Four Major Cloud Deployment Models

Amtelco Updated Logo

By Kevin Mahoney

The National Institute of Standards and Technology (NIST) recognizes four major cloud deployment models: public cloud, private cloud, community cloud, and hybrid cloud, as follows:

Private Cloud: The private cloud provides services designed for a single organization. Consumers within the organization may include different business units, but the focus of the private cloud is to serve one specific business organization. This is important to note as private-cloud functions may not scale as easily as with a public cloud, but in this model it is the organization that determines the design and scalability of the resources.

This model is similar to building and managing your own infrastructure, with your organization having the option of building the resources itself on-site or off or having a third party provide the resources. Security and downtime play a critical role in making this build versus buy/versus on-site or off-site decision.

For example, healthcare organizations and other industries may have mission-critical applications to consider – particularly with respect to Internet availability – which make the private cloud on-site model the best choice. Or perhaps moving data to the cloud would violate a regulatory standard such as HIPAA, HITECH, SOX, or SAS 70.

Examples of private cloud deployments include OpenStack and vCloud. OpenStack is an open-source cloud platform supporting the IaaS (Infrastructure as a Service) model. It provides businesses with IaaS resources for internal purposes. Once owned jointly by NASA and Rackspace, OpenStack now is a nonprofit organization operated by the OpenStack Foundation. vCloud from VMware Inc. is a platform that also supports IaaS environments. The idea behind the suite of vCloud solutions is creating a cloud-based, virtual data center that enables the organization’s IT staff to deliver scalable services to internal business units, much like a public cloud does.

Public Cloud: The public cloud is the exact opposite of the private cloud. NIST defines the public cloud this way: “The cloud infrastructure is provisioned for open use by the general public. It may be owned, managed, and operated by a business, academic, or government organization, or by some combination of them. It exists on the premises of the cloud provider.”

Here we think of Amazon Web Services, Rackspace, Azure, Gmail, and as examples of highly scalable, multi-tenant services. Security, maintenance, and isolation of data between customers are controlled by the cloud provider. The public cloud is great for hosting SaaS (Software as a Service) applications, managing changing load demands and development and testing environments, and reducing infrastructure costs.

One of the reasons this model is so popular is the fact that users typically pay the costs on an allocation or utilization basis with on-demand provisioning, thereby maximizing their resources. The public cloud is a great model for information that is not highly sensitive or subject to security mandates.

Community Cloud: The community cloud focuses on providing services for specific consortiums and interest groups. A community cloud is shared by several organizations with similar policy and compliance considerations. Data and security are shared between the members with access restricted for those outside the community. Facebook and LinkedIn are examples of the community cloud model.

Facebook is the world’s largest social networking service, with more than 1.65 billion users. There are no fees to join and use Facebook; its revenue is generated by advertising. Privacy is one of the main challenges with Facebook, as its policies have been known to change without user knowledge. LinkedIn also is a social networking service, but it caters to professional business users and has more than 433 million users in 200 countries. LinkedIn offers a free subscription along with several paid tiers, with each tier providing additional features.

Healthcare organizations in particular are good candidates for the community cloud. These organizations are concerned with regulatory requirements. The community cloud is a good way of ensuring that these organizations meet these challenges, and they can benefit by the sharing of information and resources with similar organizations.

Hybrid Cloud: Finally, one of the more popular deployment models is the hybrid cloud. This is how NIST defines the hybrid cloud: “The cloud infrastructure is a composition of two or more distinct cloud infrastructures (private, community, or public) that remain unique entities, but are bound together by standardized or proprietary technology that enables data and application portability (e.g., cloud bursting for load balancing between clouds).”

The hybrid cloud model might be considered the best of both worlds. Here we have the advantages of secure applications and data as with the private cloud while still benefiting from the lower costs of sharing data and applications as with the public cloud. Cloud bursting, which is the process or ability to move from a private cloud to a public cloud, can help balance workloads during peak workloads and workload spikes without interruption or user intervention. Backup and disaster recovery is another beneficial use for the hybrid cloud.

Examples of the hybrid cloud include the offering from Amazon Web Services (AWS) called Virtual Private Cloud (VPC) technology and Microsoft’s Azure. Amazon’s VPC can extend a customer’s data center into the AWS cloud infrastructure. This enables customers to run their application servers in the AWS infrastructure while keeping their data in their own data centers. Data control is retained by the customer while scalability of the application servers is achieved by being in the cloud. Microsoft Azure enables customers to use its PaaS (Platform as a Service) APIs to integrate with their private applications, thereby maintaining app security.

The four cloud deployment models help us understand and see through the marketing hype surrounding cloud computing. Cloud computing is an ever-changing and growing technology that offers game-changing possibilities to IT staffs and the business community. And it is here to stay.

Kevin Mahoney is a hospital and healthcare-related account advocate and sales engineer at Amtelco, a manufacturer and supplier of call center solutions located in McFarland, Wisconsin. Contact him by email at

%d bloggers like this: