There are five tenets of cloud computing as defined by NIST. On demand self-service, broad network access, resource pooling, rapid elasticity and measured service. That said, there are different types of clouds: public, private and hybrid. Let’s be clear in that none of these types of clouds require an on-site data center or on-site servers, no matter which type of cloud you require, it’s all still virtual. And it’s not exactly something your IT department can re-create. It took Amazon, Microsoft and Google spending billions of dollars to gather expertise, build systems and learn from problems they see their customers having to create their cloud services. Your company’s IT department doesn’t have the resources or manpower to do that.
A public cloud is a cloud where you share compute and machines with each other. Each company is still isolated from its neighbors, no one knows who they’re sharing space with, but it’s like carpooling. You’re all sharing in a the same virtual world. But you are fully isolated from anyone else who might be sharing that space. Your information is secure. The big 3 cloud providers are compliant with almost every regulation and framework out there you are protected. If something were to leak through or break, the responsibility of fixing it doesn’t fall on you, it falls on your cloud provider. And when there are problems like memory leaks in physical hardware chips, cloud providers work closely with Intel and other companies to ensure that patches are made quickly and implemented accordingly before most people even know there’s a problem. A public cloud is your traditional cloud, it’s the one people are most familiar with and understand the best.
A private cloud is where things can get murky. A private cloud is not something that you own, it’s still owned by the cloud provider. In a private cloud, though, the biggest difference is that you are not sharing space on a server or sharing compute with anyone else. It’s like owning a rack in a data center, but on a virtual level. By definition, a private cloud is a cloud where the infrastructure for the cloud is only allowed to be used by a single client or a group of clients. So you can have a private cloud, like a banking cloud, like Gov cloud which exists solely for the US government and it’s affiliates. Nothing else can deploy to these clouds, nothing else can share space or compute with these clouds. And if your company is big enough, you can go to AWS or Google and say, “Hey, I want my own, private, walled off compute for high security.” You’re going to pay extra for that level of cloud, but it is possible.
A hybrid cloud is what it sounds like. You are utilizing the public cloud for the majority of your business aspects, but maybe have a piece here and there in a private cloud where it’s more tightly guarded. A private cloud is more expensive due to the level of security. Therefore you might host a static website that really can’t be hacked because it’s HTML and CSS in an S3 bucket on a public cloud because the information is all public anyway so it doesn’t matter. Then you can have an iframe call an endpoint that is on Gov cloud that is highly secure in a private cloud. It’s walled off and has extra security. You’re now using a hybrid cloud because you are using components of both a public and private cloud.
There are marketing ploys out there which pervert these terms, twist them to make the products they are pitching sound like they fit in one of these categories when they really don’t. Read these definitions carefully before you dive in to cloud migration. Always, ALWAYS hire or at least consult an expert before signing a contract or purchasing a product. Protect yourself and your business from companies that pitch products which look like cloud services, but in fact are not. These terms are real, so be sure you know what they mean and how they work before you dive in head first.