07 December 2023
Mark Grindey, CEO, Zeus Cloud UKBSS
Buying the myth
Organisations of every size, across private and public sector, have bought into the idea that a shared IT infrastructure offers better value for money than a dedicated, on-premise set up. As a result, the UK cloud computing market is now worth £7.5 billion, dominated by just three vendors, and with a big problem: the cost of public cloud services is typically double the equivalent on- premise set up, and significantly less secure and well supported than an on-premise alternative.
Security is becoming a very real concern for business reliant on the public cloud. The dominance of the big three hyperscalers makes them a prime target for hackers. Distributed Denial of Service (DDoS) attacks on these organisations are occurring almost continuously, creating huge security vulnerability. Not only can a DDoS attack prevent access to key services, causing serious operational issues; but, more dangerously, expose vulnerabilities in the security posture that can be used to access critical data.
So why are organisations still opting to pay through the nose for a service that is less secure and less flexible than on-premise alternatives?
At first glance, the cloud model is appealing, especially the shift from capital expenditure (capex) to operational expenditure (opex). The idea that costs are known, with a set monthly subscription, is compelling. The option to scale up and down in line with demand is appealing, especially when compared to the challenges of spinning up new servers within traditional on-premise models. However, it is the hidden costs of the cloud that have caught so many companies by surprise.
The hyperscalers’ financial calculators look simple; but buried in the small print is the information that every additional slice of service and support costs more. The extra – and much needed – security, costs more. Storage cost models are also disturbingly opaque: the promised price per terabyte looks great, until a company discovers it is being charged not just to store data but also to delete it. That uploads are free, but the business is then charged for every object downloaded. The monthly bill can often be two, even three times the expected amount. And that creates a huge hole in the planned budget.
Add in the limitations on bandwidth, the additional charges for cpu or RAM, plus the fact that if the business is using VMWare, it will be paying again based on those same usage factors, and it is little wonder that the cost of the public cloud has far exceeded any CTO’s original expectations.
New model gaining ground
So how can businesses achieve the required level of security at an affordable cost, without having to revert to large and unaffordable capital expenditure? The answer is to retake control and bring equipment back on premise – while also retaining the benefits of cloud technology, including remote support and flexible finance and usage models to meet operational requirements.
A growing number of Service Integration and Management (SIAM) companies have recognised the fundamental issues associated with public cloud services and are offering this ‘back to the future’ on-premise model with the essential flexibility. Servers can be spun up on-premise as required, with costs linked to usage. Support is included and, by moving back on-premise, the security risks are allayed.
For any business concerned about the need to rebuild a server room or employ dedicated tech experts, neither is an issue. The latest generation of servers can be run at higher temperatures, which means there is no need to recreate the air-conditioned server rooms of the past. The servers can simply be located within existing network rooms or offices. Or, if the business lacks space, the entire system can be securely co-located within a dedicated and locked rack. Tech support is included as part of the service, with providers leveraging the remote, open source technology used to deliver cloud services to cost effectively ensure the on-premise systems are working effectively.
Bringing this vital infrastructure back into the business is not just cheaper but inherently more secure. Rather than the open, public access model required by the large hyperscalers, an on-premise set up takes the opposite approach: everything is locked down first, with access opened up only as required using highly secure tunnels to safeguard the business. Further, because the entire private cloud set-up is owned by the company, any required security changes can be made immediately. There is none of the interconnected public cloud risk that has led to devastating, extended attacks across key public services in recent years.
The ability to regain this level of control is encouraging growing numbers of organisations across both the public and private sectors to actively bring data and systems back in house. These organisations have serious concerns regarding data security. They are unhappy about the growing latency issues associated with the additional layers of security the hyperscalers are having to implement, a problem that vanishes when systems are on-premise. In addition, there is a recognition that a reliance on the public cloud adds operational risk: any interruption to the internet connection leaves an entire organisation unable to operate.
The tide is turning. The public cloud has its place. It is an ideal location for hosting a web site or public facing apps. But with growing recognition that every single IT deployment would be both cheaper and more secure with an on-premise set up, attitudes are changing. It’s time to regain control, go back to the future and implement an on-premise private cloud.