The traditional data center arms dealers are also veering toward the virtualized, containerized, ultra-scalable IaaS model with what amounts to a sophisticated leasing program for their hardware. For example, Dell, HPE, and Lenovo now offer on-prem clouds in the form of cloud infrastructure software running on pay-per-use hardware, overprovisioned to give you the headroom to increase capacity on the fly. When properly set up and maintained by professional services providers, these on-prem IaaS clouds warn in advance if they get anywhere near their capacity limit, so that new hardware can be ordered and provisioned before that wall is hit.
When any of these private IaaS schemes are integrated with a public cloud, the term of art to describe it is the hybrid cloud. This term can mean parallel local and remote IaaS environments, across which applications can be migrated freely, or it can refer to much less ambitious efforts to integrate the two platforms. Because most enterprises today are customers of IaaS providers, hybrid clouds abound, whether or not that terminology is used. It’s all about deciding which workloads are most suitable for which environments and how much effort should be expended in reaping the benefits of connecting the two.
Operational IaaS benefits
The common denominator among IaaS platforms is that they turn compute, storage, and networking infrastructure into liquid, software-defined assets that can be applied as needed for any job. The self-service cloud approach becomes manifest in web-based user interfaces and APIs, management tools delivered as services, and the whole catalog of service offerings. Gartner cites these important features delivered by the top IaaS platforms:
- Both public and private cloud IaaS. A single architecture and feature set and cross-cloud management for both public and private clouds let you move workloads across the different service models depending on your needs.
- High security standards. Although all the providers claim they have high security standards, the extent of the controls they provide to customers varies greatly. All generally offer services that meet common regulatory compliance requirements, and they typically have SSAE 16 audits for their data centers. Some might also have third-party security assessments for their IaaS offerings.
- High availability. Monthly compute availability service-level agreements (SLAs) of 99.95 percent and higher are typical—generally higher than availability SLAs for managed hosting. Many providers have additional SLAs that cover network availability and performance, as well as customer service responsiveness.
- Hourly pricing. All the providers offer per-hour metering of VMs, and some offer shorter metering increments that can be more cost-effective for short-term batch jobs, Gartner says. Most providers charge on a per-VM basis, and some offer a shared-resource pool pricing model or are flexible about how they price services.
IaaS disadvantages
As with any other type of cloud service, IaaS comes with several risks and challenges that organizations need to address.
Among the key concerns are cybersecurity threats. Cloud security is a shared responsibility between the provider and the customer. The major clouds are pretty much bulletproof when it comes to brute force attacks from malicious hackers whose aim is disruption or theft of valuable data. But each public IaaS player has its own security model and set of security features that customers must learn in depth to avoid exposing data or opening the door to mischief. Differences among these security schemes can be confusing to the point of serious risk when customers deal with multiple IaaS providers.
There’s also a security risk when employees of the service provider have direct access to the cloud infrastructure, including hardware, networks, and hypervisors. More commonly, poor access management by customers may result in people retaining their IaaS access even after they are no longer employees.
Some of these security and privacy risks can lead to difficulties complying with government regulations. This is especially true for companies in highly regulated industries such as healthcare and financial services.
Another potential challenge is the complexity of managing an IT environment that relies heavily on cloud services provided by an outside entity. There will naturally be some loss of control as a result of relying on a service provider for critical IT functionality, and because IaaS providers own and maintain the infrastructure, managing and monitoring that infrastructure might be more difficult for companies.
Cloud talent is a related concern. The IT industry is experiencing a severe talent shortage across a wide range of areas, but those who are intimately familiar with the ins and outs of specific IaaS platforms are in especially high demand. Learning the best practices for cloud operations (aka, cloudops) is not a trivial matter, particularly as that relates to conserving cost.
Then there’s the lock-in problem. Although IaaS providers like to talk about standardization, the fact is, as soon as a customer uses some shiny proprietary service to create or operate applications, switching to another cloud becomes much more daunting. Also, although IaaS clouds welcome as much data as the customer is willing to upload and store it at low cost, the cost of exfiltrating that data tends to be high.
Finally, there are risks associated with the service providers themselves, particularly smaller ones. The market continues to consolidate around AWS, Microsoft, and Google—so you should be aware that some providers could make significant changes in the direction of their IaaS strategy. That includes replacing their current offering with a new platform, or even getting out of the IaaS business altogether.
Despite these and other challenges, the IaaS model defines the future of infrastructure. Spending on public cloud services by enterprises is already beginning to exceed spending on local solutions. No wonder. The agility, scalability, and instant access to valuable new technologies offered by the big IaaS providers will ensure the march to cloud continues apace.