“Cloud” has been one of the biggest tech industry buzzwords of 2009, but there is still plenty of room on that bandwagon. Amazon is hoping that companies reluctant to pay for services like its Elastic Compute Cloud (EC2) due to security concerns will adopt its new offering- VPC (virtual private clouds).
In theory, the cloud is a good idea for businesses. But, essentially, it’s just geekspeak for “the Internet.” The cloud enables customers to leverage platforms and software that are more scalable, resilient, and cost effective. Rather than investing in the hardware and software to build the infrastructure internally, businesses can take advantage of economies of scale offered by cloud computing services.
The issue is getting from theory to practical application. The theoretical benefits are nice, but many customers have serious concerns about security, and the ability to backup and recover data in the cloud. Compliance requirements may also make some companies leery of surrendering their data to the cloud where it has to travel across the public Internet to coexist with other cloud data.
Granted, there are controls in place to segregate the data and applications of one customer from another. Customers of the Amazon EC2 cloud are afforded some privacy and security, but apparently not enough to convince some customers. So, Amazon is rolling out VPC to let customers essentially buy their own cloud.
The Amazon VPC lets customers basically establish a secure connection with a dedicated instance of the EC2 cloud. Customers connect to VPC with a VPN (virtual private network) pipeline encrypted with IPSec. Customers can move data and applications to their VPC cloud and be able to control who can access them and rest assured that their data and applications are separate from other cloud customers.
Is a private cloud the way to go? On the one hand, customers get an offsite data center with the capability to scale quickly for spikes in demand. Ostensibly the Amazon data center is more secure and resilient than what most customers can build in-house.
However, purchasing a dedicated cloud means losing some of the cost effective, economy of scale benefits of the cloud. And, even with a more secure, dedicated cloud the data still resides somewhere else and customers have faith that Amazon can protect the data it is entrusted with. Customers also have to prepare for what to do if the cloud is unavailable- for example from a cut cable or a massive Internet DoS (denial-of-service) attack.
Amazon may be onto something with VPC. It addresses the security concerns of customers reluctant to play in the cloud while still delivering most of the benefits of cloud computing. Amazon VPC is only in Beta right now. Time will tell if VPC is the carrot that will lead security-conscious customers to the cloud or not.
Tony Bradley is an information security and unified communications expert with more than a decade of enterprise IT experience. He tweets as @PCSecurityNews and provides tips, advice and reviews on information security and unified communications technologies on his site at tonybradley.com .