As in Nature, Clouds Come in Many Shapes

Cloud computing expands on the many existing choices that are already available to IT for the delivery of IT services. Currently, we have RISC, x86, ATOM and ARM processors. We have Windows, Linux, UNIX, and mainframe operating systems. We also have a number of choices for application servers, databases, and development languages. The good thing about having these choices is that it allows architects to pick the best fit (either client-server or mainframe platforms) for the delivery of IT services (applications).

Cloud computing is really no different. There are a number of different cloud services and delivery models, and each should be evaluated for a best fit for the targeted application. Different cloud services will cater to different security profiles, different developer environments, different levels of control, and different kinds of applications. Each cloud service model has different business and IT benefits and challenges.

A quick recap of the Infrastructure as a Service (IaaS) cloud delivery models and some of their unique pros and cons follows:

Public Cloud


  • No purchase of physical infrastructure
  • Pay for what is used. Turn the service off when done
  • Immediate self-service (no need to build infrastructure)
  • Maximum elasticity


  • Low visibility & control (vs. private)
  • Requires greater “trust” (with verification)
  • Multi-tenant (from a security perspective)
  • Governance & Policy enforcement is still emerging
Private Cloud


  • Maximum control and visibility
  • Adheres to existing security framework
  • Easiest fit from a governance and policy perspective (as it will closely mirror existing)


  • Highest cost. Must purchase and integrate hardware & software
  • Must attain high utilization for maximum Return on Assets
  • Requires new IT skills to manage the cloud infrastructure
  • Minimal elasticity
Community Cloud


  • Caters to specific industry and compliance (i.e. FISMA, HIPAA, PCI-DSS compliance)
  • No purchase of physical infrastructure
  • Pay for what is used Turn the service off when done
  • Still relatively lower cost when compared to private for most services
  • Moderate to Maximum elasticity


  • Low visibility & control*
  • Requires greater “trust” (with verification)*
  • Typically higher cost that Public due to specialization in support of specific customer requirements

* Since community clouds are targeting a specific industry, they can typically react more efficiently when responding to requests relating to compliance or for A&A.

Hybrid Cloud


  • Maximum flexibility
  • Dedicated resources on-site (via private cloud)
  • Pay-per-use resources off-site (via public or community cloud)
  • Off-site resources are pay for what is used. Turn the service off when done
  • Elasticity when needed
  • Immediate self-service


  • Most of the cons for both private and public clouds (for their respective components)
  • Additional layer of software is needed to provide governance and brokerage between the cloud services
  • Policy must be defined indicating which services and datasets are allowed in which part of the cloud
  • The broker / governance component is an additional software component requiring additional IT skills to operate and manage

It is important to note that there is no One Cloud. Careful selection of the appropriate cloud service based on each application’s business and technical requirements is necessary. Thus, it is extremely likely that a department would want to select a variety of cloud services. For example, it may make sense to use a public or community Software as a Service (SaaS) offering for email and collaboration. A public IaaS might be the right fit for public facing web properties. A private Platform as a Service (PaaS) might be the best fit for internally developed and used web services. A hybrid IaaS might be the best fit for database and heavier weight applications. As always, take a careful look at the driving business/mission requirements and pick the right tool for the job – be it client-server, mainframe, or cloud.