cloud computing - data security & privacy : an end-user perspective of an insight into major...
DESCRIPTION
Cloud Computing - Data Security & Privacy : An End-user Perspective of an Insight into major marketing challenges faced by Cloud Computing VendorsSubmitted toUNIVERSITY OF WALES LAMPETERIn partial fulfilment of the requirement for the degree ofMASTER OF BUSINESS ADMINISTRATION (Marketing)Under the Professional Guidance of Prof. MARTIN KENDER ByRAJIV UTTAMCHANDANI Student ID: 084129-81 University ID: 28002330June 2010iDECLARATIONThis work has not previously been accepted in substance for any degreeTRANSCRIPT
Wtàt fxvâÜ|àç tÇw cÜ|ätvç
XÇw@âáxÜ cxÜáÑxvà|äx Éy tÇ \Çá|z{à |ÇàÉ Åt}ÉÜ `tÜ~xà|Çz
V{tÄÄxÇzxá ytvxw uç VÄÉâw VÉÅÑâà|Çz ixÇwÉÜá
Submitted to
UNIVERSITY OF WALES LAMPETER
In partial fulfilment of the requirement for the degree of
MASTER OF BUSINESS ADMINISTRATION
(Marketing)
Under the Professional Guidance of
Prof. MARTIN KENDER
By
RAJIV UTTAMCHANDANI
Student ID: 084129-81
University ID: 28002330
June 2010
i
DECLARATION
This work has not previously been accepted in substance for any degree and is not
being concurrently submitted in candidature for any degree.
I, Rajiv Uttamchandani, the undersigned, hereby confirm this dissertation submitted
for the partial fulfilment of the requirements for the Master’s Degree in Business
Administration (MBA) – Marketing, is my own and expressed in my own words. The
findings obtained from this study are a result of my own investigation and has not be
previously submitted in any college / university for any degree. The work of other
authors used within this research are stated explicitly and acknowledged at the point
of their use. A complete list of references has been appended towards the conclusion
of the research.
I hereby give my consent for my dissertation, if accepted, to be available for
photocopying and for inter-library loan, and for the title and summary to be made
available to outside organisations.
Signed: ……………………………………….
Date: …………………………………………
ii
ACKNOWLEDGEMENT
I am delighted in taking this opportunity to thank all those who made this research
study possible. This dissertation right from the outset is an outcome of the motivation
bestowed upon me by many special people who took time off their busy schedules
and guided me throughout this period.
Strategists like Teddy Foster, also a lecturer at College of Technology London, and
experts in the field of Information Technology, Simon Hall and Nipun Mistry with
their sheer experience guided me at the initial stages well-before this research could
manifest. I am thankful to the staff members of the College of Technology London,
for participating in the pilot survey to test the questionnaire design. I am also indebted
to Dr. Jill Venus from the University of Wales Lampeter, for helping me spur up the
performance towards the closing phase of the research. Her statement “Usually I do
not check Marketing dissertations. However, I would be waiting to see this piece of
work” was enough to encourage me keep up with the hard-work and dedication to be
able to conclude this research work with the same passion as it began.
I owe my deepest gratitude to Professor. Martin Kender, my supervisor and guide
throughout the course of this research. His professional guidance and expertise about
business research methods was immaculate, to say the least. I am obliged to have
attended all the intellectual supervision sessions during this entire period enhancing
my knowledge about business research methods and do justice to the topic of this
study.
I would also like to thank my family and friends, back home for their continued
support and motivation which was inspirational in keeping me determined to do well
right the way through.
iii
ABSTRACT
The purpose of this research was to identify and explore the end-users perspective towards marketing challenges of security and privacy, a core issue which has emerged with the introduction of Cloud Computing. The presence of these challenges has made it difficult for the cloud-vendors to penetrate into the market in spite of the hype “Cloud-Computing” has received. This study helps the cloud-vendors to identify the end-user characteristics, their beliefs, attitudes and perceptions in reference to the acceptance of cloud services in the midst of the security and privacy concerns revolving around this technology. The researcher has reviewed literature about acceptance of technology like the Technology Acceptance Model, Theory of Reasoned Action, followed by focussing on marketing literature available on High-Tech Innovations. Understanding the High-Tech Marketing environment was pivotal in determining the different kinds of uncertainties from organisations viewpoint, which influence the Cloud-computing end-users. However, most of the authors have ignored the end-users perspective in their studies. This investigation commenced by joining end-users through Google® Groups and LinkedIn® discussion forums. The webinars were a mode of entry tool to grasp knowledge about characteristics of the end-users. The primary data collection method employed for this research was survey questionnaire to reach and gather responses from as many end-users as possible which can represent a sample of the research population considering the growing number of end-users of Cloud Computing. The findings demonstrate the effects of culture, different factors considered by end-users based on their characteristics in the acceptance of Cloud computing, not only as a secured option, but also one which can protect confidential data. The research contributes significantly as it studies end-user behaviour in acceptance of cloud computing which has paved the road-ahead for cloud-vendors in adapting, planning and developing a sound business plan for successful adoption of cloud computing technology solutions. Through this study, the enormous popularity of this technology is further extended, as its focus is on suiting the needs of end-users, which is one of the key determinants of successful adoption of technology.
iv
TABLE OF CONTENTS
CHAPTER NAMES PAGE NO
1. INTRODUCTION …………………………………………………………........ 1
1.1. What is Cloud Computing? …….................................................. 2 1.2. Using Cloud Computing? .………………………………………………. 3 1.3. Research Overview ………………………………………………………. 5
2. LITERATURE REVIEW ……………………………………………………. 8
2.1. Technological Changes ......…………………………………………… 8 2.2. Marketing Theories relevant to acceptance of technology......... 11
2.2.1. Characterizing High-Tech Marketing Environments ……… 11 2.2.2. Diffusion of Innovations Theory………………………………... 14 2.2.3. Theory of Reasoned Action and
Technology Acceptance Model ……………………………...... 16 2.2.4. High-Efforts Hierarchy of Effects ……………………………... 16
2.3. The New Cloud Model ………………………………………………...... 19 2.3.1. Communication-as-a-Service ……………………………...….. 19 2.3.2. Infrastructure-as-a-Service …………………………….….…... 20 2.3.3. Platform-as-a-Service ……………………………………..…….. 21 2.3.4. Software-as-a-Service …………………………………..………. 21
2.4. Privacy and Security Issues ………………………………….……….. 22 2.5. The Role of Open-source Software and Virtualization…………... 26
2.6. Culture and Technology ………………………………………………… 27
3. RESEARCH METHODOLOGY ……………………………………………. 30
3.1. Research Approach : Inductive ………………..……………………… 30 3.2. Research Philosophy: Interpretivism ……………………................ 31 3.3. Research Strategy ………………………………………………………. 31
3.3.1. Quantitative Research ……………………………………………. 32 3.3.2. Participants …………………………………………………………. 32 3.3.3. Gaining Access …………………………………………………….. 33 3.3.4. Sampling: Self-Selection Sampling …………………………….. 33 3.3.5. Questionnaire Design ……………………………………………... 34 3.3.6. Data Analysis & Data Presentation …………………………….. 36 3.3.7. Reliability & Validity ……………………………………………….. 37 3.3.8. Ethical Consideration ……………………………………………… 38
v
4. FINDINGS ………………………………………………………………………… 40
4.1. Key Facts …………………………………………………………………… 41 4.2. Respondent Statistics …………………………………………………… 42 4.3. Survey Responses ……………………………………………………….. 42
5. DISCUSSION AND ANALYSIS ……………………………………………….. 54
6. CONCLUSION …………………………………………………………………... 83
6.1. Research Aims – Restated ……………………………………………… 83 6.2. Summary of the Findings ……………………………………………….. 84 6.3. Significance of the Research ………………………………………….. 86
7. RECOMMENDATIONS …………………………………………………………. 89 8. LIMITATIONS OF THE RESEARCH ………………………………………….. 91
9. AREAS OF FURTHER RESEARCH …………………………………………… 92
REFERENCES ……………………………………………………………………. 94
APPENDICES………..………………………………………………………….… 103 RECORD OF MEETINGS ……………………………………………………….. 108
vi
TABLE OF FIGURES
FIGURE 1.1: WHAT IS CLOUD AND WHAT’S IN IT? …………………………………… 2
FIGURE 2.1: THE TECHNOLOGY S-CURVE ………...………………………………….. 10
FIGURE 2.2: CHARACTERIZING HIGH-TECH MARKETING ENVIRONMENTS ….. 12
FIGURE 2.3: STAGES IN THE DIFFUSION OF INNOVATION ………………………… 15
FIGURE 2.4: THE NEW CLOUD MODEL ………………………………………………….. 21
FIGURE 2.5: ISSUES RELATED TO CLOUD COMPUTING ……………………………. 25
FIGURE 2.6: VIRTUALIZATION ……………………………………………………………. 22
FIGURE 3.1: TYPES OF QUESTIONNAIRES …………………………………………….. 35
FIGURE 4.1: PRIMARY FINDINGS - AGE RATIO ……………………………………….. 42
FIGURE 4.2: PRIMARY FINDINGS - GENDER RATIO ………………………………….. 43
FIGURE 4.3: PRIMARY FINDINGS - ETHNIC BACKGROUND………………………… 44
FIGURE 4.4: PRIMARY FINDINGS - LINGUISTIC PREFERENCES……………………. 45
FIGURE 4.5: PRIMARY FINDINGS - CLOUD-COMPUTING AWARENESS………….. 46
FIGURE 4.6: PRIMARY FINDINGS - USAGE DETERMINANTS……………………….. 47
FIGURE 4.7: PRIMARY FACTORS CONSIDERED
BEFORE TECHNOLOGY ACCEPTANCE ………………………………... 48
FIGURE 4.8: INDIVIDUAL INNOVATIVENESS …………………………………………. 49
FIGURE 4.9: TECHNOLOGY-ACCEPTANCE FACTORS………………………………. 50
FIGURE 4.10: SECURITY DILEMMA ………………………………………………………. 51
FIGURE 4.11: PRIVACY DILEMMA ………………………………………………………… 52
FIGURE 4.12: SECURITY MEASURES ……………………………………………………. 53
FIGURE 5.1: USE OF OPEN-ACCESS, FLEXIBLE STORAGE AT COST OF RISKS
FOR SENSITIVE DATA ……………………………………………………… 56
FIGURE 5.2: USE OF OPEN-ACCESS, FLEXIBLE STORAGE AT COST OF RISKS
FOR NON-SENSITIVE DATA ……………………………………………….. 57
FIGURE 5.3: NO INTERFERENCE PREFERRED AGAINST
FREE STORAGE – SENSITIVE DATA …………………………………….. 58
FIGURE 5.4: NO INTERFERENCE PREFERRED AGAINST
FREE STORAGE – NON-SENSITIVE DATA ……………………………... 59
FIGURE 5.5: USING WEB-SPACE WHICH OFFERS UPLOADING EASE
SENSITIVE DATA…………………………………………………………….. 60
FIGURE 5.6: USING WEB-SPACE WHICH OFFERS UPLOADING EASE
NON-SENSITIVE DATA……………………………………………………… 60
FIGURE 5.7: OBSERVING PEER EXPERIENCES & FEELING SECURED –
SENSITIVE DATA …………………………………………………………… 61
FIGURE 5.8: OBSERVING PEER EXPERIENCES & FEELING SECURED
NON-SENSITIVE DATA ……………………………………………………. 62
vii
viii
FIGURE 5.9: IMPORTANCE OF KNOWLEDGE ABOUT PHYSICAL DATA
LOCATION TO END-USERS BASED ON THEIR WEB USAGE ……….. 64
FIGURE 5.10: IMPORTANCE OF KNOWLEDGE ABOUT PHYSICAL DATA
LOCATION TO END-USERS BASED ON THEIR AWARENESS...…….. 65
FIGURE 5.11: IMPORTANCE OF KNOWLEDGE ABOUT PHYSICAL DATA
LOCATION TO END-USERS BASED ON THEIR INNOVATIVENESS… 66
FIGURE 5.12: IMPORTANCE OF SECURITY MEASURES BASED ON
INDIVIDUAL INNOVATIVENESS ………………………………………… 67
FIGURE 5.13: IMPORTANCE OF SECURITY MEASURES ON ALL END-USERS…. 68
FIGURE 5.14: CULTURE-WISE DISTRIBUTION OF END-USERS WILLINGNESS TO
USE OPEN-ACCESS FLEXIBLE SOLUTIONS EVEN AT RISK OF DATA SHARING… 71
FIGURE 5.15: CULTURE-WISE DISTRIBUTION OF END-USERS WANTING NO
INTERFERENCE WITH PERSONAL DATA ………………………………………………… 71
FIGURE 5.16: CULTURE-WISE DISTRIBUTION OF END-USERS
PREFERRING TO USE WEB-SPACE DUE TO ITS EASE IN UPLOADING …………... 73
FIGURE 5.17: CULTURE-WISE DISTRIBUTION OF END-USERS WHO OBSERVE
OTHERS EXPERIENCES IN FEELING SECURED ABOUT PRIVACY RISKS ………... 74
FIGURE 5.18: FACTORS INFLUENCING END-USERS AT THE INITIAL STAGE OF
NEWLY DEVELOPED TECHNOLOGY ……………………………………………………… 76
FIGURE 5.19: FACTORS INFLUENCING END-USERS WHILE ACCEPTING /
REJECTING A NEW TECHNOLOGY ………………………………………………………… 78
FIGURE 5.20: GENDER-WISE DISTRIBUTION OF UNCERTAINTY FACTORS ……. 79
FIGURE 5.21: AGE-WISE DISTRIBUTION OF UNCERTAINTY FACTORS …………. 80
- 1 -
1. INTRODUCTION
In the past few years, many technological advances have benefited mankind, whether
be it, scientific inventions or medical aids, innovations such as electric cars or
exciting developments from IT industry. Most technical advancements bloom, while
some fade away more or less on a daily basis. This dissertation touches upon one such
major change in computing called Cloud Computing, a form of data storage that will
amend the way of storing information and running applications, completely different
than what we currently do on a desktop computer.
Cloud Computing has developed from a promising business model to one of the
fastest growing segments in the IT industry. Technological changes seen since the
advent of World Wide Web, for instance; where every page used to look identical
with similar HTML coding, were transformed when frames were introduced, followed
by tabs, adding flash images, etc. resulting in dynamic and exciting web pages that are
no longer the dull, less effective and standardised pages when it first came into scene
in 1994. Currently, we are in an identical state of development with Cloud
Computing. Authors such as Miller (2009), suggest the emergence of cloud
computing comparable with the electricity revolution, a century ago. According to
him, before the introduction of electric utilities, most businesses produced their own
electricity using stand-alone generators. However, once the electric grid was invented,
those businesses switched from these stand-alone generators to new electrical units,
thereby not only reducing costs but presenting greater reliability than conventional
generators.
A decade or two from now could witness a completely new revolution in this form of
technology, provided some key marketing challenges are addressed from the end-user
perspective. These challenges are being studied here by studying end-users
characteristics. Before looking into this primary reason for conducting this research,
it is vital to comprehend what does the term ‘Cloud Computing’ mean and how is it
different from current technology of computing we us in our day to day life.
1.1. WHAT IS CLOUD COMPUTING?
The term “cloud” usually a metaphor for the internet is the key to the definition of
Cloud Computing. Cloud is a huge group of interconnected computers which can be
personal computers or network servers. This group of multiple computers serves
beyond a single company or enterprise. Unlike traditional computing also known as
‘desktop computing’ where software applications are executed on each computer, in
Cloud Computing, they are all stored on servers accessed via the internet. Similarly,
files such as word documents, spreadsheets, presentations and applications are
accessed through the internet. In case of a computer breakdown, the software and
applications are still accessible by other users by logging on to the internet. The basic
difference between both the computing models is simply that traditional desktop
computing is PC-centric while Cloud Computing is user-centric and document-
centric. In this way, cloud computing facilitates a shift from PC paradigm to a user-
centric and a document-specific environment, from software application to tasks these
applications can perform, from data which isolated as it is stored on PC in the form of
data that can be accessed via an active internet connection on any device from
anywhere in the world.
Wyld (2009) defines the term “Cloud Computing, as a computing service that is
delivered over the Internet, on demand, from a remote location, rather than residing
on one’s own desktop, laptop, mobile device, or even on an organization’s servers.”
Figure 1.1 – What is Cloud and what’s in it?
Source: White Paper - Cloud Computing, Maximum PC
- 2 -
- 3 -
Brown (2009) affirms Cloud Computing as “a data-processing infrastructure in which
the application software and often the data itself, is stored permanently not on your
PC but rather a remote server that is connected to the Internet”.
1.2. USING CLOUD COMPUTING
In the midst of the growing popularity of the internet, and the ever-increasing number
of users logging on from several locations, from numerous different organisations, it
was expected to collaborate on projects spanning across multiple companies and
geographical boundaries. To enable this, such projects were hosted in the “cloud”,
which made accessing it possible from virtually any Internet-enabled location.
(Miller, 2009)
Use of cloud computing is evident in our day-to-day lives when using the internet.
Accessing social networking websites, checking e-mails, uploading pictures, posting
videos or files such as spreadsheets, presentations, or documents online is evidence to
the fact that one has made an entry into the territory of this new technology without
being really aware about it. Brockman (2009), cited remarks by technology futurist
Paul Saffo stating “A lot of people are in the cloud and don’t even realise it.”
E-mail services such as Gmail store your mails on the Google servers rather than the
physical machines. This enables an end-user (any internet user) to access their e-mails
from any location provided he / she has access to the internet and a device with web-
access functionality. Consequently, whether knowingly or unknowingly we have been
using cloud services.
Cloud computing presents us with numerous benefits which have a high potential,
both to the end-users as well as the developers. Reduced maintenance costs, increase
in the amount of storage space, higher processing power to run the applications,
improved economies of scale, decrease in the overall IT (Information Technology)
infrastructure costs are just to name a few for the developers.
- 4 -
In addition to this, the end-users also benefit by obtaining better upgrade offers, but
more importantly there is a benefit of group collaboration where a number of people
can work on the same project at the same time for e.g. a presentation where all
changes made by all users are evident to the ones in the group thereby saving time and
improved visibility.
On the other hand, like everything in IT, Cloud also has its demerits indicating need
for certain challenges to be addressed before such a gigantic technological change can
materialize. Although there are many technical challenges associated with the advent
of Cloud computing, this research will primarily focus on certain technical issues
which directly or indirectly has an impact on its marketing. This section highlights
and examines these challenges in brief, some of which will be later inspected in detail
in Chapter 2.
a) Challenge of Inter-operability: Every buyer of an IT solution is concerned
with a new technology and wants to find an answer to know if they would be
stuck with that, where that refers to an operating system, a kind of computer
or a software version. Similarly, an internet outage or similar issues may
disable a client (end-user) to access the applications unless it is store on local
servers. A good internet connection capacity is important to make Cloud
Computing viable unless local clouds are being used involving Virtualization.
b) Challenge of High Reliability: In September 2009, Gmail experienced its
longest outage for hundred minutes (Schwartz, 2008a). This kind of an outage
from an e-mail service provider does transmit major uncertainties in the minds
of decision-making IT personnel over the feasibility of a larger proposal of
switching from desktop function to the target cloud segment (Gralla, 2009).
Similarly, if a user is accessing their data through a website that enables access
through Cloud computing and has similar accessibility problems irrespective
of a secure and reliable internet connection does face the challenge of
reliability. No access means low reliability.
- 5 -
c) Challenge of Data security and Privacy: Data is stored off-site, which
provides an opportunity for it to be compromised. While cloud vendors, seek
to maintain the data safe, there’s always a possibility of a security lapse.
Contrary to that, some analysts view it as a benefit to small-scale companies,
as their movement to cloud would enable them to increase the level of their
security through the movement of their data and applications on the cloud as
the resources are shared across the client-base of the cloud vendor.
In addition, Schwartz (2008), points out that cloud vendors can invest more in
security which can be spread over the entire client-base resulting into improved
security considerably rather than investment by an individual firm for themselves.
None-the-less, security and privacy are major challenges which will be further
investigated in this research.
1.3. RESEARCH OVERVIEW
This research aimed at identifying and exploring the real challenges particularly the
ones threatening the end-users in accepting Cloud-computing technology. Much
literature has been available discussing threats such as data security and privacy
which is causing major marketing issues faced by Cloud Computing vendors,
however testing it from an end-user perspective is the primary intention behind this
research. By the end of the research, the following objectives are met:
a) Research Objectives
To identify what kind of security challenges are really a threat to use of Cloud
Computing from an organisation point of view by studying end-user
behaviour.
To recognize real threats / issues from an end-user point of view in the
acceptance of a new technology such as Cloud Computing.
- 6 -
To verify the impact of culture when threats such as data security and data
privacy are being analysed in relation to the economies of scale and time value
of money.
To study consumer (end-user) behaviour and perceptions about data
confidentiality security and privacy when their data is stored by deploying a
Cloud solution.
To establish the key variables considered by the end user in accepting cloud as
a solution over the threats in an effort to combat the uncertainty which
hampers the acceptance of Cloud computing as a new form of technology.
To determine major factors that ensures security and privacy protection and
restores confidence in the minds of end-users to adapt to the new Cloud
technology.
To analyse the impact of using open source software and virtualization
techniques in order for Cloud computing to its full potential in cases of a
security breach, identity theft, internet outage etc.
b) Research Questions
The research questions below are aimed at exploring, identifying and tackling
marketing challenges associated with technological changes in the form of computing,
i.e. with the introduction of Cloud computing. The end-user perspective is used to
validate certain key issues about acceptance of Cloud Computing technology.
1. How important it is from an end-user perspective to keep their data
secured, in relation to reducing their infrastructural, implementation and
maintenance cost by deploying a suitable Cloud solution?
- 7 -
2. Does a customer of Cloud solution, (end-user), with limited technical
knowledge of cloud solutions care, if their data is stored on the same
server along with his competitor’s data keeping in mind the benefits these
solutions have to offer such as economies of scale, reaping time value of
money, etc.?
3. Which layers of security will address the primary issue of security by
ensuring data stored on internet using cloud solutions is completely
secured and accessible without depending on internet and the customer’s
view on using open-source software and virtualization techniques to
ensure smooth transition from desktop to cloud computing?
4. Do the cultural differences affect the beliefs of users keeping data
confidential vis-à-vis sharing personal details as long as required service is
delivered at affordable price and suits the needs of the organisation /
individual?
5. Whether uncertainty avoidance can help end-users in the decision-making
process and how do end-users perceive technology?
6. What is the significance of privacy in relation to Cloud-based information
systems and how can one ensure that required data is shared while PII
(Personal Identifiable Information) is protected?
These questions set the foundation for this research to study end-user behaviour and
combat the issues of security and privacy by understanding their perspective towards
the present layers of security and privacy, which is discussed in Chapter 2.
- 8 -
2. LITERATURE REVIEW
The importance of any research and its outcomes found thereafter will always be
judged in correspondence to other people’s research and their findings. Tranfield et. al
(2008) supports this belief by suggesting researchers to ‘map and assess the existing
intellectual territory’, to establish the nature of previous researches which have been
published in the selected topic area, and possibly discover current researches being
carried out.
This chapter commences by reviewing the literature from a broader dimension about
technological advances, marketing theories in acceptance of technology, narrowing
down to the Cloud model, assessing its security and privacy issues and ultimately
evaluating the role of culture in technology acceptance as end-users behaviour and
their perceptions will be studied.
2.1. TECHNOLOGICAL CHANGES
Technology has played an enormous role in building our society the way it is today.
The rate of such technological progress is often classified into two phases: “Invention
(a scientific breakthrough) and innovation (commercialisation of the invention)” – A
distinction highlighted in the book “Open Innovtions” by Chesbrough et. al (2006)
where Nelson and Winter (1982) have credited this classification to Schumpeter
(1934).
With an array of products already present in the market for sale, organisations keep
innovating and launching new and improved variances. By introducing a new gadget
like mobile phones, or latest models of cars, or these organisations are changing the
way we live all the time. Innovations in the medical field help mankind to counteract
against the deadliest of diseases. Remarkably, these innovations are continuously on-
going. “Innovation won’t go away – it is not the next big thing- it is always there”, a
statement cited in a special report. (Getting Creative, Special Report – Business Week
August 2005)
- 9 -
Ettlie (2006) highlights three reasons why technological changes have gained
importance over the years, viz.
Technology-driven change is “everywhere and always present”
Value captured from new technology is “challenging and never guaranteed”
In today’s competitive environments, technology is used by most
organisations as a tool in their “success strategies”
On the contrary, authors such as March and Simon (1958), emphasize on two
important factors, internal pressures and external pressures which initiate such
technological changes in most organisations, but not all.
Internal pressures – Changes in the aspiration level of team members.
External pressures – Unexpected environmental changes.
Much of the literature suggests that technological innovations are linked to
organisational innovations. More and more adaptation to newer means of
technological innovations, from an organisation leads to more operational changes in
administrative procedures – different organisational structure, fresh strategies
resulting into huge benefits to such organisations. On the other hand, failure of
technological changes may crop up when either too much technology is being adopted
quickly or insufficient amount of technology is implemented to keep pace with the
competitive environment.
Based on discussion so far, it is evident technology sets up the path for organisations
to flourish and grow and maintain competitive sustainable advantage over its
competitors. What remains to be seen is why do some organisations seem to be more
innovative? How do some organisations maintain their innovative behaviour, while
others hesitate?
Christensen(1992) came up with the study of the Technology S-curve. It suggests
high potential at the beginning of technology life-cycle with the increase in efforts
(Resources, Time and Engineering) spent which later diminishes with the advent of
new technology.
Next Generation Of Technology
1 2 3 4
Time, Resources and Engineering Effort Spent
Prod
uct P
erforman
ceFigure 2.1 – The Technology S-Curve
Source: Adopted from Clayton Christensen (1992)
In the above Figure 2.1, Point 1 is where new technology is invented. As seen above,
technological change is continuous, until Point 2, where the existing technology is
being constantly improved till it reaches its peak at Point 3, where the existing
technology reaches its maturity with given efforts, and / or increasing engineering
efforts. After this Point 3, it has diminishing returns to performance of the technology.
The dotted S-curve denotes the invention of new technology, this technology cycle is
observed to be recurring all over again. Point 4 is when the new technology reaches
its peak, until new technology again comes into play.
Studies by Sahal (1991) supported the above view in his book, “Patterns of
Technological Innovation”. He was the first one to demonstrate with empirical
evidence that with passage of time, there is a steady progress of technology as its
potential is understood.
- 10 -
- 11 -
2.2. Marketing theories relevant to acceptance of
new technology
Marketing of high-technology is not similar to that of traditional consumer products.
Although the standard approach to marketing and the marketing-mix “4 Ps” has a lot
of relevance, however, it still needs to be modified due to the presence of some
important factors when dealing with new technology.
These factors are highlighted when studying the characteristics of such high-tech
marketing environments. Studies by Moriarity et.al (1989), Gardner, D (1990) and
Moore, G (2002) established certain characteristics that all high-technology industries
share in common are discussed in the sub-section below:
2.2.1 Characterizing High-Tech Marketing Environments
The three common characteristics of high-tech marketing environment are:
i. Market Uncertainty
ii. Technological Uncertainty
iii. Competitive Volatility
Figure 2.2 – Characterizing High-Tech Marketing Environments
Source: Adopted from Mohr et.al (2005)
The Figure 2.2 above demonstrates how marketing of high-tech products and
innovations take place when these three common variables intersect.
i. Market Uncertainty – may result due to the following factors:-
a) Customer’s insecurity about what needs or issues will be addressed by
the given technology: Such an uncertainty, doubt or fear in consumer’s
mind may delay the adoption of such technology. In context to this
research, particularly the end-user may not be aware of what Cloud
computing has to offer, which will address the issue of security and
privacy. At the same time, it would offer best data storage solutions to
satisfy their needs of data storage.
b) Changing needs of the customers: In a dynamic environment, customer
needs are changing rapidly. For instance a patient who used to treat the
same disease with the intake of an allopathic medication and may alter to
homeopathic treatment for the same disease or illness the next year.
- 12 -
- 13 -
c) Lack of industry standards: In-appropriate or lack of industry standards
for a new innovation / technology in a market affects consumer’s
decision to adapt to a new technology. Aley, J. (2003) emphasized these
factors which lead to slow adoption of 3G wireless technology.
According to him, 3G technology was adopted by many customers after
a lot of careful considerations about the CDMA – (Code Division
Multiple Access) and W-CDMA (Wideband Code Division Multiple
Access as both these interfaces were a part of 3G technology but they
were region specific which meant that if CDMA works in one region, it
may not work in another.
d) Estimating the pace of technology spread: Knowing the rate at which
technology will spread helps marketer to avoid any market uncertainties.
e) Recognizing Market Potential: helps high-tech product / technology
manufacturer to avoid any errors in forecasting and ensure accurate
production for timely availability of goods and services.
ii. Technological Uncertainty – is “not knowing whether the technology – or
the company providing it – can deliver on its promise to meet specific needs”
(Moriarity et. al, 1989) Technological uncertainty can be addressed by
answering the following questions, whether
a) New technology will deliver as promised?
b) Delivery will be as per time-table for availability?
c) Effective service will be provided in case of any concern?
d) Side-effects or Un-anticipated consequences are taken into account?
e) Viability of technology over new development makes the current
technology obsolete?
- 14 -
iii. Competitive Volatility: refers to the alternations in the competitive
environments. Determining companies competitors, their products / services,
tools utilised by their competitive firms to compete against them. Sources of
such competitive volatility are:
a) Recognizing the competitors of the future
b) Knowing their tactics
c) Identifying which of their own products will the company compete with,
after identifying and analysing the competitors and their tactics?
2.2.2 Diffusion of Innovations Theory Model
In his comprehensive study of Diffusion of Innovations, 4th ed., Rogers (1995)
produced a theory for the adoption of innovations among individuals and
organisations. This theory concentrated on a few key elements such as:
i. Innovations: Some innovations spread quickly and adopted by adopters as they
perceive the new technology to be possessing certain characteristics such as
being trial-able, relatively more advantageous, compatible with industry
standards, least complicated, and having observable results, thereby reducing
uncertainties associated with a new technology.
ii. Communication Channels: play a pivotal role in the adoption of an innovation or
technology as most individuals evaluate an innovation by the feedback from their
near-peers who have adopted the technology before them, and not necessarily
based on results of scientific researches by a professional.
iii. Time: The time element used in Diffusion of Innovations Theory is involved in
three separate modes
a) Innovation-Decision Process: The innovation-decision making process
(Figure 2.3) indicates the 5-staged process where an individual (or decision-
maker) seeks information, moves from first body of knowledge about an
innovation, to shaping an opinion or attitude about it, in deciding about
adopting or rejecting the idea to implement, and finally confirming their
decision
Figure 2.3– Stages in Diffusion of Innovation
Source: Rodgers (1995), 4th Ed. originally (1962)
b) Innovativeness of an individual: Every individual is bound to adopt
technology sooner or later. However, the degree to which they adopt is
relatively different which represents the innovativeness of an individual.
Time spent in adopting an innovation is bound to differ in most cases and
hence this theory categorizes individuals into five classifications namely:
Innovators, Early adopters, Early majority, Late majority and Laggards.
c) Rate of Adoption: refers to relative speed with which the members of a
social system adopt a particular innovation.
iv. Social System: refers to the members of a particular group who are jointly-
engaged towards solving a common issue by working towards accomplishing a
common goal.
- 15 -
- 16 -
2.2.3 Theory of Reasoned Action & Technology Acceptance Model
Theory of Reasoned Action (TRA), a study associated with Fishbein and Ajzen
(1975) linked behaviour to quite a few elements like attitudes, beliefs and
behavioural intentions. Individual behaviour was identified to be an outcome of
behavioural intentions which was ultimately determined by an individual’s attitude.
Based on the general concept of TRA, a new model called Technology Acceptance
Model (TAM) was developed by Davis (1989). TAM suggested that a number of
factors influence the decision-making process for a consumer to decide as to how
and when they will use or adopt new technology. The two main factors i.e.
Perceived Usefulness (PU) refers to the extent to which a person believes that using
a system will improve his / her performance and Perceived Ease-of-use (PEOU),
defined as “degree to which a person believes that using a particular systems will be
free from any effort.”
2.2.4 The High-Effort Hierarchy of Effects
Hoyer, W.D and Maccinis, D.J (2009) realized that consumers decision on adoption
or rejection of a new technology depends on whether they are prevention-focussed
or promotion focussed. Some consumers, who are more concerned about protection
and safety, will end up resisting the temptation to adopt a new technology. Similarly
the author identifies promotional-based consumers, who value growth, advancement
and the promotions offered by the new technology, especially when the risks are
insignificant.
The High-Effort Hierarchy of Effects refers to the high-involvement of the
consumers before deciding to adopt new technology by searching for the required
information, attitude development, and selection or confirmation of choices, similar
to the innovation-decision process discussed above on Page 15.
- 17 -
There are various uses of technological products and numerous countries have
adopted such innovations. However, the technological paradoxical concept remains
firm on the belief that there may be global products but there are no global people.
Hofstede’s (2007) model of cultural values is useful as there is no global language
by which we can reach global consumers.
Lewis et. Al (2003), studied a variety of theoretical models portraying the beliefs
which constituted the determinants of acceptance of target technology. Various
models of IT such as TAM and TRA discussed above support that beliefs of
individual dominate their usage behaviour while other studies have recognized the
importance of finding determinants of such beliefs. Beliefs seem to have a deep
impact on subsequent individual behaviour towards the acceptance technology
hence observing how beliefs were formed was investigated consequently.
Perceptions: An individual perceives characteristics of technology in many ways
from the vantage point of their own cognitive processes developing beliefs about
them. Vast amounts of literatures support the importance of beliefs in consumer
behaviour for technology acceptance explaining both system usages (Adams et. Al.
1992; Moore and Benbasat 1991) and usage intentions (Davis et Al. 1989;
Mathieson 1991)
Generally, perceived usefulness and perceived ease of use have been two
prominent variables arising of these studies in the field of acceptance of technology,
This raises a question about individual differences being account for.
How do individuals construct different beliefs about a specific technology or what
factors causes such differences?
Literature suggests that certain factors which constitute of these differences are as
follows:
- 18 -
Institutional Factors: have been subjects of interest in Information Systems
research. Organizational attributes have been studied including user training
(Fuerst and Cheney 1982; Leonard-Barton 1987; Raymond 1988; Sanders and
Courtney 1985); knowledge management (Boynton et al. 1994; Pennings and
Harianto 1992) and organizational support (Delone 1988, Leonard-Barton and
Deschamps 1988; Monge et.al 1992). Although, as seen above numerous scholars
have emphasised about managerial commitment, much is still desired into what
constructs these beliefs.
Social Factors: Fulk (1993) and Schmitz (1991) demonstrated the extent to which
others view technology can also serve as a positive influence on one’s own beliefs
and perception about usefulness of the technology.
Individual Factors: Self-efficacy or an individual’s perception of his own ability to
use the technology has its academic roots from Social Cognitive theory by Bandura
(1986). Personal Innovativeness refers to the extent to which an individual will try
out new technology (Agarwal and Prasad, 1998)
Venkatesh et.al (2003) seconded the above influence on technology acceptance
along with addition factors such as:
Long-term consequences: are those “outcomes that have a pay-off in the future”
Relative Advantage over previous technology: is the degree to which a new
technology is advantageous over the predecessor
Status Symbol or Image: is the extent to which a new technology is perceived to
improve one’s image or status in the society
Visibility amongst peers: The result demonstrability or visibility of results is
another core construct in building a positive / negative influence over accepting that
technology.
- 19 -
2.3. THE NEW CLOUD MODEL
With an attempt to compete in a confined space, every organisation is utilising
available resources optimally and reducing their activities which are not central to the
key business strategy. This has led to the emergence of the new Cloud model
In retrospect to the traditional model where organisations purchase a licence for each
application the new cloud computing model charges on the basis of its use similar to
Pay-per-use, thereby offering an assortment of applications and services available to
use as per the end-user requirements.
Experts in implementation of Cloud Computing have presented different ways how
organisations can utilise different web services. Most commonly used web services
form the new Cloud model. They are:
2.3.1 Communication-as-a-Service (CaaS)
Communication-as-a-Service is a type of cloud-based service where its providers
(cloud vendors) provide services such as VoIP, Instant Messaging, and video-
conferencing facility to their customers. The responsibility of these vendors is to
ensure smooth functionality of communication by managing hardware and software
required for such services. CaaS model helps the business customers to select the
most appropriate communication model within their organization on a pay-as-you-go
basis
In 2007, Gartner’s press release indicated that CaaS market is expected to sum up to
$2.3 billion in 2011. Least or no management on part of the customer is one of the
key features of a CaaS. Furthermore, maintenance and managing expenses for the
communication infrastructure is shared across the customer-base of the cloud vendor
which allows the customers to leverage an enterprise-class communications solution
and allocate remaining financial and other assets where businesses can use them in the
best possible manner.
- 20 -
2.3.2 Infrastructure-as-a-Service (IaaS)
Infrastructure-as-a-Service also known as ‘Everything-as-a-Service’ means using the
machines and systems provided by a cloud-service provider. Whilst, the cloud
providers handle the transition and hosting of chosen applications on their
infrastructure, the customers own and manage their applications. Post deployment of
IaaS as a cloud solution, the providers are involved in maintaining and managing their
infrastructure.
Components such as computer hardware, computer network, internet connectivity,
platform virtualization environments for running-client specific virtual machines are
usually a part of provider-owned implementations infrastructure. Service-level
agreements between customers and providers determine the pace at which providers
will ensure delivery of services through IaaS, while utility computing through billing
helps customers to track their usage of IaaS. Resources such as data center space,
servers, network equipments, etc. are not necessarily purchased, but rented by IaaS
customers. Customers are charged for the resources consumed
2.3.3 Platform-as-a-Service (PaaS)
Cloud computing has evolved to encompass platforms for building and running
customized web-applications, a model known as Platform-as-a-Service. This model
formulates an architecture including all facilities essential for supporting the life-cycle
of building and delivering web-applications and services available through the
internet, without any software downloads or installation for developers, IT managers
or end-users.
Distinct from the IaaS model, where users may use specific operating systems with
mandatory applications running, the PaaS developers are focussed on the web-
development aspect provided by the platform and not with the kind of operating
systems used. It sets the focus on innovation rather than infrastructure, thereby
allowing organisations to plan their finances and invest more in creation of new and
improved web-applications without upsetting their infrastructure needs. Developers
around the globe, through internet have access to unlimited computing power through
which they can build dominant web applications and deploy them to users
worldwide.
2.3.4 Software-as-a-Service (SaaS)
Software-as-a-Service is a term used, when a vendor provides software to a user
which they want to use. The traditional concept of software distribution, where we
buy a licensed copy of software for use is referred to as Software as a Product.
SaaS as a software distribution model is rapidly gaining attention in which various
applications are hosted by the cloud vendors and made available to customers over the
internet. SaaS is frequently associated with pay-as-you-go payment model where the
users choose from a range of application available and pay for its usage
Figure 2.4 – The Cloud Model
Unlike Paas, where you develop your own applications, SaaS offers the software /
application to the end-users. Many users have limited knowledge how and why the
software application is being developed, and focuses mainly on using the software.
SaaS is ideal in such circumstances, supporting features such as multi-tenancy, i.e.
supporting multiple-users to access software concurrently, which is what separates it
apart from traditional models of software distribution.
- 21 -
- 22 -
2.4. PRIVACY AND SECURITY ISSUES
Today we are surrounded by global information infrastructure systems, which
remotely connect two or more parties worldwide. Humans are interconnected
remotely through services like World Wide Web which results into vast amounts of
data being shared leading to increasing concerns of personal identifiable information
being at risk. Challenge of Privacy in relation to cloud systems is to share the data
while protecting Personal Identifiable Information (PII). The capacity to control the
information, an individual discloses about themselves on the internet, and who may
access such information has been a rising concern. Rittinghouse and Ransome (2010)
state “another privacy concern is whether websites which are visited collect, store,
and possibly share personally identifiable information about users”
According to the TRUST’es survey in December 2008 and results by the Poneman
Institute, privacy was identified as the key differentiator in cyber world. “Consumer
perceptions are not superficial, but are in fact the result of diligent and successful
execution of thoughtful privacy strategies.” said the chairman of Poneman Institute,
Dr. Larry Poneman who believes consumer trust is the basis of business. “Consumers
want to do business with brands they believe they can trust.”
Based on the studies above, privacy can be viewed as an important business issue
focussing on protecting the personally identifiable information from inappropriate and
unauthorised methods of data collection, usage and leakage, consequently preventing
the loss of customers trust and avoiding frauds such as identity theft, phishing and e-
mail spamming.
According to Bagehi and Atluri (2006), privacy of information can be protected by
investigating into different aspects such as:
a) Data Protection Requirement composition – which takes into
consideration data owner, data holder and any possible privacy law
- 23 -
b) Security and Privacy Specification and Secondary Usage control – in
order to identify under what circumstances an individual can trust others for
security and privacy. Digital certificates issues by given entities certifying
the holders of information with properties such as accreditation and in
addition given user the ability to constraint possible secondary uses of their
information
c) Inference and Linking attacks protection – to confirm that information
released is not open to channels allowing attackers to infer sensitive personal
information
Jahankhani et. al (2009), emphasized security concerns before Cloud Computing
can be adopted as a solution for many organizations. According to their studies,
people may be apprehensive in adopting this technology due to lack of control over
factors such as:
a) Using applications over an unfamiliar platform
b) Infrastructure and hardware being used
c) Location of the data being stored
d) Secondary usage of their data
In a cloud environment, applications designed for users of social networking
sites, or for a large manufacturing company’s logistics team members, needs to
provide access to only “authorised, authenticated users and only those users need to
be able to trust that their data is secured” (Sun Microsystems, 2009)
Velte et.al (2010) pointed out people using cloud services fail to understand the
security and privacy implications of their e-mail accounts, their social networking
user accounts and even recognise that these services are considered cloud services.
Moreover, any regulation will affect other cloud services. Their studies also
highlight a combination of security techniques allowing users to secure their data
when moving their data to a cloud vendor. These techniques are:
- 24 -
a) Encryption: is a process of encoding data with a series of complex algorithms
which can be decoded only through an encryption key. Although, cracking
coded information is possible, however, most hackers find it difficult due to
the amount of processing power needed for it to be cracked.
b) Authentication Processes: helps user creating a username and password.
c) Authorization Practices: are activities such as generating lists of people who
are authorised to access the information on cloud servers. In addition certain
organisations have multi-level authorisation practices where limited access
may be available at a sub-ordinate level, whilst a IT head may be able to
access all the information.
However, in spite of these techniques, the security concerns are not completed
addressed. Having said that, if there is a disaster in the organisation where all the data
is lost, implementing a Cloud solution with the data backed up on Cloud server will
benefit as all the data will not be lost.
Authors like Worthen and Vascellaro (2009) and Kaplan (2009), view cloud services
as more reliable and secured than individual organisations offerings. The only
difference as they see is that if a company’s e-mail system crashes, it does not make
the headline while any outage or data breach by Gmail, Apple or Amazon cloud
service hits the front cover of the local newspaper.
A survey amongst 244 IT Executives, conducted by the IDC Enterprise Panel,
reflected IDC’s (2008a) findings, shown in Figure 2.5 below, highlighting security as
the major concern amongst other, where 74.6% participants chose Security as the
primary issues associated in adoption of Cloud computing solution.
Figure 2.5: Issues related to Cloud Computing
Source: IDC findings, 2008a
- 25 -
- 26 -
2.5. THE ROLE OF OPEN SOFTWARE SOURCE &
VIRTUALIZATION
Open source software requires collaboration between organisations, their suppliers,
customers or creators of related products to bridge software R&D in order to invent a
shared technology (software application). These are called open source software as
they are shared technology available to buyer at little or no cost. Over the past decade,
IT firms have been encouraging their users to work together and share user-developed
software which fills the gaps for their proprietary models. Open source software
allows its basic software elements such as virtual machine images and appliances to
be created from basic components thereby providing the developers an ease to
assemble large applications.
Nevertheless, IT firms face the risk of such collaboration as too much encouragement
to users can also reduce the availability of vendors to achieve proprietary lock-in, i.e.
making a customer dependent on a vendor for products and services resulting into
inability to switch to another vendor without substantial amount of switching costs.
In context to the Cloud Computing, the Open Source Consortium aims in supporting
the development of standards and interoperability amongst various clouds. Not only
does is support the developments of benchmarking standards, but is also a strong
promoter of using open source software in cloud solutions.
Virtualization cannot be ignored when examining the challenges of Cloud computing
as it acts as a backbone in confronting the business challenges faced by IT decision
makers. Business challenges such as optimum utilisation of the IT infrastructure,
receptiveness in following new business initiatives and flexibly adapting to
organizational changes are in forefront while budgetary constraints and fulfilling
regulatory requisites lay additional pressure in the minds of IT managers.
Virtualization is an elementary technological development which allows experienced
people in the IT industry to set up inventive way out to tackle such business
challenges. For instance, while using computer games, if the virtual memory is
activated, the computer operating system gains more memory than actual physical
installed memory. Likewise, virtualization technologies may be applicable to other IT
infrastructure layers such storage, networks, laptop or server hardware, applications
and operating systems.
Figure 2.6: Virtualization
Source: VMWare Whitepaper (2006) - Virtualization Overview
The Figure 2.6 above presents us with an explanation how this combination of
virtualization technology by employing a VMware Virtualization Layer between
computing, storage and networking hardware and the applications running on it.
- 27 -
- 28 -
2.6. CULTURE AND TECHNOLOGY
The link between individual and culture is best stated by Linton (1945), who states “A
culture is the configuration of learned behaviour and the results of behaviour whose
components elements are shared and transmitted by members of a particular society”
Culture is an integral part of both the individual and the society making routine tasks
simpler than ever before due to unwritten rules understood by participating in a
society. According to Goodenough (1971), “culture is a set of beliefs or standards,
shared by a group of people, which help the individual decide what is, what can be,
how to feel, what to do and how to go about doing it.”
Many scholars such as Agarwal (1999), Igbaria (1990), Melone (1990) and Davis
(1989), realise the importance of considering individuals cultural differences in
acceptance of technology and it usage. Although organizations adopt to new
technology and IT solutions which may fit flawlessly with their aims and business
objectives, however it may not necessarily ensure a guaranteed performance unless
members of the organisation use it effectively. Agarwal (1999), states “Acquiring
appropriate IT is necessary but not sufficient condition for utilizing it effectively”
Intercultural marketing approaches not only limits itself to geographical and national
boundaries, but also accounts for consumer attitudes, lifestyles, their preferences
which are linked to their age, class, occupation, ethnicity, etc. (Usunier and Lee,
2009)
Time-related cultural differences: Time influences the way we act socially.
Individual’s relation with time changes across with the development of new
technology, as with advent of a new technology, the importance of the current one
fades away. Products or services (technology) are created to save time as time is
treated as an economic resource and considered as money. Studies from Jacoby et. al
(1976) and Spears et. Al (2001) have highlighted consumer attitudes towards money
and the money value of times are inseparable from marketing and any economic time
possibility does influence the consumer behaviour positively.
- 29 -
Despite of the popularity of Technology Acceptance Model (TAM) by (Davis, 1989),
it is considered as the most deficient model in explaining use of IT at the individual
level. Since individuals are accustomed by their respective cultures, integration of
such cultural differences with TAM may predict and explain the behaviour towards
new technology (Cloud Computing). Key variables in TAM model other than
perceived usefulness and perceived ease of use, (which are discussed above) are
perceived behavioural control, perceived risk and demographics particularly age and
gender. Perceived risk of adopting Cloud services may refer to protecting privacy and
data security of information stored using such services potentially leading to identity
theft, compromising of confidential data, etc. Perceived behavioural control are linked
to the circumstances of cloud usage, instances where end-users prefer to switch to
cloud vendors for cloud usage for recurring activities leaving behind more important
tasks for their internal IT experts.
In summary, the literature emphasises the central issues of privacy and security lying
with the adoption of the new technology, i.e. Cloud Computing in context of this
research. Uncertainty is a key attribute in the adoption of new technology which will
be tested through this research from the end-user perspective by studying their
perceptions, beliefs and opinions about acceptance of technology. Virtualization and
Open source software’s are key concepts which will be looked into as the research
carries on. Research institutes like Garner have conducted their research on the central
issues from an organisational perspective. It is evident from the literature that security
and privacy issues are present. On the other hand, there are various benefits of
switching to cloud computing as well due to which organizations are promoting this
switch. However, the importance of these issues from an end-user perspective will be
analysed through this research to identify and resolve the marketing challenges
enabling cloud vendors to focus on the concerns of end-users.
- 30 -
3. RESEARCH METHODOLOGY
The aim of this research was to explore the current marketing challenges i.e. Security
and Privacy faced by most data storage companies, particularly Cloud vendors, with
the advent of Cloud computing. While most findings and literature highlights security
and privacy as issues pertaining to Cloud Computing from the organisation
perspective, however much is still desired to be studied about these issues from an
end-user perspective, as to what they think and perceive about confidentiality of their
data, keeping in mind the solutions offered by cloud vendors. The access to Cloud-
Computing end-users was crucial for data gathering purposes in this research. This
began with attending webinars and building connections for data gathering.
Most authors such as Polonsky and Waller (2004), highlight the importance of data
gathering in a research project. The method chosen for any research project will have
profound effects on performance of the remaining activities in any research project.
Weller & Romney (1988), suggest considering special care and attention as choosing
the most appropriate methodology can determine the biggest cost (time and money) of
the research.
3.1. Research Approach : Inductive
This research has adopted an inductive approach. The inductive approach is selected
as it allows for changes by offering a more flexible structure, as the research
progresses. Since the end-user perspective about marketing challenges of security and
privacy in Cloud Computing is being studied, for which there is not much literature
available, an inductive line of investigation is the most appropriate research approach.
According to Easterby-Smith et al.(2008), the choice of the research approach is
important as it assists in enabling the researcher in the following three ways:
a) To take a more vigilant judgment about the research design.
- 31 -
b) To evaluate research strategies and employ the methods which will function and
selectively eliminate the one’s which may not work, and
c) To adapt the research design to cater for constraints such as lack of prior
knowledge of the subject, which was a constraint in this research as Cloud Computing
is a relatively new topic, with very a small number of previous researches, especially
on end-users of Cloud Computing.
3.2. Research Philosophy : Interpretivism
Research philosophy is vital for a researcher to develop knowledge and the nature of
that knowledge. Saunders et al. (2009), examines the different research philosophy
using The Research ‘Onion’ and classifies research philosophies into Positivism,
Realism, Interpretivism and Pragmatism.
The philosophical position chosen for this research was Interpretivism as it takes into
consideration the complexity of humans as social actors in business and management
which cannot be governed by definite ‘laws’ similar to physical sciences in the
positivist position. Additionally, the Interpretivism research philosophy lays
emphasis on conducting research on living human-beings rather than lifeless objects
studied in most scientific research. When studying security and privacy challenges
from an end-user perspective it is critical not to disregard the social element in the
respondents, hence Interpretivism seems to be the most obvious choice.
3.3. Research Strategy
Bryman and Bell (2007) underpin the importance of a research strategy as it lays the
foundation of conducting a business research. This research adopted a Quantitative
research strategy using questionnaire / survey as the primary method of data
collection.
- 32 -
3.3.1. Quantitative research
Quantitative research is described best by Dillon et. Al (1993) as techniques
which involve comparatively larger number of respondents and aim at
generating data which can be generalised over the entire set of research
population. The respondents in this research were mainly end-users who have
been using cloud services and data obtained through surveys has been
proposed to correspond to population as a ‘representative sample’ (Page &
Meyers, 2000) who are presented a series of question using the surveys or
questionnaire method of data collection. Questionnaires are most widely used
when survey strategy is chosen for business and management research. The
most critical part; however is to prepare a good set of questions before
deciding to choose the questions as a method of data collection. These
thoughts are supported by many authors such as Bell, J (2005); Oppenheim
(2000). Considering the descriptive nature of this research to explore security
and privacy issues and the research population being numerous end-users, data
collection through questionnaire tends to be beneficial with standardized
questions, which one can be certain about being interpreted similarly by all
respondents (Robson, 2002)
3.3.2. Participants
As the title suggests, this research could have not been conducted without with
the opinions, suggestions and responses of end-users of Cloud computing who
have used and / or responsible for recruiting individuals in the information
technology industry dealing with Cloud Computing. Thus, professionals such
as IT security consultants, IT product managers, Head of Datacenter &
Information Technology, Chief Technology Officers, IT Helpdesk executives,
software developers, system engineers, marketing managers in Information
systems, SaaS and PaaS professionals, and staff members of College of
Technology London (pilot-survey) were contacted to share their views about
security and privacy (confidentiality) when using Cloud-based services.
- 33 -
3.3.3. Gaining access
The studies from the literature review confirmed that most organisations fear
security and privacy as major hurdle in getting the users adopt to the new
Cloud-based services. What was desired before this research was to confirm it
from the end-users perspective. Before an attempt was made to gain access to
end-users, invitations were sent to online discussion groups like on Google
groups, LinkedIn groups to ensure adequate familiarity of the characteristics
of group members and understanding of the end-users. Saunders et. al (2009)
advocates gaining such knowledge as it enables the researcher to signify to the
prospective respondents during the research “why they should grant access?”
Buchanan et. al (1988), emphasizes the importance of allowing oneself enough
time as physical access to organizations and groups may take up to weeks or
months, which may still results into no access being granted. Utmost care was
given to devote time in building contacts with end-users. This was possible, as
simultaneously with the secondary data desk-research; contacts were being
developed by attending webinar’s and being introduced through LinkedIn,
thereby establishing communication by sending a pre-survey contact with a
clear introductory message to test their desirability in participating for the
research work.
3.3.4. Sampling : Self-Selection Sampling
Most surveys deal with identifying the ‘research population’ for providing
fundamental information to address the research questions. It is often a
challenge to involve all members of the population, hence selecting who
participates in the survey is a key consideration. The primary aim in selecting
the respondents in this research, out of the thousands of others is to ensure
those who are participating represent a sub-set of the research population,
thereby the generalising the findings to that target population with utmost
confidence. (Jill and Johnson, 2002)
- 34 -
The main issue was establishing first contact with the research population. To
being with, webinars on Cloud Computing were attended to get introduced to
prospective respondents, followed by using LinkedIn®, a professional
networking website to join groups and discussion forums where individuals
interested in participating in a research project were short-listed. Using non-
probability sampling, the self-selection sampling was employed for the
research. Saunders et.al (2009) explains self-selection sampling as a method
by which individuals knowledgeable about the topic are identified who desire
to be a part of your survey. Subsequently, the data is collected from those who
respond.
The primary research began by sending a pilot-survey on the 22nd April 2010
to staff members of College of Technology London, user’s of Ampera, a
student administration system used by the college which is based on Cloud
Computing. This was to test the survey questions before it was released after
knowing the initial response. Upon receiving 23 responses within first ten
days, more than 750 invitations through discussion forums and LinkedIn for
participating in the survey questionnaire released on the 1st of May 2010.
These invitations were sent to users of cloud services mainly targeting at
expert end-users, allowing myself to identify the desired end-users who are
willing to respond and knowledgeable about the topic of research.
3.3.5. Questionnaire Design
The questionnaire design was chosen carefully with attention to individual
questions, pleasant outline along with a lucid description of the aim of the
research. This was to ensure positive effect on the response rate and the
reliability and validity of the data collection. Understanding the fact it’s not
just important to attract the respondents through effective design and carefully
chosen questions, but equally vital to plan and execute the administration for
the actual questionnaire was one of the key attributes considered while
conducting the research at various stages.
Figure 3.1: Types of Questionnaires
Source: Saunders et.al, 2009
The next challenge was to choose the questionnaire amongst the different
kinds of questionnaires available as seen above in Figure 3.1. Self-
administered questionnaire design was preferred as it would attract larger
number of respondents, irrespective how geographically dispersed they may
be. Amongst the three types of self-administered questionnaires, internet and
internet-mediated questionnaire was ideal, when compared to postal and
delivery & collection methods simply because they offer better control over
the reach of the desired person as respondent. For instance, when a postal or a
delivery & collection questionnaire is addressed to an employee with an aim to
find out what is the most-time consuming task to help him / her improve their
time-management, you may find out distorted or contaminated responses as
the respondent may even ask one of his colleagues to fill in the same responses
due to lack of supervision or control. In contrast, internet and internet-
mediated questionnaires particularly those which are sent to the official e-mail
or a message through the professional networking website to a particular
account holder, presents considerable command over other forms of survey
designs / questionnaires.
Witmer et. Al (1999), states “internet and internet-mediated questionnaires
offer greatest control because most users read and respond to their own e-mail
at their personal computer”. In addition, Dillman (2007), points out that
“respondents to self-administered questionnaire are unlikely to answer to
- 35 -
- 36 -
please you or because they believe certain responses are more socially
desirable”, thereby reducing data contamination by using this approach
The questionnaire design, (Refer to Appendices) was published using an
online tool offered by SurveyMonkey.com®. The professional version of the
tool was preferred to accommodate for unlimited responses and “filter” and
“cross-tabs” tool option to analyse data using the same. The questions were
classified into 4 sub-sections, i.e.
a) About Yourself,
b) About Technology Awareness – Cloud Computing
c) About Technology Acceptance and Beliefs
d) About Security, Privacy and Confidentiality of data
Classifying the questions not only meant it was presentable, but it also made it
clear for the respondents to anticipate kind of questions and its
comprehensibility to encourage more responses. The questionnaire designed
presented the respondents an opportunity to alter their responses during the
survey as all the questions were not plotted on a single page. The survey was
open for a month from the 22nd April 2010, when the pilot-survey was tested,
until the 21st May 2010.
3.3.6. Data analysis & Data Presentation
The data collected from the survey responses was both quantitative and
qualitative, in a raw form with numbers and variables, conveying very little
sense of it. Qualitative data was pre-coded into categories to process them into
information which can be described. Saunders et. al (2009), explains the use of
developing categories, followed by connecting them to form relevant data.
Excel™ spreadsheet and software package from the internal “filter tool” and
“cross-tabs” within the Survey Monkey Pro® account was used to conduct the
analysis.
- 37 -
Charts, graphs and statistics were some of the quantitative analysis techniques
utilised in exploring, describing, and examining the results of the survey
which was useful in establishing relation and trends within the data obtained.
The data analysed was then presented in the form of pie-charts, vertical bar
charts or column charts, line diagrams to represent trends and horizontal bar
charts.
3.3.7. Reliability & Validity
Most authors like Raimond (1993) and Rogers (1961), express their views on
the importance of the credibility of research findings by aiming to reduce the
possible errors by focussing on reliability and validity of the research design
McBurney and White (2007), defines reliability as “the property of
consistency of a measurement that gives the same result on different
occassions”. Validity is defined as “the property of a measurement that tests
what it is supposed to test.”
Robson (2002), claims there are four threats of reliability which are assessed
to ensure that data collection and the analysis of this research yields consistent
conclusions. Participant / Subject error was reduced by sending the invites at
the same time of the day which was mid-night during weekdays (GMT) as this
seemed to be morning in most parts of the globe wherever the respondents
reside. Similarly, Participant / Subject biases were avoided ever since the
formation of the research design to ensure respondents are given enough
indications to guarantee anonymity. Lastly, to address the threat of validity
related to Observer error and Observer biases, questions included in the
survey had text box to ask the response if they were able to interpret the
research questions and in case of any doubts to ask the researcher for any
clarity.
- 38 -
Similarly, the threats to validity as suggested by Robson (2002) were
considered. Threats to validity such as history of events in the past were
studied. Cloud computing technology has always been in hype and pick of
things. However, at the time of this research no dramatic events were
associated Cloud’s data security and privacy in comparison to 2009 when it
first came into the picture. Respondents were informed about their
participation to be completely voluntary and bearing no effects to their every
day usage addressed the testing and instrumentation threat to validity.
3.3.8. Ethical Consideration
Whilst conducting this research, at every stage the ethical implications were
considered, in particular about preserving the confidentiality of data. Concerns
related to ethics emerged while planning, gaining access, data collection,
analysing and report-writing.
During planning and gaining access stage stage, various methods were
considered and the research design was formulated ensuring the selected
choices for data collection are in sync after considering ethical issues such as
consent of participants, their reaction to the procedure selected to obtain data
from them i.e. if it causes the intended respondents any kind of pressures,
feeling of discomfort, stress, etc.
The anonymity of respondents was practised while data collection was carried
out. This was to ensure concealment of particular viewpoints to protect the
identity of the respondents from being disclosed and their responses therein.
The nature of participating was completely voluntary, providing the
participant the right for withdrawing at any stage of the survey, partially or
completely. This ensured that no pressure if applied on the intended
participants supporting the views of Robson(2002); Sekaran(2003)
- 39 -
As Jankowicz (2005) suggests, irrespective of the approach chosen whether
positivist or interpretivist, special care was taken to maintain the data in a
secure location with a password protection known only to the researcher
ensuring that before data is processed, it is stored securely.
- 40 -
4. FINDINGS
This section presents the findings of the primary research conducted by means of the
questionnaire method. The information presented in this chapter is to be considered as
primary findings as it is data in the raw form. Thus, offering first-hand information
before the analysis is carried out in Chapter 5, where the responses are discussed in
detail before drawing conclusions subsequently. Some key facts facilitate
comprehending these findings are stated below:-
4.1 Key Facts
a) Pilot-testing Survey Responses
The respondents in the initial stage of pilot-survey were mainly known end-users and
staff members of College of Technology London, specifically the one’s who have
been using Ampera, a newly deployed cloud-based student administration system. A
result in Section 2, about awareness of Cloud Computing does indicate that a small
percentage of the end-users who have participated are not aware about the term
“Cloud Computing” or have never heard or used this technology. The response to
Question 5, (Refer to page.46) does reflect 14 respondents are uncertain about this
form of computing. However, it is purely because some of the participants are not
experts end-users and not technically familiar with the term “Cloud Computing”,
although they use it on a day-to-day basis. In order to ensure that these participants do
not loose interest in the survey, or provide distorted responses, adequate information
has been provided to the participant by notifying them a note soon after Question 6
(Refer to page.47)
b) Participant Identity Protection
While this research was descriptive in nature, involving collection of data about views
of expert end-users, their beliefs about technology acceptance, etc. protecting their
personal identifiable information was just as critical as studying their characteristics
such as their ethnicity, age-group, first language / preferred language.
- 41 -
To enable this, the questionnaire design was well-defined with clear instructions and
logical reasoning behind asking the questions. Participants were given the choice at
the beginning of the survey to enter their e-mail address which was not mandatory,
but if the respondent desires to obtain a copy of the survey results, they may opt to fill
their e-mail addresses.
c) Encouraging completed responses with optimum precision
The respondents were acknowledged by sending a Thank you note for their responses
using the LinkedIn and Survey Monkey Compose tool option. The e-mail addresses
captured as stated above were used to encourage the respondents who had partially
completed, to fill in the survey completely. A disclaimer was included in the message
explicitly stating that their e-mail address is confidential and will not be used for any
other purposes. In addition to encouraging responses, the primary findings also
exhibited any open-ended responses from the participants as a comments text-box was
included in the final design of the survey to ensure that if in case the survey options
provided miss any fundamental inputs, the expert respondents can always highlight
the same.
4.2 Respondent Statistics
The particulars mentioned below are in relation to the prospective respondents who
were chosen for this research.
Total Survey Invites - 751
Total Refusals (Opt-outs) - 3
Maximum Response Expected – 748
Total Started Surveys – 155
Total Completed Responses – 122
Percentage of Total Started / Completed Responses – 78.7%
As seen above a total of 122 completed responses were collected out of the possible
maximum of 748 responses. The respondents who opted out were due to lack of
interest or time.
4.3 Survey Results
This section provides the raw data in a tabular format of the number of responses
obtained for each of the questions presented to the respondents. Figures such as line
graphs, pie-charts, area-charts are used to represent the data in percentages.
SECTION 1: ABOUT YOURSELF Please tick / select appropriate options Question 1. Age-group Age Ranges Total 17 / Under 0 18 – 29 years 44 30 – 49 years 68 50 – 64 years 10 65 and above 0
122 Table 4.1 The response to Question 1 indicated the distribution of age-groups of end-users were
mainly young to middle-aged professionals between ages of early 20’s to late 40’s
contributing to 91.8% of the total respondents.
Figure 4.1 – Age Ratio
- 42 -
Question 2. Gender Gender Total
Male 102 Female 20
122 Table 4.2 Most end-users (83.6%) were male professionals as depicted in the Figure 4.2 below.
The number of females who have participated in this research were mainly
contributed during the initial survey (pilot-survey) which included staff members of
the College of Technology London.
Figure 4.2: Gender Ratio
- 43 -
Question 3. Ethnic Background
Ethnicity Total White - British 8 White - Other 25
American 5 European 22 African 2 Asian 10 Indian 37
Chinese 6 Hispanic 1 Brazilian 6
122 Table 4.3 Ethnicity was one of the key characteristics which was captured to study the end-user
behaviour and differences in beliefs, attitudes and towards acceptance of technology,
Cloud-Computing, in context to this research. The three major contributors as
demonstrated in Figure 4.3 were Indians (30.3%), Whites - Other than British (20.5%)
and Europeans (18.0%)
Figure 4.3: Ethnic Background
- 44 -
Similarly, end-user attributes such as their First Language, Preferred Language, etc
were also enquired to analyse results effectively.
Question 4. Please specific your First Language / Preferred Language
Languages Total Kannada 1 Telugu 1
Portuguese 5 Spanish 1
Malayalam 1 Vietnamese 1
Chinese 6 French 10 German 1 Dutch 8
Cantonese 1 Mandarin 1 Finnish 1
Ukranian 1 Urdu 1
Arabic 1 Marathi 1 Tamil 1 Italian 2 Hindi 1
Croatia 1 English 68
TOTAL 115 Non English (NE) 47
NE Preferred English 11 Table 4.4
Figure 4.4: Linguistic Preferences
- 45 -
SECTION 2: ABOUT TECHNOLOGY AWARENESS – CLOUD COMPUTING Question 5. Have you come across the term “Cloud Computing” or ever used such technology? TotalYes, I am aware about it and use it quite oftenly 108 No, I am not aware or used this technology 5 Not sure, I have heard the term, but not sure 9
122 Table 4.5 The awareness of Cloud Computing was evident by observing the responses for
Question 5. The most encouraging sign was that 88.5% of the research population
studied in this research were aware of this technology and oftenly used it. Others who
were not sure or answered No, were unknowingly using Cloud based services without
knowing it.
Figure 4.5: Cloud-Computing Awareness
- 46 -
Question 6. Have you come across the term “Cloud Computing” or ever used such technology? Web e-mail services such as Hotmail, G-mail, Yahoo Mail 120Store pictures / photos 94Store videos 56Web applications such as Google Docs 95Back-up your hard-drive to an online web-site 45Pay-per-Use web services to store your or your organisation data online, for instance a college uses student administration system to store their student records online 40
122Table 4.6 As stated above, the users who opted for No or Not Sure option about the awareness
of the term “Cloud Computing” were presented Question 6. Apparently, all the
respondents did select at least one of the Cloud-based services in response to this
question. Those who had indicated their unfamiliarity with the term were informed
though a note that if they have selected any of the options here, they are either
knowingly or unknowingly using the Cloud-based services.
Figure 4.6: Cloud-service usage determinants
- 47 -
SECTION 2: ABOUT TECHNOLOGY – YOUR BELIEFS & ACCEPTANCE Question 7. When you hear about a cost-effective new technology, you first consider? Suitability to needs 107Compatibility with industry standards 50Deliverable as promised 83Relatively advantageous than the previous one 66Trial options will be offered to you to test it 64Visibility of its results from others 45Post-sales services will be offered by its vendor 37Unanticipated/Side-effects are considered by the vendor 33
120Table 4.7 Majority of end-users, up to 89.2% consider factors such how much of a new
technology will be suitable to meet their needs while only a handful of them consider
vendor’s obligation of offering post-sales services 30.8% and inventiveness of
handling any unanticipated / side-effects of a given technology which stood at 27.5%
Figure 4.7: Primary factors considered before technology acceptance
- 48 -
Question 8. What describes you best amongst the following options in reference to adaptation to new technology? Innovator 36 Early Adopter 45 Early Majority 33 Late Majority 4 Laggards 2
120 Table 4.8 The respondents were asked to describe themselves in the above groups which were coded and descriptions of these codes are as follows: Person who is an initiator, risk-taking, ready to change from current practices An opinion leader, ready to try out new ideas (technology) before others do Person who is thoughtful, careful but accepts changes more swiftly then others A skeptical person who will use technology only after majority is using it Traditional person who will accept technology once it has become mainstream and universally used
Late Majority and Laggards formed the minority which contributed to only 5% of the
total participants, whilst highest majority of 37.5% respondents were Early adopters.
Figure 4.8: Individual Innovativeness
- 49 -
Question 9. Which of the following factors influence you most in accepting / rejecting a new technology?
Proper training, knowledge and organisation's support 60
Social group’s acceptance : Peers/Colleagues point of view 29
Long‐term benefits associated with it 84
Ability to use the technology 77
Status symbol or Brand Image in using it 9
Others 7
TOTAL RESPONSES 119
Table 4.9
The query about the most influential factors generated a 70.6% reaction in favour of
long-term benefits associated with the acceptance / rejection of a new technology. An
astonishing piece of finding was the fact that only 7.6% of the respondents considered
status symbol / brand image as a reason of using it.
50.4%
24.4%
70.6%
64.7%
7.6%
5.9%
0.0%
10.0%
20.0%
30.0%
40.0%
50.0%
60.0%
70.0%
80.0%Proper training, knowledgeand organisation's support
Social group’s acceptance :Peers/Colleagues point ofview
Long‐term benefitsassociated with it
Ability to use thetechnology
Status symbol or BrandImage in using it
Others
Figure 4.9: Technology-Acceptance factors
- 50 -
SECTION 3: About Security & Privacy and Confidentiality of your data QUESTION 10. Consider the two cases below: Case 1: Organisations allow you to use their web-applications for various different purposes, e.g. storing millions of images and share them on Picasa, or uploading personal photos on social networking website such as Facebook, thereby allowing you to use their data storage infrastructure with minimal or no cost Case 2: The data which you actually stored, resides on a physical location unknown to most data storage companies through Cloud service-providers where such data can be shared or hacked by expert hackers On a rating of 1-5, where 1 is Completely Disagree and 5 is Completely Agree, select the option what you believe you would be most appropriate according to you while considering using storage services
Option Vs Choice DISAGREE NIETHER, NOR AGREE
Use of open‐access and flexible data storage facility with minimal or no cost to store your data, irrespective at cost of taking risks 57 19 39
No interference with personal photos and documents for benefits such as free storage space 45 27 42
Continue using web‐space as it offers ease in uploading pictures 16 22 77 Observe others experiences and feel secured about such risks and continue to use such services without being concerned about it 31 31 53
Table 4.10
0.0% 10.0% 20.0% 30.0% 40.0% 50.0% 60.0% 70.0% 80.0% 90.0% 100.0%
Use of open-access and flexible datastorage facility with minimal or no costto store your data, irrespective at cost
of taking risks
No interference with personal photosand documents for benefits such as
free storage space
Continue using web-space as it offersease in uploading pictures
Observe others experiences and feelsecured about such risks and continue
to use such services without beingconcerned about it
Security Dilemma
DISAGREE NIETHER, NOR AGREE
AGREE 33.9% 36.8% 67.0% 46.1%
NIETHER, NOR 16.5% 23.7% 19.1% 27.0%
DISAGREE 49.6% 39.5% 13.9% 27.0%
Use of open-access and flexible data storage facility with minimal
or no cost to store your data,
No interference with personal photos and documents for
benefits such as free storage
Continue using web-space as it offers ease in uploading pictures
Observe others experiences and feel secured about such risks and
continue to use such services
Figure 4.10: Security Dilemma
- 51 -
Question 11. When visiting websites, they may collect and store your personal information to let you access their services, For e.g. Accessing information about air-tickets, etc. According to you as a user, if given a choice rate the privacy measures will you impose to protect your identity?
PRIVACY Vs RATING IMPORTANT NIETHER, NOR UNIMPORTANT
Data Protection 104 5 8
Right to Control 107 5 5
Restrict Secondary Use 101 7 6
Identify website data collection and sharing process 96 15 5
Issue Digital Certificates 90 16 10
Inference and Linking Attack Protection 103 10 3
Table 4.11
The privacy measures highlighted in the literature were tested on the end-users to
analyse their views in relation to protecting themselves from issues such as identity
theft, phishing, etc. Although, users were asked to rate from 1 to 5, their responses are
condensed into groups of importance, neither important nor unimportant and
unimportant. This helps in data analysing as well as presenting it effectively. The area
chart depicts that most privacy related measures are important as highlighted below in
dark. However, the gap keeps widening when factors such as issue of digital
certificates are considered.
Privacy Dilemma
0.0%
20.0%
40.0%
60.0%
80.0%
100.0%
120.0%
UNIMPORTANT
NIETHER, NOR
IMPORTANT
UNIMPORTANT 6.8% 4.3% 5.3% 4.3% 8.6% 2.6%
NIETHER, NOR 4.3% 4.3% 6.1% 12.9% 13.8% 8.6%
IMPORTANT 88.9% 91.5% 88.6% 82.8% 77.6% 88.8%
Data Protection Right to ControlRestrict
Secondary Use
Identify website data collection
and sharing
Issue Digital Certificates
Inference and Linking Attack
Protection
Figure 4.11: Privacy Dilemma
- 52 -
Question 12. When adopting to a Cloud solution, or using cloud web-services what according to you as a user, if given a choice what security measures will you add to your wish-list? (Multiple Choice)
Using these applications and services on a familiar platform such as Windows OS, Linux OS or Apple OS 55Complete knowledge about infrastructure, i.e. hardware used, the systems 39
Location of where your data is store 47Control on secondary usage – to ensure the information entered on the website once is not used again by some other source without your knowledge 72Use of encryption techniques – to encode your data to add an additional layer of security in case the cloud vendors security is hacked 72Use of Authentication Processes – through Open‐source software to create username and password 76
Authorization practices – to create lists of people who are authorised to access information 80
TOTAL RESPONSES 101
54.5%
38.6%
46.5%
71.3% 71.3%75.2%
79.2%
0.0%
10.0%
20.0%
30.0%
40.0%
50.0%
60.0%
70.0%
80.0%
Percentage
Using these applications and services on afamiliar platform such as Windows OS,Linux OS or Apple OS
Complete knowledge about infrastructure,i .e. hardware used, the systems
Location of where your data is store
Control on secondary usage – to ensure theinformation entered on the website once isnot used again by some other sourcewithout your knowledge
Use of encryption techniques – to encodeyour data to add an additional layer ofsecurity in case the cloud vendors securityis hacked
Use of Authentication Processes – throughOpen‐source software to create usernameand password
Authorization practices – to create l ists ofpeople who are authorised to accessinformation
Figure 4.12: Security measures
- 53 -
- 54 -
5. DISCUSSION AND ANALYSIS
This chapter involves a discussion of the primary findings in context to the
literature reviewed in Chapter 2. A blend of end-user characteristics such as their
beliefs, perceptions, innovativeness, cultural dimensions are being analysed to
comprehend the layers of security and privacy required to guarantee success in
tackling the marketing challenges associated with this new form of computing.
Data display and analysis approach is the procedure considered to analyse the
data. Miles and Huberman (1994), suggest the use of such an approach as it does
support the use of data into summary diagram or visual displays after data is
organised and assembled, post data collection period, to highlight the findings.
The key findings discussed below, also provide an analysis about the marketing
challenges from an end-user perspective. By studying their characteristics,
behaviour, beliefs and attitudes, these findings present facts about dealing with
Cloud Computing challenges of security and privacy to Cloud vendors.
KEY FINDINGS & DISCUSSION
1. Importance of security measures are relatively higher than reducing the
various costs which are incurred in the absence of cloud solution subject to
sensitivity of data.
Security measures are important, but different for different user’s and different kinds
of data. This was ascertained during this research as the same user may interpret
security measures differently when dealing with different kinds of data. For instance,
a lecturer may use their notes to share amongst his/her students and publish it on a
student portal which improves the learning of a student. However, the lecturer (same
user) may want to encrypt the data, or fear the confidentiality of sharing it when using
an online tool to transmit information to the exams office about assessment of
examination and marks obtained by each student.
- 55 -
This kind of data is considered as sensitive data while data which can be shared is
non-sensitive data.
Participant’s usage was tracked by their responses about their web-based usage
ranging from accessing e-mails, to storing pictures, video, using web-applications
such as Google docs to web services such as pay-per use web services to store
organisation data or backing up their hard-drive on a website. Although, the same
user can select more than one option. However, the one’s who did select the options
of backing up their hard-drive to an online website or using a pay-per-use Cloud
service, were considered to be users of sensitive data. This may be potentially a
limitation of this research which has been acknowledged in the subsequent chapter
about limitations. However, the purpose of segregating sensitive and non-sensitive
data through determining the web-usage of the participants was considered for this
research as it is the first of its kind and the awareness of end-users is unknown. This
approach of differentiating sensitive and non-sensitive data by simply confirming
the web-usage, made it simpler for all the participants to comprehend.
An analytical test, using the cross-tab tool available through the Professional
version of SurveyMonkey.com was carried out between the kinds of data, both
sensitive and non-sensitive along with the kinds of security options considered by
multiple users. This data was further plotted on Excel® spreadsheets using pivot
tables and then represented in graphical format for presenting the data obtained.
The first option was to analyse if the end-users will continue using the open-access,
flexible data storage systems which may involve risks as data is stored and
accessible anywhere, which may be compromised. This was tested with users who
backup their hard-drive data to an online tool and those who use pay-per-use
services to store important organisational data as this kind of data would be
sensitive in comparison to data such as e-mails, pictures, videos, etc.
The Figure 5.1 denotes that almost 50.0% of the users who backup their hard-drive to
an online website and 42.5% of the users who use pay-per-use cloud services,
disagree with the idea of taking risks for the benefit of using open-access, flexible
data storage solution and saving on costs involved.
36.4%
30.0%
13.6%
27.5%
50.0%
42.5%
0.0% 5.0% 10.0% 15.0% 20.0% 25.0% 30.0% 35.0% 40.0% 45.0% 50.0%
Sensitive Data
Agree
NeitherAgree, NorDisagree
Diasgree
Yo
u w
ill u
se o
pen-
acce
ss a
nd fl
exi
ble
da
ta s
tora
ge
faci
lity
with
min
ima
l or
no c
ost
to s
tore
you
r d
ata
wh
ich
is a
cce
ssib
leev
ery
whe
re th
rou
gh
inte
rnet
whi
ch m
ay b
e a
t th
e c
ost
of
taki
ng
ris
ks a
s it
may
be
sh
are
d to
unk
no
wn
use
rs
Use of open-access, flexible data storage systems at cost of risks
Pay-per-Use web services to store your or yourorganisation data online, for instance a collegeuses student administration system to store theirstudent records online
Back-up your hard-drive to an online web-site
Figure 5.1: Use of open-access, flexible storage at cost of risks for Sensitive data
Similarly, a small proportion of 13.6% and 27.5% of hard-drive backup and pay-per-
user services users respectively are neither in favour, nor against using cost-effective
means of data storage which may be at risk. This leaves us with 36.4% end-users who
backup their hard-drive and 30.0% end-users who prefer pay-per-use data solutions
who may still wish to continue taking advantage of costs versus risks.
- 56 -
What was interesting to note, was the end-users with non-sensitive data such as using
e-mails, storing pictures and videos, using web-application like Google docs do
reflect a similar picture as seen below in the Figure 5.2, where almost 50% in each of
the categories of different web-usage indicate their disagreement of taking risks
sharing data at the cost vis-à-vis benefiting from the cost-effectiveness offered by
these solutions.
32.8%
30.8%
30.9%
33.7%
16.8%
18.7%18.2%
16.5%
50.4%
50.6%
50.9%
49.5%
0.0% 10.0% 20.0% 30.0% 40.0% 50.0% 60.0%
Non-Sensitive Data
Agree
NeitherAgree, NorDisagree
Diasgree
Yo
u w
ill u
se o
pen
-acc
ess
and
flex
ible
da
ta s
tora
ge fa
cilit
y w
ithm
inim
al o
r no
co
st to
sto
re y
our
da
ta w
hich
is a
cce
ssib
lee
very
wh
ere
thro
ugh
inte
rne
t whi
ch m
ay
be
at t
he
cost
of
taki
ng
risk
s a
s it
may
be
sha
red
to u
nkn
own
use
rs
Use of open access, flexible data storage systems at cost of risk
Web applications such as Google Docs
Store videos
Store pictures / photos
Web e-mail services such as Hotmail, G-mail,Yahoo Mail
Figure 5.2: Use of open-access, flexible storage at cost of risks for Non-sensitive data
- 57 -
The second option being investigated was to examine if end-users want no
interference with their personal data such as photos and documents, for benefits such
as free storage space and they would rather prefer to send physical hard-copies to
ensure complete data-security.
27.9%
45.0%
23.3%
22.5%
48.9%
32.5%
0.0% 5.0% 10.0% 15.0% 20.0% 25.0% 30.0% 35.0% 40.0% 45.0% 50.0%
Sensitive Data
Agree
NeitherAgree, NorDisagree
Diasgree
You
will
wa
nt n
o in
terf
eren
ce w
ith p
erso
nal
ph
oto
s an
ddo
cum
ents
for
bene
fits
such
as
free
sto
rage
spa
ce, r
athe
rpr
efe
r to
se
nd p
hysi
cal h
ard
-co
pies
to e
nsur
e c
ompl
ete
dat
a-se
curit
y
No Interference for benefits such as free storage space
Pay-per-Use web services to store your or yourorganisation data online, for instance a collegeuses student administration system to store theirstudent records online
Back-up your hard-drive to an online web-site
Figure 5.3: No-interference preferred against free storage – Sensitive Data
As seen in the Figure 5.3 above, there are mixed responses where 45.0% of users of
pay-per-use web-services prefer that there is no interference with their personal data
such as photos and documents for free storage space or minimal cost, while 48.9% of
end-users who backup their hard-drive to an online website rejected the idea of no
interference to be able to save on cost. Another interesting observation is that almost
1/5th of these users are neither in favour nor against such interference which would be
potentially an area of further research which is also evident in users of non-sensitive
data where 1/4th of them reflect similar responses as seen in Figure 5.4 below.
- 58 -
36.6%
31.1%
31.5%
36.4%
24.1%
25.6%
24.1%
23.9%
39.3%
43.3%
44.4%
39.8%
0.0% 5.0% 10.0% 15.0% 20.0% 25.0% 30.0% 35.0% 40.0% 45.0%
Non-sensitive Data
Agree
NeitherAgree, NorDisagree
Diasgree
You
will
wan
t no
inte
rfer
ence
with
per
sona
l pho
tos
and
docu
men
ts fo
r be
nefit
s su
ch a
s fr
ee s
tora
ge s
pace
, rat
her
pref
er to
sen
d ph
ysic
al h
ard-
copi
es to
ens
ure
com
plet
e da
ta-
secu
rity
No Interference for benefits such as free data storage
Web applications such as Google Docs
Store videos
Store pictures / photos
Web e-mail services such as Hotmail, G-mail,Yahoo Mail
Figure 5.4: No-interference preferred against free storage – Non-sensitive Data
The third option was to verify if end-users for sensitive and non-sensitive data will
continue using the web-space which offers free storage space and is relatively easier
than maintaining physical data sets managed by themselves. It is clearly evident in
Figure 5.5 and Figure 5.6 below, both sensitive and non-sensitive data end-users
agree with continuing the use of web-storage space as it offers convenience in
uploading in data such as pictures and documents in comparison to using physical
modes of transfer, to transmit the data. Users of video storage solutions were the most
prominent (78.2%) amongst the non-sensitive data segment who agreed to use such
solutions as they offered expediency. While in the sensitive data segment, user who
commonly back-up their hard-drive to an online website were the major advocates
(72.7%) of Cloud based services.
- 59 -
72.7%
65.0%
13.7%
20.0%
13.6%
15.0%
0.0% 10.0% 20.0% 30.0% 40.0% 50.0% 60.0% 70.0% 80.0%
Sensitive Data
Agree
NeitherAgree, NorDisagree
Diasgree
You
will
co
ntin
ue
to u
se th
eir
web
-spa
ce a
s it
offe
rs e
ase
inu
ploa
ding
pic
ture
s p
refe
rred
thro
ugh
suc
h w
eb-s
ervi
ces
rath
er th
an u
sing
oth
er
mod
es o
f tra
nsf
err
ing
or
sha
ring
pict
ures
Use of web-space as it offers ease in uploading data
Pay-per-Use web services to store your or yourorganisation data online, for instance a collegeuses student administration system to store theirstudent records online
Back-up your hard-drive to an online web-site
Figure 5.5: Using web-space which offers uploading ease – Sensitive Data
67.2%
72.5%
78.2%
65.2%
18.7%
17.6%
14.5%
21.3%
14.1%
9.9%
7.3%
13.5%
0.0% 10.0% 20.0% 30.0% 40.0% 50.0% 60.0% 70.0% 80.0%
Non-sensitive Data
Agree
Neither Agree,Nor Disagree
Diasgree
Yo
u w
ill c
ont
inue
to u
se th
eir
web
-spa
ce a
s it
offe
rs e
ase
inup
load
ing
pic
ture
s p
refe
rred
thro
ugh
such
we
b-se
rvic
esra
ther
than
usi
ng o
the
r m
odes
of t
rans
ferr
ing
or
shar
ing
pict
ure
s
Using web-space as it offers ease in uploading data
Web applications such as Google Docs
Store videos
Store pictures / photos
Web e-mail services such as Hotmail, G-mail,Yahoo Mail
Figure 5.6: Using web-space which offers uploading ease – Non-sensitive Data
- 60 -
52.3%
47.5%
22.7%
30.0%
25.0%
22.5%
0.0% 10.0% 20.0% 30.0% 40.0% 50.0% 60.0%
Sensitive Data
Agree
Neither Agree,Nor Disagree
Diasgree
Yo
u w
ill o
bse
rve
oth
ers
exp
erie
nce
s a
nd
feel
se
cure
d a
bo
ut
such
ris
ks a
nd
cont
inu
e to
use
su
ch s
erv
ice
s w
itho
ut b
ein
gco
nce
rne
d a
bou
t i
Observing peer experiences and feel secured
Pay-per-Use web services to store your or yourorganisation data online, for instance a collegeuses student administration system to store theirstudent records online
Back-up your hard-drive to an online web-site
Figure 5.7: Observing peer experiences & feeling secured - Sensitive Data
The fourth option was used to evaluate if end-users will be influenced by observing
the experiences of their peers, when using the web-services based on Cloud
Computing and the extent to which they would feel secured about using them
especially when security and privacy risks are hindering the adoption of Cloud
Computing technology.
Whilst the ratio of end-users who do observe peer experiences when using these web-
services, and also feel a sense of security, was dominant as against those who disagree
with the statement. However, as seen in the Figure 5.7, it does indicate when the
people who neither agree nor disagree are considered along with those who disagree it
outnumbers the number of people who do agree with feeling secured only because
others are following the technology.
- 61 -
46.0%
47.2%
45.5%
49.5%
26.5%
26.4%
30.9%
29.2%
27.5%
26.4%
23.6%
21.3%
0.0% 5.0% 10.0% 15.0% 20.0% 25.0% 30.0% 35.0% 40.0% 45.0% 50.0%
Non-Sensitive Data
Agree
Neither Agree,Nor Disagree
Diasgree
Yo
u w
ill o
bse
rve
oth
ers
exp
eri
ence
s an
d f
eel s
ecu
red
abo
ut
su
ch r
isks
an
d c
on
tin
ue
to u
se s
uch
ser
vic
esw
ith
ou
t b
ein
g c
on
cern
ed a
bo
ut
iObserving peer experiences and feel secured
Web applications such as Google Docs
Store videos
Store pictures / photos
Web e-mail services such as Hotmail, G-mail,Yahoo Mail
Figure 5.8: Observing peer experiences & feeling secured Non-Sensitive Data
The Figure 5.8, above suggests a similar trend for users of non-sensitive data such as
e-mails, pictures, videos and web-based applications like Google documents which
has the leading number of 49.5% respondents who agree being secured based on their
peers perception.
Based on what has been discussed so far, end-users are often concerned about security
of data, whether the data is sensitive or insensitive. Despite the availability of open-
access, flexible storage systems which reduces the maintenance, infrastructural and
implementation costs, most users are not completely certain about the security
measures provided by cloud vendors considering there are various risks involved as
data may be accessible to anyone as it is available on the internet. These users realise
that it is not possible to have absolutely no interference when it comes to publishing
data such as pictures on the web.
- 62 -
- 63 -
Hence many users do prefer to use the web-space based on peer’s experiences about
security of a particular cloud-service or a selective cloud-vendor. Thus the importance
of security measures varies with the sensitivity of data along with various
considerations as discussed earlier.
2. Knowledge of the physical location of the data is not the most critical
information desired by the end-users but does hold some relevance.
As learnt from the literature in Chapter 2, where authors have highlighted the
significance of knowing the physical location of the data stored, the same was
assessed amongst the end-users. The cross-tab tool and the filter option were
particularly useful to conduct a content analysis where the characteristics of end-users
such as their web usage, their awareness about Cloud services, and their
innovativeness in accepting technology were systematically identified to understand
the intensity of knowledge about the physical location of the data storage.
Web-usage Types Vs Importance of Location
54.5%
55.5%
45.2%
48.2%
47.3%
45.7%
0.0% 10.0% 20.0% 30.0% 40.0% 50.0% 60.0%
Web applications such asGoogle Docs
Store videos
Store pictures / photos
Web e-mail services such asHotmail, G-mail, Yahoo Mail
Pay-per-Use web services tostore your or your organisationdata online
Back-up your hard-drive to anonline web-site
Figure 5.9: The importance of knowledge about physical location to end-users based on their usage
The first characteristic which was studied to analyse the importance of identifying
the physical data location was the end-users different web usages. As seen in the
Figure 5.9, the X-axis denotes the percentage of end-users who feel knowing the
physical data storage location is important whilst the Y-axis highlights the different
kinds of web-services used by these end-users. The range of this importance varies
from 45.2% for users of web e-mail services up to 55.5% of pay-per-use web service
users.
- 64 -
Although, these figures may seem to be worth mentioning, however, it was found
insignificant when other security measures were analysed in following sub-sections.
The second characteristic was studied by integrating the aspect about the Cloud-
Computing awareness of the end-users relative to their opinion about importance of
knowing the physical data location of the data they store on the internet.
43.7%
80.0%
44.4%
0.0%
20.0%
40.0%
60.0%
80.0%
Importance about knowing thelocation of where your data is stored
Importance of Knowledge of Physical Data Location Vs Cloud Computing Awareness
Yes, I am aware about it anduse it quite oftenly
No, I am not aware or used thistechnology
Not sure, I have heard the term,but not sure what it is exactly
Figure 5.10: The importance of knowledge about physical location to end-users based on their
awareness about Cloud Computing
Figure 5.10 exhibits that only 43.7% of aware end-users believe that knowing the
physical location is important security measure while 44.4% of informed users feel
likewise. Although the figure above does denote 80.0% of unaware users consider
physical data location as a vital piece of information in securing the data hosted on the
web, a key consideration is the fact that only 5 out of the 122 participants were in this
category. (Refer to page 42, Table 4.5)
The third characteristic, concerning the rate of innovativeness of an individual was
amongst the last determinant of analysing the importance of knowing the location of
the data stored.
The innovativeness of the end-users is an ideal personality trait in analysing the role
of security measures such as the information about location of the data store or the
lack of it.
- 65 -
52.9%
40.0%46.9%
25.0%
50.0%
0.0%
10.0%
20.0%
30.0%
40.0%
50.0%
60.0%
Importance about knowing the location of whereyour data is stored
Importance of knowledge of physical data location Vs Rate of Innovatiness
Innovator
Early Adopter
Early Majority
Late Majority
Laggards
Figure 5.11: Importance of knowledge about physical location to end-users based on Rate of
Innovativeness of an Individual
The end-users who possess diverse rate of innovativeness, were questioned about
importance of knowing the physical data location as a security measure. As Figure
5.11 signifies, the variation of the least number being 25.0% of Late Majority users
who are skeptical of using a technology unless majority is using it, while 52.9% of
innovators who are risk-bearing and always ready to transform from existing practices
were the most renowned believers of this information which acts as a considerable
factor in securing data over Cloud-based services.
The outcome of this analysis as discussed thus makes it lucid, that knowing the
physical data location of their data does act as an important measure of security in the
minds of most end-users. However, as there are a number of end-users, who disregard
it, suggests that although it is essential to know the location but is not the most critical
security measure to prevent any unwanted sharing of data or avoiding of similar risks,
when adopting a Cloud solution. Subsequent discussions and analysis will further
establish the most critical security measures when other key choices are appraised.
- 66 -
3. Layers of security such as creating Authentication practices and using
Authorisation processes are most vital when the aim of the Cloud service
provider is to ensure maximum security with utmost reliability, followed by
practising encryption and restricting secondary use of data.
The next step in investigating the layers of security while using Cloud solution was to
check the different security measures. As discussed in the literature against the end-
user’s innovativeness in adopting a relatively new technology in data storage
solutions.
Security Measures amongst different individual innovativness
0.0%
20.0%
40.0%
60.0%
80.0%
100.0%
120.0%
Innovator
Early Adopter
Early Majority
Late Majority
LaggardsInnovator 61.8% 32.4% 52.9% 58.8% 67.6% 79.4% 76.5%
Early Adopter 42.2% 35.6% 40.0% 77.8% 71.1% 77.8% 80.0%
Early Majority 59.4% 40.6% 46.9% 75.0% 75.0% 75.0% 78.1%
Late Majority 25.0% 25.0% 25.0% 100.0% 100.0% 75.0% 75.0%
Laggards 50.0% 0.0% 50.0% 50.0% 50.0% 100.0% 100.0%
Use of familiar platforms for web-services /
Having complete knowledge about
infrastructure,
Location of where your data
is store
Control on secondary usage
Use of encryption
techniques – to
Use of Authentication
Processes –
Authorization practices – to create lists of
Figure 5.12: Importance of security measures based on individual innovativeness
As seen in Figure 5.12, the different security measures such as familiarity of
platforms, knowledge about infrastructure, physical location of data storage, control
on secondary usage, use of encryption techniques, authentication processes and
authorisation practices are represented in the graph based on the rate of
innovativeness of the individual end-users.
- 67 -
The primary security measures are mainly, the use of authentication processes at
79.4% amongst Innovators, Authorisation practices at 80.0% and 78.1% amongst
Early Adopters and Early Majority respectively. Similarly amongst the late majority,
use encryption techniques (100.0%) and control on secondary usage (100.0%) were
the most significant layers of security measures. Laggards, also contributed richly
accumulating for 100.0% share of end-users who chose authentication processes
through open-sources software to create usernames and password as well as
authorization practices as the primary layers of security when using web-services or
web-based applications.
78.6%
77.8%
71.8%
71.8%
52.1%
45.3%
35.0%
0.0% 20.0% 40.0% 60.0% 80.0%
Totals
Security Measures Overall
Having complete knowledgeabout infrastructure, i.e.hardware used, the systems
Location of where your data isstore
Use of familiar platforms for web-services / apps
Control on secondary usage
Use of encryption techniques –to encode your data to add anadditional layer of security incase the cloud vendors securityis hacked
Use of Authentication Processes– through Open-source softwareto create username andpassword
Authorization practices – tocreate lists of people who areauthorised to access information
c
Figure 5.13: Importance of security measures on all end-users
- 68 -
- 69 -
Figure 5.13 describes the importance of different security measures amongst all end-
users who have participated in this research. The most critical factors evident are
authorization practices (78.6%) and authentication processes (77.8%) followed by use
of encryption techniques and restricting secondary usage at (71.8%)
- 70 -
4. Cultural differences do play a profound role when data confidentiality and
privacy of Cloud-based solutions are measured.
The end-users who participated in this research were further categorized based on
their ethnicity to highlight the impact played by their cultural differences in the
adoption of technology. The aim of analysing the responses of end-users in a culture-
wise distribution of various privacy choices was to figure out what do end-users from
different ethnic backgrounds, think about data confidentiality and how do they go
about using web-based applications and services based on clouds, considering the
risks of data being accessible anywhere on the internet and possibly shared to
unknown users.
The decision of using an open-access flexible data storage which may be at a risk
amongst different end-users from various ethnicities was amongst the first privacy
choices which was analysed. An important observation before considering the bar-
chart below is out of the 122 respondents, the majority of them fall into the category
of Indians (30.3%), White-Others (20.5%), and Europeans (18.0%), while the
percentage of Hispanic was almost negligible (0.8%) (Refer to Page 40 for details)
The chart in Figure 5.14, below depicts end-users belonging from ethnic backgrounds
associated with most developed countries such as Americans, White-British, White-
Other’s are more sensitive to sharing their data using flexible cloud solutions where
there is any risk involved which is the first of privacy choices analysed in this section.
The figures obtained speaks for itself where 80.0% Americans, 75.0% Whites -
British and 50% of Whites from Other countries disagree with the choice of taking
data sharing risks by adopting to a Cloud solution in order to protect their privacy
rights.
The only exception amongst users from developed countries are European end-users
who are mostly in favour of adopting to a cloud solution even at risks of data sharing,
while 35% of them still disagree.
25.0% 75.0%
33.3% 16.7% 50.0%
20.0% 80.0%
50.0% 15.0% 35.0%
50.0% 50.0%
44.4% 22.3% 33.3%
20.0% 20.0% 60.0%
60.0% 20.0% 20.0%
100.0%
33.3% 33.4% 33.3%
0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%
White – British
White –Other
American
European
African
Asian
Indian
Chinese
Hispanic
Brazilian
Using open-access, flexible data storage solutions at risk of data sharing
Agree Neither Agree, Nor Disagree Diasgree
Diasgree 75.0% 50.0% 80.0% 35.0% 50.0% 33.3% 60.0% 20.0% 0.0% 33.3%
Neither Agree, Nor Disagree 0.0% 16.7% 0.0% 15.0% 0.0% 22.3% 20.0% 20.0% 0.0% 33.4%
Agree 25.0% 33.3% 20.0% 50.0% 50.0% 44.4% 20.0% 60.0% 100.0% 33.3%
White – British
White –Other
American European African Asian Indian Chinese Hispanic Brazilian
Figure 5.14: Culture-wise distribution of end-users willingness to use
Open-access flexible solutions even at risk of data sharing
On the other hand, when responses from end-users, from developing countries were
examined, their denial to using cloud-based web-services and applications was
considerably lower. Asians accounted for 33.3% while only 20.0% of Chinese end-
users were concerned about risks like personal data being shared to unknown people
when uploaded on Cloud-based servers. Indians, amongst this assortment, were most
concerned with such risks and 60.0% refused the proposal of using such solutions
considering the risks involved therein. The responses from end-users representing
South American countries like Brazil chose evenly accounting for 33.3% for all the
three choices.
- 71 -
The second privacy choice involved identifying the different cultural beliefs in
transmitting personal data such as picture through physical distribution by ways of
hard-copies, burning data on CD’s / DVD’s, transmitting through USB sticks and
having no interference what-so-ever in this aspect.
28.5% 71.5%
41.7% 16.6% 41.7%
20.0% 60.0%
30.0% 30.0% 40.0%
50.0% 50.0%
44.4% 11.2% 44.4%
40.0% 28.6% 31.4%
20.0% 60.0% 20.0%
100.0%
50.0% 33.3% 16.7%
0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%
White – British
White –Other
American
European
African
Asian
Indian
Chinese
Hispanic
Brazilian
Users wanting no interference with personal data and prefering to send physical hard-copies
Agree Neither Agree, Nor Disagree Diasgree
Diasgree 71.5% 41.7% 60.0% 40.0% 50.0% 44.4% 31.4% 20.0% 100.0% 16.7%
Neither Agree, Nor Disagree 0.0% 16.6% 20.0% 30.0% 0.0% 11.2% 28.6% 60.0% 0.0% 33.3%
Agree 28.5% 41.7% 0.0% 30.0% 50.0% 44.4% 40.0% 20.0% 0.0% 50.0%
White – British
White –Other American European African Asian Indian Chinese Hispanic Brazilian
Figure 5.15: Culture-wise distribution of end-users wanting no interference with personal data
A similar trend was observed between end-users from developing and developed
countries. For instance, British and Americans respondent show a majority of 71.5%
and 60.0% respectively, disagreeing with the thought of no interference with their
personal data and being strict about protecting their data by following rigid approach
while transferring data. This observation signifies that these end-users prefer
flexibility in storing and transmitting data at the same time are concerned about
protecting it from being available to unknown entities. The other majority are end-
users from Africa (50.0%), Asia (44.4%) and India (40.0%) who agree with no
interference with their personal data.
- 72 -
The third choice to analyse, although may seem identical to the previous two
discussed above. However, the major consideration over testing this choice amongst
end-users belonging to various backgrounds was to key in the importance of use of
web-space due to uploading ease. Although, it can still be argued that similar analysis
is conducted between these variables, however in my view it was important to find
how much would the ease in uploading, be a factor in comparison to the difficulty in
using physical means of data transmission, discussed in the previous privacy choices.
50.0% 25.0% 25.0%
50.0% 25.0% 25.0%
80.0% 20.0%
60.0% 20.0% 20.0%
100.0%
88.9% 11.1%
74.3% 14.3% 11.4%
60.0% 40.0%
100.0%
83.3% 16.7%
0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%
White – British
White –Other
American
European
African
Asian
Indian
Chinese
Hispanic
Brazilian
Users prefering to use web-space as it offers ease in uploading
Agree Neither Agree, Nor Disagree Diasgree
Diasgree 25.0% 25.0% 0.0% 20.0% 0.0% 0.0% 11.4% 0.0% 0.0% 0.0%
Neither Agree, Nor Disagree 25.0% 25.0% 20.0% 20.0% 0.0% 11.1% 14.3% 40.0% 0.0% 16.7%
Agree 50.0% 50.0% 80.0% 60.0% 100.0% 88.9% 74.3% 60.0% 100.0% 83.3%
White – British
White –Other American European African Asian Indian Chinese Hispanic Brazilian
Figure 5.16: Culture-wise distribution of end-users preferring to use web-space due to its
ease in uploading
As seen in Figure 5.16, the end-users belonging to the White ethnicity (both, British
and Others) are the least amongst the group at 50.0% who agree with the ease of
uploading being a dominant factor impacting their need for keeping data confidential /
protect its confidentiality.
- 73 -
Statistics of each of the other representatives imply that ease in uploading is central to
attract web-usage through Cloud-based solution despite of cultural differences.
The final choice, was straight-forward, precise and aimed at identifying end-user
opinions about feeling secured in respect to privacy risks, by observing others
experiences. This analysis would not only be beneficial to address the privacy risks
but also helps to tackle the security issue which is a crucial marketing issue in
adoption of Cloud Computing technology.
37.5% 12.5% 50.0%
16.7% 45.8% 37.5%
60.0% 40.0%
55.0% 30.0% 15.0%
100.0%
55.6% 22.2% 22.2%
57.1% 17.1% 25.8%
60.0% 20.0% 20.0%
100.0%
50.0% 33.3% 16.7%
0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%
White – British
White –Other
American
European
African
Asian
Indian
Chinese
Hispanic
Brazilian
Users who observe others experiences and feel secured about privacy risks
Agree Neither Agree, Nor Disagree Diasgree
Diasgree 50.0% 37.5% 0.0% 15.0% 100.0% 22.2% 25.8% 20.0% 0.0% 16.7%
Neither Agree, Nor Disagree 12.5% 45.8% 40.0% 30.0% 0.0% 22.2% 17.1% 20.0% 0.0% 33.3%
Agree 37.5% 16.7% 60.0% 55.0% 0.0% 55.6% 57.1% 60.0% 100.0% 50.0%
White – British
White –Other American European African Asian Indian Chinese Hispanic Brazilian
Figure 5.17: Culture-wise distribution of end-users who observe others experiences in feeling
secured about privacy risks
Figure 5.17, above shows a complete contrast to the previous choices where
responses of end-users from developing and developed countries were discussed and
analysed. The culture-wise distribution of end-users who feel secured about privacy
risks by observing others experience demonstrated that 60% Americans, 55%
- 74 -
- 75 -
Europeans, 55.6% Asians, 57.1% Indians, 60% Chinese and 100% Hispanic
ethnicities were influenced by peers, colleagues and others more than their
counterparts.
Despite of analysis between the two variables of ethnic background and the privacy
options they prefer, what was desired to diagnose was the cultural impact into the rate
of individual innovativeness.
Culture Vs Innovativeness
Person who is an initiator, risk-taking,
ready to change from
current practices
An opinion leader, ready to
try out new ideas
(technology) before others do
Person who is thoughtful, careful but
accepts changes more swiftly then
others
A skeptical person who will use technology
only after majority is
using it
Traditional person who will
accept technology once it has
become mainstream and universally used
White – British 8.3% 8.9% 3.0% 0.0% 0.0%
White – Other 27.8% 17.8% 12.1% 50.0% 50.0%
American 5.6% 2.2% 3.0% 25.0% 0.0%
European 16.7% 26.7% 9.1% 0.0% 0.0%
African 5.6% 0.0% 0.0% 0.0% 0.0%
Asian 2.8% 6.7% 12.1% 25.0% 50.0%
Indian 30.6% 28.9% 39.4% 0.0% 0.0%
Chinese 2.8% 0.0% 12.1% 0.0% 0.0%
Hispanic 0.0% 0.0% 3.0% 0.0% 0.0%
Brazilian 0.0% 8.9% 6.1% 0.0% 0.0%
Table 5.1: Culture Vs Rate of Individual Innovativeness
The majority of response rates were from end-users belonging to communities such as
Indian, White-Others, Europeans and Americans. As seen in Table 5.1 above, only
concentrating on this majority, their rate of innovativeness varies and hence they are
classified into different groups based on their individual innovativeness. Indian’s
contribute to a majority of Early Majority at 39.4%, Europeans end-users are
primarily Early Adopters with a majority of 26.4%, while 25.0% of American
respondents who participated in this research accounted for mostly late majority who
accept use of technology when the majority has accepted it.
5. The most influential factor initially in the decision making process about
technology acceptance is primarily based on suitability of needs, while they
perceive technology as acceptable if there are long-term sustainable benefits
associated with its acceptance
The respondents were also questioned about the most influential factor when it
comes to first hearing about a cost-effective technology. The reason the question
specifically stated “cost-effective” was to present the option to disregard the cost
factor involved which may be a distinguishing factor based on income-levels of
an end-user. Since this study does not go in-depth in studying individual
characteristics of income levels, which could possibly be an area of further
research.
The results as seen in Figure 5.18, implies that when a new technology comes
into existence, the 89.2% end-users focus on it’s suitability to their needs before
considering making any decision about acceptance or rejection of the same.
89.2%41.7%
69.2%55.0%
53.3%
37.5%30.8%
27.5%
0.0% 10.0% 20.0% 30.0% 40.0% 50.0% 60.0% 70.0% 80.0% 90.0%
Response Percent
Factors initially considered in decision making process about technology acceptance
Whether any unanticipated / side-effects of the new technology are looked upon by the service-providerWhether Post-sales services will be offered by its vendorWhether visibility of its results are seen alreadyWhether any trial options will be offered to you to test itWhether it is relatively advantageous than the previous oneWhether it will deliver as promisedWhether it is compatible with industry standardsWhether it is suitable to your needs
Figure 5.18: Factors influencing end-users at the initial stage of newly developed technology
- 76 -
- 77 -
The next most crucial factor is whether the given technology will deliver as promised.
Cloud vendors, like most marketers make promises to attract the use of Cloud-based
data storage systems.
Based on this reason, end-users as much as 69.2% of the total respondents opted for
deliverability standards as promised.
When you hear about a cost-effective new technology, you first consider? (Multiple Choice)
Response Percent Response Count
Whether it is suitable to your needs 89.2% 107
Whether it is compatible with industry standards 41.7% 50
Whether it will deliver as promised 69.2% 83
Whether it is relatively advantageous than the previous one 55.0% 66
Whether any trial options will be offered to you to test it 53.3% 64
Whether visibility of its results are seen already 37.5% 45
Whether Post-sales services will be offered by its vendor 30.8% 37 Whether any unanticipated / side-effects of the new technology are looked upon by the service-provider
27.5% 33
Table 5.2: Response-percent and Response-Count (Max: 100% or 120 responses, 2 skipped)
The Table 5.2 represents rest of all the other factors such as compatibility with
industry standards, relative advantage over the previous technology, trial-ability
options, visibility of the results of the given technology, post-sales services offers and
any other unanticipated / side-effects being looked upon by the service provider.
The next set of responses were analysed to distinguish the most crucial factors while
accepting / rejecting a new technology. There was an open-ended text-box also
incorporated to capture any factors which may have been overlooked. The end-users
were thereby encouraged to specify any factors not present in the original
questionnaire design.
50.4%
24.4%
70.6%
64.7%
7.6%
5.9%
0.0% 10.0% 20.0% 30.0% 40.0% 50.0% 60.0% 70.0% 80.0%
Response Percent
Factors influencing while accepting / rejecting a new technology
Proper training, knowledge and organisation's support Social group’s acceptance : Peers/Colleagues point of view
Long-term benefits associated with it Ability to use the technology
Status symbol or Brand Image in using it Other (please specify)
Figure 5.19: Factors influencing end-users while accepting / rejecting a new technology
Which of the following factors influence you most in accepting / rejecting a new technology? (Multiple choice answer)
Response Percent Response Count
Proper training, knowledge and organisation's support 50.4% 60
Social group’s acceptance : Peers/Colleagues point of view 24.4% 29
Long-term benefits associated with it 70.6% 84
Ability to use the technology 64.7% 77
Status symbol or Brand Image in using it 7.6% 9
Other (please specify) 5.9% 7
Table 5.3: Response-percent and Response-Count (Max: 100% or 119 responses, 3 skipped)
The table 5.3 represent the various factors along with the percentage & count of end-
users who selected the particular choices. The most common amongst all the end-
users was the long-term benefits associated with the given technology (Cloud
Computing), in context to this research. 70.6% of end-users were concerned about the
long term benefits offered by Cloud-computing to maintain sustainable competitive
advantage in the long-run. The other two factors were closely associated to each other
namely the ability to use technology (64.7%) and support from organisation through
imparting knowledge and training (50.4%)
- 78 -
6. Uncertainty avoidance affects the end-user behaviour differently based on
their age and gender
It has been learnt from the literature that there are various uncertainties which revolve
around the technology acceptance model. Users are wary about many unknown
possibilities associated with the technological adoption. This research does involve
addressing the question as to which are the key uncertainty elements, which if
controlled may affect end-user behaviour positively by studying their characteristics
and their behaviour. Participants from different age-groups and genders were
presented a series of alternatives in considering adoption of technology from the time
they first hear about a new technology (Cloud-computing, in context of this research),
till the end of the decision-making process about accepting or rejecting its use. The
charts below highlight the key uncertainty areas both gender-wise and age-wise to
prove the above finding.
Gender-wise distribution of crucial uncertainty factors
89.0%
45.0%
69.0%
55.0%
54.0%
38.0%
33.0%
29.0%
90.0%
25.0%
70.0%
55.0%
50.0%
35.0%
20.0%
20.0%
0.0% 10.0%
20.0%
30.0%
40.0%
50.0%
60.0%
70.0%
80.0%
90.0%
100.0%
Suitability to your needs
Compatiblity to industry standards
Deliverable as promised
Relatively advantageous over previous technology
Trial options offered to test it
Visibility of results seen already
Post-sales services offered by the vendor
Service provider's initiative in taking Un-anticipated / side-effects into account
Male Female
Figure 5.20: Gender-wise distribution of uncertainty factors
Figure 5.20, highlights that suitability of needs of a given technology to an end-user
is the most crucial factor which if looked upon by the cloud-vendors will pay rich
dividends in acceptance of this new form of computing.
- 79 -
Most men and women, 89.0% and 90.0% respectively have chosen this factor
associated with the market uncertainty as described by Moriarity et.al (1989),
Gardner, D (1990) and Moore, G (2002).
This is followed by the technological uncertainty of deliverability as per promises of
the cloud-vendors. A similar ratio of 69.0% and 70.0% was observed between the
males and females who opted to participate for this research. An observation worth
mentioning was the difference of opinion regarding the compatibility of industry
standards offered by Cloud-based solutions between the two genders where 45.0%
men supported, only one quarter of women considered it as an crucial uncertainty
factor.
Similarly, the age-wise distribution below in Figure 5.21, illustrates an interesting
disparity between end-users of different age-groups. Identical to the gender-wise
distribution of crucial uncertain factors selected by end-users about acceptance of
technology, suitability of needs and deliverability of technology as promised does
appear to the be most prominent factor across all ages between 18 – 29 years, 30 – 49
years and 50 – 64 years old.
Age-wise distribution of crucial uncertainty factors
83.7%
44.2%
69.8%
60.5%
48.8%
37.2%
23.3%
27.9%
94.0%
41.8%
67.2%
49.3%
58.2%
34.3%
35.8%
23.9%
80.0%
30.0%
80.0%
70.0%
40.0%
60.0%
30.0%
50.0%
0.0% 10.0% 20.0% 30.0% 40.0% 50.0% 60.0% 70.0% 80.0% 90.0% 100.0%
Suitability to your needs
Compatiblity to industry standards
Deliverable as promised
Relatively advantageous over previous technology
Trial options offered to test it
Visibility of results seen already
Post-sales services offered by the vendor
Service provider's initiative in taking Un-anticipated / side-effects into account
18 – 29 years 30 – 49 years 50 – 64 years
Figure 5.21: Age-wise distribution of uncertainty factors
- 80 -
- 81 -
Yet again, factors such as service providers initiative in reference to un-anticipated
side-effects is more popular 50.0% amongst the age group of 50-64 years.
A similar trend is observed for factors such as visibility of results and relative
advantage over the previous technology where end-users from the 50-64 year age-
group rated them 60.0% and 70.0% respectively.
- 82 -
7. The significance of privacy in relation to Cloud-based information systems
has multiplied as most end-users like to see the Cloud vendors impose a
series of privacy measures. One can only ensure that the required data is
shared while PII is protected, if the combination of all the privacy measures
is practised simultaneously.
Privacy control measures advocated by authors like Bagehi and Atluri (2006),
Jahankhani (2009) and Velte (2010) were put to test using this research to test the
end-user's opinions about the combination of these techniques. Using a Likert's scale
rating of 1-5, (where 5 was treated as most important and 1 as least important), based
in the order of importance six variables were tested as stated in the previous chapter
(Refer Figure 4.11, Page 48). Among the total respondents, 91.5% of the end-users
felt their identity and personal information was protected if the websites disclose who
may have access all their personal information. This right to control not only seemed
to bestow confidence to these users to protect their identity, but also offer them an
incentive to use cloud-based services as they may decide who can / cannot view their
personal data.
On the other hand, privacy control measures like identifying the data collection and
sharing process by websites and issuing digital certificates were identified to be not to
important as 26.7% of the population opted for the 3 rating which signified that
although they may help restoring confidence in the minds of the end-users about the
challenges of Cloud data privacy, however its absence may not affect one-fourth of
them. To add to this, 12.9% of the participants viewed it as completely unimportant.
Despite of the popularity of using such digital certificates in the banking industry for
its online customers, to make it more secured and protect customers from identity
thefts, this research highlights that from an end-user point of view, issuing of digital
certificates alone, does not suffice the purpose. Moreover, some end-users who visit
these websites are not concerned, if their data is collected, stored and shared with any
other organisation, which is contrary to what the literature states.
- 83 -
6. CONCLUSION
By investigating attitudes, perceptions, beliefs and behaviour of the end-users of
Cloud computing, this dissertation explained the importance of analysing end-users
opinions when attempting to tackle issues of data security and privacy. High-tech
marketers, such as cloud vendors unlike other marketers have to focus on more than
just managing the traditional marketing mix of 4Ps. While the traditional marketing
campaigns include a series of activities one uses to spread the word out, to get through
to the right people in an effort to be identified by others, to identify Who they are?, to
communicate What they are into? and to notify Where they can be found?, the
marketing of cloud computing services is managed through vendors CRM Marketing,
where multiple campaigns are integrated and managed across diverse systems. For
instance, Salesforce™, an enterprise cloud-computing company manages their
campaigns through Salesforce CRM Marketing, an integrated multi-layered approach
which assists them in protecting the critical user data along with ensuring that cloud-
based applications, processes and systems are monitored and improved upon in order
to meet the challenges and ever-increasing demands of security.
6.1. Research Aims – Restated
The current study was undertaken with an aim to determine key attributes of end-
users which may be useful to cloud vendors in meeting security and privacy
challenges from an end-user perspective. The level of data security and confidentiality
varies across individual end-users from different cultures as their beliefs, attitudes and
perceptions differ. While these characteristics were being examined during the
research, another decisive study about key variables to avoid uncertainty revolved
around this research work. The literature discussed in the beginning of this study
predominantly included thoughts and studies about technology acceptance, in context
to Cloud computing and its challenges by different writers. However, by and large all
the studies were from an organisation perspective, giving least amount of interest to
end-user’s point of view about such challenges.
- 84 -
The complex nature of security and privacy issues was a driving force in conducting
this research to comprehend what Cloud-computing has to offer as it is considered to
be the next-big thing after world-wide-web.
6.2. Summary of the Findings
This section summarizes the findings of this research.
1. Irrespective of the data sensitivity, almost ½ of total end-users oppose the use
of open-access & flexible data storage facility when there is an element of risk
involved, such as data sharing to unknown users
2. ¼ of the total respondents are neither in favour, nor against no interference with
their personal photos and the remainder ¾ is evenly distributed across for and
against sharing data through physical distribution.
3. Ease in uploading data on such cloud-based servers does entice users in
continuing using web-space especially in case of backing up hard-drive to an
online website (Sensitive Data) and storing videos which is usually considered
as Non-sensitive data
4. Near-about half of participants feel secured by observing peer experiences
about a technology.
5. Identification or knowledge about physical data location is not the most
critical piece of information considered necessary by expert end-users who use
variety of web-usage services and possess different levels of innovativeness
levels
6. Instead, the most important element when considering layers of security is
creating lists of people who are authorised to access information by following
authorisation practices, followed by using authentication procedures.
- 85 -
It is here where open-source software’s can be best employed to create usernames
and passwords
7. Culture affects the end-users willingness to use cloud-based solutions in the
presence of risk such as data sharing to unknown users over the internet. For
instance; 75% of British respondents were willing not to use cloud based data
storage facility while 60% of the Chinese participants responded in the
affirmative
8. Observing others experiences and feeling secured about privacy risks is
another common view across cultures
9. Technology which can prove its made to suit end-user needs and has long-term
benefits cannot fail
10. End-users belonging to different genders and age-groups may feel differently
about kinds of uncertainties. For instance, only 25% females feel compatibility
of industry standards is crucial to the success of a given technology, whilst
almost half of the male population opted in favour for it. Similarly, more than
50% end-users in the age-groups of 50-64 years old are concerned about
visibility of results of a given technology and whether the service provider is
taking into account any unanticipated side-effects. In comparison, less than 1/3rd
of the younger population are apprehensive about these uncertainty factors.
11. When it comes to protecting personal identified information (PII), end-users
sense security increases if web-sites disclose who may have access to the
information they enter upon using a cloud-based service. The right to control
their information, is thus a key right upon exercising which the end-users
acquire assurance about data privacy
- 86 -
6.3. Significance of the Research
The findings of this research support the fact that security is a primary concern for
end-users when adopting cloud-based storage solutions. This is more significant when
the data sensitivity is measured. Through this research, the data sensitivity was
considered by analysing the web-usage of the end-users. Results prove that an
element of risk of data security such as data access to unknown users may be adequate
for more than 50% end-users not to use web-based services where their data
(irrespective whether sensitive or non-sensitive) needs to be stored on cloud-based
storage systems. In practice, this offers the cloud-vendors an incentive to develop
secured cloud-solutions targeted to all kinds of end-users with no separate investment
of time and money for different data types. The study established a few interesting
findings such as evenly distributed responses between end-users who prefer no
interference with their data by using physical distribution mechanisms against other
end-users who are in favour of data intervention rather than using physically
transmitting data through USB sticks, CD’s and DVD’s.
The cloud service providers can be benefited by this study as it encompasses certain
facts which may be practically employed when marketing cloud-storage solutions.
The ease in uploading data was one such determinant of the popularity of cloud-based
services amongst end-users, particularly those who backup their hard-drive to an
online website and others who store videos online. The significance of peer’s
experiences in the acceptance of technology rose as an empirical evidence through
this study. While this research provides knowledge to the cloud service provider of
what’s required to enable them to effectively market these solutions, it does highlight
on some not too important areas which can be overlooked so as utilise available
resources effectively. The study does suggest, knowledge about physical data location
is not the most crucial factor which was contrary to studies by Jahankhani et. al
(2009). Firstly, in lieu of such knowledge, the list of people authorised to access
information entered while using cloud-services on websites does generate confidence
in the minds of the end-users. Cloud providers can be best served by investing in
educating the end-users by following authorisation procedures to create such lists.
- 87 -
To second that, the use of open-source software and virtual infrastructure should be
encouraged. This involves a dynamic mapping of the available resources to one’s
business, which will result not only in decreasing the cost of efficiencies, but would
also help increasing responsiveness and efficiencies. With a selection of such
infrastructure in place, creation of user-names and passwords by following
authentication practices can only help cloud-vendors tackling the challenge of data
security and privacy revolving over the Cloud Computing technology.
As studied in the literature, the research study proved that culture is an integral
constituent when dealing with the acceptance of technology. By studying individual
characteristics, such as age, gender, ethnicity, first language / preferred language, etc.
this study was aimed at exploring the effects of culture on data security and privacy
issues related to data storage using Cloud-based storage systems. Although linguistic
effects were not tested during this research, it was included in the questionnaire
design to verify if language was a barrier in end-users comprehensibility of the term
“Cloud-computing”. The fact that 88.5% of respondents responded affirmatively
about the awareness of the term was an adequate enough piece of evidence based on
which the decision to neglect language effect in this research was taken. In addition,
the research does emphasise that despite of cultural differences, a common
observation across cultures is that effect of other’s / peers experiences in feeling
secured about publishing data using cloud-based storage systems.
Most importantly, the study advocates cloud-vendors to innovate and arrive at
technology solutions focussed on suiting end-user needs and offering long-term
benefits to gain competitive sustainable advantage. This is possible by keeping a
check on various uncertainty factors. As this study includes findings of different
uncertainty factors for end-users in different age-groups and belonging to both
genders, the cloud vendors are presented a road ahead to develop storage solutions
targeted at various segments. Lastly, the impact of right to control and restricting the
secondary use of data does seem to be the way forward for cloud-vendors in
protecting personally identifiable information, particularly after this study.
- 88 -
To conclude, the findings of this research enhance our knowledge about data security
and privacy from an end-users perspective. The factors considered by these end-users
as important can be useful for service providers in formulating a new business
strategy whilst developing suitable solutions which are more secured and ensure
protection of data stored through Cloud Computing technology.
- 89 -
7. RECOMMENDATIONS
The study in this research highlights the importance of understanding end-user
behaviour when promoting the use of a new technology such as cloud computing.
Upon analysing the responses of the end-user, it was evident certain key findings
would generate valuable recommendations for providers of Cloud-based storage
solutions. The end-user perspective was intentionally chosen as an area of research as
not much literature has been written in context of acceptance of Cloud computing,
particularly focussing on the security and privacy challenges.
These recommendations for cloud-vendors after studying the end-users through this
study are as follows:
a) Reducing risk element, irrespective of data sensitivity: The cloud-vendors or the
service providers providing cloud-based storage solutions may focus on reducing the
risk element when offering any Cloud-based services, without compromising on data
which may be insensitive. Often levels of data security are associated with data
sensitivity. From an organisation perspective, it may be advisable to offer additional
security depending upon data sensitivity. However, as the research findings highlight
irrespective of data sensitivity more than 50% end-user resist the temptation of using
cloud services at the cost of risks involved.
b) Cashing-on the known benefits: The responses obtained from the end-users
suggests there are some core-deliverables like ease in uploading which is one of the
core benefits of cloud services. Marketing issues such as privacy and security have
prevailed for a number of years in the software industry. However, as this study
suggests certain known benefits like ease in uploading, other’s / peers experiences
about feeling secured should be utilised more often by cloud-vendors as these are the
core factors why end-users adopt for such cloud-services.
- 90 -
c) Acknowledging cultural differences in technology acceptance: The research
findings emphasised the impact of cultural differences on end-users willingness to use
cloud-based solutions. Cloud vendors are aware about it. However, through this study
it is clear; acknowledging such end-users characteristics and differences will enable
them to tackle the uncertainty revolving around the acceptance of technology as
studied in the Technology Acceptance Model. Similarly, the gender-differences and
age-differences if studied before formulating a marketing plan will pay rich dividend
to the efforts of the cloud vendors.
d) Exercising and educating the “Right to Control”: As discovered from the
research findings, the right to control and restricting the secondary use of data is one
key attribute praised by end-users. The information about who may have access to
their data not only gives them a sense of security about their data, it also allows them
to protect their personally identified information and exercise their privacy rights.
What cloud-vendors ought to do is to educate the end-users about their right to control
their data against any secondary use without their knowledge.
- 91 -
8. LIMITATIONS
The limitations of this research have been acknowledged in previous chapter
where discussion about the findings has been discussed in detail. There are a few
limitations which were identified as the research design was implemented.
a) Identifying the “right amount” of samples, given the time constraint:
The primary limitation of this research was identifying sample size which would
represent the end-users of Cloud computing. As this technology is gaining
popularity, the number of end-users is ever-increasing. Although the survey was
released and invitations were send well within the first two months of the
commencement of this study, as well as exactly a month being allocated to collect
responses, a total of 122 completed responses were obtained, which may seem to
be a good amount of responses considering the time-scales of this study. However,
if addition time is devoted for a similar study in future, it would represent the right
amount of samples representing the research population.
b) Data Sensitivity:
This research assumes that end-users regard data as sensitive and non-sensitive
data. The bifurcation of data sensitivity is based on their web-usage. For instance,
pictures / photos which are normally published on social networking websites are
considered to be as non-sensitive data, whilst when a professional who uses a pay-
per-use Cloud based service to backup the organisational data, is considered to be
a user of sensitive data. This research does not take into consideration the time
effect or the circumstances change consequences. An end-user, for instance; a
news reporter may have exclusive pictures to be transmitted using an online-
service such as Picasa to his colleague for publishing the news, may consider this
data as most sensitive. Similarly, after a period of time, the same data may be non-
sensitive data if it has been published and available to everyone. Thus, the time-
effect of data sensitivity has a profound impact on the end-users choice.
- 92 -
Considering the same example, if the reporter has been asked to resign from the
job before sharing the news and updating his boss about the exclusive pictures
being captured and available with them, the data sensitivity also alters due to a
change in circumstances.
These limitations are not necessarily criticisms of the research. However, it is
methodologically challenging to know the time effect and change in
circumstances and what needs to be done about it. For e.g. there may be a
possibility of getting the respondents reply on a more sensitive scale like a 1-20
scale other than the 1-5 scale considered in this research. However, even if a
participant responds giving a rating of 14 as instead of 15, there needs to be a
participation of skilled respondents who can differentiate the difference and
reason of selecting a different rating. The analysis of such sensitive scale may also
need a highly skilled analyst who may be able to comprehend that all the
respondents who have rated 17 on a 20 point scale mean the same thing. In
practice, one cannot do it very reliably unless additional time is devoted for
increasing the sample size to reduce individual differences. In addition, use of
other triangulation measures by collecting data through interviews and focus
groups in order to formulate reliable meanings of different scales.
- 93 -
9. AREAS OF FURTHER RESEARCH
As pointed out by the limitations of this research, there is a scope of further research
on analysing the data sensitivity factor amongst the end-users. If opportunity presents,
I would like to take this research on a more sensitive scale of measuring the
sensitivity of data in the minds of end-users. In addition to the sensitivity of data, the
fact that 20% of respondents in this research are undecided about no interference with
their data for using open-access flexible solutions offered by cloud-vendors is another
interesting observation which can be meaningful if these respondents are interviewed
or invited to be a part of a focus-group.
Time-effect of data sensitivity is another avenue which is unanswered in this research.
However, it has been identified towards the closing stages of this study which shows
the way forward. The influence of cost-effectiveness factor in acceptance of
technology by end-users can be studied by encouraging the participants to provide
their income-levels which were not included in this research, primarily due to which
the questionnaire design, explicitly stated “cost-effective” to encourage participants to
focus on other factors which influence them in acceptance of technology rather than
on costs.
- 94 -
REFERENCES
Agarwal, R., and Prasad, J. (1998) “A Conceptual and Operational Definition
of Personal Innovativeness in the Domain of Information Technology”,
Information Systems Research (9:2), pp.204-215
Agarwal, R. (1999), “Individual acceptance of information technologies”
Accessed On: April 15, 2010
Accessed At:
http://www.c4ads.seas.gwu.edu/classes/CSci285_Fall_2004/readings/9/require
d/Agarwal_02.pdf
Aley, J (2003), “Qualcomm: Heads We Win, Tails We Win”, Fortune
Accessed On: June 17, 2010
Accessed At:
http://money.cnn.com/magazines/fortune/fortune_archive/2003/03/03/338374/
index.htm
Bagehi, A. and Atluri (2006), “Information Systems Security”, Second
International Conference, ICISS, Springer, India
Bandura, A. (1986) “Social Foundations of Thought and Action: A Social
Cognitive Theory”, Prentice Hall, Englewood Cliffs, New Jersey
Bell, J. (2005), “Doing Your Research Project”, 4th Ed., Open University
Press, Buckingham
Boynton, A. D., Zmud, R. W., and Jacobs, G. C. (1994) “The Influence of IT
Management Practice on IT Use in Large Organizations”, MIS Quarterly
(18:3), pp. 299-318
- 95 -
Bryman, A. and Bell, E. (2007), “Business Research Methods”, 2nd Ed.,
Oxford University Press, Oxford
Brockman, J (2009),“Counting on the cloud to drive computing’s future”,
NPR
Accessed On: March 9th, 2010
Accessed At - URL:
http://www.npr.org/templates/story/story.php?storyId=102453091
Brown, M. (2009), “White Paper : Cloud Computing”, Maximum PC
Accessed On: March 6th, 2010
Accessed At - URL: http://www.maximumpc.com/print/5047
Buchanan, D., Boddy, D. and McCalman, J. (1988), “Getting in, getting on,
getting out and getting back”, in Bryman, A, “Doing Research in
Organisations”, Routledge, pp. 53-67, London
Chesbrough, H., Vanhaverbeke. W. and West, J (2006), “Open Innovation :
Researching a New Paradigm”, Oxford University Press, Oxford
Christensen, C.M., (1992), “Exploring the limits of technology S-Curve”, Part
1:Component technologies, Production and Operations Research, Vol.1, No.4,
334ff
Davis, F. D. (1989), “Perceived Usefulness, Perceived Ease of Use, and User
Acceptance of Information Technology”, MIS Quarterly(13:3), pp. 319-339
Delone, W. H. (1988) “Determinants of Success for Computer Usage in Small
Business”, MIS Quarterly (12:1), pp. 51-61
Dillon, W.R., Madden. T.J., and Firtle, N.H. (1993), “Essentials of marketing
research”, Irwin, Illinois
- 96 -
Easterby-Smith, M., Thorpe, R. Jackson, P. and Lowe, A.(2008),
“Management Research”, 3rd ed., Sage, London
Ettlie, J.E. (2006), “Managing Innovation : New Technology, Products, and
New Services in a Global Economy”, 2nd Ed, Butterworth-Heinemann, India
Fishbein, M., and Ajzen, I.(1975), “Belief, Attitude, Intention and Behavior:
An Introduction to Theory and Research”, Addison-Wesley, Reading, MA
Fuerst, W. L., and Cheney, P. H. (1982),“Factors Affecting the Perceived
Utilization of Computer- Based Decision Support Systems in the Oil
Industry”, Decision Sciences (13:4), 1982, pp. 554-569
Fulk, J. (1993), “Social Construction of Communication Technology”,
Academy of Management Journal (36:5), pp. 921-950
Gardner, D. (1990), “Are High Technology Products Really Different”,
Faculty working paper case #90-1706, University of Illinois, Urabana
Gartner Press Release (2007), “Gartner Forecasts Worldwide
Communications-as-a-Service Revenue to Total $252 Million in 2007”,
August 2007
Goodenough, W.H. (1971), “Culture, Language and Society”, Modular
Publications, Reading
Gill, J., and Johnson, P. (2002), “Research Methods for Managers”, 3rd Ed.,
Sage Publications, London
Getting Creative, Special Report in Business Week (August 1, 2005)
- 97 -
Gralla, P. (2009), “Google Docs Vs Microsoft Office: It’s a matter of trust”,
Computer World
Accessed On: March 9th, 2010
Accessed At - URL:
http://www.computerworld.com/s/article/343002/Google_vs._Microsoft_It_s_
a_Matter_of_Trust
Hoyer, W.D and Maccinis, D.J (2009), “Consumer Behaviour”, 5th Ed.,
South-Western : Cengage Learning, USA
IDC Enterprise Panel (2008a), “IDC findings”, pp. 154 in Rittinghouse, J.W.
and Ransome, J.F. (2010), “Cloud Computing – Implementation, Management
and Security”,CRC Press, London
Igbaria, M. (1990), “End-user computing effectiveness: a structural equation
model” Omega, 18 (6)
Jacoby, Jacob, Szybillo, G.J. and Berning, C.K. (1976), “Time and Consumer
Behavior : An Interdisciplinary Overview”, Journal of Consumer Research, pp
320-339
Jahankhani, H., Hessami, A.G., and Hsu, F (2009), “Global Security, Safety,
and Sustainability: 5th International Conference”, London, UK
Jankowicz, A.D. (2005), “Business Research Projects”, 4th Ed., Thomson,
London
Kaplan, Jeffrey (2009), “Five myths about SaaS”, CIO
Accessed on 10/04/2010
Accessed at: http://cio.com/article/print/486091
- 98 -
Leonard-Barton, D., and Deschamps, I. (1988), "Managerial Influence in the
Implementation of New Technology," Management Science (34:10), 1988, pp.
1252-1265
Leonard-Barton, D. (1987), “Implementation of Structured Software
Methodologies: A Case of Innovation in Process Technology”, Interfaces
(17:3), pp. 6-17
Lewis, W., Agarwal, R. and Sambamurty, V (2003), “Sources of Influence on
Beliefs about Information Technology Use : An Empirical Study of Knowledge
workers”, MIS Quarterly, Vol. 27, No. 4, pp. 657-663
Linton, R (1945), “The Cultural Background of Personality”, Appleton-
Century, New York
March, J. and Simon, H. (1958), “Organisations”, John Wiley & Sons, New
York
Mathieson, K. "Predicting User Intentions: Comparing the Technology
Acceptance Model with the Theory of Planned Behavior," Information
Systems Research (2:3), 1991, pp. 173-191
McBurney, D.H. and White, T.L. (2007), “Research Methods”, 8th Ed.,
Cengage Learning, Wadsworth
Melone, N. P. (1990), “A theoretical assessment of the user-satisfaction
construct in information systems research”, Management Science, 36 (1)
Miles, M.B. and Huberman, A.M. (1994), “Qualitative Data Analysis”, 2nd
Ed., Thousand Oaks, Sage, CA
- 99 -
Miller, M. (2009), “Cloud Computing : Web-Based Applications That Change
the Way you Work and Collaborate Online”, Que Publishing, USA
Mohr, J., Sengupta, S. and Slater, S. (2005), “Marketing of High-Technology
Products and Innovations”, 2nd ed., Pearson Education, New Jersey
Monge et.al (1992); Pennings and Harianto (1992); in Agarwal,R. (1999),
“Individual acceptance of information technologies”
Accessed On: April 11, 2010
Accessed At:
http://www.c4ads.seas.gwu.edu/classes/CSci285_Fall_2004/readings/9/require
d/Agarwal_02.pdf
Moore,G . C., and Benbasat, I (1991), "Development of an Instrument to
Measure the Perceptions of Adopting an Information Technology Innovation,"
Information Systems Research (2:3), 1991, pp. 192-222
Moore, G. (2002), “Crossing the Chasm, Marketing and Selling Technology
Products to Mainstream Customers”, Harper Business, New York
Moriarty, R. and Thomas, K. (1989), “High-Technology Marketing: Concepts,
Continuity and Change”, Sloan Management Review, 30(Summer), pp.7-17
Oppenheim, A.N. (2000), “Questionnaire Design: Interviewing and Attitude
Measurement, New Ed., Continuum International, London
Page, C., and Meyer, D. (2000), “Applied research design for business and
management”, Irwin, Sydney
Polonsky, M.J. and Waller, D.S. (2004), “Designing and Managing a
Research Project: A Business Student’s Guide”, Sage Publications, India
- 100 -
Raimond, P. (1993), “Management Projects”, Chapman & Hall, London
Raymond, L. (1988), “The Impact of Computer Training on the Attitudes and
Usage Behavior of Small Business Managers” Journal of Small Business
Management (26:3), 1988, pp. 8-13
Robson, C. (2002), “Real World Research”, 2nd Ed., Blackwell, Oxford
Rogers, C.R. (1961), “On Becoming a Person”, Constable, London
Rogers, E. M. (1995), “Diffusion of Innovations”, 4th ed., Free Press, New
York
Rittinghouse, J.W. and Ransome, J.F. (2010), “Cloud Computing –
Implementation, Management and Security”, CRC Press, London
Sanders, G. L., and Courtney, J. F. (1985), “A Field Study of Organizational
Factors Influencing DSS Success,” MIS Quarterly (9:1), pp. 77-91
Saunders, M., Lewis, P., and Thornhill, A. (2009), “Research Methods for
Business Students”, 5th ed., Prentice Hall, London
Sahal, C.(1991), “Patterns of technological innovation”, Addison-Wesley
Publishing Company, Inc., Reading
Schmitz, J., (1991), “Organizational Colleagues, Media Richness, and
Electronic Mail: A Test of the Social Influence Model of Techno-logy Use”,
Communication Research (18:4), pp. 487-523
Sekaran, U. (2003), “Research Methods for Business: A Skill-Building
Approach”, 4th Ed., Wiley, New York
- 101 -
Schumpeter, J.A. (1934), “The Theory of Economic Development”, Harvard
University Press, Cambridge
Schwartz, Ephraim (2008a), “The dangers of cloud computing”, InfoWorld,
Accessed On: 13/06/2010
Accessed At: http://www.infoworld.com/d/cloud-computing/dangers-cloud-
computing-839
Spears, Nancy, Ziaohua, and Mowen, J.C. (2001), “Time Orientations in the
United States, China and Mexico: Measurement and Insights of Promotional
Strategy”, Journal of International Consumer Marketing, pp. 57-75
Sun Microsystems, June 2009, “Introduction of Cloud Architecture”
Whitepaper 1st Edition, USA
TRUSTe Press Release (2008), “Ponemon Institute and TRUSTe Announce
Results of Annual Most Trusted Companies for Privacy Survey”
Accessed On: 11/04/2010
Accessed At: http://www.truste.com/about_TRUSTe/press-
room/news_truste_ponemon_name_trusted_companies_08.html
Tranfield, D., Denyer, D. and Smart, P. (2003), “Towards a methodology for
developing evidence-informed management knowledge by means of systematic
review”, British Journal of Management, Vol 14, No.3, pp. 207-222
Usunier, J. and Lee, J.A. (2009), “Marketing Across Cultures”, 5th ed.,
Prentice Hall, Harlow
Velte, A.T., Velte, T.J., and Elsenpeter, R. (2010), “Cloud Computing : A
Practical Approach”, McGraw-Hill, USA
- 102 -
Venkatesh, V., Morris, M.G., Davis, G.B. and Davis, F.D. (2003), “User
Acceptance of Information Technology”, MIS Quarterly, Vol. 27, No. 3, pp
425 – 478
Weller, S.C., and Romney, A.K.(1988), “Systematic data collection”, Sage
Publications, Newbury Park, CA
Witmer, D.F., Colman, R.W., and Katzman, S.L. (1999), “From paper and
pen to screen and keyboard: Towards a methodology for survey research on
the Internet, in S. Jones(ed.) “Doing Internet Research, Thousand Oaks, Sage,
CA, pp. 145-62
Worthen, Ben and Jessica E. Vascellaro (2009), “Gmail glitch shows pitfalls:
Failure spurs concern over reliability of online software”, The Wall Street
Journal.
Accessed On April 10, 2010
Accessed At: http://online.wsj.com/article/SB123561652440078567.html
Wyld, D.C. (2009), “Moving to the Cloud: An Introduction to Cloud
Computing in Government”, Reports on IBM Center for the Business of
Government, Washington, DC
- 103 -
APPENDICES
QUESTIONNAIRE FOR END-USERS
My name is Rajiv Uttamchandani, an international student pursuing my Master in Business Administration – (Marketing) from the University of Wales Lampeter. It is my pleasure to invite you to participate in resolving a business problem in the technology sector through your valuable feedback. A blend of technology and marketing is essence of this research which aims to study Data Security and Privacy challenges from an end-user perspective in acceptance of Cloud Computing technology which is a major marketing challenge for Data Storage companies to switch from Desktop computing to Cloud Computing. Your participation in this survey is completely voluntary, thereby providing you the right to say no or you may wish to withdraw at any time. If you have any queries, concerns, suggestions or questions about this study you may wish to contact, anonymously if you wish About Yourself: A set of preliminary questions. Please tick the appropriate answer
1. E-mail Address 2. Please select your Age-group
[ ] 17 / Under [ ] 18 – 29 years [ ] 30 – 49 years [ ] 50 – 64 years [ ] 65 and above
3. Gender
[ ] Male [ ] Female
4. Your Ethnic background
[ ] White – British [ ] Brazilian [ ] White – Other [ ] Indian [ ] African [ ] Asian [ ] Chinese [ ] American [ ] Hispanic [ ] Not mentioned – Others Please specify ___________
5. Your First Language __________________
- 104 -
About Technology Awareness & Acceptance
Q6) Have you come across the term “Cloud Computing” or ever used such technology? (Single choice) [ ] Yes – I am aware about it and use it quite oftenly – Informed user [ ] No – I am not aware or used this technology – Unaware user [ ] May be – I have heard the term, but not sure what it is exactly– Aware user Q7) Select all the web-based services you use when online? (Multiple choice – Select all possible options) [ ] Web e-mail services such as Hotmail, G-mail, Yahoo Mail [ ] Store pictures / photos [ ] Store videos [ ] Web applications such as Google Docs [ ] Pay-and-use services to store your or your organisation data online [ ] Back-up your hard-drive to an online web-site NOTE: Using any of the above services is an indicator that you are using the Cloud technology, knowingly or unknowingly Q8) When you hear about a new technology, you first consider? (Multiple choice – Select all possible options) [ ] Whether it is suitable to your needs [ ] Whether it is compatible with industry standards [ ] Whether new technology will deliver as promised [ ] Whether it is relatively advantageous than the previous option [ ] Whether trial option will be offered to you to try and test it [ ] Whether there are visible results seen already [ ] Whether Post-sales services will be offered
- 105 -
[ ] Whether any un-anticipated / side-effects of the new technology are looked upon by the service-provider Q9) What describes you best amongst the following options in reference to adaptation to new technology? (Single choice answer) [ ] Person who is an initiator, risk-taking, ready to change from current practices [ ] An opinion leader, ready to try out new ideas (technology) before others do [ ] Person who is thoughtful, careful but accepts changes more swiftly then others [ ] A skeptical person who will use technology only after majority is using it [ ] Traditional person who will accept technology once it has become mainstream and universally used Q10) Which of the following factors influence you most in accepting / rejecting a new technology? (Multiple choice answer) [ ] Proper training, knowledge and support from your organisation [ ] Peers / Colleagues / Other’s point of view – Social group’s acceptance [ ] Long-term benefits associated with it [ ] Ability to use the technology [ ] Status symbol or Brand Image in using it [ ] All of the above
About Security & Privacy Q 11. Consider the two cases below: Case 1: Organisations allow you to use their web-applications for various different purposes, e.g. storing millions of images and share them on Picasa, or uploading personal photos on social networking website such as Facebook, thereby allowing you to use their data storage infrastructure with minimal or no cost Case 2: The data which you actually stored, resides on a physical location unknown to most data storage companies through Cloud service-providers where such data can be shared or hacked by expert hackers
- 106 -
On a rating of 1-5, where 1 is Completely Disagree and 5 is Completely Agree, select the option what you believe you would be most appropriate according to you while considering using storage services
[ ] You will use open-access and flexible data storage facility with minimal or no cost to store your data which is accessible everywhere through internet which may be at cost of taking risks where it may be shared to unknown users [ ] You will want no interference with personal photos and documents for benefits such as free storage space, rather prefer to send physical hard-copies to ensure complete data-security [ ] You will continue to use their web-space as it offers ease in uploading pictures preferred through such web-services rather than using other modes of transferring or sharing pictures [ ] You will observe others experiences and feel secured about such risks and continue to use such services without being concerned about it Q12) On visiting websites, they may collect and store your personal information to let you access their services, For e.g. Accessing information about air-tickets, etc. According to you as an end-user, if given a choice what privacy measures will you impose to protect your identity ? (Multiple Choice) [ ] To enforce Data Protection Requirement Regulation –i.e. to consider who is the data owner, data holder and whether privacy laws are in place [ ] To disclose who may access your personal information entered – Right to control [ ] To restrict secondary use of the information entered by any other source so that if you enter details on website, its is not shared with another organisation [ ] To identify whether websites visited, have either collected, stored, and possibly sharing personal information [ ] To issue Digital certificates issued to websites for organisations as authorised holders of information [ ] To impose Inference and Linking attacks protection – ensuring that information released or submitted in the web-page is not open to attacks to infer data
- 107 -
Q13) When adopting to a Cloud solution, or using cloud web-services what according to you as a user, if given a choice what security measures will you add to your wish-list? (Multiple Choice)
[ ] Using these applications and services on a familiar platform such as Windows OS, Linux OS or Apple OS [ ] Complete knowledge about infrastructure, i.e. hardware used, the systems [ ] Location of where your data is store [ ] Control on secondary usage – to ensure the information entered on the website once is not used again by some other source without your knowledge [ ] Use of encryption techniques – to encode your data to add an additional layer of security in case the cloud vendors security is hacked [ ] Use of Authentication Processes – through Open-source software’s to create username and password [ ] Authorization practices – to create lists of people who are authorised to access information
- 108 -
RECORD OF MEETINGS
Date: 23/02/2010 Summary of Discussion: Discussion of topic in forms of groups. Motivation or Rationale of the topic Work required by next meeting: Refine literature about security Read about Companies / Consumer perspective about confidentiality Cultural dimensions More sharply defined research questions Date of next meeting: 02/03/2010 Date: 02/03/2010 Summary of Discussion: Research Questions discussed Research Design almost ready Both of which are approved Work required by next meeting: Further reading for literature review and drafting the introduction Date of next meeting: 09/03/2010 Date: 09/03/2010 Summary of Discussion: Introduction draft Structure discussed Work required by next meeting: Group the literature review in key things How do they intersect? Finding issues and areas of interesting Research Design Date of next meeting: Undecided. Will correspond through an e-mail depending upon literature review
- 109 -
Date: 23-03-2010 Summary of Discussion: Literature Review structure discussed Literature includes key points such as Technological changes and its effects, New Cloud Model, Role of Open Source software in Cloud computing, Virtualisation and the challenges such as Security, Privacy from an end-user perspective and standardisation from an commercial organisation perspective Work required by next meeting: Find out the challenges for marketing: Literature about marketing things which consumers may not necessarily understand or feel suspicious about buying. See if we can answer question 4, 5, 6 and 7 of the research design proposal template Date of next meeting: 06/04/2010 Date: 06-04-2010 Summary of Discussion: Marketing theories discussed related to marketing of new technology Answers to Research Design questions being shared Work required by next meeting: Completing Literature Review Finding the access to end-users as to how it will be established Date of next meeting: 13/04/2010 Date: 13-04-2010 Summary of Discussion: Literature draft Method of getting access Work required by next meeting: Including cultural dimensions in literature Preparing the questionnaire before starting with the field work Date of next meeting: 20/04/2010
- 110 -
Date: 20-04-2010 Summary of Discussion: Questionnaire discussed and approved for pilot testing on CTL staff and end-users Literature approved Work required by next meeting: To come back with the survey results of the pilot testing for 10 days between now till the next meeting Date of next meeting: 30/04/2010 Date: 30-04-2010 Summary of Discussion: Summary of the pilot testing and the survey results obtained during those 10 days. Reasons discussed why the respondents may be attempting the survey partially and how to encourage more responses Work required by next meeting: Conduct primary research and obtain responses. Write methodology which has been on-going and discussed verbally with the tutor Date of next meeting: 19/05/2010 Date: 19-05-2010 Summary of Discussion: Responses obtained up to this point were shared with the tutor. End date for data collection was decided i.e. 21/05/2010 giving a month for data collection Work required by next meeting: To finish the primary research work and move on to the next phase of report-writing by writing the findings and focus on the meet with Dr. Jill Venus Date of next meeting: 25/05/2010
- 111 -
Date: 25-05-2010 – (Meeting with Dr. Jill Venus) Summary of Discussion: Description of the research in brief. Research Methods, Data Analysis techniques, Tools such as webinar’s, cross-tabs, filters, excel spreadsheets were some of the areas of research design which were discussed followed by planning the road ahead Work required by next meeting: To continue with the data analysis & report-writing. Date of next meeting: TBA (To-be-Announced), E-mail responses henceforth Date: 09-06-2010 Summary of Discussion: Discussed the chapter on Discussion & Analysis which was sent to the tutor through an e-mail earlier. The rough draft on conclusion was presented for approval. Plan ahead for recommendations and areas for further research was also a part of this meeting Work required by next meeting: To finish the concluding chapters and create a final draft for proof reading. This may be the last meeting, hence no date has been finalised for further meetings.