#cloud #infosec #devops Private cloud is about management, but not about hardware
As with every technology, definitions almost immediately become muddled when it becomes apparent that the technology is going to "change the world." SDN is currently suffering from this phenomenon and it appears that cloud continues to suffer from it. Let me present Exhibit AAAA:
Private clouds are great solutions for organizations looking to keep their hardware locally managed.
The association of "private cloud" with "hardware" is misguided and, in most instances, just plain wrong. Organizations implementing or planning on implementing private cloud (or on-premise cloud) are not doing so because they can't bear to part with their hardware. What they can't bear to part with is control. Control over security, over performance, over availability. Control over data and access. Control over their own destiny.
Private cloud, assuming an organization adopts the model fully, affords IT the same benefits of a service-focused approach to resource management as does public cloud. The difference is solely in who incurs the expense of maintaining and managing the hardware. In fact, the statement above would be more properly expressed as "private clouds are great solutions for organizations in spite of keeping hardware locally managed."
It is unlikely any organization wants to continue maintaining and managing hardware. In addition to management overhead, it comes with other baggage such as heating and cooling and power costs (not to mention the liability insurance against tripping over cables in the data center). But when measured against the weight of losing control over policies (particularly those related to compliance and security) as well as access to what most would consider standard application services (acceleration, optimization, programmability, identity management), the overhead from managing hardware locally just can't win.
And no matter how ambitious, no organization with an existing data center is going to initiate a project that includes a wholesale transition to public cloud. Whether it's integration concerns, costs associated with transitioning legacy applications to a cloud-friendly architecture, or other application-related issues arising from such a transition, non green-field organizations are simply not going to wholesale pick up their toys and move to a public cloud. But that doesn't mean those organizations or its leadership is immune to recognizing and desiring the value inherent in the cloud computing model. Private cloud models can afford organizations the same benefits as public cloud minus the cost savings that come from economy of scale.
And even if private cloud can only realize half the cost savings of public cloud, so what? When measured against potential losses from unacceptable risk, that's likely quite the deal.
Private cloud is simply not a euphemism for managing hardware any more than public cloud is a euphemism for not managing hardware.