Business leaders, CIOs, and startup co-founders are aware that cloud computing is revolutionizing the way companies think about IT. As a result, cloud spending is skyrocketing worldwide…
However, differences in business needs and priorities have led to the development of different types – or models – of cloud computing. The two main models are public cloud and private cloud computing.
In this post, I’m going to give a complete, head-to-head comparison of public and private cloud computing. We’ll look at the definition and technical features of each one first. Then, we’ll get into the good stuff – the factors that are really going to impact your business. Things like:
- Legal compliance issues
Lastly, we will discuss which model is likely best for your business, and why you should get started with cloud now. Let’s get into it!
- What do they mean?
- Technical definitions
- Common examples
- Public cloud vs Private Cloud – Head-to-head
- Control and customization
- Security and privacy
- Legal compliance
- Reliability and resilience
- Are they mutually exclusive?
- Future forecast
- Which should you choose?
- Get started
Firstly, What Do They Mean?
Public Cloud – Quick Intro
This is the most widely understood type of cloud computing. Any computing resources publicly available over the internet are public cloud services. Services you already use like Google Drive and Dropbox are examples of public clouds.
This was the original type of cloud computing, but the term public cloud popped up to differentiate the private cloud.
Private Cloud – Quick Intro
Private clouds are clouds of computing resources that (you guessed it) are private to a single organization. Let’s get into the definitions for the key differences between private and public cloud.
Here is how the National Institute of Standards and Technology (NIST) defines public cloud and private cloud technology:
Public Cloud Definition:
The cloud infrastructure is provisioned for open use by the general public. It may be owned, managed, and operated by a business, academic, or government organization, or some combination of them. It exists on the premises of the cloud provider.
Private Cloud Definition:
The cloud infrastructure is provisioned exclusive use by a single organization comprising multiple consumers (e.g., business units). It may be owned, managed, and operated by the organization, a third party, or some combination of them, and it may exist on or off premises
The key differences between the two definitions are:
- A public cloud is for open use – while private is for exclusive use
- A public cloud is run by a provider – while a private cloud may be run and owned by a provider OR the single organization using it
Some Common Examples
Public cloud examples:
- Google Drive – file storage and synchronization tool
- Dropbox – public cloud storage
- Salesforce – cloud customer relationship management (CRM) software
- Microsoft 365 – subscription service to access Microsoft Office applications over the internet
- Amazon’s Elastic Compute Cloud – scalable computing resources from Amazon’s cloud
- Basically, any computing service delivered openly over the internet
Private clouds are a bit trickier to find in the real world. That’s because they are, by definition, private. They are usually used by big companies and also referred to as ‘corporate cloud’. Here are some example use cases:
- A bank that maintains a private cloud for each of its branches and employees to use when they need
- An insurance company that wants to use cloud computing but can’t risk having their customer health records on a public server
Public Cloud vs Private Cloud – Head-to-head
Now we have an idea about how each of the cloud deployment models works, let’s get into the nitty-gritty. We’ll be comparing public and private cloud on:
- Control and customization
- Security and privacy
- Legal compliance
- Reliability and resilience
Winner: Public Cloud
One of the main benefits of cloud computing is the ability to scale applications and storage up and down as needed. If your application has a sudden spike of users, you don’t want it to crash. Likewise, if your number of users drops off for a while, you don’t want be paying for computing power you aren’t using.
High scalability is one of the big advantages of the public cloud. When using a service like Amazon Elastic Compute Cloud (Amazon EC2), you have access to basically unlimited computing resources. You can scale your cloud capacity from just a few users to millions of users in minutes if you need to, then straight back down again without any problems.
Private cloud on the other hand usually doesn’t normally scale so well, especially if the company owns and operates the hardware. In order to scale up an on-premise private cloud, a company would have to actually buy and install new servers. Some of this effort can be minimised with a private cloud hosted by a cloud provider. But, even then, scaling up and down is more difficult and time-consuming than with public cloud services.
Winner: Usually Private Cloud
Performance is a little trickier. Mike Divaris from Rackspace has a great post in-depth on this topic. When using cloud computing, you’ll be running your software and applications on virtual machines. The performance of these virtual machines depends on the performance of the underlying hardware. That’s where the differences come in.
With public cloud, you have no control over the underlying hardware. In most cases, they won’t even give you exact specifications on performance because they use multiple different types of servers across a cloud. This means that public cloud performance isn’t necessarily bad, but can be unpredictable. There is also something called the ‘noisy neighbor’ effect. This is where you can be affected by other users on your host machine.
With a private cloud, however, you can choose the underlying hardware. That means you can be more certain of how it’s going to perform and set minimum requirements. Also, there is no noisy neighbor effect, as there are no neighbors to make any noise.
Public clouds perform better with demand spikes. But, for day-to-day running, a well-built private cloud will typically have better performance.
Control and Customization
Winner: Private Cloud
This is where private cloud really shines. With a private cloud, you can control and configure anything you want about a system. Especially if you own and operate all of the hardware on premises. There are no restrictions or limits on what you can do. You can customize the hardware and infrastructure to suit your needs perfectly.
You just don’t have this option with public clouds. While you control how you use the resources, most underlying specifications won’t be under your control. You might not even get many details about hardware specs or set up.
Control is the main difference between these two deployment models. It is this control and flexibility that some organizations just can’t give up. One of the main reasons we will discuss next.
Security and Privacy
Winner: It Depends…
Public and private cloud security is a big deal. This Platform9 survey of enterprise customers shows that security is their top concern.
One of the advantages of private cloud is having complete control over the system, meaning your company can configure all of the security and privacy tools and protocols you need. Also, you can physically separate your infrastructure from others. For big businesses that need extra tight security, this is a necessity. Many businesses have turned to private cloud for just this reason. But, strangely, it may not actually mean it’s safer or more secure.
The likes of Amazon, Microsoft, and Google are all world leaders in IT security. If you are using their computing infrastructure, you will be getting their decades of security experience. E.g. Google says that with Google Cloud Platform, you get “Google Grade Security”. As Brandon Butler from Network World puts it, you might be better off focusing on the security of your applications, and leave the security of the underlying infrastructure to the big boys. That brings us to the next point…
Winner: Private Cloud
Navica CEO Bernard Golden argues here that “A lot of what is called security is really compliance”. There aren’t many companies left that can guarantee better security or privacy than Google or Microsoft can. But, when it comes to data laws, that might not be enough.
In the US and many other countries, there are strict laws about how customer personal data must be handled and stored. Organizations in areas like financial operations health, health, and public services fall under certain regulations such as the Health Insurance Portability and Accountability Act. Sometimes, the only way to make sure you tick all the legal boxes is to host your own hardware and set everything up in a particular way. These laws can include things like:
- Having to host data in a given country
- NOT hosting data in a specific country
- Guaranteeing your company can access data at certain times
- Keeping and protecting data that might need to be passed on
- Generating reports when things go wrong
Governments are starting to take these things very seriously. If you’re in an industry that handles any sort of sensitive data, be careful. Using a public cloud might not guarantee you are meeting all your legal requirements.
In some cases, cloud providers are building services that have the requirements and certifications that these organizations need. For example, Rackspace has built a dedicated healthcare environment that is certified by the Health Information Trust Alliance. This means healthcare organizations can hire out private clouds in this environment that pass all the tests required by their industry.
Winner: Public Cloud
Cost is one of the main reasons small, medium, and large organizations move to the cloud. Cloud computing can be cheaper than having a traditional data center for a few reasons.
- There can be almost no capital expenditure to get started
- You can take advantage of economy of scale
- You only pay for what you use
- You don’t need to hire the IT experts to keep everything running
- No lock-in contracts or commitments
Public cloud delivers on all of these and usually has a lower TCO (Total Cost of Ownership). You’ll rarely pay a setup or signup fee for a public cloud service, so it costs nothing to get started. You usually don’t have any kind of lock-in contract either, so there is little risk. Also, by renting a small slice of a much larger data center, you can save a lot of cash compared to buy your own server. The economy of scale says that the more you buy of something, the cheaper it gets per unit. For you, that means much cheaper computing and storage.
Here are some of the pricing pages for the big cloud providers:
Another advantage is that you only pay for what you use. If you don’t have any visitors to your website or web app one day, you don’t pay for that usage. This can save you a ton of money if you have spikes in your traffic. Traditionally, a business would have to own and maintain a server capable of dealing with the highest spikes in traffic, just in case, and pay for it even when it’s not being fully utilized. That’s not the case with public cloud computing.
Lastly, by renting your IT infrastructure as a service, you outsource all of the setup, management, and maintenance of all the hardware. Most executives that have experience with IT in the past know that this can save you big time on money AND headaches.
Private cloud, on the other hand, doesn’t usually have all of these cost benefits, and the overall price will be quite similar to a traditional data center. For an on-premise private cloud, you will have to pay for:
- The initial cost of setting up
- The running of all of the servers you have
- An IT team to manage it
However, some cloud providers offer to host private clouds for you. This way you will skip most of the setup cost and won’t need to worry about maintaining the infrastructure. You will, however, have to pay for all of your private servers, even if they aren’t running at full capacity. For this sort of service, it’s likely you will have to sign some sort of contract. A contract will also help make the running costs more predictable which can be a big plus.
Network World points out here are some circumstances where a private cloud might have a lower TCO. If an organization is great at managing a large number of servers at high utilization levels, the TCO may well be lower than with a public cloud. But, it’s very difficult pull off.
As you can see here, managing costs gets more important as an organization gets more familiar with cloud computing.
Winner: Public Cloud
From setting up, to running live applications, public cloud is the clear winner here. It is designed to remove all the little details you don’t need to worry about. You can usually set up, use, and access your cloud resources with a few clicks and with a nice interface.
Devops is also where the public cloud shines. With platform-as-a-service products like Google App Engine, developers can build, test, and run scalable, cloud-native web applications all in one place. This is one of the most exciting areas of cloud computing. Check out our dedicated article here for more on this!
Building and maintaining your own private cloud can be a headache. There are some great cloud software tools like Microsoft Private Cloud, VMware vCloud Suite, and OpenStack (Check out this comparison for more info), but its always going to be more difficult than something like AWS. You also need to think about training staff how to use a custom cloud architecture.
Reliability and Resilience
Winner: It depends
This issue really came into the spotlight with the huge Amazon Web Services outage. Huge parts of the internet were unavailable for hours, and many companies had huge problems during this time.
In IT terminology reliability is “The probability that a system, including all hardware, firmware, and software, will satisfactorily perform the task for which it was designed or intended, for a specified time and in a specified environment”. Resilience is the ability to maintain normal function in the face of faults. Basically:
- How often will it work properly?
- And will it work if something goes wrong?
A common measure in cloud computing is uptime. Generally, all cloud computing services and models have good uptime. Cloud environments are built from many individual servers, and the managing software makes sure that if one server goes down, the service still runs as normal. Both public and private clouds will do this, but who does it better?
To achieve high uptime and resilience in the face of outages, you need redundancy – duplication of code and data to multiple places. If one server goes down, you can just switch to the other. Public cloud generally has excellent redundancy done automatically. Your data and applications will be replicated multiple times in different physical locations.
The level of uptime you can expect can be found in your Service Level Agreement (SLA). That’s the minimum amount of uptime the provider has to provide for the price you are paying. If you want more guarantees, buy a better SLA.
Private cloud, on the other hand, can have as much redundancy built in as you like – even more than public cloud providers. If you want to make your system more reliable you can simply build in more backups. However, most companies will struggle to build a system with the uptime of a global-scale public cloud. The price will go up significantly too. Managed private clouds will come with an SLA just like public clouds.
Are They Mutually Exclusive?
We’ve seen that both of these cloud models have clear advantages and disadvantages. Is there some way to combine them to get advantages of both?
There sure is. hybrid cloud is where an organization combines a private cloud with public cloud technologies into one coherent unit. Some examples are:
- A medical company storing sensitive patient data on a private cloud, but running their website and other applications on a public cloud.
- A large organization running baseline IT operations on a private cloud, but using public cloud services when spikes in demand happen. This is also called ‘cloud bursting’.
Another example of a mixture is community cloud. It’s basically a public cloud that is only available to organizations in a specific industry. That way the cloud can have the optimal configuration for those organizations. We go through each of these in our article 4 Best Cloud Deployment Models.
Public vs private cloud is a hot debate right now, and both have a promising future in IT. However, according to the 2017 RightScale State of the Cloud Report, “Public Cloud Adoption Grows, While Private Cloud Wanes”. One of the reasons for this is that trust in the public cloud is growing. Many organizations that used private clouds before are now feeling comfortable enough to move to public cloud.
Ultimately, both of these deployment models are needed. As you can see, most large enterprises have plans for both public and private cloud in their future.
Which Should You Choose?
The key difference between public and private cloud computing is control of the infrastructure. If you’ve understood everything we’ve gone through here, you should have a good idea of which is most suited to your organization or enterprise. Here’s a quick summary:
Public cloud is best for:
- Fast-growing startups (especially those without much funding)
- Anyone who needs low initial capital expenditure
- Spiking or fluctuating demand
- Industries with less privacy and compliance demands
- Organizations with less IT legacy baggage
Private cloud is best for:
- Enterprises with larger and predictable computing demands
- Organizations that have strict privacy and compliance demands
- Those that need dedicated computing resources for greater ownership and control
Either Way, it’s Time to Get Started with Cloud Computing
Whichever you choose for your organization, you need to get started before you get left behind. Cloud computing isn’t a fad or a trend, it’s a whole industry being transformed before our eyes. The companies that have been experimenting with cloud technology for years now have a serious edge over those that haven’t. Start taking advantage of cloud technology, or get left behind.