Private clouds are a moving target – both for customers and vendors – even as they are being redefined in a rapidly expanding hybrid-cloud world. Some are even renaming them, with terms like dedicated clouds, internal clouds or corporate clouds. The names may vary, but the key drivers for safety and security remain the same.
At a time when public clouds are stealing the media spotlight, private clouds will not go gently into that good night. Why won’t they go away?
Private clouds exist because of customer concerns about security, data privacy and regulatory compliance. They are deployed on-premises, in the customer’s data center – and well inside the customer’s firewalls. They run cloud software, allowing customers to spin up new applications – and take them down – as quickly as public clouds do. But private clouds are managed under the watchful eye of corporate IT admins, or offsite vendors.
In that sense, this is about the “cloudification” of traditional enterprise applications and data. After all, it was the financial crises of 2008/2009 and those of the current pandemic that have accelerated the cloud model as a powerful innovation for businesses. The flexible Cloud model – with its pay-as-you-go, deploy-as-you-need resources – is finding a new home inside the “glass house” of the data center.
Private Cloud: Deployed Anywhere
Private clouds can be deployed anywhere within a customer’s hybrid cloud or multi-cloud environment. They’re especially attractive for highly regulated industries in finance, health care and telecoms – and in governmental agencies worldwide. These sectors face high levels of oversight from the governments where they operate.
Compliance with regulations about data protection for financial information, personally identifiable information (PII), or medical information (HIPPA) are mandatory in some geographies, including country-level data protection (e.g., Germany, Canada, and others).
Policies and best practices for a range of regulated businesses are similar, focused on the need to comply with national and state regulations, such as GDPR rules in the European Union and CCPA regulations in California.
Security levels, service-level agreements and availability targets – all of these are defining the parameters for private cloud. Private clouds are built on the flexibility, scalability and granular payment models of public clouds, but without some of the headaches, such as costly large transfers of data into – and out of – the public cloud.
Private Cloud Still Growing
The private cloud model is gaining traction – especially in regulated industries like finance and telecoms.
IDC demand-side, customer survey data, based on a survey of 2,200 customer sites, shows private clouds gaining in 2021-2022. Survey respondents reported that private clouds – whether hosted on-premises (30%) or by third-party hosting companies (9%) – were expected to top 40% of their cloud deployments by 2023.
The same survey shows the shift to public clouds is more gradual than it might appear from the news headlines. Public clouds – providing SaaS, IaaS and PaaS services from cloud service providers (CSPs) – accounted for a combined 29% of workloads in these customer sites in 2021, which the survey respondents expected to grow to 31% in 2023.
Caution should be applied here: I should note that there is a strong trend to multi-cloud deployments, tapping both public and private cloud resources for applications and data.
IDC projects that multi-cloud environments – leveraging both public clouds and private clouds – will grow rapidly, from 45% in 2020 to 62% in 2022. This data places private clouds in a broader context. Customers can decide to keep some workloads closer to home, in private clouds, and feel free to deploy others in CSP public clouds, such as AWS, Microsoft Azure, Google Cloud Platform, IBM Cloud, Oracle Cloud, Alibaba and others. Some workloads will remain in non-cloud deployments inside customers’ data centers.
What’s Driving Private Cloud Use
There are many paths to private cloud in the business world. The most powerful forces for private cloud are security concerns, including worries about cyberattacks and ransomware. These are very real threats – and most large enterprises have experienced security attacks multiple times.
Many customers see a continuing barrage of security attacks – large and small – throughout the calendar year. They feel the best defense in a strong offense – and they are keeping transactional, financial and revenue producing applications in-house, in private clouds.
Others are on the rebound from public clouds. They may have deployed many applications to public cloud – and later decided to pull some of them back in-house, into private clouds. Some customers even call this process “repatriation” of applications and data.
Benefits of Moving Into the Private Cloud
Why is private cloud a prime factor in cloud migration decisions?
Data-transfer charges. Data ingress and data egress charges have, for many, piled up into large costs for data transfers, over time. It turns out that data “gravity” is real – and that it makes more sense to keep large datasets in one place, no matter where that is, rather than moving it, and re-distributing it, to multiple locations around the world. In other words: The apps should move to the data, not the other way around.
Changing skill-sets. Demographic change is having a big impact on deployments. As older IT personnel retire, they will be taking their skillsets for transactional workloads home, too. So, there’s a real need to train younger IT staffers to learn about maintaining some of the largest mission-critical workloads, as time permits.
Updating applications. Companies are modernizing their aging applications (7-10 years old, or older) by re-factoring them, and reinventing them for use in a cloud-centric, dynamic way. Those changes allow younger developers to work with languages for developing cloud-native applications, like Python and R, in addition to using Java and .Net – the big hallmarks of Internet application development in the 1990s. They will likely leverage both virtual machines (VMs) and software containers, using each when needed.
AI and ML tools. AI and ML are playing larger roles, too, in next-generation application development. AI allows developers to quickly scan millions of lines of code to find security bugs or code that must be updated to run on new systems. And, refinement of machine-learning models is leading to more efficient DevOps coding, over time.
Cloud migration. Migration of enterprise applications into the Cloud – which has been accelerated by the pandemic – allows enterprise and transactional workloads to stay close to home, where they can be closely watched, by running in private clouds.
What’s Next for Private Cloud
We’ve already covered a lot of ground in the private-cloud debate. Customers will have to think long and hard about their next deployment moves. Should they, or shouldn’t they, deploy private clouds? Should they go to public clouds exclusively, given that CSP management software does a good job of protecting data and applications? Maybe the answer is both: Customers can choose their favorite cloud deployment models – and then continue to access applications and data using a multi-cloud framework to access what’s needed – when it’s needed.
Finally, we expect to see these three trends as private clouds grow in an increasingly multi-cloud approach to cloud deployments:
- As-a-service infrastructure. Vendors are introducing many “as-a-service” offers. These are pre-built, pre-configured systems – often delivered in racks – that can scale up, as needed. These as-a-service systems offer reduced installation times, contained operational costs, and outsourced infrastructure to third-parties.
- Workload management. by vendors and third-parties. Just as important to customers: “as-a-service” systems are configured and managed by OEMs and outside vendors. Security, availability, and flexibility are the key benefits, combined with cloud services that are provided on a pay-as-you-go basis. This approach also applies to a broad range of managed systems, such as hyperconverged infrastructure (HCI) systems that are sold by a wide range of systems vendors.
- Secured systems. In previous waves of IT technology, systems were secured out-of-the-box, from the beginning, before they were “opened” for access by end-users and consumers. For more than 20 years, customers have often applied security software after-the-fact of deployment. This approach often leaves gaps in compute, storage or network resources that can be compromised by hackers and ransomware attackers. One path forward is that private clouds can be populated with pre-secured systems, protecting applications that are being deployed or migrated into the cloud.
Private Cloud: an Important Role
When the Cloud model was new – in 2008 – business managers discovered a new ability to quickly develop and deploy new applications faster than before – and to pay for them with a credit-card, if they wanted to bypass traditional IT funding processes. Back then, the Cloud model was both innovative and a novelty – although computer scientists had known about the foundations for cloud for many years before that. Now, the Cloud has matured – and so have the business applications that want to use clouds, including public clouds and private clouds, for years to come.
The challenge for business managers at IT managers in the years ahead will be how to use the Cloud, rather than whether to use the Cloud.
Clearly, private clouds are proving themselves to be a useful, secure and well-managed option within the expanding Cloud Computing universe: They will play an important role in digital transformation and cloud migration, as enterprise applications and enterprise data evolve, or morph, into new forms for cloud-centric operations in 2025, and beyond.