08-26-16 | Blog Post
Virtual private clouds are a hot ticket these days—everyone wants them. We know they aren’t the same as a fully private cloud. But do the differences extend to security, too?
Let’s start by reviewing the differences between private and virtual private clouds. If you want your environment completely dedicated to you and to own everything, a private cloud is for you. The equipment will be on a site or data center you own, so you have total control over your infrastructure. If you want that control but don’t want to worry about the hassle of infrastructure hosting, management and maintenance, then a hosted private cloud is for you.
In a private cloud, resources are distributed across multiple physical servers. This allows for redundancy in equipment and gives you a smooth transition in the event of a hardware failure. With a virtual private cloud, you don’t have to worry about the infrastructure, but it is not yours alone. Instead, you have an isolated patch of cloud on hardware shared with other users. When you configure a private IP subnet, VLAN and VPN, your organization has in effect created a private cloud and can access the environment securely and privately, despite being on shared infrastructure.
It sounds counter-intuitive that your data is still private on a shared hardware, but think of it as two people storing their belongings in lockers at a train station. Each person has their own allotted space that only they have access to, yet they both have to go to the train station to get to it. Virtual private clouds act the same way.
This means that when it comes to virtual private cloud security, it’s in the eyes of the beholder. Look for providers that offer physical, technical and administrative security features along with other security protocols. This is especially important if you need to be compliant with any regulations such as HIPAA or PCI.
In the end, the major difference between fully private and virtual private clouds is not one of security but hardware ownership. You can still store any data you choose on a virtual private cloud, including patient records and financial information, and have it be secure. To return to the train station analogy, your locker is only as secure as you make it. The same goes for security of private and virtual private clouds. Virtual private clouds have similar secure configurations to protect your data, without the hardware to worry about. While there are many reasons why a virtual private cloud may not be the right fit for you, don’t let the fear of weak security be one of them. Just be sure the vendor you pick has a strong lock system for your data!
Not sure which cloud is right for you? Speak with one of our cloud experts to see how we can help.