Many people think that cloud computing means their systems are out on the Internet for anyone to access (and attack). However, modern enterprises often use private clouds – or more commonly, virtual private clouds – to host workloads.
The term “private cloud” means that your organization owns and operates the cloud, and that only you access it. A “virtual” private cloud (VPC) shares infrastructure, but is designed to look like a private cloud. Typically, the shared data are similar to what’s shared in public cloud environments. However, in the case of a VPC, the components are configured in such a way that you appear to have an entire cloud to yourself. You will typically get your own dedicated network area, and you may even get your own physical machines and customized portal. Unlike a public cloud, where all of the machines can talk to each other by default, you often have to deliberately set up connectivity with the rest of the world.
From a security perspective, a VPC allows you to build in multiple layers of security more easily. You can have a “back end” area and a “front end” area, where the front end takes requests from the Internet and the back end will only talk to the front end. If you’re using a service provider that allows you to have your own dedicated physical machines, you are at much lower risk from hypervisor attacks, where one virtual machine on the system can steal information from others.
A VPC can also prevent problems. Just like noisy neighbors in an apartment building can irritate you, noisy neighbors on a cloud environment can cause trouble. If you happen to end up on the same physical machine as one of these party animals, you may find that your processes run more slowly (because the neighbor is taking up all of the CPU cycles) or that your network transfers or storage transfers are slow (because the neighbor is hogging those resources).
Not all VPCs are the same, so make sure that you pick one that has the characteristics you need. However, a VPC is a great way to get many of the benefits of a truly private cloud without the headaches of running a physical data center and putting up capital for all the systems.