Concerns about security and control make the "private" cloud a more palatable model for many companies. How sound is this kind of thinking?
“We’re going to the cloud for VDI (virtual desktop infrastructure), and we’re going to have our own cloud,” said an IT manager of a one-man shop (himself) at a manufacturing company with 20 employees.
The manager and the CEO of the company believed that they could implement their own private cloud by using a “cloud in a box” solution for office applications that would save the company money in the form of fewer license fees for office software. The way that they planned to implement the project was by relying on the cloud equipment vendor that had sold them the solution to provide both implementation and system-tuning expertise and support.
For these managers, there were also the benefits of “bragging rights”—because it’s popular today to have a cloud of your own, no matter how small you are.
The question is, why?
Inevitably, fears about the security of applications and data are the first things mentioned when the alternative of going to a public cloud comes up.
However, for many small companies with limited IT resources, data and application security have always been lax, even when they are running their own internal IT operations. Many of these companies routinely accept the downtime brought on by a denial of service attack (DNS) or the loss of data that is suffered when a system unexpectedly goes down.
So given this, why is it so important to have your own private cloud?
Some speculate that organizations have been developing their own IT infrastructures for years, and that these infrastructures have been used and continue to be used to host business critical applications for the organization. In addition, organizations, regardless of their size, like the idea of data sovereignty, where they can keep business critical data internally, without exposing it through widely available public interfaces that characterize the public cloud environment. Finally, businesses are aware that they must satisfy regulations and regulators, especially if they are in industries like finance or healthcare.
Still other companies are uncomfortable at relinquishing control of the information lifelines of their businesses to outside vendors, even if they are convinced that their data is absolutely secure. In back of this is a concern about control—and a fear that a breakup with a cloud vendor could lead to major risk and disruption for the business as it struggles to re-insource data that it should have never outsourced.
The truth is, we all understand that cloud is here to stay and that it will continue to make inroads into data centers and IT infrastructure. But what we don’t know is where the inevitable “pushbacks” are going to occur down the road.
“When you’ve been in IT for over thirty years, you see a lot of changes in thinking—and invariably, thought cycles reverse and “old thoughts” resurface in new ways,” said former and now retired CIO for Caterpillar, John Heller. Heller was talking about the days of centralized computing in the 1960s and 1970s which then gave way to decentralized, distributed computing in the 1980s—and then once again returned to centralized computing with the growth of virtualization in the 1990s and 21st century.Consequently, it isn’t too far-fetched for organizations to hedge against the turns that technology thinking takes—and to embark on their own cloud journeys with the desire to understand fully what cloud is all about and how it works, regardless of how small they are. For most companies, this means engagement with a private cloud.