The Public Cloud versus the Private Cloud

Friday, January 21, 2011

Rahul Neel Mani

F520f65cba281c31e29c857faa651872

Peter Coffee, Head of Platform Research for Salesforce.com discusses with Geetaj Channana how the public cloud is like a supermarket and the private cloud is like sticking a shovel in the ground and beginning to grow your own dinner.

Q: You have very strong views about the private cloud. Why do you think they are a bad idea?

A: When someone says that they would rather have a private cloud, I believe I know what they mean but I also believe that what they prefer is in some ways unnecessary and in other ways impossible. When someone says that they prefer a private cloud, after one or two questions, they say that they believe that the private cloud will be more secure.

Then, I say let us discuss the nature of security. If you try to have security in your own operations you have – complex technology and a rapidly evolving threat environment that becomes your problem to monitor and address.

You are in an environment where the people that you trust with the information are really your greatest source of risk.

Now if we turn the question around and ask, how is the true cloud a superior means of securing your assets? There are several reasons for this. The first is that, the legacy of IT is that ownership is possession and possession is control. There is a perimeter – inside that perimeter is trust and outside that perimeter is 'not trust.'

The true cloud is designed to be a highly shared system. There is no perimeter – now we must say that not where you are, but who you are decides what you can see. So instead of a boundary we have a representation of the right to interact with the data.

Deep down in every piece of data, it knows what its ownership is and then we can say to any customer that there are members of your personnel who should be able to read certain things but not change them; others should be able to change them in a very precise way. Also, when someone uses their privilege, we can record that they have used their privilege.

Now this turns the question around, when you are in your own data center, you rely completely on the trust that you have in your people. When you are working with our systems you can manage their privileges in a much more accurate manner, and you can have a record of what they did with their privileges. If they, either by accident or malice, misused their privileges – you know who did it and when.

The first reason, why people believe that they would rather have a private cloud, is because they think that it is more secure. I tell them that the public cloud can be more manageable or more secure than what they have today.

The other belief that I encounter is when people believe they will have more power to build a customized business solution if they own and operate the resource, than they will if they are using a shared resource. For them I need to draw the picture and say that this the model that we have built, operate and maintain is in the lower level.

When we improve the capacity, speed, accuracy or capability it is for everybody. In the higher layer, there are things that are specific to the clients and their work flows. There are various ways to integrate what you do in the cloud and other resources.

Those are two reasons that people think that they would rather have a private cloud but turn out in practice not to be correct.

Now, lets look at the other side of the coin, which is, when you say that you want to have a private cloud you mean that you want to continue investing in capital assets in infrastructure. That is what it means. You are going to buy hardware and license software, when you are doing capital expenditure it means that when you have a new business opportunity or a new initiative that you would like to undertake – the first question will not be what should we do, it will be do we have capital budget?

If the answer is no, then it would be next quarter or next year, before you are able to do anything. This drastically slows the ability of the business to respond to its environment. And that is a serious cost.

Also there is a point that if you want to operate the resource yourself, you will need many skilled staff members like database, security etc. who will not be fully occupied. Our [Sales Force. Com’s] security teams are the right size to handle 87,000 customers worth of security and they are fully engaged and they are continuously monitoring the threat environment, they are continually having interviews with regulators and policy makers. The cost of this world class security team is being spread across 87,000 customers. Which means that the cost of being that safe with us much less than the cost of being this safe on your own.

This is why I believe that the private cloud is a seduction, a dangerous label, especially, for an emerging market. Here is what it is – if I have $5 billion dollars with me to build a new global brand based in India. What will give me greater success – spending 10 percent of those assets on cloud computing resources - I write the cheque to Amazon and say that I need 1,000 virtual servers for research and testing; from Salesforce.com I would need 1,000 seats of support for my customer outreach and 100 seats for my sales team. Now, this is all done and I have spent only 10 percent of my fund. 90 percent is available to do the real work. This is an appealing idea. It is one week since we had the conversation about starting this company and all those services are already up and running. I am now focused on creating a global brand.

Q: What is the other way of doing things that the people who want to sell you a private cloud like to see you do?

A: They want you to spend not one week, but one month or a quarter purchasing hardware which is not made in India, licensing software which will be a cheque that you would be writing in USD to an American company and take up 60-70 percent of your start-up assets, send them out of the country, wait a few months, and then with the small fraction of your remaining resources, you starting building your global brand.

That is what I see when I see somebody come to India and ask you to build a private cloud. They actually want you to pay tribute to an empire of infrastructure and slow your ability to enter a new market. Also, they reduce the amount of resources that you have available for creating differentiation and brand power. This will also hold true for an established enterprise that wants to enter a new market.

This is why I think this label is a misrepresentation and I believe that it appeals to people’s ignorance and misunderstanding, instead of appealing to the intelligence and enterprise.

Q: CIOs have this concern that it is easy to get into the cloud, but very difficult to get out of it. Is it true?

A: The good CIOs understand that when they decide to build a windows application in favor of a Linux application they are trading greater speed and capability of development against less freedom. It is very useful for the CIO to understand that the cloud also offers a spectrum of choices. I can write very standard open source code, that could normally run on a server or I could run with equal convenience on a virtual server on the Amazon cloud. Running it there means that I can have 100s or 1000s of servers for the day and then stop paying at the end of the day. But, if for some reason I decide that I want to run the code on a server right in front of me then its fine.

We have our own initiative, with VMWare called VMForce,  that will allow this capability with Java applications. This is where you can deploy a spring Java application to the Force.com cloud or apply the same application of service on a local server. The CIO needs to feel a greater sense of assurance, that this a choice that you can make – or if you desire – un-make.

This is important to know that we recognize the concern and we are addressing the concern by offering a greater variety of options. Clearly, I believe that once you are in the cloud you will start taking advantage of cloud capabilities. You will start to use analytics, collaboration tools, and powerful work flow capability.

Once you have done that and you decide that you want to run it somewhere else – well there will now be things that you will have to implement for yourself. I do not apologize for the fact that we offer great value, and wanting you to stay with us by offering things that would cost you more to do yourself. I do not regard that as lock-in, I regard that as a job that I am supposed to do.

Lock-in is something that you continue to use something that does not work very well because switching away from it has become very expensive. I must tell you that for our customers, the only cause of switching away from us is needing to do for himself, what we have previously done. I do not consider that at lock-in. I do agree that it is a switching cost, not one that I feel that demands an apology.

Q: What is the level of customization that can be done?

A: Enormous. There are some people who use the word platform to mean, here is our application and you can modify it, we use this word to mean that if you do not want our applications ignore them and do not pay for them. We have customers who have built applications in our platform to manage financial services, motion picture cinemas, pizza delivery, chemical sample delivery etc.

About eight years ago, I did a web search for _RM, which is ARM, BRM, CRM, etc. I found that everything except J, Y and Z had been used, and sometimes more than once, for 'Something Relationship Management.' Everybody knows that all business applications manage some kind of relationship – sometimes one-to-one, sometimes one-to-many, sometimes many-to-one etc.

When someone says to me that is our platform only for CRM, I say that you have a very narrow view of CRM and you do not realize how many common elements there are in business applications. You have entities that relate to each other in time or space or in some kind of cause effect manner and there is much that is common here. Is it true that our Force.com platform would not be a good choice for writing the next generation role playing game on the net – Yes. There are things that this platform is not designed to do.

But, if you think about it, if you wish to create a business around a gaming opportunity online, would it not be very attractive if all of your talent was focused entirely on the game playing engine. The thing that is your distinctive asset and all of the things that you wrap around it – like billing your customers for their time, providing customer support, etc. – would it not make sense for you to take care of this by just adding cosmetics to something available online. This way you can focus all the efforts at the heart of the service you are offering.

This is one of the most important things that a person needs to understand – that the public cloud is a supermarket. Walk in the grocery store and you will find isles with rice and beans, on the other hand will be a section with delicatessen that has complete, ready to eat meals. Then there are many other things in between.

The cloud has become this general. We are the delicatessen department where we offer somewhat higher degree of packaging of somewhat more complicated offering. On the other hand is Amazon which offers you the rice and the beans of cloud computing. Clearly, I would rather go to the supermarket than do what a private cloud will have be – which is to stick a shovel in the ground and begin to grow my dinner. That is what the private cloud is.

Cloud is not one thing, but many ideas – all you pay for is function.

Cross-posted from CTO Forum

Possibly Related Articles:
16370
Cloud Security
Management Virtualization Cloud Computing Analytics VMware
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.