 70.0% 80.0%

Response Percent

Factors influencing while accepting / rejecting a new technology

Proper training, knowledge and organisation's support Social group’s acceptance : Peers/Colleagues point of view

Long-term benefits associated with it Ability to use the technology

Status symbol or Brand Image in using it Other (please specify)

Figure 5.19: Factors influencing end-users while accepting / rejecting a new technology

Which of the following factors influence you most in accepting / rejecting a new technology? (Multiple choice answer)

Response Percent Response Count

Proper training, knowledge and organisation's support 50.4% 60

Social group’s acceptance : Peers/Colleagues point of view 24.4% 29

Long-term benefits associated with it 70.6% 84

Ability to use the technology 64.7% 77

Status symbol or Brand Image in using it 7.6% 9

Other (please specify) 5.9% 7

Table 5.3: Response-percent and Response-Count (Max: 100% or 119 responses, 3 skipped)

The table 5.3 represent the various factors along with the percentage & count of end-

users who selected the particular choices. The most common amongst all the end-

users was the long-term benefits associated with the given technology (Cloud

Computing), in context to this research. 70.6% of end-users were concerned about the

long term benefits offered by Cloud-computing to maintain sustainable competitive

advantage in the long-run. The other two factors were closely associated to each other

namely the ability to use technology (64.7%) and support from organisation through

imparting knowledge and training (50.4%)

- 78 -

6. Uncertainty avoidance affects the end-user behaviour differently based on

their age and gender

It has been learnt from the literature that there are various uncertainties which revolve

around the technology acceptance model. Users are wary about many unknown

possibilities associated with the technological adoption. This research does involve

addressing the question as to which are the key uncertainty elements, which if

controlled may affect end-user behaviour positively by studying their characteristics

and their behaviour. Participants from different age-groups and genders were

presented a series of alternatives in considering adoption of technology from the time

they first hear about a new technology (Cloud-computing, in context of this research),

till the end of the decision-making process about accepting or rejecting its use. The

charts below highlight the key uncertainty areas both gender-wise and age-wise to

prove the above finding.

Gender-wise distribution of crucial uncertainty factors

89.0%

45.0%

69.0%

55.0%

54.0%

38.0%

33.0%

29.0%

90.0%

25.0%

70.0%

55.0%

50.0%

35.0%

20.0%

20.0%

0.0% 10.0%

20.0%

30.0%

40.0%

50.0%

60.0%

70.0%

80.0%

90.0%

100.0%

Suitability to your needs

Compatiblity to industry standards

Deliverable as promised

Relatively advantageous over previous technology

Trial options offered to test it

Visibility of results seen already

Post-sales services offered by the vendor

Service provider's initiative in taking Un-anticipated / side-effects into account

Male Female

Figure 5.20: Gender-wise distribution of uncertainty factors

Figure 5.20, highlights that suitability of needs of a given technology to an end-user

is the most crucial factor which if looked upon by the cloud-vendors will pay rich

dividends in acceptance of this new form of computing.

- 79 -

Most men and women, 89.0% and 90.0% respectively have chosen this factor

associated with the market uncertainty as described by Moriarity et.al (1989),

Gardner, D (1990) and Moore, G (2002).

This is followed by the technological uncertainty of deliverability as per promises of

the cloud-vendors. A similar ratio of 69.0% and 70.0% was observed between the

males and females who opted to participate for this research. An observation worth

mentioning was the difference of opinion regarding the compatibility of industry

standards offered by Cloud-based solutions between the two genders where 45.0%

men supported, only one quarter of women considered it as an crucial uncertainty

factor.

Similarly, the age-wise distribution below in Figure 5.21, illustrates an interesting

disparity between end-users of different age-groups. Identical to the gender-wise

distribution of crucial uncertain factors selected by end-users about acceptance of

technology, suitability of needs and deliverability of technology as promised does

appear to the be most prominent factor across all ages between 18 – 29 years, 30 – 49

years and 50 – 64 years old.

Age-wise distribution of crucial uncertainty factors

83.7%

44.2%

69.8%

60.5%

48.8%

37.2%

23.3%

27.9%

94.0%

41.8%

67.2%

49.3%

58.2%

34.3%

35.8%

23.9%

80.0%

30.0%

80.0%

70.0%

40.0%

60.0%

30.0%

50.0%

0.0% 10.0% 20.0% 30.0% 40.0% 50.0% 60.0% 70.0% 80.0% 90.0% 100.0%

Suitability to your needs

Compatiblity to industry standards

Deliverable as promised

Relatively advantageous over previous technology

Trial options offered to test it

Visibility of results seen already

Post-sales services offered by the vendor

Service provider's initiative in taking Un-anticipated / side-effects into account

18 – 29 years 30 – 49 years 50 – 64 years

Figure 5.21: Age-wise distribution of uncertainty factors

- 80 -

- 81 -

Yet again, factors such as service providers initiative in reference to un-anticipated

side-effects is more popular 50.0% amongst the age group of 50-64 years.

A similar trend is observed for factors such as visibility of results and relative

advantage over the previous technology where end-users from the 50-64 year age-

group rated them 60.0% and 70.0% respectively.

- 82 -

7. The significance of privacy in relation to Cloud-based information systems

has multiplied as most end-users like to see the Cloud vendors impose a

series of privacy measures. One can only ensure that the required data is

shared while PII is protected, if the combination of all the privacy measures

is practised simultaneously.

Privacy control measures advocated by authors like Bagehi and Atluri (2006),

Jahankhani (2009) and Velte (2010) were put to test using this research to test the

end-user's opinions about the combination of these techniques. Using a Likert's scale

rating of 1-5, (where 5 was treated as most important and 1 as least important), based

in the order of importance six variables were tested as stated in the previous chapter

(Refer Figure 4.11, Page 48). Among the total respondents, 91.5% of the end-users

felt their identity and personal information was protected if the websites disclose who

may have access all their personal information. This right to control not only seemed

to bestow confidence to these users to protect their identity, but also offer them an

incentive to use cloud-based services as they may decide who can / cannot view their

personal data.

On the other hand, privacy control measures like identifying the data collection and

sharing process by websites and issuing digital certificates were identified to be not to

important as 26.7% of the population opted for the 3 rating which signified that

although they may help restoring confidence in the minds of the end-users about the

challenges of Cloud data privacy, however its absence may not affect one-fourth of

them. To add to this, 12.9% of the participants viewed it as completely unimportant.

Despite of the popularity of using such digital certificates in the banking industry for

its online customers, to make it more secured and protect customers from identity

thefts, this research highlights that from an end-user point of view, issuing of digital

certificates alone, does not suffice the purpose. Moreover, some end-users who visit

these websites are not concerned, if their data is collected, stored and shared with any

other organisation, which is contrary to what the literature states.

- 83 -

6. CONCLUSION

By investigating attitudes, perceptions, beliefs and behaviour of the end-users of

Cloud computing, this dissertation explained the importance of analysing end-users

opinions when attempting to tackle issues of data security and privacy. High-tech

marketers, such as cloud vendors unlike other marketers have to focus on more than

just managing the traditional marketing mix of 4Ps. While the traditional marketing

campaigns include a series of activities one uses to spread the word out, to get through

to the right people in an effort to be identified by others, to identify Who they are?, to

communicate What they are into? and to notify Where they can be found?, the

marketing of cloud computing services is managed through vendors CRM Marketing,

where multiple campaigns are integrated and managed across diverse systems. For

instance, Salesforce™, an enterprise cloud-computing company manages their

campaigns through Salesforce CRM Marketing, an integrated multi-layered approach

which assists them in protecting the critical user data along with ensuring that cloud-

based applications, processes and systems are monitored and improved upon in order

to meet the challenges and ever-increasing demands of security.

6.1. Research Aims – Restated

The current study was undertaken with an aim to determine key attributes of end-

users which may be useful to cloud vendors in meeting security and privacy

challenges from an end-user perspective. The level of data security and confidentiality

varies across individual end-users from different cultures as their beliefs, attitudes and

perceptions differ. While these characteristics were being examined during the

research, another decisive study about key variables to avoid uncertainty revolved

around this research work. The literature discussed in the beginning of this study

predominantly included thoughts and studies about technology acceptance, in context

to Cloud computing and its challenges by different writers. However, by and large all

the studies were from an organisation perspective, giving least amount of interest to

end-user’s point of view about such challenges.

- 84 -

The complex nature of security and privacy issues was a driving force in conducting

this research to comprehend what Cloud-computing has to offer as it is considered to

be the next-big thing after world-wide-web.

6.2. Summary of the Findings

This section summarizes the findings of this research.

1. Irrespective of the data sensitivity, almost ½ of total end-users oppose the use

of open-access & flexible data storage facility when there is an element of risk

involved, such as data sharing to unknown users

2. ¼ of the total respondents are neither in favour, nor against no interference with

their personal photos and the remainder ¾ is evenly distributed across for and

against sharing data through physical distribution.

3. Ease in uploading data on such cloud-based servers does entice users in

continuing using web-space especially in case of backing up hard-drive to an

online website (Sensitive Data) and storing videos which is usually considered

as Non-sensitive data

4. Near-about half of participants feel secured by observing peer experiences

about a technology.

5. Identification or knowledge about physical data location is not the most

critical piece of information considered necessary by expert end-users who use

variety of web-usage services and possess different levels of innovativeness

levels

6. Instead, the most important element when considering layers of security is

creating lists of people who are authorised to access information by following

authorisation practices, followed by using authentication procedures.

- 85 -

It is here where open-source software’s can be best employed to create usernames

and passwords

7. Culture affects the end-users willingness to use cloud-based solutions in the

presence of risk such as data sharing to unknown users over the internet. For

instance; 75% of British respondents were willing not to use cloud based data

storage facility while 60% of the Chinese participants responded in the

affirmative

8. Observing others experiences and feeling secured about privacy risks is

another common view across cultures

9. Technology which can prove its made to suit end-user needs and has long-term

benefits cannot fail

10. End-users belonging to different genders and age-groups may feel differently

about kinds of uncertainties. For instance, only 25% females feel compatibility

of industry standards is crucial to the success of a given technology, whilst

almost half of the male population opted in favour for it. Similarly, more than

50% end-users in the age-groups of 50-64 years old are concerned about

visibility of results of a given technology and whether the service provider is

taking into account any unanticipated side-effects. In comparison, less than 1/3rd

of the younger population are apprehensive about these uncertainty factors.

11. When it comes to protecting personal identified information (PII), end-users

sense security increases if web-sites disclose who may have access to the

information they enter upon using a cloud-based service. The right to control

their information, is thus a key right upon exercising which the end-users

acquire assurance about data privacy

- 86 -

6.3. Significance of the Research

The findings of this research support the fact that security is a primary concern for

end-users when adopting cloud-based storage solutions. This is more significant when

the data sensitivity is measured. Through this research, the data sensitivity was

considered by analysing the web-usage of the end-users. Results prove that an

element of risk of data security such as data access to unknown users may be adequate

for more than 50% end-users not to use web-based services where their data

(irrespective whether sensitive or non-sensitive) needs to be stored on cloud-based

storage systems. In practice, this offers the cloud-vendors an incentive to develop

secured cloud-solutions targeted to all kinds of end-users with no separate investment

of time and money for different data types. The study established a few interesting

findings such as evenly distributed responses between end-users who prefer no

interference with their data by using physical distribution mechanisms against other

end-users who are in favour of data intervention rather than using physically

transmitting data through USB sticks, CD’s and DVD’s.

The cloud service providers can be benefited by this study as it encompasses certain

facts which may be practically employed when marketing cloud-storage solutions.

The ease in uploading data was one such determinant of the popularity of cloud-based

services amongst end-users, particularly those who backup their hard-drive to an

online website and others who store videos online. The significance of peer’s

experiences in the acceptance of technology rose as an empirical evidence through

this study. While this research provides knowledge to the cloud service provider of

what’s required to enable them to effectively market these solutions, it does highlight

on some not too important areas which can be overlooked so as utilise available

resources effectively. The study does suggest, knowledge about physical data location

is not the most crucial factor which was contrary to studies by Jahankhani et. al

(2009). Firstly, in lieu of such knowledge, the list of people authorised to access

information entered while using cloud-services on websites does generate confidence

in the minds of the end-users. Cloud providers can be best served by investing in

educating the end-users by following authorisation procedures to create such lists.

- 87 -

To second that, the use of open-source software and virtual infrastructure should be

encouraged. This involves a dynamic mapping of the available resources to one’s

business, which will result not only in decreasing the cost of efficiencies, but would

also help increasing responsiveness and efficiencies. With a selection of such

infrastructure in place, creation of user-names and passwords by following

authentication practices can only help cloud-vendors tackling the challenge of data

security and privacy revolving over the Cloud Computing technology.

As studied in the literature, the research study proved that culture is an integral

constituent when dealing with the acceptance of technology. By studying individual

characteristics, such as age, gender, ethnicity, first language / preferred language, etc.

this study was aimed at exploring the effects of culture on data security and privacy

issues related to data storage using Cloud-based storage systems. Although linguistic

effects were not tested during this research, it was included in the questionnaire

design to verify if language was a barrier in end-users comprehensibility of the term

“Cloud-computing”. The fact that 88.5% of respondents responded affirmatively

about the awareness of the term was an adequate enough piece of evidence based on

which the decision to neglect language effect in this research was taken. In addition,

the research does emphasise that despite of cultural differences, a common

observation across cultures is that effect of other’s / peers experiences in feeling

secured about publishing data using cloud-based storage systems.

Most importantly, the study advocates cloud-vendors to innovate and arrive at

technology solutions focussed on suiting end-user needs and offering long-term

benefits to gain competitive sustainable advantage. This is possible by keeping a

check on various uncertainty factors. As this study includes findings of different

uncertainty factors for end-users in different age-groups and belonging to both

genders, the cloud vendors are presented a road ahead to develop storage solutions

targeted at various segments. Lastly, the impact of right to control and restricting the

secondary use of data does seem to be the way forward for cloud-vendors in

protecting personally identifiable information, particularly after this study.

- 88 -

To conclude, the findings of this research enhance our knowledge about data security

and privacy from an end-users perspective. The factors considered by these end-users

as important can be useful for service providers in formulating a new business

strategy whilst developing suitable solutions which are more secured and ensure

protection of data stored through Cloud Computing technology.

- 89 -

7. RECOMMENDATIONS

The study in this research highlights the importance of understanding end-user

behaviour when promoting the use of a new technology such as cloud computing.

Upon analysing the responses of the end-user, it was evident certain key findings

would generate valuable recommendations for providers of Cloud-based storage

solutions. The end-user perspective was intentionally chosen as an area of research as

not much literature has been written in context of acceptance of Cloud computing,

particularly focussing on the security and privacy challenges.

These recommendations for cloud-vendors after studying the end-users through this

study are as follows:

a) Reducing risk element, irrespective of data sensitivity: The cloud-vendors or the

service providers providing cloud-based storage solutions may focus on reducing the

risk element when offering any Cloud-based services, without compromising on data

which may be insensitive. Often levels of data security are associated with data

sensitivity. From an organisation perspective, it may be advisable to offer additional

security depending upon data sensitivity. However, as the research findings highlight

irrespective of data sensitivity more than 50% end-user resist the temptation of using

cloud services at the cost of risks involved.

b) Cashing-on the known benefits: The responses obtained from the end-users

suggests there are some core-deliverables like ease in uploading which is one of the

core benefits of cloud services. Marketing issues such as privacy and security have

prevailed for a number of years in the software industry. However, as this study

suggests certain known benefits like ease in uploading, other’s / peers experiences

about feeling secured should be utilised more often by cloud-vendors as these are the

core factors why end-users adopt for such cloud-services.

- 90 -

c) Acknowledging cultural differences in technology acceptance: The research

findings emphasised the impact of cultural differences on end-users willingness to use

cloud-based solutions. Cloud vendors are aware about it. However, through this study

it is clear; acknowledging such end-users characteristics and differences will enable

them to tackle the uncertainty revolving around the acceptance of technology as

studied in the Technology Acceptance Model. Similarly, the gender-differences and

age-differences if studied before formulating a marketing plan will pay rich dividend

to the efforts of the cloud vendors.

d) Exercising and educating the “Right to Control”: As discovered from the

research findings, the right to control and restricting the secondary use of data is one

key attribute praised by end-users. The information about who may have access to

their data not only gives them a sense of security about their data, it also allows them

to protect their personally identified information and exercise their privacy rights.

What cloud-vendors ought to do is to educate the end-users about their right to control

their data against any secondary use without their knowledge.

- 91 -

8. LIMITATIONS

The limitations of this research have been acknowledged in previous chapter

where discussion about the findings has been discussed in detail. There are a few

limitations which were identified as the research design was implemented.

a) Identifying the “right amount” of samples, given the time constraint:

The primary limitation of this research was identifying sample size which would

represent the end-users of Cloud computing. As this technology is gaining

popularity, the number of end-users is ever-increasing. Although the survey was

released and invitations were send well within the first two months of the

commencement of this study, as well as exactly a month being allocated to collect

responses, a total of 122 completed responses were obtained, which may seem to

be a good amount of responses considering the time-scales of this study. However,

if addition time is devoted for a similar study in future, it would represent the right

amount of samples representing the research population.

b) Data Sensitivity:

This research assumes that end-users regard data as sensitive and non-sensitive

data. The bifurcation of data sensitivity is based on their web-usage. For instance,

pictures / photos which are normally published on social networking websites are

considered to be as non-sensitive data, whilst when a professional who uses a pay-

per-use Cloud based service to backup the organisational data, is considered to be

a user of sensitive data. This research does not take into consideration the time

effect or the circumstances change consequences. An end-user, for instance; a

news reporter may have exclusive pictures to be transmitted using an online-

service such as Picasa to his colleague for publishing the news, may consider this

data as most sensitive. Similarly, after a period of time, the same data may be non-

sensitive data if it has been published and available to everyone. Thus, the time-

effect of data sensitivity has a profound impact on the end-users choice.

- 92 -

Considering the same example, if the reporter has been asked to resign from the

job before sharing the news and updating his boss about the exclusive pictures

being captured and available with them, the data sensitivity also alters due to a

change in circumstances.

These limitations are not necessarily criticisms of the research. However, it is

methodologically challenging to know the time effect and change in

circumstances and what needs to be done about it. For e.g. there may be a

possibility of getting the respondents reply on a more sensitive scale like a 1-20

scale other than the 1-5 scale considered in this research. However, even if a

participant responds giving a rating of 14 as instead of 15, there needs to be a

participation of skilled respondents who can differentiate the difference and

reason of selecting a different rating. The analysis of such sensitive scale may also

need a highly skilled analyst who may be able to comprehend that all the

respondents who have rated 17 on a 20 point scale mean the same thing. In

practice, one cannot do it very reliably unless additional time is devoted for

increasing the sample size to reduce individual differences. In addition, use of

other triangulation measures by collecting data through interviews and focus

groups in order to formulate reliable meanings of different scales.

- 93 -

9. AREAS OF FURTHER RESEARCH

As pointed out by the limitations of this research, there is a scope of further research

on analysing the data sensitivity factor amongst the end-users. If opportunity presents,

I would like to take this research on a more sensitive scale of measuring the

sensitivity of data in the minds of end-users. In addition to the sensitivity of data, the

fact that 20% of respondents in this research are undecided about no interference with

their data for using open-access flexible solutions offered by cloud-vendors is another

interesting observation which can be meaningful if these respondents are interviewed

or invited to be a part of a focus-group.

Time-effect of data sensitivity is another avenue which is unanswered in this research.

However, it has been identified towards the closing stages of this study which shows

the way forward. The influence of cost-effectiveness factor in acceptance of

technology by end-users can be studied by encouraging the participants to provide

their income-levels which were not included in this research, primarily due to which

the questionnaire design, explicitly stated “cost-effective” to encourage participants to

focus on other factors which influence them in acceptance of technology rather than

on costs.

- 94 -

REFERENCES

Agarwal, R., and Prasad, J. (1998) “A Conceptual and Operational Definition

of Personal Innovativeness in the Domain of Information Technology”,

Information Systems Research (9:2), pp.204-215

Agarwal, R. (1999), “Individual acceptance of information technologies”

Accessed On: April 15, 2010

Accessed At:

http://www.c4ads.seas.gwu.edu/classes/CSci285_Fall_2004/readings/9/require

d/Agarwal_02.pdf

Aley, J (2003), “Qualcomm: Heads We Win, Tails We Win”, Fortune

Accessed On: June 17, 2010

Accessed At:

http://money.cnn.com/magazines/fortune/fortune_archive/2003/03/03/338374/

index.htm

Bagehi, A. and Atluri (2006), “Information Systems Security”, Second

International Conference, ICISS, Springer, India

Bandura, A. (1986) “Social Foundations of Thought and Action: A Social

Cognitive Theory”, Prentice Hall, Englewood Cliffs, New Jersey

Bell, J. (2005), “Doing Your Research Project”, 4th Ed., Open University

Press, Buckingham

Boynton, A. D., Zmud, R. W., and Jacobs, G. C. (1994) “The Influence of IT

Management Practice on IT Use in Large Organizations”, MIS Quarterly

(18:3), pp. 299-318

- 95 -

Bryman, A. and Bell, E. (2007), “Business Research Methods”, 2nd Ed.,

Oxford University Press, Oxford

Brockman, J (2009),“Counting on the cloud to drive computing’s future”,

NPR

Accessed On: March 9th, 2010

Accessed At - URL:

http://www.npr.org/templates/story/story.php?storyId=102453091

Brown, M. (2009), “White Paper : Cloud Computing”, Maximum PC

Accessed On: March 6th, 2010

Accessed At - URL: http://www.maximumpc.com/print/5047

Buchanan, D., Boddy, D. and McCalman, J. (1988), “Getting in, getting on,

getting out and getting back”, in Bryman, A, “Doing Research in

Organisations”, Routledge, pp. 53-67, London

Chesbrough, H., Vanhaverbeke. W. and West, J (2006), “Open Innovation :

Researching a New Paradigm”, Oxford University Press, Oxford

Christensen, C.M., (1992), “Exploring the limits of technology S-Curve”, Part

1:Component technologies, Production and Operations Research, Vol.1, No.4,

334ff

Davis, F. D. (1989), “Perceived Usefulness, Perceived Ease of Use, and User

Acceptance of Information Technology”, MIS Quarterly(13:3), pp. 319-339

Delone, W. H. (1988) “Determinants of Success for Computer Usage in Small

Business”, MIS Quarterly (12:1), pp. 51-61

Dillon, W.R., Madden. T.J., and Firtle, N.H. (1993), “Essentials of marketing

research”, Irwin, Illinois

- 96 -

Easterby-Smith, M., Thorpe, R. Jackson, P. and Lowe, A.(2008),

“Management Research”, 3rd ed., Sage, London

Ettlie, J.E. (2006), “Managing Innovation : New Technology, Products, and

New Services in a Global Economy”, 2nd Ed, Butterworth-Heinemann, India

Fishbein, M., and Ajzen, I.(1975), “Belief, Attitude, Intention and Behavior:

An Introduction to Theory and Research”, Addison-Wesley, Reading, MA

Fuerst, W. L., and Cheney, P. H. (1982),“Factors Affecting the Perceived

Utilization of Computer- Based Decision Support Systems in the Oil

Industry”, Decision Sciences (13:4), 1982, pp. 554-569

Fulk, J. (1993), “Social Construction of Communication Technology”,

Academy of Management Journal (36:5), pp. 921-950

Gardner, D. (1990), “Are High Technology Products Really Different”,

Faculty working paper case #90-1706, University of Illinois, Urabana

Gartner Press Release (2007), “Gartner Forecasts Worldwide

Communications-as-a-Service Revenue to Total $252 Million in 2007”,

August 2007

Goodenough, W.H. (1971), “Culture, Language and Society”, Modular

Publications, Reading

Gill, J., and Johnson, P. (2002), “Research Methods for Managers”, 3rd Ed.,

Sage Publications, London

Getting Creative, Special Report in Business Week (August 1, 2005)

- 97 -

Gralla, P. (2009), “Google Docs Vs Microsoft Office: It’s a matter of trust”,

Computer World

Accessed On: March 9th, 2010

Accessed At - URL:

http://www.computerworld.com/s/article/343002/Google_vs._Microsoft_It_s_

a_Matter_of_Trust

Hoyer, W.D and Maccinis, D.J (2009), “Consumer Behaviour”, 5th Ed.,

South-Western : Cengage Learning, USA

IDC Enterprise Panel (2008a), “IDC findings”, pp. 154 in Rittinghouse, J.W.

and Ransome, J.F. (2010), “Cloud Computing – Implementation, Management

and Security”,CRC Press, London

Igbaria, M. (1990), “End-user computing effectiveness: a structural equation

model” Omega, 18 (6)

Jacoby, Jacob, Szybillo, G.J. and Berning, C.K. (1976), “Time and Consumer

Behavior : An Interdisciplinary Overview”, Journal of Consumer Research, pp

320-339

Jahankhani, H., Hessami, A.G., and Hsu, F (2009), “Global Security, Safety,

and Sustainability: 5th International Conference”, London, UK

Jankowicz, A.D. (2005), “Business Research Projects”, 4th Ed., Thomson,

London

Kaplan, Jeffrey (2009), “Five myths about SaaS”, CIO

Accessed on 10/04/2010

Accessed at: http://cio.com/article/print/486091

- 98 -

Leonard-Barton, D., and Deschamps, I. (1988), "Managerial Influence in the

Implementation of New Technology," Management Science (34:10), 1988, pp.

1252-1265

Leonard-Barton, D. (1987), “Implementation of Structured Software

Methodologies: A Case of Innovation in Process Technology”, Interfaces

(17:3), pp. 6-17

Lewis, W., Agarwal, R. and Sambamurty, V (2003), “Sources of Influence on

Beliefs about Information Technology Use : An Empirical Study of Knowledge

workers”, MIS Quarterly, Vol. 27, No. 4, pp. 657-663

Linton, R (1945), “The Cultural Background of Personality”, Appleton-

Century, New York

March, J. and Simon, H. (1958), “Organisations”, John Wiley & Sons, New

York

Mathieson, K. "Predicting User Intentions: Comparing the Technology

Acceptance Model with the Theory of Planned Behavior," Information

Systems Research (2:3), 1991, pp. 173-191

McBurney, D.H. and White, T.L. (2007), “Research Methods”, 8th Ed.,

Cengage Learning, Wadsworth

Melone, N. P. (1990), “A theoretical assessment of the user-satisfaction

construct in information systems research”, Management Science, 36 (1)

Miles, M.B. and Huberman, A.M. (1994), “Qualitative Data Analysis”, 2nd

Ed., Thousand Oaks, Sage, CA

- 99 -

Miller, M. (2009), “Cloud Computing : Web-Based Applications That Change

the Way you Work and Collaborate Online”, Que Publishing, USA

Mohr, J., Sengupta, S. and Slater, S. (2005), “Marketing of High-Technology

Products and Innovations”, 2nd ed., Pearson Education, New Jersey

Monge et.al (1992); Pennings and Harianto (1992); in Agarwal,R. (1999),

“Individual acceptance of information technologies”

Accessed On: April 11, 2010

Accessed At:

http://www.c4ads.seas.gwu.edu/classes/CSci285_Fall_2004/readings/9/require

d/Agarwal_02.pdf

Moore,G . C., and Benbasat, I (1991), "Development of an Instrument to

Measure the Perceptions of Adopting an Information Technology Innovation,"

Information Systems Research (2:3), 1991, pp. 192-222

Moore, G. (2002), “Crossing the Chasm, Marketing and Selling Technology

Products to Mainstream Customers”, Harper Business, New York

Moriarty, R. and Thomas, K. (1989), “High-Technology Marketing: Concepts,

Continuity and Change”, Sloan Management Review, 30(Summer), pp.7-17

Oppenheim, A.N. (2000), “Questionnaire Design: Interviewing and Attitude

Measurement, New Ed., Continuum International, London

Page, C., and Meyer, D. (2000), “Applied research design for business and

management”, Irwin, Sydney

Polonsky, M.J. and Waller, D.S. (2004), “Designing and Managing a

Research Project: A Business Student’s Guide”, Sage Publications, India

- 100 -

Raimond, P. (1993), “Management Projects”, Chapman & Hall, London

Raymond, L. (1988), “The Impact of Computer Training on the Attitudes and

Usage Behavior of Small Business Managers” Journal of Small Business

Management (26:3), 1988, pp. 8-13

Robson, C. (2002), “Real World Research”, 2nd Ed., Blackwell, Oxford

Rogers, C.R. (1961), “On Becoming a Person”, Constable, London

Rogers, E. M. (1995), “Diffusion of Innovations”, 4th ed., Free Press, New

York

Rittinghouse, J.W. and Ransome, J.F. (2010), “Cloud Computing –

Implementation, Management and Security”, CRC Press, London

Sanders, G. L., and Courtney, J. F. (1985), “A Field Study of Organizational

Factors Influencing DSS Success,” MIS Quarterly (9:1), pp. 77-91

Saunders, M., Lewis, P., and Thornhill, A. (2009), “Research Methods for

Business Students”, 5th ed., Prentice Hall, London

Sahal, C.(1991), “Patterns of technological innovation”, Addison-Wesley

Publishing Company, Inc., Reading

Schmitz, J., (1991), “Organizational Colleagues, Media Richness, and

Electronic Mail: A Test of the Social Influence Model of Techno-logy Use”,

Communication Research (18:4), pp. 487-523

Sekaran, U. (2003), “Research Methods for Business: A Skill-Building

Approach”, 4th Ed., Wiley, New York

- 101 -

Schumpeter, J.A. (1934), “The Theory of Economic Development”, Harvard

University Press, Cambridge

Schwartz, Ephraim (2008a), “The dangers of cloud computing”, InfoWorld,

Accessed On: 13/06/2010

Accessed At: http://www.infoworld.com/d/cloud-computing/dangers-cloud-

computing-839

Spears, Nancy, Ziaohua, and Mowen, J.C. (2001), “Time Orientations in the

United States, China and Mexico: Measurement and Insights of Promotional

Strategy”, Journal of International Consumer Marketing, pp. 57-75

Sun Microsystems, June 2009, “Introduction of Cloud Architecture”

Whitepaper 1st Edition, USA

TRUSTe Press Release (2008), “Ponemon Institute and TRUSTe Announce

Results of Annual Most Trusted Companies for Privacy Survey”

Accessed On: 11/04/2010

Accessed At: http://www.truste.com/about_TRUSTe/press-

room/news_truste_ponemon_name_trusted_companies_08.html

Tranfield, D., Denyer, D. and Smart, P. (2003), “Towards a methodology for

developing evidence-informed management knowledge by means of systematic

review”, British Journal of Management, Vol 14, No.3, pp. 207-222

Usunier, J. and Lee, J.A. (2009), “Marketing Across Cultures”, 5th ed.,

Prentice Hall, Harlow

Velte, A.T., Velte, T.J., and Elsenpeter, R. (2010), “Cloud Computing : A

Practical Approach”, McGraw-Hill, USA

- 102 -

Venkatesh, V., Morris, M.G., Davis, G.B. and Davis, F.D. (2003), “User

Acceptance of Information Technology”, MIS Quarterly, Vol. 27, No. 3, pp

425 – 478

Weller, S.C., and Romney, A.K.(1988), “Systematic data collection”, Sage

Publications, Newbury Park, CA

Witmer, D.F., Colman, R.W., and Katzman, S.L. (1999), “From paper and

pen to screen and keyboard: Towards a methodology for survey research on

the Internet, in S. Jones(ed.) “Doing Internet Research, Thousand Oaks, Sage,

CA, pp. 145-62

Worthen, Ben and Jessica E. Vascellaro (2009), “Gmail glitch shows pitfalls:

Failure spurs concern over reliability of online software”, The Wall Street

Journal.

Accessed On April 10, 2010

Accessed At: http://online.wsj.com/article/SB123561652440078567.html

Wyld, D.C. (2009), “Moving to the Cloud: An Introduction to Cloud

Computing in Government”, Reports on IBM Center for the Business of

Government, Washington, DC

- 103 -

APPENDICES

QUESTIONNAIRE FOR END-USERS

My name is Rajiv Uttamchandani, an international student pursuing my Master in Business Administration – (Marketing) from the University of Wales Lampeter. It is my pleasure to invite you to participate in resolving a business problem in the technology sector through your valuable feedback. A blend of technology and marketing is essence of this research which aims to study Data Security and Privacy challenges from an end-user perspective in acceptance of Cloud Computing technology which is a major marketing challenge for Data Storage companies to switch from Desktop computing to Cloud Computing. Your participation in this survey is completely voluntary, thereby providing you the right to say no or you may wish to withdraw at any time. If you have any queries, concerns, suggestions or questions about this study you may wish to contact, anonymously if you wish About Yourself: A set of preliminary questions. Please tick the appropriate answer

1. E-mail Address 2. Please select your Age-group

[ ] 17 / Under [ ] 18 – 29 years [ ] 30 – 49 years [ ] 50 – 64 years [ ] 65 and above

3. Gender

[ ] Male [ ] Female

4. Your Ethnic background

[ ] White – British [ ] Brazilian [ ] White – Other [ ] Indian [ ] African [ ] Asian [ ] Chinese [ ] American [ ] Hispanic [ ] Not mentioned – Others Please specify ___________

5. Your First Language __________________

- 104 -

About Technology Awareness & Acceptance

Q6) Have you come across the term “Cloud Computing” or ever used such technology? (Single choice) [ ] Yes – I am aware about it and use it quite oftenly – Informed user [ ] No – I am not aware or used this technology – Unaware user [ ] May be – I have heard the term, but not sure what it is exactly– Aware user Q7) Select all the web-based services you use when online? (Multiple choice – Select all possible options) [ ] Web e-mail services such as Hotmail, G-mail, Yahoo Mail [ ] Store pictures / photos [ ] Store videos [ ] Web applications such as Google Docs [ ] Pay-and-use services to store your or your organisation data online [ ] Back-up your hard-drive to an online web-site NOTE: Using any of the above services is an indicator that you are using the Cloud technology, knowingly or unknowingly Q8) When you hear about a new technology, you first consider? (Multiple choice – Select all possible options) [ ] Whether it is suitable to your needs [ ] Whether it is compatible with industry standards [ ] Whether new technology will deliver as promised [ ] Whether it is relatively advantageous than the previous option [ ] Whether trial option will be offered to you to try and test it [ ] Whether there are visible results seen already [ ] Whether Post-sales services will be offered

- 105 -

[ ] Whether any un-anticipated / side-effects of the new technology are looked upon by the service-provider Q9) What describes you best amongst the following options in reference to adaptation to new technology? (Single choice answer) [ ] Person who is an initiator, risk-taking, ready to change from current practices [ ] An opinion leader, ready to try out new ideas (technology) before others do [ ] Person who is thoughtful, careful but accepts changes more swiftly then others [ ] A skeptical person who will use technology only after majority is using it [ ] Traditional person who will accept technology once it has become mainstream and universally used Q10) Which of the following factors influence you most in accepting / rejecting a new technology? (Multiple choice answer) [ ] Proper training, knowledge and support from your organisation [ ] Peers / Colleagues / Other’s point of view – Social group’s acceptance [ ] Long-term benefits associated with it [ ] Ability to use the technology [ ] Status symbol or Brand Image in using it [ ] All of the above

About Security & Privacy Q 11. Consider the two cases below: Case 1: Organisations allow you to use their web-applications for various different purposes, e.g. storing millions of images and share them on Picasa, or uploading personal photos on social networking website such as Facebook, thereby allowing you to use their data storage infrastructure with minimal or no cost Case 2: The data which you actually stored, resides on a physical location unknown to most data storage companies through Cloud service-providers where such data can be shared or hacked by expert hackers

- 106 -

On a rating of 1-5, where 1 is Completely Disagree and 5 is Completely Agree, select the option what you believe you would be most appropriate according to you while considering using storage services

[ ] You will use open-access and flexible data storage facility with minimal or no cost to store your data which is accessible everywhere through internet which may be at cost of taking risks where it may be shared to unknown users [ ] You will want no interference with personal photos and documents for benefits such as free storage space, rather prefer to send physical hard-copies to ensure complete data-security [ ] You will continue to use their web-space as it offers ease in uploading pictures preferred through such web-services rather than using other modes of transferring or sharing pictures [ ] You will observe others experiences and feel secured about such risks and continue to use such services without being concerned about it Q12) On visiting websites, they may collect and store your personal information to let you access their services, For e.g. Accessing information about air-tickets, etc. According to you as an end-user, if given a choice what privacy measures will you impose to protect your identity ? (Multiple Choice) [ ] To enforce Data Protection Requirement Regulation –i.e. to consider who is the data owner, data holder and whether privacy laws are in place [ ] To disclose who may access your personal information entered – Right to control [ ] To restrict secondary use of the information entered by any other source so that if you enter details on website, its is not shared with another organisation [ ] To identify whether websites visited, have either collected, stored, and possibly sharing personal information [ ] To issue Digital certificates issued to websites for organisations as authorised holders of information [ ] To impose Inference and Linking attacks protection – ensuring that information released or submitted in the web-page is not open to attacks to infer data

- 107 -

Q13) When adopting to a Cloud solution, or using cloud web-services what according to you as a user, if given a choice what security measures will you add to your wish-list? (Multiple Choice)

[ ] Using these applications and services on a familiar platform such as Windows OS, Linux OS or Apple OS [ ] Complete knowledge about infrastructure, i.e. hardware used, the systems [ ] Location of where your data is store [ ] Control on secondary usage – to ensure the information entered on the website once is not used again by some other source without your knowledge [ ] Use of encryption techniques – to encode your data to add an additional layer of security in case the cloud vendors security is hacked [ ] Use of Authentication Processes – through Open-source software’s to create username and password [ ] Authorization practices – to create lists of people who are authorised to access information

- 108 -

RECORD OF MEETINGS

Date: 23/02/2010 Summary of Discussion: Discussion of topic in forms of groups. Motivation or Rationale of the topic Work required by next meeting: Refine literature about security Read about Companies / Consumer perspective about confidentiality Cultural dimensions More sharply defined research questions Date of next meeting: 02/03/2010 Date: 02/03/2010 Summary of Discussion: Research Questions discussed Research Design almost ready Both of which are approved Work required by next meeting: Further reading for literature review and drafting the introduction Date of next meeting: 09/03/2010 Date: 09/03/2010 Summary of Discussion: Introduction draft Structure discussed Work required by next meeting: Group the literature review in key things How do they intersect? Finding issues and areas of interesting Research Design Date of next meeting: Undecided. Will correspond through an e-mail depending upon literature review

- 109 -

Date: 23-03-2010 Summary of Discussion: Literature Review structure discussed Literature includes key points such as Technological changes and its effects, New Cloud Model, Role of Open Source software in Cloud computing, Virtualisation and the challenges such as Security, Privacy from an end-user perspective and standardisation from an commercial organisation perspective Work required by next meeting: Find out the challenges for marketing: Literature about marketing things which consumers may not necessarily understand or feel suspicious about buying. See if we can answer question 4, 5, 6 and 7 of the research design proposal template Date of next meeting: 06/04/2010 Date: 06-04-2010 Summary of Discussion: Marketing theories discussed related to marketing of new technology Answers to Research Design questions being shared Work required by next meeting: Completing Literature Review Finding the access to end-users as to how it will be established Date of next meeting: 13/04/2010 Date: 13-04-2010 Summary of Discussion: Literature draft Method of getting access Work required by next meeting: Including cultural dimensions in literature Preparing the questionnaire before starting with the field work Date of next meeting: 20/04/2010

- 110 -

Date: 20-04-2010 Summary of Discussion: Questionnaire discussed and approved for pilot testing on CTL staff and end-users Literature approved Work required by next meeting: To come back with the survey results of the pilot testing for 10 days between now till the next meeting Date of next meeting: 30/04/2010 Date: 30-04-2010 Summary of Discussion: Summary of the pilot testing and the survey results obtained during those 10 days. Reasons discussed why the respondents may be attempting the survey partially and how to encourage more responses Work required by next meeting: Conduct primary research and obtain responses. Write methodology which has been on-going and discussed verbally with the tutor Date of next meeting: 19/05/2010 Date: 19-05-2010 Summary of Discussion: Responses obtained up to this point were shared with the tutor. End date for data collection was decided i.e. 21/05/2010 giving a month for data collection Work required by next meeting: To finish the primary research work and move on to the next phase of report-writing by writing the findings and focus on the meet with Dr. Jill Venus Date of next meeting: 25/05/2010

- 111 -

Date: 25-05-2010 – (Meeting with Dr. Jill Venus) Summary of Discussion: Description of the research in brief. Research Methods, Data Analysis techniques, Tools such as webinar’s, cross-tabs, filters, excel spreadsheets were some of the areas of research design which were discussed followed by planning the road ahead Work required by next meeting: To continue with the data analysis & report-writing. Date of next meeting: TBA (To-be-Announced), E-mail responses henceforth Date: 09-06-2010 Summary of Discussion: Discussed the chapter on Discussion & Analysis which was sent to the tutor through an e-mail earlier. The rough draft on conclusion was presented for approval. Plan ahead for recommendations and areas for further research was also a part of this meeting Work required by next meeting: To finish the concluding chapters and create a final draft for proof reading. This may be the last meeting, hence no date has been finalised for further meetings.