Security, privacy and regulatory issues feature heavily in Snapfix design and implementation and indeed factor in the decision processes observed in several of the case studies I’ve come across. Cloud security is widely discussed throughout the body of Computer Science and Information Systems industry and academic work.

Earlier concerns over the security of public network communications and cloud based data storage have been mitigated somewhat by the relative sophistication of major cloud providers in managing security risk. Whitley, Venters, & Willcocks (2013)1 offer the example of AWS embedding ISO security standards within its cloud offerings. In the same paper, the authors prescribe several measures such as security and privacy by design, optional encryption at rest and sophisticated management of encryption keys. Many of these recommendations are now evident in modern cloud services234 and have been extensively levereged by Snapfix in efforts to provide maximum security coverage at minimal cost.

The progress towards a more secure cloud services infrastructure has prompted a shifting focus within the IS literature. Islam, Ouedraogo, Kalloniatis, Mouratidis, & Gritzalis (2018)5 recent contribution focuses on organizations abilities to define their security requirements so they can better choose the most appropriate (secured) cloud service. Privacy is closely related to security and recent academic work on “surveillance capitalism” by Zuboff (20156, 20197) has highlighted concerns in this area. The same researcher, while discussing new ‘behavioural futures markets’ has also highlighted the explosive growth of cloud adoption.

Privacy is a first class citizen within Snapfix and as a result I’ve written extensively on this topic and have a series of blog posts that deal with the security and privacy aspects of SaaS services. I’ve also touched briefly on it in the next post when discussing Data Science within SaaS organizations.

Next: Data Science in the Cloud

  1. Whitley, E. A., Venters, W., & Willcocks, L. (2013). Privacy and Security in the Cloud: A Review of Guidance and Responses. 22(3), 18. ↩︎

  2. AWS. (2017). New Amazon S3 Encryption & Security Features. Retrieved 21 April 2019, from Amazon Web Services website: https://aws.amazon.com/blogs/aws/new-amazon-s3-encryption-security-features/ ↩︎

  3. AWS. (2019b). Cloud Security – Amazon Web Services (AWS). Retrieved 21 April 2019, from Amazon Web Services, Inc. website: https://aws.amazon.com/security/ ↩︎

  4. AWS. (2019c). Key Management Service—Amazon Web Services (AWS). Retrieved 21 April 2019, from Amazon Web Services, Inc. website: https://aws.amazon.com/kms/ ↩︎

  5. Islam, S., Ouedraogo, M., Kalloniatis, C., Mouratidis, H., & Gritzalis, S. (2018). Assurance of Security and Privacy Requirements for Cloud Deployment Models. IEEE Transactions on Cloud Computing, 6(2), 387–400. https://doi.org/10.1109/TCC.2015.2511719 ↩︎

  6. Zuboff, S. (2015). Big other: Surveillance Capitalism and the Prospects of an Information Civilization. Journal of Information Technology, 30(1), 75–89. https://doi.org/10.1057/jit.2015.5 ↩︎

  7. Zuboff, S. (2019). The Age of Surveillance Capitalism: The Fight for a Human Future at the New Frontier of Power. Profile Books. ↩︎