Private vs. public cloud: Why the supposed debate is really no debate at all
Posted October 19, 2013on:
The pundits would have you believe there is a popular debate and a difficult decision among IT architects – whether to go with a private cloud deployment, public cloud deployment, or a hybrid combination. They say the decision comes down to factors that are individual to each organization. But the truth is, there really is no debate at all (at least there shouldn’t be).
Private cloud is inefficient. It is built on a model that encourages bad overprovisioning. In fact in order to get maximum benefit from private cloud – true elasticity – you have to overprovision. The public cloud, on the other hand, is the most widely applicable and delivers the most value to a majority of businesses.
Here is why the public cloud should be your only consideration:
#1 The need for regulatory compliance. Security or privacy regulations and audits are often years behind the industry, but their rules can be challenged. We’ve seen customers exceeding auditors’ expectations, make a case for their architecture, and win the day, providing them with all the benefits of a public cloud architecture with all the security needed by common regulatory requirements, even HIPAA, SOX, or DOD standards. This is hard to replicate with private clouds, because with internal data protection you are going to have internal SLAs and internal compliance checklists, which require frequent upkeep, higher costs and a more complicated infrastructure.
#2 Start-up companies need the public cloud. These companies are often involved in development with uncertain requirements. They don’t know what they might need day-to-day. And many can be on a very tight timeline to get their products to market. These situations mandate a public cloud deployment, like AWS, where more or less resources can be configured and absorbed in a matter of minutes. While they might maintain a small infrastructure onsite, the majority of their infrastructure simply has to be in the public cloud.
#3 Security needs to be a primary concern for any cloud-based deployment. Web and cloud security can change very quickly; and some perceive a public cloud infrastructure to be more vulnerable than a private cloud, but that’s actually a misconception. A private cloud allows IT to control the perimeter; but it’s also responsible for staying on top of a rapidly shifting security landscape and making all required fixes, updates, and upgrades. Public clouds take care of all that. Data is protected by both managed security on a software and physical level, since large-scale data centers like those used by public cloud providers have state-of-the-art security. For example, more than half of the U.S. Government has moved to the public cloud; and surprisingly the banking industry holds the most activity (64 percent) in the public cloud – over social media, online gaming, photo applications, and file sharing. [IT Consultants’ Insight on Business Technology, NSK Inc., “7 Statistics You Didn’t Know About Cloud Computing.”]
#4 The need for redundancy and disaster recovery. To truly make a private cloud redundant, you need to host virtual mirrors of the entire infrastructure across multiple hosted providers, which can be public clouds themselves. To keep it completely private, organizations need to run those data centers itself – a vastly expensive proposition. There really isn’t a better choice for this scenario than a well architected cloud deployment. Taking AWS as an example, this cloud can be incredibly redundant if you take advantage of its lesser known features. Region-to-region redundancy, for instance, means the infrastructure is backed up not just in different data centers in the same general region (like the US Northeast, for example), but also in a second, removed region (such as the Pacific Northwest). Many AWS customers don’t even consider this and feel that multiple zones in the same region are enough. That’s possible, but opting for region-to-region puts data and virtual infrastructure in two very different locations, and should anything happen to one, the odds are very small that anything happened to the other. AWS can get very granular with such deployments, too, offering around the world redundancy and even ensuring that certain data centers are located on different seismic plates. This can be mirrored with a private cloud deployment, but the cost is colossal.
#5 Which brings us to the issue of cost. Budget is, of course, a huge factor in this decision and becomes a highly individual consideration with multiple factors that can affect a decision. Companies with large amounts of infrastructure already installed might find it cheaper to implement a private cloud, since in many cases they already have not only the hardware but also the operating systems and management tools required to build a private cloud. But the flip side is that hardware infrastructure, and the demands made on it by software, especially operating systems, changes about every 3-5 years.
Public cloud deployments are entirely virtual, which means the hardware hosting those virtual machines is irrelevant because it’s on the provider to keep that infrastructure current. That represents significant cost savings long term. Smaller companies that need to stretch their investment as far as it can go will see those benefits right away. These organizations will be very attracted to not only the infrastructure services offered by the public cloud, but also the application-level services offered by partners and other customers of providers like AWS. In this case, an organizations is not only deploying servers in the cloud, it’s feeding end-user applications on a subscription basis, bypassing the cost of software licensing, deployment, and updating. That’s very attractive to companies that want to be agile, regardless of the size of the company, with limited IT resources, and even companies who analyze their annual expenditures and find a public cloud deployment compares favorably to that cost.
Most IT professionals and market researchers contend that while the majority of businesses today are eyeing a hybrid deployment, that’s really because they’re being conservative. Yet we know that data centers are a single point of failure. So can we really afford to be conservative? How many private cloud deployments are fully redundant across multiple physical buildings on separate flood plains and earthquake zones? For the small group that has implemented full redundancy at the data center level – try asking for their hypervisor license bill and their maintenance and support labor costs.
Private vs. public is a hot debate among technical circles, but in most cases, taking a long, careful look at the public cloud will show it to be the best-case answer. Is successful private cloud deployment possible? Of course. Is it efficient? No.