Public vs private: Which cloud is best for business?
After EMC's annual conference in Boston last week championing the way of the private cloud for business, we take a look at whether this is the best option or if public is the way to go.
Last year, people were still arguing over definitions of cloud computing, but this year the technology has gained momentum.
From the hardware top cats through to the security bigwigs, the vast majority of the tech community is getting on board and bringing out their own products to tackle any obstacles the new model might face.
Yet one fight still rages on: public or private?
The public cloud is essentially outsourcing your data centre. An external company offers up its data centre for rent and you can chose the number of servers or the amount of storage you want to run out there, as well as the applications. You can then access it remotely from a PC.
The key selling point of this model is cost savings. Not only does it mean you don't have to pay for all the hardware yourself, but you don't have to pay for the maintenance and staffing costs as well.
There is also a widely adopted "pay as you go" model with public clouds, allowing you to rent the space from as little as an hour often used by developers testing applications up to months or years but paying by the month rather than in a big lump sum.
The public cloud space is dominated by players like Amazon and Google, although smaller companies like Elastic Hosts are getting in on the act too whilst firms like Salesforce.com offer the ability to run a single application in the cloud.
The private cloud adds more of a personal touch to the proceedings. Many companies, especially larger institutions like banks or the public sector, are concerned about the security of letting what could be very confidential information out from behind their own firewall.
This model keeps all of your physical hardware within your own location, meaning the day to day running of the systems, maintenance, and most importantly security aspects, are run in house.
However, it is a highly virtualised environment, using extra software to optimise your hardware to its fullest potential and ease the transactions of data and information between servers both in one office or to other locations your company might have.
EMC is a large advocate of this but many of the other hardware vendors such as HP, IBM and Dell offer software solutions and specifically designed products to cope with the new environment.
Pros and cons
Both are accepted and workable models but they also come with their own positives and negatives to contend with.
"Businesses that use public clouds can... enjoy the benefits that come with any large scale deployment such as highly available, enterprise class infrastructure, but at a fraction of the cost," Rob Lovell, chief executive of ThinkGrid told IT PRO.
As previously mentioned, a company would not have to front up the costs for all the servers, storage, or cables to link them up. Even more than that, they would not have to pay for the staff to keep the data centre running in perfect order.
Also when you sign up to fit out your data centre with all the products you need, companies can end up locked in and stuck with those products for a very long time.
The pay as you go model adopted within the public cloud means if you aren't happy with the service you are receiving there is no such thing as vendor lock in and you can jump ship at any time - but only if such clouds work on the same standards and are interoperable.
As VMware's chief executive Paul Maritz likes to put it, the danger with any cloud is like the lyric from "Hotel California": "You can check in any time you like, but you can never leave."
This all might sound great to you, however the flipside of that coin is businesses are concerned about the security of their data.
For some companies the idea of letting anything out from their perimeter is a terrifying prospect. In a large scale data centre owned by a public cloud company you would not know whereabouts your data was held and who else had their data running on the same machines.
The companies insist that there is strong security measures put in place but this means you would need to have a lot of trust in whichever firm you went with.
On top of that we know the providers look at the data Google has admitted publicly it looks at data for marketing purposes and if yours is stored in the US, where many of the big time public cloud data centres are, the federal authorities can seize those servers at anytime and take a gander.
Finally despite the claims of high availability, public cloud vendor's data centres are just like any other and can do down. It may not be often and also may be fixed quickly but your business could be left without accessibility to the core functions it needs to run.
So what about the private cloud? Lovell said: "The private nature of [the alternative] implementation means that businesses have the ability to fully customise their cloud environment."
There is a lot of control when building a private cloud within your own data centre. The hardware chosen, the software chosen, the people taking care of the heartbeat of many an organisation are handpicked, all by you and your business.
If you have bespoke applications or want that extra layer of security to adhere to what your company wants, this can all be done and you can watch it every step of the way, feeling just that bit safer for having a protective eye on it.
Also a fully functioning virtualised data centre can really take advantage of those boxes and get the best out of them. Less physical machines still means many virtual ones and as well as lowering your total cost of ownership, the simple yet expensive elements of power and cooling take a cut too.
But yet again here comes that cost factor. Yes, it is cheaper and more productive than your traditional data centre and yes, it may feel safer, but the costs are still incredibly high compared to the alternative.
A business will be forced to purchase the entire infrastructure themselves to put a private cloud in place, forcing them into vendor lock ins they may have preferred to escape.
If the company is looking for a refresh of its infrastructure anyway, that may not be a massive problem with budgets in place.
If not, new hardware needs to be bought to replace elements not built for virtualisation, new software needs to be paid for to make the machines run to the best of their ability and, sometimes most expensively, well trained staff who know how all the latest technology works need to be hired to ensure everything carries on running smoothly day by day.
So which is best?
Art Coviello, president of EMC's security division RSA, said at the conference: "In our minds all clouds should be private. We view it internally at EMC as internal clouds which are totally in control of the organisation [and] we would view the public cloud being for the mass consumers."
Yet equally large companies are just as evangelical about the public cloud, and incredibly dismissive of the private model
"The private cloud is really no different than what has been offered for the last 30 years," claimed Kay Kinton, public relations manager at Amazon Web Services.
"In our opinion the [public cloud] has some key characteristics [such as it] eliminates capex (capital expenditure), allows you to pay for what you use, has true elastic capacity so users can scale up and down as their needs demand [and] allows you to move very quickly and provision servers in minutes"
"What people are calling private clouds doesn't let companies enjoy most of these benefits."
However despite the dedicated big shot companies, backing up their way over the other, the resounding answer from most companies and analysts seems to be make a mixture of the two.
"The future for the cloud is the hybrid cloud," claimed Clive Longbottom, service director and business process analyst at Quocirca.
"Some applications will remain on a one application per server model, as organisations will be loathe to take a massive step into what is still the relative unknown, and/or have invested so much money into the application that it becomes a "career limiting decision" to try and persuade the business that it should be decommissioned and replaced with a cloud alternative."
"Other functionality will be placed on the private cloud - a highly virtualised platform that spans between existing owned data centres and co-lo and external data centres providing that extra resource that is required."
He strongly believes that more data will leave the traditional data centres where everything is held in house and not virtualised to its full capability, but no one model is set to be the overall winner for businesses.
This was backed up by Stace Hipperson, chief technology officer (CTO) at Intergence, who told IT PRO he was already seeing a dominance of the mixture method.
"A trend we're seeing at Intergence is people moving to hybrid networking where they're using a combination of both public and private clouds and, particularly for larger enterprises, this gives them the best of both worlds," he said.
Each business to their own
Despite the to and fro between the models, and even with the hybrid option, it all depends on what your individual business needs are.
If you are a small business that doesn't want to become your own IT administrator with a server to run, then perhaps you should head for the public cloud. If you are an established business that has just invested in tons of infrastructure, maybe the private is best for you.
But before leaping into any new model consider what your budget is, the amount of data and applications you need to run and, most of all, what you feel is right for your business.
What you need to know about migrating to SAP S/4HANA
Factors to assess how and when to begin migrationDownload now
Your enterprise cloud solutions guide
Infrastructure designed to meet your company's IT needs for next-generation cloud applicationsDownload now
Testing for compliance just became easier
How you can use technology to ensure compliance in your organisationDownload now
Best practices for implementing security awareness training
How to develop a security awareness programme that will actually change behaviourDownload now