Welcome!

SAP Authors: RealWire News Distribution

Blog Feed Post

Private and Public Clouds will be, in many ways, the same in 2013

 vmblog.com logo1 e1352982815649 Private and Public Clouds will be, in many ways, the same in 2013

VMblog.com

The debate between those who sell private clouds and those who sell public clouds has been all the rage for the past 3-4 years. Private clouds are touted as more secure, while leveraging your existing investment in hardware and virtualization. Public clouds are touted as the only “true” clouds, with truly massive scale and real economic benefits.

It is possible, however, to cut this debate in a different way if you look at it not from an IT perspective, but from the point of view of the end user of an application. That end user often has similar expectations from a “public” and a “private” cloud solution.

Let’s take a business case and analyze it from a security point of view – this is the most direct way of bringing out the argument. Suppose you are creating an application for your users which manages sensitive information. Further assume your users are not internal to your own organization.

That latter point is central. If your users are completely internal to your own organization, especially if they are pure IT users or are localized (your organization is not too far-flung), chances are you have no business reason to go to a public cloud at all, and even a private cloud may be just a fun technology play for you. In other words, if your users are completely internal and/or a tight-knit group, doing a “cloud” approach is a matter of technology fashion and not a business need.

So, let’s go back to the business case we outlined, where your users are not internal. As a consequence, your users will not care whether you have implemented your solution on a third party vendor’s cloud or on your own private cloud. The users will have many of the same security expectations, and meeting these expectations may involve many of the same technologies.

Security is touted as one of the main differentiators between private and public clouds. As more users express the same expectations from both, we will see a more mature discussion emerge in 2013. Private clouds will certainly leverage existing investments in the data center, and offer more direct control to the service provider; public clouds will offer economies of scale. But both kinds of provider will find that they have similar security conversations with their customers.

For example, sensitive information in the cloud should always be encrypted. Your users will not need to understand the technological details, but they will need to know that – at the end of the day – you have provided maximum security for their data, so much so that it is private even to you. This can be achieved today with cutting edge technologies, such as Homomorphic Key Encryption and Split Key Encryption. While users need not understand the details of these technologies, they will appreciate the result: A guarantee from you, their supplier, that you can never read their data; and that they have full control of their data through a simple “master key” that is never exposed in the cloud or to anyone but the user.

In another example, let’s address concerns about physical access. Your users want a guarantee that physical access is tightly controlled to the servers that deliver the application with their data. Whether you control physical access yourself, or farm it out to a third party who has controls you trust, is up to you. Your users will – in both cases – want the guarantee from you, and it is up to you to decide whether you achieve this directly or through outsourcing and contractual obligations.

Such attitudes among the users – the people that count – mean that the differences between public and private clouds are not all what they are hyped to be. This is affecting the market – user perceptions are affecting supplier perceptions. More and more shops understand that the security questions that matter most will come up whether you label your solution as private or public. In 2013 we will see this view becoming commonplace, and users in both scenarios  will be shopping around for solutions to similar security issues.

The post Private and Public Clouds will be, in many ways, the same in 2013 appeared first on Porticor Cloud Security.

Read the original blog entry...

More Stories By Gilad Parann-Nissany

Gilad Parann-Nissany, Founder and CEO at Porticor is a pioneer of Cloud Computing. He has built SaaS Clouds for medium and small enterprises at SAP (CTO Small Business); contributing to several SAP products and reaching more than 8 million users. Recently he has created a consumer Cloud at G.ho.st - a cloud operating system that delighted hundreds of thousands of users while providing browser-based and mobile access to data, people and a variety of cloud-based applications. He is now CEO of Porticor, a leader in Virtual Privacy and Cloud Security.