Are “Private Clouds” Just Old-Fashioned Hosting Masquerading Under A New Name?

In this article I’d like to explain why companies are being sold short by “cloudwashing” of traditional hosting and give my tips for telling rebadged traditional hosting from real cloud services.

Many IT services providers are now marketing “private cloud” offerings, no doubt hoping to attract customers who want all the benefits of cloud computing, such as scalability, capacity on demand and economies of scale, but who mistakenly assume a “public cloud” software application or platform is less secure than a “private cloud”.

Yet if you take a hard look at what these vendors are providing, you may well find these “private clouds” are nothing more than rebadged traditional hosting. That’s not to say true “private clouds” can’t be created – but the goal of “private cloud” initiatives is usually the provision of a new secure, dynamic, scaleable and reusable platform architecture for business applications.

The trumpeting of the rebadging of data centre consolidation or outsourcing exercises as the creation of a “private cloud” is missing the point and typically will not result in cost-savings, more flexibility or even more security, especially when compared with true cloud-based platform infrastructures from specialists such as Amazon Web Services or by moving to Software as a Service.

So how can you tell if a provider is actually offering a cloud-based solution that will give you all the benefits of cloud computing – or just “cloudwashing” traditional hosting? There are three key questions to ask:

  • Can the provider offer immediate provisioning and completely flexible capacity, whether you want to add one user or 10,000? If the vendor has to ask how big or small you are, or ask when you want it delivered, or tell you it will take a certain amount of time to deliver it… it’s not a cloud solution.
  • Is the cost significantly lower than running it in house? Traditional hosting may be a little cheaper than running your own IT, but cloud computing offers much greater economies of scale because it doesn’t just do the same things you were doing in-house more efficiently but delivers IT services in a very different way. If the vendor isn’t able to pass on those savings, it’s not a cloud solution.
  • Does the service provide a security infrastructure designed for the cloud? Does authentication allow secure access from the public internet to a single application or set of data? If security isn’t built in to application or data objects, so that multiple users working on the same infrastructure can only ever see their own applications and data, it’s not a cloud solution.

For Software-as-a-Service, there are a couple of additional tests:

  • Can the application be accessed through any device on the internet, whether that’s a PC, tablet or smartphone, and not require a particular operating system or device? If you need to use a designated operating system such as Windows or need to install any software on your device or in your infrastructure, it’s not a cloud solution.
  • Does the application support accelerated feature delivery? SaaS applications are typically updated with new features and functionality more regularly than on-premise software (often monthly) allowing agile development methodologies to keep the application up to date at all times.

True SaaS “built for the internet” solutions like Google Apps for Business,, Netsuite pass all four tests. Vendors moving software from the on-premise world to the cloud like Microsoft Office365 may struggle in some areas, such as scaleability, complete cross-browser or cross device support or residual dependencies on on-premise software; they are also tied more rigidly to the typical 2-3 year major release cycle of their on-premise parent products.

The limitations of going the “private cloud” route with traditional applications have been clearly demonstrated in the UK Government’s evolving G-Cloud strategy. It’s not surprising the public sector wanted to take advantage of the cost savings of cloud computing, but it soon realised that creating its own private cloud infrastructure, as demonstrated in a pilot with HP, was prohibitively expensive.

The “G-Cloud” project then morphed into a combination of data centre consolidation and virtualisation – until it became apparent that this would offer limited financial benefit. During 2011, we saw the government recognise that both short and long-term benefits would come only from making use of widely available and mass-market software-as-a-service solutions delivered through public clouds. G-Cloud was then relaunched as a catalogue of apps from which the public sector could buy SaaS solutions.

What of the security concerns associated with public clouds? Because security is built in to true SaaS solutions from the ground up, the public cloud multi-tenant model is actually likely to be much more secure than a “private cloud” that’s rebadged hosting. Once someone has gained access inside a traditional hosted environment, they can more easily wander around at will. So “private cloud” solutions that are really rebadged traditional hosting will not only fail to deliver the cost and scalability benefits of cloud computing but will also not provide the high level of security companies are seeking by going “private”.

That the UK government is willing to entrust its operations to public clouds confirms that “public cloud” is secure. Major players in other highly-regulated industries who handle extremely sensitive data are also confirming “public clouds” meet their security needs. For example, Spanish banking giant BBVA recently struck a deal to roll out Google Apps for Business to 110,000 users. So there really is no reason to settle for a “private cloud” that’s just old-fashioned hosting masquerading under a new name.

SHARETweet about this on TwitterShare on LinkedInShare on FacebookShare on Google+Pin on PinterestDigg thisShare on RedditShare on TumblrShare on StumbleUponEmail this to someone

David McLeman is the Managing Director of Ancoris, a leading providerof cloud computing and enterprise security management solutions and one of the UK’s leading Google Enterprise Partners. David has an extensive background in Internet services and IT service management having held senior European management positions with opensystems pioneer Sequent (now IBM), Data General (now EMC) and service level management specialists NetIQ. David has been involved with Software-as-a-Service since 1999 when he was part of the executive team at Netstore, the UK's first "Application Service Provider", delivering multi-tenanted hosted messaging services based on Microsoft Exchange.

  • Mscrowley

    As a person working for one of the providers you’re referring to

  • Mscrowley

    Sorry for the double post. 

    As a person working for one of the providers you’re referring to, I would agree with your premise.  Many IT providers provide “cloud” offerings, and at the end of the day, it’s a VM on shared or dedicated infrastructure. But I would also say that the market is forcing us to use and abuse the cloud moniker.  So many companies, large and small, want to know about “going to the cloud”.  Most companies do not need the huge bounds of scalability that “cloud” really gives you.  They don’t need to be able to spin up 100 instances of a system on demand.  They really only need a few servers, with scalability without CapEx every time they want to grow.  I would say that a VM on a shared or dedicated infrastructure (at least the way we deliver it) is “cloud enough” for them.  It meets their needs for security, scalability, and cost.  While they can’t spin up 100 new VMs in a day, they can double the size of the infrastructure within a week, and then shrink it down later if they need to.

    So, I would agree that yes, some IT providers are describing a traditional VM hosting model as “cloud”.  But I would also say that’s all that some customers require.  It’s only settling if you need or want more.

  • Scott Martin33

    A great and poignant article. In a lot of cases the term “cloud” is nothing more than a marketing catch phrase. It’s the same old same old. An interesting case with the UK Goverment with G-Cloud. My one question is in regards to the public cloud are there not concerns over where the data actually resides? ie residing in a data centre let’s say in the U.S. and subject to U.S. law like the patriot act.

  • Ray Allen

    Well done for making the point. Too many IT professionals are presenting themselves as cloud advocates when as you say it’s little more than rebadged hosting.