More than 60% of companies will have their IT environment in some sort of cloud — public, private or hybrid cloud – according to a survey by IDG.
In the same survey, 43% of respondents were concerned about where their company’s data is stored, and 41% were concerned with the security of their data. That’s a significant number of cloud users with serious concerns about using cloud infrastructure.
While public cloud is useful for a wide range of use cases – and there are hundreds of OnApp cloud providers who can help – for CIOs concerned about data locality, security and control, I’d like to propose a different solution. It’s time to start using a private cloud.
Private cloud gives you the convenience and ease of access you get with public cloud, but puts you back in control. As a CIO, being a control freak is fine. It’s your job. So here are four ways private cloud puts you back in control of your company’s workloads.
1) You choose the hardware.
Let’s start with physical infrastructure. Using a private cloud solution you can choose hardware that matches your workload, price and performance requirements. Do you want to use new technology like NVMe SSD drives to improve performance, or RAID arrays to improve storage resiliency?
Do you need to optimize for storage or network IO? Do you need to maximize utilization of existing hardware assets, while evolving to newer hardware platforms?
It’s your call – and your private cloud solution should give you the flexibility to choose.
2) You control where your data is stored.
Data sovereignty is a big, big issue. With 10 countries already passing data localization legislation, and more investigating it, companies must be able to maintain control of the flow of data. Using an on-premises private cloud solution, you know where your data is at all times – and it’s increasingly likely that you’ll be required to know just where it is, because of national or industry regulations.
There’s another big issue with data locality – “shadow IT”. It’s so easy for developers to spin up instances with a public cloud provider, that many companies have critical systems, and even company IP, hosted outside the control of (and often without the knowledge of) their IT department. According to a statistic from security firm Skyhigh Networks, 7% of all S3 buckets have unrestricted public access — and 35% are unencrypted!
While this is not inherently a problem with the public cloud – it’s more about staff education and IT policy enforcement – you don’t want to be responsible for leaking private data. Which leads us to the next point on how the private cloud gives you more control…
3) You choose your security model.
Private cloud offers security models that can’t be matched by the public cloud.
For example, using an OnApp private cloud, you can determine your own RBAC policies (RBAC means Role-Based Access Control – in other words, controlling who can access your private cloud infrastructure, and what they’re able to do with it). You can choose the level of access each engineer, product manager or developer has, ensuring each user can only see what they’re meant to see, and change what they’re permitted to change.
You can require approvals for actions in your private cloud, too, and track and trace every action performed by every user. That’s useful for preventing embarrassing situations caused by inexperienced staff, for example – rogue and “shadow” IT administrators who can inadvertently cause serious problems.
In some industries, this level of governance is mandatory – and of course, so far we’re only discussing internal users, who we’d assume have the best of intentions. Every day, bad actors are out there acting as legitimate users — whether they’re masquerading as the CIO, or a support tech. Using a private cloud allows you to enforce as much security as you need – from basic whitelisting and password policy enforcement, to using tools like Yubikey to add two factor authentication to verify the identity of each login.
4) It’s your cloud. Tailored to you.
Another reason companies opt for private cloud is because they want choice – and don’t want to be tied to one set of virtualization options, templates, monitoring systems, metering systems, and so on and so on.
Running your own cloud means you can customize your virtualization environment for your specific needs. Use Xen for its lengthy record of stability and proven Windows support, or choose KVM for its rapid development and lengthy feature list. Build your own operating system templates to ensure peak performance, resource utilization and security.
Create your own automation scripts for user onboarding, upgrades and more. Choose your own backup policies and schema, to ensure your workloads remain safe, secure, and readily available. You have complete control over your infrastructure in the private cloud.
Next week we’ll examine how private cloud can also deliver much greater efficiency at scale – and why companies like Dropbox have been able to save more than $75 million by switching from hyperscale cloud providers, to their own private cloud infrastructure.
In the meantime, why not see how OnApp private cloud solutions can make your IT easier and more cost-effective?