Skip navigation
Hey, You, Get Off My Cloud!

Hey, You, Get Off My Cloud!

Gartner says public cloud providers have plenty of security for most workloads, writes Chris Nolan of 2nd Watch. So does your business really need more?

Chris Nolan is director of engineering at 2nd Watch.

When it comes to choosing a public or private cloud architecture, the debate still resonates around the concerns of the past: privacy and security. Yet in its recent Magic Quadrant report for Cloud Infrastructure as a Service, Gartner suggests that the public cloud has come a long way.

Various surveys show that enterprises are increasing their adoption of both forms of cloud computing. Many large organizations seem to favor using both public and private clouds together, although one survey found that nearly 30 percent of organizations were using public cloud only for their infrastructure outsourcing needs. The incredible economics and agility possible in the public cloud are clearly influencing CIO spending today.

So long fear, hello strategy

While strong security is still a major requirement for enterprise cloud computing, CIOs aren’t wringing their hands over what could happen in the cloud. The debate has shifted from fear to strategy. IT leaders know that they must be an active partner in the challenge, and fortunately, they have many more third-party tools and services available to them today. This mitigates the need to hire an arsenal of cloud experts.

The major providers, such as AWS and Google, can help make a company’s cloud as secure as they wish it to be, even when complying with stringent regulations such as HIPAA in healthcare. AWS has what it calls a “shared security model,” where they secure the data center and protect against DDoS attacks and give companies the tools to create a highly secure environment with all the access controls and governance requirements needed.

Big companies, tech giants and choices

Certainly, there are still compelling use cases for private cloud computing technologies and services. Large companies with rooms full of legacy hardware want to amortize the equipment before it reaches end-of-life. That’s sensible, and often leads toward a private cloud architecture, at least as an interim strategy.

Major technology-centric companies with big wallets that desire full control of their infrastructure, such as Google, Facebook, Twitter and Yahoo!, gravitate toward setting up and managing their own private clouds. Not all big technology companies feel this way.

Consider Netflix, the world’s largest Internet video streaming company, which now runs 100 percent on AWS. There is no reason not to believe that public cloud services will continue to improve and meet customer needs for security, governance, performance, flexibility and pricing. According to Gartner’s report, AWS ranked miles above all of the other providers on vision and ability to execute.

Risk management and security: addressing the concerns

A new way of managing your infrastructure requires a new way of managing risk and security, however, the legacy tools are not yet up for the challenge.

A survey by Cloud Passage found that whether using a private or public cloud, companies struggled with effectively applying legacy security products to the cloud infrastructure. Among the top challenges stated were compliance, lack of specific cloud security functions, and the inability to work across different clouds and data centers. The one security challenge that was much more common for public clouds was a lack of integration with management and automation tools. To address these concerns, many new, open source vendors are developing tools and services that are built for managing, monitoring and securing cloud applications.

Even though private and public clouds are growing at similar trajectories, it’s smart to carefully evaluate a private cloud decision, since it will be more expensive (with the customer typically owning the hardware) and will require more management and support from your team.

Industry Perspectives is a content channel at Data Center Knowledge highlighting thought leadership in the data center arena. See our guidelines and submission process for information on participating. View previously published Industry Perspectives in our Knowledge Library.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.