The selection of a cloud deployment model will depend on any number of factors and may well be heavily influenced by your organization’s risk appetite, cost, compliance, regulatory requirements, legal obligations, and other internal business decisions and strategy.
Private Cloud
A private cloud service refers to a proprietary network, or data center, owned and architected for use by a specific entity, utilizing cloud technologies to provide services behind a firewall. A private cloud is typically managed by the organization it serves, however, a recent increase in outsourcing the general management of this to trusted third parties has been noted. A private cloud is typically only available to the entity or organization, its employees, contractors, and selected third parties.
The private cloud is also sometimes referred to as the “internal” or “organizational” cloud. Key drivers or benefits of private cloud typically include:
- Increased control over data, underlying systems, and applications
- Ownership and retention of governance controls
- Assurance over data location
Private clouds are typically more popular among large, complex organizations with legacy systems and heavily customized environments. Additionally, where a significant technology investment has been made, it may be more financially viable to utilize and incorporate these investments within a private cloud environment than to discard or retire such devices.
Public Cloud
A public cloud is the service available to the public over the internet, in which a customer can access cloud service provider resources, such as applications and storage, on demand, either in the form of a free service or offered on a pay-per-usage model. Key drivers or benefits of public cloud typically include:
- Easy and inexpensive setup because hardware, application, and bandwidth costs are covered by the provider
- Streamlined provisioning of resources
- Scalability to meet customer needs
- No wasted resources (pay per usage)
Given the increasing demand for public cloud services, many providers are now offering and remodeling their services as public cloud offerings. Significant and notable providers in the public cloud space include Amazon, Microsoft, Oracle, Salesforce, and Google Apps, among others.
“Virtual private cloud” is not a NIST deployment model, but a description of a public cloud option where a segment of a public CSP infrastructure is segregated from the broader cloud environment for the exclusive use of a single customer. This on-demand service gives the customer a configurable pool of shared computing resources and provides a certain level of isolation from the provider’s other customers. Isolation is normally achieved through allocation of private network IP subnets, a virtual local area network (VLAN), or sets of independent encrypted communication channels. Access to a customer’s VPC is provided using CSP-dictated remote access procedures.
Community Cloud
Community clouds offer a valuable and cost-effective manner for specified groups or entities with a similar focus, or with common compliance and requirements, to operate in a multitenant infrastructure. Community clouds can be on-premises or off-site and should give the benefits of a public cloud deployment, while providing heightened levels of privacy, security, and regulatory compliance.
Hybrid Cloud
A hybrid cloud is built by combining multiple forms of cloud computing deployment models, typically public and private cloud. Hybrid cloud computing is gaining in popularity, as it provides organizations the ability to retain control of their IT environments, offers the convenience of allowing organizations to use public cloud service to fulfil non-mission-critical workloads, and takes advantage of flexibility, scalability, and cost savings. Key drivers of benefits of hybrid cloud deployments include:
- Retain ownership and oversight of critical tasks and processes related to technology
- Reuse previous investments in technology within the organization
- Control over most critical business components and systems
- Cost-effective means of fulfilling noncritical business functions (utilizing public cloud components);
- “Cloud bursting” (when your private cloud workload maximum is reached, utilizes public cloud resources to help support) and disaster recovery can be enhanced by hybrid cloud deployments
While numerous benefits are realized with hybrid cloud deployments and cloud models, these can often be time consuming and laborious at the start, as most companies and entities encounter integration and migration issues at the outset.