On-Prem vs. Cloud: Which to Choose?

Where should you base your infrastructure? Should it be on premise (on-prem) or in the cloud? There’s no cut and dry answer to this one. It all depends on the use case and your business requirements and objectives.

In this interview, Divio’s Dennis Schwertel talks about what to consider when deliberating between on-prem and cloud. He discusses the benefits of having your infrastructure in the cloud, along with reasons why you might want to remain on-prem.

Here’s a rundown of what will be covered:

• How Do You Know If You Should Move From On-Prem to the Cloud?

• What Businesses are Not Suited to the Cloud?

• 4 Reasons Not to Leave On-Prem Setups

• What are 5 Reasons to Move to the Cloud?

• The Third Way: Considering Hybrid Solutions

• Takeaways

How Do You Know If You Should Move From On-Prem to the Cloud? 

There are multiple reasons to move to the cloud. These depend on the company and the company size. Whether you should migrate to the cloud needs to be evaluated on a company by company basis. As a guideline, you should move when it makes sense to—but only when it makes sense to.

For instance, you may have customers all over the place and you want to distribute globally. It can be more cost efficient to do this in the cloud because you won’t have to build data centers with different restrictions. You can just use existing infrastructure from cloud providers. These are often very similar, and they're easy and quick to set up, easy and quick to maintain, quick to move around, and can lower the barrier to break into a market.

But before we jump into reasons to move to the cloud from an on-prem solution, let’s look at reasons why you should look before you leap.

What Businesses are Not Suited to the Cloud?

There are specific businesses that work a lot better when they’re in the cloud. For instance, software as a service (SaaS) companies could hardly make sense without a cloud solution. If your business and your customers are globally distributed, being in the cloud is advantageous. It’ll help you reach a wider audience more easily, and can reach that audience whilst remaining cost effective.

However, there are some businesses that may not be suitable for operating in the cloud. These are typically cases where very sensitive information should not be stored outside the building for compliance reasons or where information may be needed in a physical emergency (like an earthquake or war) and should not depend on external telecom connections. 

Banks, insurance companies, government institutions and agencies, as well as hospitals and a few other types of organisations, may find some or all of the sensitive data they look after requires a full or partial on-premises solution. 

Let’s focus on hospitals as an example. With the cloud, everything is globally distributed, including customers, not just customer data. However, with a hospital, the customers you’re focusing on are in your building. In order to best treat patients, hospitals need to have reliable and constant access to patient information. In the event of an earthquake and city-wide power loss, a hospital needs to have access to patient data when its emergency generators start. This is an example where an, at least partial, on-premises setup makes more sense than a 100% cloud setup. You want everything to be in the building in case something outside of the building goes wrong. And, in fact, that's when hospitals face their greatest need. In this case, I would be cautious moving to the cloud. 

4 Reasons Not to Leave On-Prem Setups

Banks, insurance companies, government organisations and hospitals are somewhat edge cases. Most businesses and organisations around the world don’t face the same kind of threats as these groups do, but there may still be some overlap between a mom-and-pop pet food company and the customer privacy concerns that shape how banks do their business digitally. Here are four of the main reasons not to leave an on-prem setup. 

Security Concerns

The most obvious topic when it comes to infrastructure faults is security concerns. With on-prem, you know where your data is located physically. There's even potentially a gate and security guards in front of it. Security concerns are especially important for highly-regulated industries, military organisations and medical groups. When you have physical security protecting your data, it’s very hard for an attack to physically get to it and on-prem solutions offer that reassurance.

Understandably, this kind of security can appeal to businesses that hold a lot of personal identifiable data as well as government institutions and agencies. However, as mentioned above, cloud security does offer its own distinct benefits. And, it has to be said, most businesses would never have the need for physical security on top of digital security.

Location Related Implications

Some companies might experience state-related issues when moving to the cloud. What this means is: every country has different laws around data, information security, etc. and this may be something you need to bear in mind for your business. You have to legally check where your data can be hosted, and what the laws are connected to the data. And all of this needs to be taken into account when thinking about moving to the cloud. 

That said, all of that can be solved. It's not a new problem, but it is something important to think about. For businesses that want to operate in a specific region or country, this becomes a complicating factor when it comes to choosing between physical servers on-premises and using any of a variety of cloud solutions.

One of the most famous examples in Europe is GDPR. This law focuses on where data can be sought, where it can be handled and processed, how the data should be stored, and how data needs to be deleted. For some businesses, it just makes more sense to have a physical server rather than to use a cloud region in Europe, but these cases are vanishingly rare.

Unsuitable Applications

There are a couple of applications that don't play well in the cloud environment. This doesn’t relate to the quality of the application; these applications are normally very stable, good applications. 

However, for example, the banking sector often relies on physical servers. And banks will often have what are called “legacy” software and applications. These applications were built a long time ago. While they are very solid and stable, they're not built with the cloud architecture in mind. They just will not function without on-prem architecture. 

Legacy software and applications become less of an issue over time as more applications, even older ones, start to support cloud environments. Nonetheless, they may still influence whether moving to the cloud or not is the right decision for your business.

Local System Integrations

There are a couple of applications that have a tight integration to local systems. Here, we’re not talking about local digital systems like a payment processing system but systems that control aspects of the physical environment.

Let’s go back to the hospital example and consider door lock security. Many medical organisations like hospitals, treatment centres and research centres use digital door locks and digital credentials to unlock doors. I would personally not move a security system off-prem into the cloud. There might be an issue with internet connectivity, which could have a major impact on whether the system works. For example, it could be as drastic and simple as whether or not your door opens. Anyone using the system would need to have reasonable backups for this kind of issue since it’s potentially very serious. 

There are a couple of types of applications where there is real risk in the physical world if the application fails. This can be the case whether they’re on-prem or cloud. However for certain applications, like a door system, they should just be on-prem. There's no benefit in using the cloud in this example, and there's just more work involved for moving the applications to the cloud. You can still attach internet connectivity on-prem. That's fine, but there's no benefit of using a cloud architecture—especially when it comes to using a door system. This creates more issues and more risks, without any benefits.

What are 5 Reasons to Move to the Cloud? 

So having discussed some of the cases where you certainly would need to consider moving to the cloud and take into account the potential drawbacks, let’s look at cases where moving to the cloud just has advantages. 

Redundancy and Business Continuity

Depending on the use case, there’s potentially better disaster recovery and business continuity. For example, with a provider like AWS, it's simple to create multiple availability zones in a geographical region. Having multiple availability zones in a geographic region can insulate you from any incidents in a primary zone you’re using, whereas if you were on-prem and the on-prem systems failed, that would just be it.

Managing these multiple availability zones is quite easy. And, if one of those data centres burns down, another one is still available. (This has actually happened quite a few times in the last few years with data centres.) Your business-critical data and applications can have a redundancy in that regard when you're in the cloud. If you wanted set up a similar level of redundancy on-prem, you would need to have two data centres that you maintain just in case something goes wrong.

And, if something does go wrong, there’s a lot of overhead. You may have to have two teams maintaining two types of servers, as well as two availability zones and a data centre. With the cloud, you still have overhead, but it’s much smaller and cheaper. The costs or savings you accrue when you choose on-prem or the cloud will also grow with time, month-on-month and year-on-year.

Cost Efficient Scaling

If you have unpredictable load, like your usage, it might be more cost efficient to move to the cloud.

Let’s walk through this. If, for example, you scale your infrastructure according to your demands—which you should—you can end up with quite a bit of fluctuation between the highest demand and the lowest demand. That means you need to have on-prem resources for the highest levels of demand, even when you don’t need them.

In contrast, if you have very low usage, you can have a very small on-prem infrastructure. This means you won’t have to pay much and your cost will dynamically correlate with your real requirement. So if your demand is small, your costs stay small. If your demand is large, your costs will be large.

As you can probably tell already, this works out best if you have consistent demand but then what happens when you have to scale fast? Scaling can be done in a cloud environment at a lower cost. In contrast, when this is done in an on-premise setup, it’s more expensive in the long term. Whilst you’ll have enough infrastructure in reserve to handle high loads, you always have to pay for it, whether you’re using it or not. Cloud allows for an environment where you can just scale up and down, which is much more cost effective.

More Vendors to Choose From

With cloud, there are more vendors available. If you are on-prem, you are your own vendor. If there is an issue, you have the full responsibility of fixing everything. This can be both an advantage and disadvantage. 

Things are different when you use cloud infrastructure. There's a lot of competition in the industry and this means that you can choose the best vendor for your use case. For instance, a couple of applications make more sense in AWS. Other applications make more sense with another vendor like Azure. When you migrate your applications to the cloud, you have a range of choices.

That said, some providers are not available in certain geographical regions. If you have the knowledge in-house, you can set up a heterogeneous kind of environment for the different regions. You can then pick and choose what's best for your use case. However, this is very hard to do without using cloud providers. This is because you have to build everything up from scratch yourself. This approach certainly has its advantages. But it also presents a bigger barrier to achieving the following: picking and choosing what you want, being cost-effective, and choosing features that best fit your use case. It all depends on your application and your business’s needs.

Distributed Teams

If you have clients all over the world, it can be useful to have different resources in different regions. This is really easy to do with the cloud, especially compared to having physical locations full of servers. It also means that international, remote teams can work asynchronously.

A benefit of being on the cloud is that providers will take care of a lot of support issues, no matter the geographical region. Here at Divio, we offer 24/7 coverage if you require it.

As a result of being on the cloud, your employees don’t have to be in specific offices. You can have a more distributed team. You can have your cloud engineers based all over the world, because they're not tied to a physical server. 

Cloud Security Benefits

When your infrastructure is on-prem, you are fully responsible for the security. It all depends on the knowledge you have in-house. 

Now, compare that to the security knowledge of a company like Google. In a lot of cases, Google cloud could be far more secure than any on-prem setup.

Google has highly trained security employees in their thousands. It would be extremely difficult for a smaller organization to amass such a security force for their on-prem infrastructure. And the interesting thing here is that Google also has a huge attack surface, by which I mean they are subjected to a lot of attacks. This is because Google is hosting very valuable data and is a rich target for bad actors. Every day, Google puts in a lot of effort to protect all of that data. This is much more effort than any one company can reasonably do or be expected to do. 

Why reinvent the wheel? Why not capitalise on AWS's and Google's vast security strengths?

We built our own systems and our company is ISO certified, with certifications that specifically cover information security, plus we do stringent security checks (like pen tests) and work to stay ahead of the curve. At Divio, we use AWS and Google, so in some sense we inherit their security strengths. The combination then is that we are very security savvy and we can rely on placing our security system on top of AWS or Google's security system.

It's a bit like this. Option 1: you can put your money in a small safe and keep it in your own home, and then you guard it. You’re sure that you have hidden it well, so you believe that you can guard your money well too. Or Option 2: you can put your safe in a bank that's set up like Fort Knox. The bank is a more likely target. As such, they're better equipped to defend what's inside the bank and they spend more time prepping for attacks. They will also fend off more attacks overall, so are much more ready to defend your safe, which is already safeguarding your money.

The Third Way: Considering Hybrid Solutions

There is always the option to go for a hybrid cloud solution. You can think about moving surrounding pieces of software into the cloud, whilst keeping an application on-prem. For instance, if you’re a bank that has a legacy application that's integral to your operations, you could still leave it on-prem. At the same time, you could migrate other applications to the cloud and then profit from the advantages of both systems. This is a hybrid cloud solution and a Divio specialty.

There are multiple ways to achieve this. It depends on the use case and the technological framework needed. These can face different restrictions that differ from company to company, but this is definitely a situation where the problem is already “solved” theoretically, or we can solve it in a straightforward way. 

Takeaways

Neither on-prem nor cloud is superior. Rather, it’s all down to suitability and the use case. Cloud offers scalability, accessibility, security features and choice. On-prem offers solutions for specific, localised applications. In these instances, it’s often a case of "if it’s not broken, don’t fix it". There’s also the option for hybrid solutions for organisations looking to scale but maintain their on-prem applications. With these options, there’s scope for customisation for each use case’s infrastructure.