The pundits on both sides of the public cloud vs private cloud debate have been touting the strength and longevity of each side. Is there really an option for both to survive with strength in the coming years as public cloud gains massive momentum? This is the ultimate question as we look towards when the tipping point could be for public clouds to write the epitaph of private cloud offerings.
Let’s think about three of the top reasons that are driving private cloud adoption and the continuation of private cloud needs:
Time to have a little look inside each of these to evaluate whether they are in fact the reasons that private cloud holdouts will stave off the public cloud revolution.
It starts with the classic idea of security. This is an interesting one because it is really the appearance of security much more than the actual security itself. If anything, the public cloud offerings are actually much more secure at many of their infrastructure layers than we could possibly be in our own private infrastructure.
Just in the last year, AWS has opened up more around DDoS protection and intrusion detection. This is a default offering now, and enhanced services are available. The continued growth in access monitoring and logging across the entire service catalog shows that we are seeing the regulatory burden being recognized as a new baseline for the cloud service providers. The speed at which they can advance is far greater than any single on-premises admin team can respond with their private infrastructure.
Open source alternatives like OpenStack are the closest in being able to rival the velocity of features that can be launched by a public cloud provider. Even the OpenStack ecosystem is being called upon for embracing the public cloud as an underlying infrastructure more and more as growth and development continues. That model ensures that the externally-facing API can be unified as the OpenStack API with the under-layers being the elastic infrastructure of AWS or other public providers.
AWS is far more concerned about the scarlet letter of being dubbed insecure than you are. They have hundreds to thousands to hundreds of thousands of customers who rely on their compliance and security rather than just you worrying about your own infrastructure. If you fail a security audit, it may not even make it beyond the walls of your internal IT team. If a public cloud provider fails they lose credibility and customers. That’s billions in revenue and a potentially unrecoverable news story.
Moving from a sunk cost, capital expenditure model, to an operational and floating expense model, can be very attractive to a lot of organizations. We’ve already been seeing the leap to most companies leasing their significant infrastructure purchases like blade and storage equipment, so making the jump to leasing the entirety of compute as on-demand services is really just the next evolution.
Defeating the challenge of hardware lifecycle has been a goal of both accountants, CFOs and CIOs around the world for decades. Finding the most effective and optimal way to ensure velocity of IT without being ravaged at the quarterly expense review has been, and will continue to be, a battle that is shifting from the idea that owning is better than leasing.
Can you launch with the scale and speed in competition with the publc cloud providers? No. Seriously, no. We may be seeing a lot of “good enough” delivery of services today. This is fine as we make the move to embracing more agile IT principles and practices, but in order for the masses to cross that proverbial chasm to truly agile IT, we need to be able to latch on to the high-velocity under-layers to ease the transition.
Many organizations aren’t going to leverage the elasticity to the same degree as a Netflix or a LinkedIn. That still leaves the option for the ability to be relatively elastic and embrace testing new platforms and products on-demand without having to acquire a set of lab hardware resources to do so. Elasticity is going to be redefined for Small to Medium businesses as we change both the way they operate their day-do-day IT services, as well as the wider embrace of SaaS offering for more back-office needs.
Even if you aren’t buying the public cloud directly, you’re buying through your SaaS provider. That’s why AWS and Azure will be gladly embracing partner providers who use public cloud as the hosting environment. That’s also why the pricing is dropping for you and I, because the rest of the world is funding it through buying from Netflix and Salesforce and the like.
This is the lynchpin for many organizations. Being able to ensure data sovereignty in a world awash with regulatory challenges and data protection requirements is leading a lot of teams to stay on-premises as a safe harbor for their customer and corporate data. Is this really necessary in 2017 and beyond? This is the real question.
Public cloud infrastructure is becoming a first target for a lot of regulation-bound companies because it actually increases their ability to maintain compliance. In the United States, AWS offers the cloud.gov offering to answer specific and stringent security requirements. In the EU, more options are popping up which answer their unique and specific requirements around country-bound data storage practices that have been holding many industries from leaning into the cloud as a single-source option for IT services.
As someone with an IT background in Canadian financial services organizations, I can tell you that I’m profoundly aware of the regulatory challenges for every layer of the IT infrastructure. One thing that we become more and more aware of when we dig deeper into the supposed limitations is that the wording of the regulations surrounding IT and data protection is actually very loosely worded to ensure they aren’t completely narrow and punitive to be able to implement. There is a lot of the use of phrases like “most effective” and “best possible” as we talk about the requirements.
The important thing with regulatory requirements is that they are as much about the active protection as they are the logging and tracking of access and usage. This is where the public cloud can become a rather attractive target. Do you have a complete end-to-end identity and access management toolkit, complete with public key infrastructure and secure access into and between all of your infrastructure services, along with a resilient logging infrastructure? Guess what…AWS does. So does Google and Microsoft Azure.
When Will Public Clouds Replace Private Clouds?
This is the big question. Will it take 5 years or 15 years? It is really difficult to pin things down when we have such a large swath of private cloud consumers out there today. We also have the upcoming addition of Microsoft Azure Stack for on-premises private cloud options in the Microsoft arena. The VMware attempts to rule the private cloud have been largely undone by their own product challenges and a fast-growing competitive field. 2017 will be a year where everyone is battling for the last bastion of private cloud dominance to stave off the onslaught from AWS and its public cloud brethren.
What we can say for sure is that the private cloud is battling itself and its competitors. The question will be easier to answer in aboutfive years as to when and if the public cloud will make the final deadly blow against private clouds. I’m hedging a bit until then.