Cloud security has become of paramount importance in the past few years
with the ever increasing number of news headlines describing the latest cyber attacks, data breaches and even unauthorized governmental surveillance. SaaS systems tailored for 3D rendering such as 3drepo.io or webVis/instantHub3D store commercially sensitive 3D graphical information in their respective cloud-based architectures that are potentially vulnerable to such attacks. This paper, therefore, introduces
general concepts as well as detailed considerations that should be taken into account when building a large-scale cloud-based Software as a Service (SaaS) data storage and visualization platform. Firstly, different levels of security threats that need to be addressed are identified. Next,
five server configuration topologies with increasing level of complexity, scalability and data security are presented. These are contrasted on the basis of cost, utility, complexity and implicit security. Example implementations together with security improvements such as role-based access are developed in the Service Store and Intelligent Cloud Protection systems by British Telecom (BT). Finally, general guidelines and lessons learned are summarized and recommendation of the best practice is presented.