Private clouds are sort of an artificial phenomenon; private clouds is just a term describing corporate IT for...
the past 20 years. It's a hype machine right now, and it's time to put some Weed B Gon on the tangled underbrush of misinformation.
With private clouds, IT departments can become essentially mini-service providers for their own internal corporate customers, offering a distributed platform upon which internal applications can be built, run and scaled. Developers and departments still get the benefits of scale-out capacity, machine-level transparency and fault tolerance without entrusting a separate party with control over how that infrastructure is run or over the data stored within. Private clouds are all about virtualization and distributed computing -- spreading the work over many virtualized machines within a network of fault-tolerant hosts.
The race to the cloud that's been happening during the past two years is all about allowing IT departments to focus their energy toward becoming profit centers rather than worrying about the headaches of managing, auditing and overseeing security and administration. When perfectly good variants of public cloud exist and are capable of serving the needs of most, trying to manage an internal cloud is a weak strategy at best and a foolhardy use of capital at worst.
Data control for private clouds
It's all about control and management. Private clouds are a blend of the agility and scaling of the public cloud with the control that's lacking with a third-party provider such as Amazon Elastic Compute Cloud, Amazon's Simple Storage Service or Windows Azure. Businesses in sensitive industries -- health care, financial services and fields that use, maintain and store very private and sometimes federally regulated information -- are justifiably wary of turning over that data to a third-party hosting provider, no matter what claims the provider makes regarding its security and auditing infrastructures.
For your IT department, complying with rules and law is a costly activity and one not core to your business. Eliminate it. If the cloud is a fit for your organization, you should be comforted by the fact that all first-tier cloud providers make a living from understanding and complying with government regulations; it's a value-add for them. They have undergone extensive scrutiny over their operations and security. Windows Azure and Amazon's services, as well as productivity providers like Microsoft's Business Productivity Online Standard Suite allow you to choose the location of your data and control who has access to what at a very granular level, while providing data center security that most organizations can only dream about.
Private cloud reliability
Another common misperception is that private clouds would be more reliable than public clouds. Several well-publicized but essentially minimal public cloud outages have somehow morphed into the fear that once your applications and data are in the cloud, they are subject to regular failure that is out of your hands.
These public cloud providers have vast arrays of machines distributed around the globe, achieving a level of scale, redundancy and overall fault tolerance that only the largest organizations with the largest IT budgets on the globe could rival. Plus, your agreements should have service-level stipulations, incentivizing these providers to maximize uptime and reliability. It's almost certain that a public provider would host your applications, development and data with far more reliability and robustness than you have the funds to maintain on your private, on-premises side.
Your organization may have a compelling reason to entertain a private cloud. Don't let any of these myths -- reliability, data control and security -- affect your decision.
Jonathan Hassell is president of The Sun Valley Group Inc. He's an author, consultant and speaker in Charlotte, N.C. Hassell's books include RADIUS, Learning Windows Server 2003, Hardening Windows and, most recently, Windows Vista: Beyond the Manual. Contact him at firstname.lastname@example.org.