Getting your head around the key principles of cloud computing requires a good understanding of the three kinds of cloud there are: private, public and hybrid. This guide is designed to bring you up to speed quickly on why they exist, what each actually means, the key differences between them and why different organisations choose to use different cloud models.
Why there are three kinds of cloud computing
The earliest definitions of cloud computing emerged from the new IT reality made possible by the internet and the world wide web. For the first time, individuals and organisations could connect beyond their on-premise machines and networks; information could be sent, retrieved, stored and processed somewhere else.
Today we can express these two worlds as public cloud and private cloud. The private cloud is the familiar, internally-controlled physical environment situated where you can see and touch it. You bought it and built it; you know what information it holds and what it does. The public cloud is the wider world of opportunities outside, and it uses IT infrastructure that you will never see or control but that you will share with many other organisations.
Hybrid cloud is simply a combination of private and public cloud.
The paradox is that this simplicity can be realised in an infinite number of increasingly complicated ways. Just how much of private and how much of public cloud is down to the requirements you have and the choices you make.
Private cloud – a quick overview
Before cloud definitions were widely used, IT professionals commonly referred to their ‘network’ i.e. their LAN/WAN environment and – crucially – all of the servers, switches and endpoint devices within it. This would naturally include datacentres, comms rooms and the like – basically all the IT infrastructure on their asset register.
Today’s definition of private cloud refers to only the core aspects of this infrastructure where IT workloads – increasingly, ‘virtualised’ workloads – are managed and operated as IT services by the IT department to the rest of the business.
Control is a key characteristic of private cloud in that operators of private cloud infrastructure benefit from the peace of mind of being masters of their entire IT estate, but also have to put up with all of the challenges such responsibility creates.
Public cloud – a quick overview
The best way to understand ‘public cloud’ is in the context of the public cloud services commonly available for organisations to consume. All public cloud services essentially emulate the kinds of IT services delivered within private cloud environments e.g. data management, storage, data processing, software delivery, etc. Owing to their size and purpose-built nature, public cloud services are typically able to do this as much greater scale and far lower unit cost. The other advantage of public cloud is the ability to derive public cloud services on demand i.e. with little or no wait time.
Cost is arguably the primary virtue of public cloud, driving its attractiveness among organisations of all types and sizes. Public cloud fundamentally changes the IT consumption model from assets to services. This means that IT infrastructure no longer needs to be acquired, nor internal IT staff retained to maintain it. Instead, public cloud services are costed on a usage basis, making them more or less constant and entirely predictable. The downside is the lack of control compared to the private cloud model, which can have serious consequences for security, compliance and corporate governance.
Hybrid cloud – a quick overview
Hybrid cloud is the result of an organisation successfully capitalising on a ‘best-of-both-worlds’ combination of private and public cloud. The qualification of success is important because there is no point in pursuing a hybrid cloud approach unless these advantages can be realised.
Private and public cloud approaches both have their unique pros and cons, and it is the job of a hybrid cloud strategy to orientate technology architecture and data processes to accentuate the positive virtues of each.
In this way, costs and risks can be minimised while agility and control is maximised. Easier said than done!
The specific circumstances and objectives of a given organisation will always guide the design of a hybrid cloud and, to a certain extent, make it unique. Hybrid clouds should also evolve over time in response to new business opportunities and challenges.
How to choose the right cloud
The multitude of cloud options provides organisations with the opportunity to closely align their IT function with business objectives like never before. Getting this right is therefore crucial to organisations pursuing a digital transformation agenda.
However, there are a series of key issues that must be understood and addressed as part of the decision-making process. These should influence whether a private-only or public-only path is pursued, or – more likely – the composition of private and public elements in a hybrid cloud
Security, uptime and compliance concerns
The ever-present fear of cyber attack and data breaches have proven to be significant obstacles to public cloud adoption. This is not because public clouds are inherently insecure. Indeed, the scale of public cloud infrastructures typically enables them to operate with highly resilient safeguards that protect uptime and ensure continuity of service; typically far in excess of the private cloud environments of most small to medium-sized organisations, for instance. The key issue is having sufficient visibility and control over sensitive data to assure customers and stakeholders that security responsibility is being owned rather than outsourced. Another issue is successfully managing the risk of connecting a ‘trusted’ private cloud environment with an ‘untrusted’ public cloud one – an inevitable consequence of pursuing a hybrid cloud approach.
Public cloud services are also limited by their dependence upon connectivity; if you can’t connect to the cloud then you can’t derive the cloud service. A private cloud instance, in the context of users situated within the on-premise LAN environment, is immune from this problem.
Many forms of data protection and related legislation require organisations to maintain a consistent level of security policy across their IT environments – irrespective of whether they are private or public cloud. Some go further to insist that data be held in specific geographic territories under their jurisdiction (e.g. EU GDPR). This does not negate the use of hybrid cloud infrastructures, but can make the challenge more difficult to address. Some organisations remain insistent upon operating a purely, or mostly, private cloud strategy because of security and compliance concerns. Others manage these risks in a hybrid setting by applying specialised security tools and controls.
The promise of maximum business agility
Remaining relevant to customer need, responding rapidly to changing market conditions and staying ahead of the competition are all hallmarks of an agile organisation. Public cloud is a key enabler for this, fostering new, digitally-driven methods for creating and managing change.
Organisations that rely upon public cloud services benefit enormously from their ability to stretch elastic, webscale resources of compute power, storage capacity and other IT attributes, without the need to invest time, money or effort. This empowerment is significantly less evident in private cloud environments, though the virtualisation of physical infrastructure has improved private cloud flexibility.
Balancing agility with control is a key objective of any hybrid cloud strategy.
Keeping costs to a minimum
Unprecedented pressure on capital costs is happening at the same time as every organisation faces exponentially increasing data growth. User expectations are also increasing as workers demand faster access to more information and applications. Last but not least, businesses also expect more functionality and throughput for less budget, including a richer and more personalised experience at every interaction point.
Public cloud services offer a radically different cost model for IT; shifting the historically significant capex requirement into small pay-as-you-go arrangements or capped monthly subscriptions that attach to the opex budget.
They can also reduce the overheads of operating IT within a private cloud environment because fewer components are required internally.
Hybrid cloud strategies harness the opportunity of cheaper IT, but they also add an element of cost for their design and orchestration. It stands to reason that additional toolsets are required to reconcile the private and public worlds within a unique and holistic hybrid environment. However, the business case for these tools invariably means achieving a rapid ROI.
Managing it all easily and efficiently
The pace and increasing complexity of IT change is having a significant impact upon management overheads within IT departments. Compounding this is a global skills shortage that leaves some organisations struggling to maintain and innovate their existing private cloud environments, let alone a hybrid cloud strategy. Public clouds offer an attractive alternative, assuming concerns about security, compliance and governance can be addressed. In any event, public cloud services still need to be managed, and this can be a difficult task when multiple cloud services are used across a large organisation. By the same token, a hybrid cloud implementation requires significant planning and orchestration skills and will typically need to be integrated into some legacy systems.
The use of public cloud services has even had an unintended consequence in many businesses in that it has created additional management headaches instead of relieving them. This takes the form of ‘Shadow IT’, where maverick users bypass the IT department to use public cloud services at will. Shadow IT can take hold quickly and easily because public cloud services require little technical knowledge to instigate, and can be paid for in small, under-the-radar sums with a company credit card or expense account. It’s a problem because those sums add up into large amounts that aren’t assigned to the IT cost centre, meaning the organisation has no idea what IT is had or how much it costs them. The increase in agility directly results in a complete lack of control.
Shadow IT is a symptom of cloud computing being almost too easy to use. However, the impact on corporate governance can have disastrous effects upon information security, regulatory compliance and budgetary control.
Organisations that use external IT support services such as helpdesk and hosting can benefit when these providers acquire the necessary skills to implement and manage hybrid cloud strategies on their behalf. Doing so removes the Shadow IT problem and can enable the ‘best-of-both-worlds’ hybrid cloud model without management becoming too taxing a challenge.
How private, public and hybrid clouds are deployed in the real world
Use cases for private cloud
Most organisations pre-date the market emergence of public and hybrid cloud. This means that their starting point has been in the private cloud sphere, and while many have migrated to new cloud horizons, many more have not.
Those organisations making a conscious decision to live by exclusively private cloud means will have little reason to do so other than to preserve the status quo. The remaining use cases for choosing private cloud over all other approaches include:
- Organisations required to handle highly sensitive, compliance controlled data that cannot be risked at any cost.
- Institutions of high strategic, national importance such as energy utilities, military installations, etc.
Use cases for public cloud
While many private-cloud advocates are tied to that approach by legacy, those that occupy the public cloud only are commonly start-up businesses. It is unsurprising therefore that these so-called ‘born-in-the-cloud’ organisations have not so much embraced the opex-oriented, flexible benefits of public cloud as rejected the perceived private cloud disadvantages of capex burden and lack of scale.
Other public cloud use cases include:
- Organisations targeting rapid digital transformation.
- Businesses who internal IT function has already been outsourced.
Use cases for hybrid cloud
Most organisations fit the ideal profile for hybrid cloud; using the private cloud elements for maximum control and security, and public cloud services to take advantage of webscale compute, storage and other resources on demand, at marginal cost. Hybrid cloud implementations can be highly automated to reduce the requirement upon internal staff to manage and maintain them.
Use cases include:
- Using private cloud for general IT operations, with public cloud capabilities on standby to accommodate peak IT demands.
- Using private cloud for storage of the most sensitive data, and public cloud for large, encrypted objects.
- Using private cloud for mission-critical disaster recovery (DR) sites and public cloud for non mission-critical DR sites.
- Using private cloud for software production environments, and public cloud for development and testing