Diving Into the Cloud | Feature
Know Your Clouds
- By Rama Ramaswami, Dian Schaffhauser
Just as there are all kinds of real clouds--stratus, cirrus, cumulus--there are different types of computing clouds. The three primary cloud types are public, private, and hybrid. The most appropriate cloud for your institution will depend on several factors: What services you want to take to the cloud; your school's comfort level from a security standpoint; the existing infrastructure you have on campus; and privacy regulations that may dictate how data are secured.
A public cloud is essentially what everyone means when they talk about "the cloud." As we discussed in "What Is the Cloud?" the infrastructure, applications, and resources are housed off-site in a location hosted by a third-party provider. Data is accessed via the internet on an on-demand basis, and users are billed monthly for their use of the resources within the public cloud.
The public cloud model includes a number of benefits, including:
- Simple and inexpensive setup (the service provider incurs the cost of the hardware, applications and bandwidth)
- On-demand scalability
- Users pay only for the resources they use
Because it is a public cloud, however, there are also some notable drawbacks, including:
- Greater risk of security breaches than with other cloud models. The business model of a public cloud is essentially based on economies of scale. It's what allows cloud providers to charge low prices. For that to happen, most pursue a policy of multi-tenancy. In other words, the data of lots of companies and organizations will be stored in the same computing environment as yours. Although there is widespread disagreement about the risks involved, some people believe multi-tenancy increases the chances of breaches or accidental leakage.
- A perceived lack of control over data. Since the data is housed off-site and in someone else's hands, universities don't have physical possession of their own information, which makes some administrators nervous. And if the cloud provider's system goes down, so too does your information, although the uptime of most cloud providers exceeds that of almost every in-house operation.
- Possible slow data transfer rates. Since public clouds use internet connections, the ISP controls the data transfer rate. Educational institutions that want to use the cloud to store and transfer large amounts of data such as high-definition video must invest in the bandwidth to do so--or they may want to use a private cloud instead.
A number of institutions in higher ed are adopting software-as-a-service (SaaS) applications such as Google Apps that live in the public cloud. Others are using the public cloud to store and access nonsensitive data such as student assignments.
For institutions that don't want to surrender their data to what some perceive as the Wild West of public clouds, private clouds have emerged as an alternative. They can be managed by the school's IT group or by a third-party provider, and they can be located either on- or off-site. In short, they offer the simplicity, flexibility, and elasticity of the cloud computing model but for a single organization only.
Sounds like a data center, right? Yes, but the way it's set up is different. In a private cloud, virtualization of applications and resources is key. Through virtualization, private clouds offer easy scalability, flexible resource management (such as on-the-fly provisioning), and the most efficient use of the hardware. Other technologies work in tandem with virtualization, such as data center automation to help with auto-provisioning of servers and identity-based security to ensure that only authorized users have access.
Private clouds are an attractive option for institutions that already have a properly functioning data center. In such cases, repurposing the data center can make a lot more sense than throwing it all out in favor of a move to a public cloud. If you decide to keep it in-house, though, just remember that IT is still on the hook for all maintenance and infrastructure.
Private clouds will also appeal to institutions that worry that the public cloud may jeopardize their compliance with state and federal regulations, including the Family Educational Rights and Privacy Act, the Health Insurance Portability and Accountability Act, and the Americans With Disabilities Act. Such concerns often extend to research data, too, particularly for universities involved in classified work.
For schools wanting the best of both worlds, there's the hybrid cloud. Hybrids are a combination of public and private clouds that offers the benefits of multiple deployment models. For example, an organization can couple its current on-premises hardware with cloud-based infrastructure that's scalable and provisioned on demand, then place its applications and data on the best platforms and span the processing between the two. It's a great way to capitalize on existing infrastructure while building in flexibility, scalability, and on-the-fly provisioning.
It also gives schools a way to address the whole security and privacy issue. You keep sensitive data--be it student information or research--in the private cloud, while using the public cloud for the less-important stuff.