Determining the most appropriate cloud strategy for an organisation can be a daunting task and highly dependent on particular organizational circumstance. While total costs of a particular cloud solution are usually the most significant and deciding factor, other considerations also need to be weighed. Regulatory constraints, performance concerns, data security and privacy risks, and the availability of existing infrastructure can all influence business decisions. Enterprise cloud delivery models are generally divided into three distinct categories, each bringing unique advantages and disadvantages.
Private clouds utilize internally owned or leased infrastructure for the sole and exclusive use of the enterprise. They can be either situated on-premises (internal private cloud) or off-premises on shared or dedicated infrastructure (external private cloud). Private clouds are usually protected by network firewalls and virtual LANs to isolate workloads from the public internet or other private clouds operating on the same infrastructure. Management of the cloud environment may be handled internally or outsourced to a third-party.
This model enables the greatest control the platform and data contain within, as well as greater reliability through predictable service availability. Solutions can be tailored to suit specific business requirements, and this fine-grained control can result in higher levels of security and privacy. Lower network latency and higher performance can also be achieved with private clouds that are either on-premises of have dedicated network connectivity.
These advantages do come at a cost however. Internal private clouds require significant capital investment and incur ongoing static operational costs such a power, cooling and datacentre space. This model can result in lower resource efficiencies since designing private clouds that allows for growth leads to under-utilised infrastructure. If not properly planned, private clouds may be unable to offer burst capability when additional resource capacity is required.
Public clouds operated and managed by third-party providers offer virtual resources which can be dynamically requested and allocated via APIs or web services. The location of the shared (multi-tenancy) infrastructure they are generally hosted on may not be known. Some cloud service providers do offer dedicated infrastructure at additional cost.
The major benefit derived from public cloud model is lower capital expendature since businesses need only pay for resources consumed. There are little or no hardware or maintenance costs with this approach. Service providers do not require long term lock-in contracts yet offer virtually unlimited and elastic scalability.
While public clouds remove the complexity and costs associated with operating a private cloud, there are trade-offs. Outsourcing service management and maintenance reduces the level of control over the platform and data stored within the cloud. The nature of shared infrastructure and multi-tenancy lead to increased security risk and potential performance degradation through resource contention and over-subscription. A lack of transparency in security mechanisms implemented by cloud service providers may introduce further risk.
The hybrid model employs a mixture of private and public clouds to create a heterogeneous environment. Depending on the architecture and specific services required, this approach allows businesses to take advantage of benefits provided by both private and public clouds located on-premises and off-premises. Organizations can retain business critical systems on private infrastructure while providing the ability to provision additional capacity with the public cloud.
As a mixture of private and public cloud infrastructure, hybrid solutions provide flexible capacity and a cost-effective path for growth. Control of commercially-sensitive data and workloads can be retained within a private environment while larger, less critical datasets can be shifted to more cost-effective public cloud storage.
With the advantages of the hybrid cloud come additional complexity and risk. Dependency on internal infrastructure as single points of failure can be a concern. Mitigating the impact of such failure requires redundancy to be built into the private cloud at additional cost. Integration points between internal systems and public cloud infrastructure can be complex and problematic. Compliance is often harder to achieve and requires both private and public cloud operators to agree to and meet certain minimum standards. Data transferred between clouds must also be protected.
The three major cloud delivery models presented above are widely used and the pros and cons of each approach are well documented. In order to determine which cloud strategy is right for your enterprise, decision makers must consider factors such as budget, regulatory compliance, infrastructure requirements and risk appetite. Ultimately, business priorities will guide any compromises necessary to provide a solution that balances performance, scalability, and security.