Which is the Safer Cloud – Public or Private?
“Keep looking below surface appearances. Don’t shrink from doing so just because you might not like what you find.”
– Colin Powell, former US Secretary of State and retired General.
Which is the safer cloud – public or private?
If this question is posed to the general public with at least some knowledge of cloud computing, chances are an overwhelming majority will vote for the second option. However, in the overwhelming majority of real-world examples, they will be wrong. In case you are surprised by this statement, allow me to explain.
At the beginning, let’s make a clear distinction between public and private clouds. A public cloud is a distributed IT infrastructure where a company’s data and applications are accessed by employees and consumers through a third party which is responsible for storage, maintenance and access. In a private cloud, the hosting is done by the company itself. For a simplistic analogy, consider them to be the equivalents of watching movies on the Internet and a LAN (Local Area Network) respectively.
With private clouds, companies have greater control over the data. That is the reason why Indian entities prefer them over public or hybrid clouds (See: Why India Prefers Private Clouds over Hybrid Clouds). However, is this better from a security standpoint? Is personal control a prerequisite for greater security?
Consider this analogy. You are the owner of a bank. So, would you brandish a gun and guard it 24X7, or would you hire specially-trained security personnel for the purpose? By hiring the latter, you do lose personal control of the situation but you end up better guarded. In the same way, public clouds can be safer because there are specialized people to deal with security issues, whose skills and experience can surpass those of customer company’s personnel. For large enterprises with experienced IT teams, this risk is less. However, costs remain a concern.
Let’s consider another situation. Your company has a public cloud hosted on a single data center (or more, but all in the same geographical location). Now, there’s an earthquake that damages the center(s) and you end up with data loss. With a public cloud hosted by multiple data centers across multiple locations, you would gain the advantage of redundancy. And this holds true for man-made problems like malware attacks and disgruntled employees as well.
Therefore, it is clearly seen that contrary to popular opinion, public clouds may often be safer than their private counterparts. However, lower costs still remain the strongest determinant for choosing public clouds over private ones. Of course, you can “eat you cake and have it too” by deploying hybrid clouds (See: Having the Best of Both Worlds with Hybrid Clouds).
By Sourya Biswas