Should I Use Public or Private Mobile Clouds?
If you're choosing between a public or private cloud to test your company's mobile app, asking yourself these questions will help you make the right choice.
Join the DZone community and get the full member experience.Join For Free
Should I Use Public or Private Mobile Clouds?
Software projects have a special way of creeping and taking over like a kudzu vine. A company might start making an iPad app that Doctors use to document their cases. Pretty soon, a new version of iOS comes out, and then two new versions of the iPad. Nurses are added to the user base six months later and they have a few different versions of the iPhone in mind. Supporting a couple of devices is no problem. Most test and development groups will need a virtual service past that.
But which type of virtual service - public or private cloud?
Expertise or Management
Private clouds are full environments used by only by you, encased in a data center with a physical lock. Companies that want a private cloud will get their own servers (or at least their own Virtual Machines), their own databases, and their own personal bank of mobile devices. There is no time-sharing involved. Once a company has a private cloud, whether it is local or a service, it is all theirs all of the time.
Of course, building your own personal version of Amazon Web Services takes time, money, and expertise.
Instead of logging onto a pre-made service, the environments have to be created. Fragments of a development team -- ops, developers, IT -- will have to work in tandem to create the platform, set up and manage all of the test devices, and orchestrate software versioning on all of them. Companies can save time by using a public cloud, a platform available to anyone that has paid for the service and wants to log into a mobile device. Yes, technologies like OpenStack do make it easier, but time and people to involved in created a private cloud will still be large.
If an out of the box solution that anyone can log into at any time is okay, then public clouds will do the trick. Private clouds are better for people who want to configure and customize their mobile device bank at any time.
Security and Compliance
Companies involved in healthcare, or finance, or any sort of sales transactions have to answer to a higher power, the auditor. Sarbanes-Oxley (SOX), Payment Card Industry Data Security Standard (PCI), and Health Insurance Portability and Accountability Act (HIPAA) all regulate who has access to data and how. Each of these regulatory standards uses auditing processes to assess whether or not companies are operating with their customers' privacy in mind.
Let's consider a large hospital group. Every day for 24 hours a day, doctors, nurses, and admitting staff are entering new patient information into their mobile devices. This has identifying information, billing information like credit cards and bank accounts, and information about their health conditions. A public mobile cloud will have that data getting entered into a system that also hosts an accounting system and a point of sale system for a car wash. There is no chance of data accidentally getting published to the wrong database, but anyone with security credentials on that cloud, which could be a lot of people, could figure out a way to access that patient information. The private cloud, on the other hand, builds a fortress around the patient data. There are no other clients on that server, no one else has access to the server, and special security protocols keep things safe.
Companies that are making software used in a regulated space will need a private mobile cloud.
Some companies might want the best of both worlds, also known as cloud busting. Imagine a private mobile cloud. It is configured with the maximum available processing power, memory, and storage. But during peak hours, this just isn't enough. Members of your development team log on to the cloud to check on something and get a rejected session because there are no more resources available. The hybrid model is based on overflow, or load balancing. The cloud bust happens when a private mobile cloud is maxed out, and new sessions seamlessly roll over to a public cloud. No sessions are lost, and customers and developers never know the difference.
Development and test groups have to balance things to figure out where they belong. Do they have the internal skill and staff to manage all of the infrastructure required for a private cloud? Does the product being developed need to pass Sarbanes-Oxley or HIPAA auditing? How much server time does your development team or customer really need? Is the team okay with logging into a ready-made environment and paying based on the server resources they use?
Answer those questions and the public or private cloud question may just answer itself.
Published at DZone with permission of Justin Rohrman. See the original article here.
Opinions expressed by DZone contributors are their own.