A guest post by Dejan Lukan of InfoSec.
It’s well known by now that the cloud is here to stay and it’s important to familiarize yourself, as well as users, by reading up on the subject and experimenting! The focus of this article is to discuss the differences between public, private and hybrid clouds to help you decide which type of cloud based services solution is best for you. It’s often the case that companies use the word “cloud” as a way to advertise their services, but the reality is that we’ve been using the cloud for years; we just didn’t use the same words as we do today.
Cloud Deployment Models
The cloud deployment models summarised below are the following:
- Private Cloud: the cloud services used by a single organization, which are not exposed to the public. A private cloud resides inside the organization and must be behind a firewall, so only the organization has access to it and can manage it.
- Public Cloud: the cloud services are exposed to the public and can be used by anyone. Virtualization is typically used to build the cloud services that are offered to the public. An example of a public cloud is Amazon Web Services (AWS).
- Hybrid Cloud: the cloud services can be distributed among public and private clouds, where sensitive applications are kept inside the organization’s network (by using a private cloud), whereas other services can be hosted outside the organization’s network (by using a public cloud). Users can them interchangeably use private as well as public cloud services in every day operations.
The biggest differences between public, private and hybrid cloud are described in the table below.
||Single tenancy: there’s only the data of a single organization stored in the cloud.
||Multi-tenancy: the data of multiple organizations in stored in a shared environment.
||The data stored in the public cloud is usually multi-tenant, which means the data from multiple organizations is stored in a shared environment. The data stored in private cloud is kept private by the organization.
|Exposed to the Public
||No: only the organization itself can use the private cloud services.
||Yes: anyone can use the public cloud services.
||The services running on a private cloud can be accessed only the organization’s users, while the services running on public cloud can be accessed by anyone.
|Data Center Location
||Inside the organization’s network.
||Anywhere on the Internet where the cloud service provider’s services are located.
||Inside the organization’s network for private cloud services as well as anywhere on the Internet for public cloud services.
|Cloud Service Management
||The organization must have their own administrators managing their private cloud services.
||The cloud service provider manages the services, where the organization merely uses them.
||The organization itself must manage the private cloud, while the public cloud is managed by the CSP.
||Must be provided by the organization itself, which has to buy physical servers to build the private cloud on.
||The CSP provides all the hardware and ensures it’s working at all times.
||The organization must provide hardware for the private cloud, while the hardware of CSP is used for public cloud services.
||Can be quite expensive, since the hardware, applications and network have to be provided and managed by the organization itself.
||The CSP has to provide the hardware, set-up the application and provide the network accessibility according to the SLA.
||The private cloud services must be provided by the organization, including the hardware, applications and network, while the CSP manages the public cloud services.
As you can see, the hybrid cloud is a combination of private, as well as public cloud, used together by the same organization to pull the best features from each.
Which one should you choose?
It’s important to keep in mind when deciding whether to build a private or public cloud, to properly weigh the differences against each other. In most cases they can be thought of as advantages or disadvantages, depending on the usage required. If we’d like to store our backup data somewhere in the cloud, it’s important to determine the sensitivity of said data. For example, if we are storing confidential information such as credit card information or medical records we absolutely must store that data in a private cloud but when it comes to non-sensitive info, we can store it in a public cloud if it keeps costs down considerably.
Then, there’s always a choice whether to integrate public or private cloud into our everyday operations. Again, there are advantages and disadvantages that need to be taken into consideration. Whether to compromise the security and keep expenses down or pay a little extra for additional layer of security is a choice you’ll sooner or later have to make; but you should always consider what’s best for your business and move forward from there.
Dejan Lukan is a Security Researcher for the InfoSec Institute and a penetration tester from Slovenia. His passions are Antivirus bypassing techniques, malware research and operating systems, mainly Linux, Windows and BSD.