Virtual private clouds look to ease enterprise security, privacy fears
By Beth Pariseau
Published: 10 Apr 2013
As the cloud computing market matures, service providers have begun to offer what used to be considered "extra" security, privacy and availability features by default as part of virtual private clouds.
Virtual private clouds (VPCs) are clouds run on a service provider's infrastructure, but can be physically separate from other tenants. Virtual private clouds also offer users more control over the network configuration, more fine-grained security, such as role-based access controls and VPN access, as well as more stringent availability service-level agreements (SLAs) than regular public cloud offerings.
Last month, Amazon Web Services announced it will make its VPC the default deployment model for new Elastic Compute Cloud (EC2) instances, starting in its Asia Pacific (Sydney) and South America (São Paulo) Regions.
"A lot of the cloud service providers have done a terrible job making the case for enterprise deployments, particularly around security and controls," said Kenneth White, chief of biomedical informatics with Social and Scientific Systems, which runs a large deployment for bioinformatics research on Amazon's VPC.
For example, White's company faced this type of security issue when experimenting with a cloud service provided by Digital Ocean. In the course of his experimentation, White discovered he could see other users' data by running a simple Unix command.
Digital Ocean has since fixed the problem, but this incident doesn't help the widespread perception that shared infrastructure can be dangerous, White said.
"Being able to provision really hardened regulatory-grade compliant systems is a desperate need in the market right now," he said. "I think it's a green-field opportunity, quite frankly."
Data location crucial for customers
This week, meanwhile, saw a new player get in on the virtual private cloud game in SugarCRM. The Cupertino, Calif.-based customer relationship management (CRM) vendor said its service, a competitor to Salesforce.com, will be offered with limited availability in a new Private Cloud edition. The Private Cloud edition is still managed by Sugar and runs on Sugar's premise, but is physically and logically completely separate from other SugarCRM users' environments.
Lila Tretikov, CEO of Sugar, said it has become more important among customers to have control over the location of data in certain countries and geographic regions.
The Sugar Private Cloud is expected to become generally available at the end of the summer. Sugar's CRM software as a service runs on Amazon's EC2.
PEER 1 Hosting, headquartered in Santa Clara, Calif., also launched a new Mission-Critical Cloud service this week at data center locations in Canada, the United Kingdom and Germany, based on a partnership with Tier3. Tenants on the Mission-Critical Cloud have control over how software releases are rolled out in their environments, including when maintenance windows take place.
PEER 1 officials say they see demands from a new audience of IT pros in cloud computing, and that security controls, performance SLAs and high availability are new table stakes required to offer cloud services to the enterprise.
Analysts also see this trend emerging.
"Buyers have gotten to a certain stage, where they're demanding more choice," said Liz Herbert, an analyst with Forrester Research, based in Cambridge, Mass.
Other vendors like Siebl and Microsoft have offered virtual private cloud services in the past, but the trend is growing stronger as the enterprise grows more familiar with cloud concepts, she said.
Still, not everyone is convinced that virtual private clouds will be the wave of the future.
"I can see other vendors doing this because there is still a large percentage of enterprises that just aren't comfortable with having their stuff in the cloud," said George Reese, CTO of Enstratius, a Minneapolis, Minn.-based maker of private and public cloud management software. "But that population is only shrinking -- it's something a vendor would offer to capture a market for the short term, so they can get customers migrated as they mature in their thinking about cloud computing."