Whether it is better to house data in a public or private cloud depends on a company’s security and compliance needs as well as its risk tolerance.
Cloud computing is becoming ubiquitous among enterprises, according to a June 2013 study called Cloud Computing: Key Trends and Future Effects by IDG Enterprise. It notes that investment in cloud computing has gone up 10 percent in the past year, with IT departments spending an average of 44 percent of their budget on cloud computing. Sixty-one percent of organizations now house at least some of their IT infrastructure in the cloud.
But not all clouds are the same, and executives must decide which type of platform best suits their company. Security, cost, and operating speed are top priorities in these decisions. There are public clouds, private clouds, and hybrids. Public-cloud platforms are available to anyone willing to pay for the service. The vendors own the data centers and most often control and provide the security settings. In a private cloud, companies actually own and manage the data storage and security settings themselves.
In the IDG survey, 28 percent of respondents said their company’s IT environment is in the private cloud, and 14 percent said their infrastructure resides in the public cloud. In 18 months, a total of 36 percent will have moved their virtual computing to the private side, while 20 percent will use public platforms.
Companies have different reasons for choosing a particular cloud model. “The sensitivity of compliance, security management, as well as cultural implications and total cost of ownership is driving each organization to evaluate their risk tolerance with unique business needs to execute their optimal cloud strategy,” says Bob Melk, IDG’s chief operating officer, in the report announcement.
One vendor attempting to solve some of the issues of public-cloud computing is CloudSigma. The Swiss company recently came out with the latest version of its public-cloud-computing platform, CloudSigma 2.0. The product offers capabilities like direct private patching and Disaster-Recovery-as-a-Service (DRaaS). The company’s cofounder and CEO Robert Jenkins tells Security Management that, from a security standpoint, the latest version of the product makes it more difficult for attackers to breach an operating system’s defenses. Settings are actually the level below the operating system, he notes. “So even if one server is compromised, and [the attackers] try to change the firewall within the server, it wouldn’t make a difference because we’re applying the firewall settings below the virtual machine actually at a cloud level.”
With CloudSigma 2.0, customers can have private patching directly into their virtual networks in the cloud. Jenkins notes that most public-cloud-computing providers have companies run a virtual private network (VPN) server over a public IP address. But many customers want to connect to the cloud platform without public-IP-address exposure for performance and security reasons.
“In our system we have things [that are] like virtual wires…really like virtual Ethernet cables between the virtual machine, just like you would have with switches and hardware,” he says. “Instead of running a physical line to our cloud, we put that onto a port in our cloud, we map that physical port switch into one or more virtual networks within the cloud for the customer, so they can then not have any public IP on any of their virtual machines.”
The DRaaS feature of CloudSigma 2.0 is also noteworthy because it allows client companies to maintain a virtual mirror image of their entire corporate network environment on the cloud infrastructure. “If there’s a disaster, [customers] can bring up that environment in the public cloud immediately, and they can do so without running two environments all the time,” says Jenkins, “because they’re able to easily recreate the same environment within CloudSigma that they can create in their own environment.”
Jenkins says the solution allows customers to maintain full control of their security settings, unlike most public-cloud offerings. “They’re able to secure their servers, patch their servers however they want, so they’re able to take a much better approach in terms of securing their computing,” he notes.