Cloud computing has become ubiquitous for businesses of all sizes, and it offers benefits around scalability, ease of use, fast time-to-market and flexible costs. But cloud isn’t a one-size-fits-all solution, and different workloads perform better in different infrastructure configurations.

IT teams and business decision makers are tasked with determining which type of cloud will work best for their technology requirements, while also finding cloud providers that offer a wide range of deployment options. Understanding the difference between public cloud and private cloud is critical to making the right infrastructure decisions.

Definitions: Public cloud vs private cloud

How do you decide which cloud option is right for you? Let’s look at the definition of public and private cloud along with a few use case examples.

Public cloud

Public cloud allows customers to instantly provision cloud instances via an online portal. As a utility compute model, public cloud provides an accessible, cost-effective cloud deployment option that can be accessed on a pay-as-you-go basis with no upfront investment required.

[Tweet “Public cloud allows customers to instantly provision cloud instances via an online portal.”]

The flexible billing model with no contract commitment is beneficial for small businesses and other organizations that may only need a cloud server for a limited amount of time, such as for development or testing purposes. The scalability and elasticity offered by public cloud can accommodate changing workload sizes and allow customers to spin servers up and down as needed.

Customization & control
The public cloud is a multi-tenant environment where the hardware and network resources are shared across customers. All hardware and associated networking are located in a data center where they are maintained by the cloud service provider, which reduces the management burden on the customer. However, because of the commoditized nature of public clouds, customization and control is limited. This can be problematic for organizations with strict security or compliance requirements if the cloud provider doesn’t offer specific hardware or operating systems that meet the company’s needs.

Bare metal
Public cloud offerings are typically viewed as virtualized instances, but in recent years, some providers have begun offering both virtual and bare-metal cloud. Bare-metal servers are not virtualized and do not have a hypervisor, which allows organizations to customize the server to their specifications. Cloud computing operating systems such as OpenStack offer the ability to create and manage cloud instances from the same online management portal.

Common use cases for public cloud include web servers, testing and development, and other scenarios where enhanced security requirements are not needed.

Private cloud

Private cloud offers a single-tenant environment where hardware, network and IT equipment is entirely dedicated to one customer. While the initial investment and ongoing maintenance for private cloud is more expensive than public cloud, organizations have the ability to customize their environment to meet exact specifications.

Compliance
A highly customized, dedicated environment is often required by businesses that must adhere to industry-wide security or compliance regulations, such as HIPAA, HITECH or PCI-DSS. To be compliant, many healthcare, finance and ecommerce companies are required to have an infrastructure with higher levels of data protection and security than a commodity public cloud can provide.

Management
Private cloud hosting solutions give customers significant control over their environment, including the hardware, operating system and other equipment. However, increased customization and control also shifts the burden of maintenance and management to the customer. This is one of the main trade-offs between public and private cloud; organizations that require more hands-on access and customization must also take on the responsibility of managing it.

Common use cases for private cloud include secure online systems with controlled access, protection of personally identifiable information and credit card data, and meeting compliance requirements around HIPAA, HITECH or PCI-DSS.

A hybrid approach

Public cloud and private cloud are not mutually exclusive, and most businesses need to use a mix of different infrastructure solutions to meet workload and application requirements. Hybrid cloud solutions refer to any combination of public, private, third-party or on-premise cloud services within the same environment.

Using one provider that offers public, private and hybrid cloud can be a cost-effective way to meet scalability, performance and security requirements. If an organization is transferring data between a private cloud located in California and a public cloud facility in New York, the latency created by distance can impact network performance. Choosing a provider that offers private and public clouds in close proximity to each other or even within the same facility can reduce latency and improve performance throughout the infrastructure stack.

So how can you determine which type of cloud is best for your needs? Download the Cloud Buyer’s Guide to learn more.

Budgeting decisions, whether personal or business, are among the most stressful individuals consistently have to make. Because the vast majority of us don’t have the financial flexibility to make too many wrong choices, allocating funds toward a particular product or service over another can induce a significant amount of anxiety, and worse yet, severely affect the outcome of our households’ or business’ financial goals.

IT managers know this as well as anyone. Picking the right provider, investing in the right infrastructure, hiring the right employee to architect and deploy environments — these decisions are never easy.

In modern IT, there’s one such decision rising above the noise, and it’s affecting IT leaders worldwide: implementing the appropriate Disaster Recovery strategy and product amid the ever-growing cloud-based replication market.

At INAP, we offer Disaster Recovery as a Service (DRaaS) powered by Veeam and Zerto. So which vendor’s solution is best for you? The short answer is … it depends!

Should I Choose Veeam or Zerto?

Let’s assume for a second you don’t use either Veeam or Zerto in your current environment and are looking to deploy one of them fairly soon.

Frankly speaking, comparing these two very similar products is a bit challenging, especially if you’re new to them. Both products are DR market leaders. Both offer a rich feature-set that offer powerful control and reliable failovers. Both solutions offer a range of tools enabling the Test Disaster Recovery and customized pre- and post-script execution during the Test/Live Failover and Failback.

INAP’s Veeam solution also offers powerful Backup as a Service (BaaS), as well, which offers broad functionality including File-Level recoveries and tool sets like Active Directory, SQL and Exchange integration.

I could spend a lot of time picking apart the technical nuances of each solution, and will do so in a forthcoming post. For now though, it would be more helpful to highlight the key difference — the single most important factor in determining the right solution.

And that difference is in each service’s Recovery Point Objective (RPO). RPO is focused on data loss tolerance and is determined by identifying the maximum amount of time your business can tolerate between data backups.

Veeam v9 replicates your data using snapshot-driven technology provided by VMware and Hyper-V hypervisors. With a snapshot approach, the time required to create and remove the snapshots during the replication process contributes to the overall time required to finish the job. Cloud-based DR powered by Veeam Availability Suite v9 delivers an RPO of less than 15 minutes.

Zerto approaches the same replication tasks leveraging “continuous” replication. Zerto sends a copy of each write targeting the protected VM to its “shadow” copy at the remote site, allowing the RPO times to range from mere seconds to minutes, depending on backend storage and networking performance capabilities.

While technically possible to run continuous replication with Veeam, it’s not advisable to implement for production environments due to the impact the snapshots may have on application performance.

Choose the Solution that Most Closely Mirrors Your DR Objectives

The takeaway here is relatively straightforward: Both products are outstanding platforms for Disaster Recovery, offering a wide range of tools to get the job done. The right solution, however, should always be determined by your applications and business requirements.

If your company doesn’t require continuous replication and can tolerate a 15 minute RPO, Veeam Availability Suite v9 is an excellent choice. If your workloads require more stringent RPOs, Virtual Replication with Zerto is the way to go.

Why wouldn’t you always choose the solution that offers the lowest RPO? It’s a matter of cost vs. your data loss tolerance. Due to its aggressive target, Zerto is typically the more expensive option of the two for fully built-out solutions. But to reiterate: The responsible, long-term strategy is to choose a solution based on your recovery requirements. I’m confident we’ll be able to find you one that does the job.

At INAP, we offer two distinct levels of DR: On-Demand DRaaS and Dedicated DRaaS. Here’s the major difference: Essentially our On-Demand service, powered by Zerto, is a great entry-point to DR, in that you only pay for the infrastructure when you declare a disaster. While you sacrifice some recovery speed and the ability for fine-tuned configuring, it’s an economical plan that gives you excellent protection.

Dedicated DRaaS, on the other hand, is a robust DR solution allowing you to choose between either Veeam or Zerto. While you pay for your target infrastructure, it allows for advanced testing and configurations, and guarantees leading RPO and RTO.

Cardholder data security standards are constantly evolving to keep up with changing risks and threats. In an effort to help businesses protect customer data, the Payment Card Industry Security Council recently announced new compliance requirements around the PCI Data Security Standard (PCI DSS).

To ensure the highest level of security for our customers, Internap has moved quickly to achieve PCI DSS v3.1 compliance for our managed hosting and colocation services. We’re proud to be one of the first service providers to meet the new requirements.

What’s changed?

The updated PCI DSS v3.1 includes several changes, most notably regarding Secure Sockets Layer (SSL) and early Transport Layer Security (TLS) protocols. According to documentation released by the Security Standards Council, SSL and early TLS will no longer be considered effective controls to protect payment information after June 30, 2016. Learn more about the changes in v3.1.

While these updates are particularly important for the ecommerce and financial services industries, all businesses that process payments online should be familiar with PCI DSS and have a plan in place to prevent data breaches.

At Internap, we strive to be at the forefront of compliance and security. Our data centers already comply with SOC2 processes and audits, and PCI-compliant hosting allows our customers to be confident in the security of their infrastructure.

Learn more about Internap’s compliance and accreditations.

As healthcare continues to evolve, technology advancements will be required to ensure quality care in the face of change.

Increased consolidation within the healthcare industry is driving the need for interoperability across providers, plans and systems. The ability to synchronize and share data between healthcare entities will be key for delivering quality holistic patient care. However, compliance restrictions regarding data security and privacy, and limited interoperability standards do not allow the fluidity needed for information sharing.

Below are six healthcare trends that will drive technology changes in the coming year.

1. Consolidation and globalization

The consolidation already taking place in the healthcare industry will continue through 2016 and beyond. As more mergers and acquisitions happen, payers will need to manage complex system integration. And, providers that become owners of health plans will be taking on additional risk. For example, when a healthcare entity acts as both hospital and insurance company, the costs and care associated with the patient become its responsibility. The provider groups that are looking to either start up new provider-owned plans or sponsor health plans are doing so to take on the full responsibility of a individual’s care and ultimately hope to improve the overall health of the populations they serve.

In addition to the consolidation of U.S.-based health organizations, the globalization of healthcare will become a worldwide challenge. Sharing patient information across countries will be vital in some cases, yet data privacy restrictions can be daunting. Healthcare technologies that provide data integration to support consolidation and globalization will be critical to the success of health organizations.

2. Increase scrutiny on security, privacy and regulation

Driven by the consolidation and globalization of healthcare, the security of PHI and other data will continue to be a key focus. While stringent technology regulations are already part of HIPAA requirements, the increased consolidation and need for interoperability will make technology environments even more complex. In addition to being an issue for healthcare companies in the US, it will become a worldwide pain point as globalization expands the reach of healthcare data.

Telehealth systems are one example of this. Such services provide access to healthcare professionals via phone or video as a cost-effective option for individuals who may be in remote areas or otherwise unable to meet their provider in person. However, telehealth visits generate additional data points that should be shared with the primary care doctor and others involved with care of that patient, further expanding the need for integrated systems and data management. New technologies are needed to support this type of collaboration without compromising data security or patient confidentiality.

3. Focus on collaboration and care coordination

The need for increased collaboration will change how healthcare is delivered. Integrated care management (ICM) can only be achieved with technology platforms that incorporate behavioral, medical and non-medical services within the same system. All parties must share data and have access to a range of information to ensure the right decisions are made.

Care models are trending toward this collaborative approach, and Casenet focuses on designing systems that encourage and support collaboration around healthcare management. As organizations merge, and integrated health systems that include both hospital systems and health plans, struggle to coordinate health data between different parties, the need for seamless data sharing is key. This lack of fluidity directly impacts quality of care.

Healthcare technology will need to support the collaborative approach to ensure quality of care and better results.

4. Need for cloud-based access and management of data

Cloud technology will be instrumental in providing controlled access for hospital and health networks that need to share PHI and other patient data. The complexities of establishing an environment that meets network isolation and data segregation requirements will lead healthcare companies to cloud service providers that offer HIPAA-compliant infrastructure. At Casenet, more clients are simplifying infrastructure management by choosing to host their data in the cloud. The role of private cloud will also become more important for access control and data security.

5. Proliferation of mobile and Internet of Things (IoT)

As the data generated by connected devices becomes increasingly valuable to care managers and patients, technology will need to meet demands for controlled access to this information. Real-time visibility into patient health offers tremendous benefits, including better patient engagement through both active and passive data collection. The ability to monitor medical conditions and in some cases prevent life-threatening health events will revolutionize preventative medicine.

Big data and predictive analytics can also help providers make accurate, informed decisions that affect the health of a community or region. However, increased cloud adoption, improved data security and more standardized IoT platforms are needed before health providers and networks feel comfortable adopting mobile and IoT technologies.

6. Increased patient engagement through technology

High-deductible health plans and the proliferation of connected devices, wearables and apps that generate or track personal data and information will encourage individuals to take more responsibility for their own health. While high-deductible health plans and health savings accounts have already given healthcare consumers more control over their health choices, new technologies that encourage a healthy lifestyle and help patients monitor their own health will shift some responsibility from healthcare providers to the individual. These new technologies will give patients insight into their own wellbeing and drive them to be more involved in managing and preventing health conditions.

While continuous change and the consolidation of the healthcare industry may be taking place for a multitude of business and operational reasons, these trends can also be drivers of improved quality of care. The U.S. has access to more medical technology and spends more per capita on healthcare than other developed countries. Yet, the outcomes of our health systems leave room for improvement. Emerging technologies and cloud solutions can help foster the needed collaborative approach to healthcare without compromising data security.