As I've written about previously, there has been a great deal of hype about cloud computing. There has also been considerable angst about the security afforded by cloud computing. Most of that concern has focused on public clouds. (By definition, private clouds are viewed as inherently more secure than public clouds.)
But public versus private clouds is a binary option. What organizations really want is a hybrid solution. The real question is how to utilize a private cloud (or your existing data center infrastructure - with all of the security that has been built into it) with the flexibility of public cloud computing with its greatly reduced (or possibly even eliminated) CapEx (capital expenditure)? This is referred to as 'cloud bursting,' and is the ideal business model that most CIOs have been seeking in the short-term. The big problem to date, however, has been the significant concern of organizations about exposing their internal infrastructures to the less robust security of public clouds. The increased risk of such has been a strong dissuasion.
That changed this week though. Amazon Web Services (AWS) announced a virtual private cloud (VPC) offering. This VPC offering is a far more secure hybrid solution than the previous 'cloud bursting' model. Features of this VPC offering include the following capabilities:
• specify a VPC's private IP address range from any block a customer organization chooses
• divide a VPC's private IP address range into one or more subnets
• bridge together a VPC and an organization's IT infrastructure via an encrypted VPN
• route traffic between a VPC and the Internet over the VPN connection so that it can be
examined by an organization's existing security and networking assets before heading to
the public Internet
• extend an organization's existing security and management policies within its IT
infrastructure to its VPC as if those policies were running within the organization's
This VPC offering by Amazon Web Services really is a significant security improvement for cloud computing; frankly, it's a game changer. Kudos to AWS for this innovative offering. Look for other cloud providers to also offer such a VPC capability in the coming months.