Cloud Deployment Models

The NIST defines four cloud deployment models based on ownership and who is consuming the resources:

  • Private cloud
  • Public cloud
  • Hybrid cloud
  • Community cloud

When the NIST’s definition was created, only these four types of clouds were defined based on the technologies and customer needs at the time. Nowadays, with technology developments and the need for services, there are also the multicloud and government cloud types.

Private Cloud

The NIST defines the private cloud as follows (see Figure 21-13):

  

Figure 21-13 Private Cloud Characteristics

“The cloud infrastructure is provisioned for exclusive use by a single organization comprising multiple consumers (e.g., business units). It may be owned, managed, and operated by the organization, a third party, or some combination of them, and it may exist on or off premises.”

This describes the data center(s) of a company or organization. The infrastructure is owned by that company or organization and is intended to be used for internal purposes in its relationship with its partners and customers.

In the infrastructure, the needed automation, orchestration, catalog, and portal functions will be implemented to allow for the management of the resources and the creation of catalogs and service offerings, which will be published either internally or externally in a protected manner.

The services made available to the employees, partners, and customers will be provided only by the data centers of that company. It is the responsibility of the company’s IT teams to deploy, operate, and maintain the cloud environment.

Here are some of the advantages of a private cloud:

  • Ownership of all resources: The resources are provided by the infrastructure of the company or organization, which allows for the full control and management of the resources. The resources are not usually shared with other cloud users. This excludes the access provided to the partners and the customers of the company.
  • Control of change management: The organization controls the change management procedures, which define how changes in the configuration, patches, and updates will be applied.
  • Compliance: The organization or the company, depending on its activities and the region or country in which it resides and operates, might be subject to laws or regulations. Owning the resources makes compliance easier.
  • Information control: Control of information is important for companies, as it prevents information theft or ransomware attacks. If a company controls its own cloud, all the way down to the hardware and premises, it can control the level of IT and physical security. In certain situations, this can be required.

Here are some of the disadvantages of using a private cloud:

  • Big capital expenses: When the company operates its own data center, it incurs the capital expense for building and deploying the infrastructure and the cloud environment.
  • Operational expenses: Operational expenses remain, as there are electricity bills, cooling expenses, human resources expenses as well as expense for ongoing training of the personnel.
  • Scalability: The scalability capacities are limited, as it means additional investment in hardware, software, and people.
  • Infrastructure upgrades: Due to the technology developments and changing requirements facing companies, the hardware needs to be upgraded on a regular basis, which adds to the expenses of running a private cloud.