So, you’ve made the decision to take your IT infrastructure to the Cloud, but what kind of Cloud services do you require? ‘Public’ and ‘Private’ clouds are terms that those who are considering Cloud services are using frequently, but what makes a cloud either public or private, and what are the advantages of either and when is each use most appropriate? Keith Bates, Chairman of Cloud Computing Centre, offers suggestions on where to start.
Understanding the Cloud
The first issue to address and clarify is the difference between the public and the private cloud. Under a public cloud model, a company or individual will subscribe to a service – a piece of software such as Salesforce.com, email such as Google mail or online document backup – and typically has no knowledge of the underlying technology, from operating system to database. Companies have no idea where key data is being stored – making the public model totally impossible and impractical for any organisation holding UK government data which must be stored within the UK borders.
Many of these public cloud services are increasingly provided by large organisations, such as Amazon and Google, to exploit their own spare capacity. However, these companies are not offering any Service Level Agreements (SLA) to guarantee performance. And whilst performance is typically satisfactory, during peak times, such as the weeks before Christmas, users can experience a significant drop in response – with no recourse available to them.
A private cloud, in contrast, offers companies the chance to specify every last detail of the infrastructure supporting and providing the application or service, from the make and model of the hardware, to network management tools and firewalls. The infrastructure is not shared with any third parties and the cloud provider will offer an SLA with clearly defined financial penalties for any breach in performance.
Typically hosted in a highly secure, Tier 3 or Tier 4 data centre environment within the UK, private cloud organisations know where the data is, who is managing it and who has access. This model is obviously more expensive than the public cloud but offers the level of performance and support required for high volume transactional processing systems, such as finance and ERP, which require guaranteed processing power.
A less expensive version of the private cloud can be achieved by sharing the resources with other organisations. Indeed the vast majority of private cloud solutions are delivered in this way. On occasions where the minutiae of the underlying infrastructure isn’t a concern, but the provision of an SLA is, then this offers the chance to leverage economies to scale and share a robust, secure infrastructure with a defined set of customers.
In addition, a growing number of software vendors –such as finance, CRM and payroll providers – are opting for private cloud solutions and creating a public cloud model for their customers. This provides organisations with access to business-critical applications, and an SLA, but without the need to define the infrastructure. Alternatively, the same software can be purchased and hosted in a dedicated private cloud if that meets the specific business need.
Furthermore, growing numbers of organisations are embracing the hybrid cloud model – opting for the public cloud for applications such as email and using a private cloud provider for business critical applications. The key to making this hybrid approach work is to ensure the private cloud supplier is able to coordinate the process, indeed offering a single contract for the entire cloud solution, minimising the management overhead for the organisation.
Building the Right Business Case
The shift to the cloud offers companies an unprecedented opportunity to rationalise skills, decide which are still required internally and which would be far better, and more cost effectively delivered, by a third party cloud provider.
For most SMEs the chance to reduce the internal IT headcount is a compelling reason for moving to the cloud. But what are the pitfalls? The key issue is to ensure the SLA matches the needs of the business, from the criticality of the application, to the number of users and projected volumes. A number of websites now offer the chance to buy private cloud services from a mix and match menu. But this is only really suitable for an IT Director that is both highly experienced and highly confident in cloud computing. Get it wrong, and the business will end up with a very badly performing set of key applications or a jeopardised corporate security.
Most cloud providers will offer a set choice of firewalls. But can the organisation be totally confident that the choice will meet key business requirements, such as ensuring that customer credit card details are kept secure or that the business is not in breach of the Data Protection Act or Payment Card Industry Data Security Standard (PCIDSS)?
Or is it really viable to run very resource-intensive applications, such as video rendering, in the cloud? For an organisation located in a city centre that receives gigabytes of connectivity, there will be no problem. For a rural-based company, with poor connectivity, the results would be less than impressive.
If any organisation is new to the cloud – as most will be – it is therefore important to seek out the right advice and sit down with a provider to discuss the issues from performance to security.
Forewarned in forearmed
Having made the decision to go to the cloud, making the right private versus public decision is critical. The ‘one size fits all’ public model is constrained by lower service parameters and there is little or no option for tailoring the service – though this will be fine for some companies and applications. Indeed for a web server in the public cloud, an organisation that needs nothing more complex or resource-intensive than email and Microsoft Office can achieve nearly zero cost IT operations via the public cloud.
For the vast majority of companies, however, there are a number of business-critical applications that require consistent, guaranteed performance. Whether the company needs to opt for a totally dedicated, personally-designed infrastructure or is able to share resources, is then the key consideration, as is whether to embrace a hybrid cloud model.
And while the cost comparison is significant – around five times the monthly cost of a public cloud web server – the cost savings for a private cloud web server are still considerable. Simply replacing internal IT experts will typically pay for the shift to the cloud within the first year. Add in the additional flexibility of adding new applications and services within days rather than months and the ability to upsize and downsize to reflect business needs, and the cloud model is compelling.
The move to the cloud can and should deliver significant cost savings, provide access to more up to date and better performing infrastructure. But there is a significant risk attached to this fundamental architecture shift and organisations need to mitigate that risk by improving understanding and attaining the right advice up front.