Must Read: Google Glass jailbreak: Let the evil commence

Topic: Cloud

12 reasons why public clouds are better than private clouds

Summary: Public clouds have the edge over their internal counterparts in security, reliability, and elasticity, according to the author of a new book on enterprise architecture.

Joe McKendrick

By for Service Oriented |

To see many of the advantages of cloud computing without its risks, many enterprises are turning to private clouds, which are service layers contained within their firewalls that look and feel like public clouds. But these private clouds may actually be less secure and reliable than the public services.

Data Center NASA Photo credit NASA Office of the CIO
(Image: NASA; Office of the CIO)

That's the view of Jason Bloomberg, who said private clouds often add up to more trouble than they're worth. In his latest book, The Agile Architecture Revolution: How Cloud Computing, REST-Based SOA, and Mobile Computing Are Changing Enterprise IT, Jason outlined the reasons why public cloud may ultimately be a better choice for enterprises.

You may not agree with Jason's premise about on-premises — in fact, I expect violent disagreement. And this is more of an either/or argument, rather than raising the possibility of blended strategies, such as employing public clouds as test beds, but keeping applications in production within private clouds.

That said, here are Jason's arguments for public cloud and against private cloud:

  1. Private clouds tend to use older technology than public clouds: You may have spent hundreds of thousands of dollars on new hardware and software, but try getting your organization to agree to that every year.

  2. Public clouds shift capital expenses to operational expenses: It's pay as you go, versus building an entire datacenter, no matter how virtualized it may be.

  3. Public clouds have better utilization rates: With private cloud, your organization still has to build and maintain all kinds of servers to meet spikes in demand across various divisions or functions. Public cloud offers the same spare demand on a pay-as-you-need-it basis.

  4. Public clouds keep infrastructure costs low for new projects: With private clouds, you still need to scare up sometimes scarce on-site resources for unplanned projects that may pop up.

  5. Public clouds offer greater elasticity: "You'll never consume all the capacity of a public cloud, but your private cloud is another matter entirely."

  6. Public clouds get enterprises out of the "datacenter business": establishing private cloud probably gets you in deeper into the DC business than with traditional on-premises servers.

  7. Public clouds have greater economies of scale: No private cloud can compete with the likes of Google and Amazon on price. And the public providers are constantly buying boatloads of the latest security technology.

  8. Public clouds are hardened through continual hacking attempts: Thousands of hackers have been pounding Google and Amazon for years now. The public cloud providers are ready for anything at this point.

  9. Public clouds attract the best security people available: They seek out the top security experts, will pay them top dollar, and treat them as the most important part of their businesses, which they are. Do traditional enterprises treat security teams this way?

  10. Private clouds suffer from "perimeter complacency": "If it's on the internal network, it must be secure!" 'nuff said...

  11. Private cloud staff competence is an unknown: Your organization may have a lot of talented and knowledgeable people, but is data security the main line of your business?

  12. Private cloud penetration testing is insufficient: Even if you test your applications and networks on a regular basis (which man organizations don't), these only tell you if things are secure at that exact moment.

Topics: Cloud, IT Priorities, Security, IT Employment

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

25 comments
Log in or register to join the discussion

  • Point #1

    What exactly is a "pubic cloud"? By the name alone, I would prefer the older technology.
    RadioActiveLamb
    Reply 1 Vote

  • Everything is magic, eh?

    "Private clouds tend to use older technology than pubic clouds"

    Evidence?

    "Public clouds shift capital expenses to operational expenses"

    Or, to be accurate - hiding capital expenses with operational expenses. There's no such thing as magic - somebody, somewhere is paying for the hardware.

    "Public clouds have better utilization rates"

    Public clouds have to deal with spikes too - again, there's no such thing as magic.

    "Public clouds keep infrastructure costs low for new projects"

    Depends on the design. If you design a "private" cloud well enough, the costs are the same.

    "Public clouds offer greater elasticity"

    I call bull on this. Again - no such thing as magic.

    "Public clouds get enterprises out of the 'data center business'"

    Guess what that "public cloud" is running on?

    Oh, yeah, that's right - an "enterprise."

    "Public clouds have greater economies of scale"

    Maybe, maybe not. Depends on the size of your business.

    Microsoft, for example, is just as big as Google or Amazon, and thus would have the same economy of scale.

    "Public clouds are hardened through continual hacking attempts"

    LOL.

    "Private clouds suffer from 'perimeter complacency'"

    Means you didn't hire somebody to manage security properly.

    "Private cloud staff competence is an unknown"

    If you don't know your staff competence, I have to wonder what kind of business you're running.

    "Private cloud penetration testing is insufficent"

    As any security expert will tell you - security is a process, not a goal. Public or private, doesn't matter.
    CobraA1
    Reply 5 Votes

    • Wow

      Love my job, since I've been bringing in $5600… I sit at home, music playing while I work in front of my new iMac that I got now that I'm making it online.(Click Home information)
      ......http://goo.gl/Fx7St
      UsherJohn
      Reply Vote

    • the strength of numbers

      "Public or private, doesn't matter."

      You're saying, a single ninja is as good a security solution as an army of them backed up by Tomahawks and weaponized drones?

      (Sometimes it is - it's just that the opposite is more common.)

      The main point of the article: public clouds can be (1) more efficient because of better resource utilization and fixed costs absorption, (2) better security because they're (way) bigger and can afford it, and have more to lose if their security is lax, (3) more likely to use better tech / offer better features because of (1).

      These are solid arguments. What's yours?

      P.S. Sure, public clouds aren't for everyone, as many posters noted. Keep some money in the bank (public cloud), stash some under the mattress (personal hard disk), give some to a friend with a good vault (private cloud). Don't ask your friend if you could use his ATM card to get that money though.
      Alex Gerulaitis
      Reply Vote

  • To some degree, this is "what happens when you run things lousy"

    You know - to some degree, this list is "what happens when you run things lousy." The problem isn't necessarily that you're using a "private cloud" but rather "you didn't really design and implement it correctly."

    Basically - you can decide to run your own stuff, but if you don't know anything about what you're running, you're bound to have troubles.

    In fact, I'd say it's pretty unfair to blame the "private cloud" itself as the source of many of these problems.
    CobraA1
    Reply 5 Votes

    • Yep,

      I totally agree with your observations CobraA1. :-)
      sg1efc
      Reply 2 Votes

  • I'm not convinced

    Too many suppositions.
    I want a 12 reasons for private clouds being better, follow up :-)
    AleMartin
    Reply 1 Vote

    • Good idea...

      Looking into it! Got to present both points of view!
      Joe McKendrick
      Reply Vote

      • Here is Nr. 1 for you...

        you aren't beholden to the cloud provider handing over your data to the FBI/NSA.

        This is especially a problem for non-American companies. Using a cloud service with office in the USA can leave them open to prosecution on their local jurisdiction, if it comes out that their cloud provider handed over the data to the US Government upon request (Patriot Act / FISA).

        If any of your corporate data leaks out or is handed over to a 3rd party, such as the US Government, without the proper local jurisdiction authorisation, then you are the one who will end up being prosecuted for leaking the data, not your cloud provider.

        In that case, I'd rather have the data under "my control", as opposed to hoping that nobody gets my data from the cloud provider. At least if the data leaks, I can only blame myself. Being prosecuted for breaching data protection in the EU, for instance, just because my cloud provider followed the letter of the law in the USA is not a good situation to be in!
        wright_is
        Reply 2 Votes

  • Think about email -is it important for you?

    If you don't mind your email on someone else's server, you probably shouldn't mind putting at least some of your data on the cloud. I'd say this is the litmus test for cloud adoption.
    Appleris
    Reply Vote

  • One reason why private clouds are better.

    They are PRIVATE.
    Privately owned.
    Privately operated.
    No convoluted contracts,
    and no paying some cloud provider to expand their cloud without giving you one iota of extra capacity.

    No thanks.
    mikedees
    Reply 3 Votes

    • Add this one

      if your bean counters forget to pay the bill you won't lose all you data - happened to us, bean counters didn't recognize the company and ignored the once a year bill because they thought it was some kind of scam/fake invoice. Lost everything for 3 days until we could get the payment mess fixed.
      nabisho
      Reply 1 Vote

      • Actually saw this happen myself....

        An understated issue, especially if a cloud account is on the credit card of an employee who departs!
        Joe McKendrick
        Reply 1 Vote

  • So the real issue is ...

    Do companies want security and are they willing to pay for it. If not then they can always let some 3rd party handle all their valuable data and keep fingers crossed that vital financial, product development data etc isn't being snooped upon ... which of course they'll never know!!
    Pastabake
    Reply 1 Vote

  • #13

    I'm not saying I agree with the author - Public is a non-starter for many companies (despite his claims about security that I'm not agreeing with) - but he left out one point that is a big advantage to going to a public cloud company.

    #13 - no HR/staffing headaches. We all know that within an IT group there are the stars who really get stuff done and keep things running and their backups who, like Wally, walk around with a coffee mug trying to look busy. When the stars are on vacation, leave for a better job, things can get dicey.
    beau parisi
    Reply Vote

  • Public Cloud Security vs Private Cloud Security?

    Cloud computing, whether public or private, allows for businesses to take advantage of "pre-packaged" hardware and software (OS, database, etc) combined with a high speed backbone. It sounds a lot like web hosting, but main difference is, the business who rents their cloud has more control over the administration than that of just web hosting. Administration includes adding additional software, users and configuring the OS to suit their needs. Many of which cannot be done with just web hosting alone.

    Taking that into account, the security experts that the public cloud vendors are hiring are, most probably, the best in the business. However, their job is to protect the cloud as a whole from internal clients (ie. one business cannot access the hardware/software of another business) as well as external threats (ie, hacking attempts). Their job is not necessarily to secure each and every business who rents from them. The admins of those individual business can still put their systems at risk with improper security measures.

    So, the idea that Public Cloud security is better than Private Cloud security for the cloud as a whole, might be true. But at the client / business level might not hold up
    lehanrp@...
    Reply Vote

  • COMPLETELY Agree

    The difference between my developing a cloud for my own use and a cloud provider doing it is simple - they are in the cloud business. I am not. I also don't raise my own livestock, build my own passenger vehicles, or build my own tablet computers. I could - I have the land, the manufacturing capacity, and the electronics experience to do all three. However, I can better utilize my capital, my time, and my creative energies doing something else, that is directly in my line of expertise.

    Why WOULDN'T you hire a cloud provider to do it for you?
    m0o0o0o0o
    Reply Vote

    • I Mean

      ...unless you're able to buy or develop that expertise and have the demand to fill the capacity. For a big firm that needs lots of capacity, I get it. I'm amazed at the number of smaller firms with datacenters that can't even fill half a rack, but they have a rack.
      m0o0o0o0o
      Reply Vote

  • These twelve reasons are assuming a lot

    My favorite is "Public clouds are hardened through continual hacking attempts."

    Butter in the fridge is hardened. You can still cut it with a steak knife.
    Steve Pitcher
    Reply 2 Votes

  • public cloud latency

    Several people I talk to complain about latency and MPLS costs between their datacenter and AMazon AWS
    jgershater
    Reply Vote
CNET Join | Log In | Privacy | Cookies Close