Cloud Deployment Models
With most organizations focusing on leveraging the cloud in order to cut capital expenditure and control operating costs, there is aggressive growth in business for cloud adoption. However, the cloud can bring security risks and challenges for IT Management, which can be more expensive for the organization to deal with, even considering the cost saving achieved by moving to the cloud. Therefore, it is very important for businesses to understand their requirements before opting for various deployment models available on the cloud.
There are primarily four cloud deployment models, which are discussed below, along with scenarios in which a business could opt for each. These models have been recommended by the National Institute of Standards and Technology (NIST).
The Private Cloud
This model doesn’t bring much in terms of cost efficiency: it is comparable to buying, building and managing your own infrastructure. Still, it brings in tremendous value from a security point of view. During their initial adaptation to the cloud, many organizations face challenges and have concerns related to data security. These concerns are taken care of by this model, in which hosting is built and maintained for a specific client. The infrastructure required for hosting can be on-premises or at a third-party location.
Security concerns are addressed through secure-access VPN or by the physical location within the client’s firewall system.
Furthermore, for mission-critical applications we need to consider downtime in terms of internet availability, quality and performance. Hence, hosting the application with an on-premises private cloud is the suggested approach.
In addition to security reasons, this model is adopted by organizations in cases where data or applications are required to conform to various regulatory standards such as SOX, HIPAA, or SAS 70, which may require data to be managed for privacy and audits that govern the corporation. For example, for the healthcare and pharmaceutical industries, moving data to the cloud may violate the norms. Similarly, different countries have different laws and regulations for managing and handling data, which can impede the business if cloud is under different jurisdiction.
Several SaaS applications, such as SugarCRM, provide options to their clients to maintain their data on their own premises to ensure data privacy is maintained according to the requirements of the particular business. Amazon also provides the option of a virtual private cloud.
The Public Cloud
The public cloud deployment model represents true cloud hosting. In this deployment model, services and infrastructure are provided to various clients. Google is an example of a public cloud. This service can be provided by a vendor free of charge or on the basis of a pay-per-user license policy.
This model is best suited for business requirements wherein it is required to manage load spikes, host SaaS applications, utilize interim infrastructure for developing and testing applications, and manage applications which are consumed by many users that would otherwise require large investment in infrastructure from businesses. This model helps to reduce capital expenditure and bring down operational IT costs.
The Hybrid Cloud
This deployment model helps businesses to take advantage of secured applications and data hosting on a private cloud, while still enjoying cost benefits by keeping shared data and applications on the public cloud. This model is also used for handling cloud bursting, which refers to a scenario where the existing private cloud infrastructure is not able to handle load spikes and requires a fallback option to support the load. Hence, the cloud migrates workloads between public and private hosting without any inconvenience to the users.
Many PaaS deployments expose their APIs, which can be further integrated with internal applications or applications hosted on a private cloud, while still maintaining the security aspects. Microsoft Azure and Force.com are two examples of this model.
The Community Cloud
In the community deployment model, the cloud infrastructure is shared by several organizations with the same policy and compliance considerations. This helps to further reduce costs as compared to a private cloud, as it is shared by larger group.
Various state-level government departments requiring access to the same data relating to the local population or information related to infrastructure, such as hospitals, roads, electrical stations, etc., can utilize a community cloud to manage applications and data.
Cloud computing is not a “silver–bullet” technology; hence, investment in any deployment model should be made based on business requirements, the criticality of the application and the level of support required.
By Neeraj Metha