Private Clouds, Flat Earths and Unicorns
A "preference" is not a choice unless the "preferred" thing actually exists. I might "prefer" a flat earth (literally, not in the Tom Friedman sense) to this pesky, not-quite-spherical planet that requires us to have time zones: I might prefer to have the whole world doing business on one common clock, and flipping between day and night like a planet-sized coin, but that's not a feasible option.
In the same vein of confusing fantasy with reality, I've lately seen dozens of statements asserting that IT managers "prefer a private cloud." It's time to insist that a preference is only relevant when there's actually a choice to be made. The label of "private cloud" is more associated with a desire than a choice.
When someone says that they would "prefer a private cloud," the actual attributes of desire seem to be physical possession of the data and operational control of the infrastructure. It's impossible to have these things and still enjoy the defining benefits of the cloud.
- If you have physical possession of the data, you also have to own and maintain the data storage hardware and software.
- If you have operational control of the infrastructure, you also have to employ and supervise a team of expensive experts who spend most of their time waiting to respond to critical but rare events.
In either case, you're structurally embedding unproductive costs – and blocking yourself from enjoying the massive economies that the cloud should be providing.
If desires are on Side 1, fears of lost capability are on Side 2 of the broken record of oft-repeated excuses for shunning true multi-tenant clouds. People routinely express concerns, whether real or pretended, about security, compliance, and the customization and integration that enterprise IT capabilities require. Let's bust some myths.
- Security in cloud services can be constructed, maintained and operated at levels that are far beyond what's cost-effective for almost any individual company or organization. Further, it's inherent in multi-tenancy that the security of the whole is driven to address the sum of all fears of all customers: in satisfying the most demanding customers in every respect, the enterprise-grade cloud service provider will wind up exceeding the needs of almost every individual organization while sharing the costs of security on a massive scale.
- Compliance with regimens including HIPAA, Sarbanes-Oxley and other commonly encountered laws and regulations is more a challenge of policy and practice than of technology. The discipline and clarity of service invocations in true cloud environments can greatly aid the control of access, and the auditability of actions, that are dauntingly expensive and complex to achieve in traditional IT settings.
- Customization and integration of cloud services are neither intrinsically better nor inherently worse than the capabilities of an on-premise stack. There are rigid and inflexible systems, and there are powerful and productive process engineering environments, available in either kind of setting. Buyers will do best when they ask for what they need, instead of asking for what they assume they have to tolerate.
When a survey asks IT buyers to express a choice between public and private clouds, it's like asking a princess whether she'd rather ride a horse or a unicorn. The unicorn sure sounds better, and survey results will likely reflect that appeal.
In this or any other situation that invites a choice between a reality and a fantasy, the fantasy can be expected to get more votes – except from grown-ups, who are expected to know when something is not actually an option. Professionals do their job by making the best possible choice – among the options that are actually at hand.
Licensed under Creative
Commons Attribution-No Derivative Works 3.0.