Since its emergence in the mid-2000s, the cloud computing market has evolved significantly. The benefits of reliability, scalability, and reduced set-up costs have created a demand to fuel an ever-growing range of “as-a-service” offerings, resulting in an option to suit most requirements. But despite the advantages, the question of cloud or on-premise remains valid.
As an organization, you can choose whether it’s best to host and manage your computing infrastructure, data, and services in-house or engage a third party to supply, host, and maintain the hardware and – optionally – provide additional services on top.
While some enterprises have opted for a wholesale migration to the cloud, others have taken a piecemeal approach – maintaining their infrastructure for some systems and using cloud-hosted software and services where it makes sense for them.
What is clear is that there is no one-size-fits-all approach – what’s right for your business will depend on a range of factors, which we’ll come to shortly. But first, let’s clarify what we mean by on-premise and on the cloud.
On-premise refers to computing infrastructure – servers and other hardware – physically located in your company’s offices (or another location to which you have access). You run operating systems and software that you have licensed or developed in-house.
Depending on your organization’s purpose, you may run several different systems on those machines – from end-user software and databases to email servers and firewalls – and make them available to those within your company via a private network. Because the physical hardware and everything running on it is managed in-house, you have control over (and responsibility for) how it is secured, accessed, and maintained.
Cloud computing refers to computer hardware owned and managed by a third-party provider and the services running on that hardware.
When you opt to use cloud computing, you have little visibility over where the hardware you’re using is located (although, for legal reasons, you will probably know the country or region) – your interaction is with the virtual machines, containers, functions, or software running on those resources.
Cloud computing breaks down into multiple layers of services, allowing you to choose the degree of control you want:
Typically cloud computing refers to a public cloud, where multiple customers may share the same underlying hardware. An alternative is to use a private cloud, where resources are restricted to a single customer or “tenant.”
Private clouds allow scope for greater customization and increased security, but at a higher cost. In all cases, cloud computing is dependent on good Internet connectivity.
When choosing between on-premise and cloud computing, there are several factors to consider. Here we’ll look at the main ones.
On-premise: When your computing infrastructure is hosted on-site, you need a dedicated IT team to manage the procurement, installation, networking, upgrades, and maintenance of servers and other hardware, as well as the operating systems and applications running on those machines.
Cloud: With the cloud, purchase, security, and maintenance of physical hardware is handled by the cloud provider. The management level for the software side will depend on the service you choose. With IaaS, you retain a high degree of control and flexibility, but you need to manage everything from the operating system upwards. With FaaS and SaaS, you have far less control over the environment, but you only need to manage your application or functions.
On-premise: Managing your computing infrastructure in-house means planning ahead to ensure you have the capacity as your organization grows. The balance can be challenging to find. Failure to provide sufficient resources and infrastructure will become a limiting factor when demand for a service increases; overestimate your future needs and waste time and money.
Cloud: A key benefit of cloud computing is the ease and speed of bringing more instances online to meet demand, thanks to the vast resources available. While there is always some degree of ramp-up time, it’s measured in seconds rather than hours and days.
On-premise: Closely related to the question of scalability is redundancy. Can you fail over other instances in the event of a hardware or system failure, and how quickly can you bring additional resources online to return to normal operations? For on-premise infrastructure, you need to assess the risk regularly and provision resources accordingly, trading off the actual cost versus the potential harm from unscheduled downtime.
Cloud: With cloud hosting, the scale of the resources available means that redundancy is built-in. For high-level services such as FaaS and SaaS, the cloud service provider takes responsibility for uptime, so failover modes are not something you need to worry about. For lower-level services, you typically specify how you want infrastructure to behave in the event of failure as part of the configuration, with the price tag varying accordingly.
On-premise: Buying and maintaining computer infrastructure involves capital outlay and operational expenditure (including running costs and staff expertise). That includes the cost of additional hardware required to allow capacity for future expansion or failover, even when that infrastructure is not in use.
Cloud: Moving to the cloud shifts costs from capital (CAPEX) to operational expenditure (OPEX) and means that you only pay for what you use. Cloud costs can vary considerably depending on whether you’re using public cloud resources or require the security of a dedicated private cloud, the speed of scale-up, and the amount of CPU, memory, and storage you need. As it’s easy for consumption and storage to escalate quickly, it’s important to monitor usage and optimize your use of cloud services to keep costs under control.
On-premise: Security is one of the enterprises’ main drivers for keeping IT infrastructure onsite. Organizations handling critical systems or very sensitive data require enhanced levels of security. In these cases, the need to retain physical control of crucial infrastructure means cloud computing is often not a viable option.
Cloud: Although security concerns are often raised as a reason not to move to the cloud, in some cases, it can improve an organization’s security posture. Cloud service providers benefit from economies of scale, which applies to their security expertise and defenses (both physical and online). For some businesses, the cloud may offer more security than in-house infrastructure. When moving to the cloud, the key is to remain alert to potential security risks, invest in security training for your staff, and apply security best practices.
On-premise: For organizations working in heavily regulated industries such as finance or healthcare, rules regarding the location in which data is stored and the controls in place to prevent misuse can prove a blocker to moving to the cloud.
Cloud: While cloud solutions exist that allow enterprises to comply with regulatory regimes – including storing data in particular jurisdictions and recognizing ownership of that data – the onus is on the organization procuring the service to perform their due diligence and implement adequate measures to ensure compliance.