Public vs. private clouds: How CIOs can decide

Does the private cloud actually exist? Some public cloud providers and industry analysts say the private cloud is really just a virtualized data centre. Others — including large enterprise vendors — say it’s the only real option for Canadians, considering security and privacy issues.

Most, however, wouldn’t argue that one of the greatest potential benefits of the cloud is cost savings through scale. Originally, when people started talking about cloud, they didn’t make the distinction between public and private, but now it’s become a rather heated debate.

What happened is that many traditional enterprise vendors started to see the cloud as a threat, said Ronald Schmelzer, managing partner with ZapThink. The public cloud threatened to permanently move IT resources outside of organizations, so those vendors jumped on the cloud bandwagon with “private” cloud.

But that, he said, kills the benefit of cost savings. “If you own the cloud, you’re not going to see any economic advantage. Anyone who says they are doesn’t understand it or is being misleading.”

If organizations want dynamic provisioning or pooled resources that they can bring online or offline as needed, they can take the same architectural approach as the public cloud and apply their own internal resources. “When Joe in finance needs some resources, he’s going to get it dynamically provisioned by the pool, and maybe get some economic benefit from not having to buy another server,” said Schmelzer.

But while that borrows some of the architectural components of cloud, it’s a different concept; in fact, the public cloud becomes competition for these same resources. “The whole idea of the cloud should be about economies of scale,” he said. The public cloud is a trajectory, since a lot of small companies, especially startups, are simply not buying infrastructure anymore. “This goes back to the so-called private cloud strategy. A lot of it’s going to be a handful of large enterprise vendors working with their own customer groups.”

One of the essential characteristics of a cloud is that it’s measured and paid for as a service, so if you build it yourself, it’s not a cloud, said A.J. Byers, executive vice-president of business services with Primus.

“I’ve had debates around whether a company can build a private cloud and I would say no,” he said. But he does believe in the private cloud — only one hosted by a third party. “As a service provider we can build public and private clouds and hybrids of that as well.”

What defines private cloud, he said, is that the resources are offered to a single organization. And the No. 1 reason why customers are choosing private cloud is because of a perception that it’s more secure — which is a huge technology debate right now.

“We believe over the next 12 to 24 months we will see security auditors understanding cloud deployments better,” said Byers. “The auditors force companies into choosing dedicated private cloud environments because of PCI compliance.”

Today in Canada, he said, you cannot become a PCI-compliant company and process credit card transactions in a public cloud. “One of the big reasons why people move into the private cloud is because they need to process large numbers of credit card transactions. But we do believe PCI can occur in the cloud.”

Customers are also concerned about where their data resides. If it sits in a U.S. data centre, it then becomes subject to the U.S. Patriot Act, which could allow the American government access to that data. Despite these concerns, Byers says we need to get people out of the mindset that there are security risks in public cloud.

For smaller businesses, the public cloud is simply the most cost-effective option. Ultimately, the smaller the cloud, the less cost-efficient it is, so a private cloud doesn’t see the same kinds of cost savings that a public cloud typically does.

“In a private cloud you know exactly what resources are available to you, but there’s not a huge demand for private cloud except for larger enterprises or where they’re working for the government or have unique security needs,” said Byers.

However, some industry players just don’t consider this to be cloud — and, in fact, say private cloud is a matter of cloud-washing by those who don’t benefit from public cloud, namely large enterprise vendors.

“We absolutely believe that there are people taking technology that’s existed for years and repackaging it for cloud,” said Andrew Kovacs, senior manager of communications and public affairs with Google. “There’s a lot of cloud-washing going on.” That’s why Google has adopted a new term, called “100 per cent web,” which he says does a better job of capturing the benefits to customers. 

“Certainly there’s lots of talk about building clouds with concepts like virtualization,” he said. “There can be some benefits to companies, but we do not consider that a cloud.” The big differentiator, he said, is multi-tenancy. What that means to end-users is scale; when an organization is operating at that scale, end-users can innovate faster and the applications are more secure and reliable. Typically, it takes an organization 30 to 60 days to apply a security patch, for example, whereas in a cloud environment that can be done almost immediately.

“We don’t really talk about private clouds,” said Kovacs. “They’re usually referring to just hosting software in a data centre rather than hosting it in their own business, or they may host it with a third party, but it’s still single-tenant software. The software still requires upgrades and patches and comes with the additional costs of managing the software yourself.”

And some offerings pitched as cloud still require customers to install software, he said. “With Microsoft, you still need to install Office 2010 to get the most out of the product, so they’re still locking in customers to multi-year cycles.”

The industry, in general, defines a private cloud as a single-tenant cloud, either on-premises or off-premises. But the debate around private cloud isn’t just about the definitions and terminology.

“Legacy enterprise vendors are the primary beneficiaries as they are able to sell many cloud-washed products in the short term to build private clouds,” said Randy Bias, CEO of CloudScaling.

“Unfortunately, since these enterprise vendors don’t understand the techniques in use by Amazon and Google, they are selling very expensive private cloud solutions that are ultimately doomed to failure. Hopefully, as the market matures for well designed cloud products that solve the private cloud problem for enterprises, they will be able to use private cloud technology to run those IT functions core to differentiating their business.” 

But he still sees a need for private clouds. “Both private and public clouds will be required, although the bulk of IT will eventually wind up on public cloud systems,” said Bias. Private clouds will be required for enterprise businesses to keep their core-differentiated IT functions on cost-optimized and competitive internal infrastructure, whereas public clouds will be used for undifferentiated general IT functions that can be cost-effectively delivered by utility providers.

You will never see a prominent financial trading business move their trading system to a public cloud, he said, since such trading systems are core intellectual property and offer competitive differentiation. Yet, eventually they will need some of the properties of private clouds in order to increase manageability and profit margins.

It’s pretty much impossible to achieve the same cost economies with private clouds as a public cloud, said Bias. And this means, ultimately, the private cloud footprint (meaning the number and size of total private clouds deployed) will be much smaller than public clouds. “IT departments will move non-mission-critical apps that don’t provide competitive advantage either to clouds or to new greenfield applications already deployed on clouds to replace existing internal apps,” he said. 

While most likely a private cloud will involve virtualization, it’s not just a virtualized data centre, said Mark Thiele, founder and president of Data Center Pulse and vice-president of data center strategy with ServiceMesh. Some key characteristics of cloud over and above virtualization include additional automation, scale management, greater portability and enhanced management of an IT environment.

And while the private cloud isn’t built to allow for multi-tenancy, most organizations don’t need it, he said. “The truth is nobody truly has infinite scale, but certainly Amazon comes closer to infinite scale than the average business,” he said, adding that there are only a few companies out there that really need something approaching infinite scale.

For the vast majority of apps within a traditional data centre, when organizations talk about scale, they typically mean they need to scale from 10 machines to 13 for a day or two or maybe a week. Even if they have an app that requires something approaching real scale, that’s something they can put in a public cloud.

Another differentiator of private cloud is it allows organizations to move apps within their own network environment at a time when they’re comfortable with it. While public cloud may do the job, most organizations — at least in the near term — are going to struggle with concerns about security, service-level agreements and how they actually measure the cost, said Thiele. If you move an app into the public cloud, it may look cheaper on paper, but in the long run could cost more than expected, and that’s something that organizations need to sort out. 

Almost every time Thiele hears people saying there’s no private cloud, those people are involved in or directly selling public cloud services. “It’s not about whether public cloud can replace private cloud,” he said. “Those questions are immaterial.” In some cases, an organization can only get approval for private cloud, which gives them 80 or 90 per cent of the benefits, until they can eventually move to the public cloud. “Over time, my guess is a majority of apps will be public cloud, in two to five years.”

IT needs to be able to transition in a moderated, grandfathered way, he said. Taking baby steps means cloud in all its forms has tremendous value.

In the long-turn, Thiele believes hybrid cloud has the best chance of success for major enterprise apps because it offers the benefits of scale and geographic dispersion, with some of the benefits of single-tenancy.

While Thiele disagrees with the notion that there is no such thing as a private cloud, he doesn’t think that’s the point. “To assume there is no such thing as private cloud is to ignore the obvious that every organization treats their IT a little bit differently, whether we like it or not.”

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now