Choosing the right cloud solution

Geeman Yip, CEO, BitTitan

Cloud computing has grown significantly in Southeast Asia, although adoption varies across the region. Adoption also accelerated last year due to the pandemic as organizations gave employees access to information and applications to help them get their job done from home.

IDC predicted that organizations in ASEAN nations would increase their spending on cloud services to address this need. Public cloud services or infrastructure-as-a-service (IaaS) is expected to experience a CAGR of nearly 20% between 2020 and 2024.

In the future, more businesses will be using a hybrid of enterprise, private, and public cloud services or multi-cloud strategies, which spread data across multiple vendors to protect against downtime and data loss. Regardless of the strategy, cloud computing will be a feature of enterprise IT infrastructures in a post pandemic world. The question businesses must answer is whether a public or private cloud solution is right for them.

What are Public and Private Clouds? 

Public cloud or infrastructure-as-a-service (IaaS) solutions consists of servers saved in the provider’s data centre with shared resources for different customers. Public clouds can support CRM, CMS, websites, email, and various other applications. Companies using the public cloud do not worry about maintaining or updating the infrastructure, which makes it an economical solution, but also do not manage the security of data in it.

A private, internal or enterprise cloud provides similar advantages to a public cloud solution by including scalability and self-service. However, the company does not share any resources or assets with other businesses since the data is saved on the company’s network or in a hosted data centre.

Control over access and a firewall provide an extra layer of security, which is important for regulated industries, such as financial services and healthcare, that may need to meet compliance mandates for dealing with sensitive information.

Security and identity management

With public cloud solutions, data travels over the public internet, which makes it difficult for cybercriminals to target, and access can be granted from anywhere. The provider handles the internet security and deploys manpower to provide support as well as 24/7 monitoring and threat detection.

Reputable providers also offer many safety features including enterprise-class firewalls in a secure facility. For identity management, there are definite cost advantages to using the public cloud, but the shared environment creates more potential entry points for threats. 

A private cloud is controlled by organizations in-house and runs on physical machines. Data lives behind a firewall and is accessed through private, secure network links. Organizations can isolate their data infrastructure and restrict public internet access. Single sign-on (SSO), authentication, authorization, provisioning, role management, logging, and auditing can sit behind the firewall.

This can make access easier to manage, but the network is less resilient to disruptions such as natural disasters. The organization bears the responsibility of securing the network, which requires an investment in IT staff with the right experience and skill level to stay on top of updates, patches and threats.

The Bottom Line: Which is the right solution?

Public cloud solutions might be the answer for small businesses, as not having to invest upfront in hardware or pay for ongoing IT management and maintenance makes it more economical. It also offers the advantage to scale as needed with little notice. On the other hand, large scale firms with complex IT management needs and regulatory requirements tend to prefer private cloud hosting due to its greater security. However, the expenses of securing, maintaining, and managing information protection can be higher.

The best option for any organization will ultimately depend on its capacity, capabilities, and business use. When picking a cloud service provider, select a reputable provider and cautiously inspect the service-level agreement (SLA) to ensure it meets all of your organization’s requirements.