What’s the Difference between Public, Private, and Hybrid Cloud?

It’s time to move. So, which is it: A public, private, or hybrid cloud? What about a virtual private cloud? Are the choices still too cloudy? 

With the banking industry anticipating considerable changes over the next twelve to twenty-four months—driven by both the effects of digital acceleration in a lingering global pandemic and the federal government’s recommendation that Canada should implement an operational consumer-directed finance framework by January 2023—many banks are beyond simply weighing the risks and benefits of moving their data, workloads, and systems onto the cloud. It seems apparent now: The cloud is a necessary step toward meaningful financial innovation. It’s clear the cloud can provide a way forward for banks, laying the technological foundation for a bank’s digital transformation, providing a platform for partnership and integration in open banking, and allowing financial institutions to move quickly, modernize, and bring their trusted monolithic legacy systems of the past into the future. Only now, banks are faced with more complicated questions about just how to get those systems onto the cloud. While a bank’s first step to cloud migration is having a cloud banking migration plan, a major part of that plan is rooted in identifying the best cloud service deployment model. Banks must decide how much trust they’re willing to put into cloud service providers as they adopt, build, and deploy their cloud-based infrastructures on either the public cloud, a private cloud, or a combination of the two, otherwise known in the industry as a hybrid cloud. 

So, What Is The Difference between Public, Private, and Hybrid Cloud? 

Public, private, and hybrid cloud refers to different cloud service deployment models used to provide cloud computing—or the online delivery of services and solutions like data storage, servers, databases, networking, and software applications. While there are several key differences between public, private, and hybrid cloud service deployment models, the primary difference is that the public cloud provides on-demand IT scalability and flexibility on a public infrastructure and network that shares cloud computing resources across many other organizations, whereas a private cloud provides services on a private infrastructure and network and is reserved for one particular organization—hybrid cloud is a combination of the two cloud service deployment models that allows organizations to leverage the flexibility of the public cloud, while maintaining specific data or applications on a private infrastructure. 

For banks and financial institutions that have demanding security, regulatory, and compliance obligations, there is another option: A virtual private cloud. A virtual private cloud is a cloud deployment model that offers organizations a private network on the public cloud, combining the scalability and flexibility benefits of the public cloud with the ability to isolate data and systems on a private cloud network. A virtual private cloud is isolated by using a private IP subnet—or a range of private IP addresses that are not available through the public internet—and a virtual local area network (VLAN). A virtual private cloud provides the ideal solution for banks and financial institutions moving to the cloud.  

Cloud Security and the Adoption of Public, Private, and Hybrid Cloud in the Banking Industry

A broader explanation for the differences in cloud deployment models is that the public cloud refers to cloud computing resources and services that are offered and managed by one of the main public cloud service providers. These public cloud service providers are sometimes referred to as hyperscalers (or hyperscaler cloud service providers) because of their ability to instantly scale computing power and resources to help organizations quickly match increases in demand. There are three main public cloud service providers that dominate the market today: Google Cloud, Microsoft Azure, and Amazon Web Services (AWS). All three hyperscalers provide public cloud services and infrastructure solutions to banks and financial institutions.  

While there are other big name brands offering cloud solutions to financial institutions, a recent S&P Global Intelligence report found that “45% of financial services respondents to a 2019 market survey said they use [Amazon] AWS as their primary cloud provider, with a further 45% saying they use Microsoft Azure.” While acknowledging that most banks use more than one cloud service provider, the survey also found that the second cloud service provider generally came from one of the same three major brands. Providing a breakdown of financial institutions and cloud service provider usage, the report indicated that “69% of financial companies said they use AWS, 79% Microsoft Azure, and 21% Alphabet Inc.’s Google Cloud Platform.” 

It’s easy to assume that because the public cloud infrastructure is shared with many other organizations that it is inherently less secure than a private cloud—but that’s not exactly the case. While this mistaken assumption alone is enough to encourage any financial institution to adopt a private cloud over the public cloud in order to ensure the security of their applications and data, it’s completely unfounded. For a number of reasons, the public cloud is often safer and more secure than a private cloud. 

By gaining a deeper understanding of cloud security technologies, tools, and methods—including next generation firewalls, intrusion prevention and detection systems, penetration testing initiatives, cloud-based tokenization, and encrypted authentication and communications protocols—banks and financial institutions can quickly discover that the public cloud can provide a more secure infrastructure than a private cloud. It’s important to know, however, that there are arguments on both sides. Many security experts argue that the private cloud provides more security simply because, well, less people know it’s there. 

While obscurity may be beneficial, it doesn’t compete with first-rate cloud security. Public cloud service providers include some of the most trusted technology brands in the world, and they consistently attract and retain the best talent in cybersecurity, leading the industry in technological innovation, and maintaining the highest standards in privacy and data security. Their solutions are trusted by financial institutions but also governments and military operations around the world. Despite the fact that public cloud infrastructure is shared, virtual environments on cloud infrastructure can be completely segregated, ensuring that data, workloads, and applications remain separate and secure from other organizations.

The Role of Trust in Choosing Public, Private, or Hybrid Cloud Deployments

It’s hard to ignore the fact that the public cloud requires some level of trust. Choosing between public, private, and hybrid cloud is not simply about placing trust in hyperscalers or cloud service providers, though. Ironically, trust in cloud computing technology may even be one of the less critical factors for banks and financial institutions considering a cloud banking migration, as industry trends are beginning to suggest that banking leaders and executives are less concerned with cybersecurity today than just a few years ago. Ron Shevlin, a senior contributor covering fintech at Forbes, recent quoted a study by Cornerstone Advisors called What’s Going on in Banking, writing, “Nearly half of bank executives put cybersecurity on their list of top three concerns for 2018. That percentage declined to 36% in 2019 and dropped even further to 21% in 2020.” 

Although the report focuses exclusively on the U.S. banking industry, this is a trend that we’re more than likely to find in other jurisdictions. That notable decline in cybersecurity as a top concern of financial leaders is linked to an increase in trust in the cybersecurity technologies and practices that are keeping current infrastructures safe from cybersecurity threats like data leaks, service disruptions, malware, and theft. Although on the surface the data may suggest that financial leaders are thinking less about cybersecurity issues, that’s highly unlikely. Banks understand what’s at stake when it comes to cybersecurity threats, and a more likely scenario is that banking leaders are simply developing more confidence in the cybersecurity technologies, tools, and practices that are used to safeguard a bank’s data and systems on the cloud.

Whether It’s Public, Private, Hybrid Cloud, or Virtual Private Cloud, One Thing Is Clear

So, while trust in cloud service providers may play a role in the choice between public, private, and hybrid cloud—and arguably a lesser role in the case of a virtual private cloud—a bigger factor in deciding between cloud banking deployment options comes down to the functional use of banking systems and applications themselves. Banks will have to evaluate not only whether their banking applications are capable of running in the cloud, but, more importantly, they’re going to have to identify whether the application offers any real business benefit once it’s deployed in the cloud. Just because the banking industry suggests it’s becoming increasingly more important to move applications onto the cloud doesn’t mean the cloud is the right solution for every application in every situation. Banks should be intimately aware of why they’re moving specific applications onto the cloud, and they should understand how running that application in a cloud-based infrastructure adds value and improves business—whether its effects are immediate or in preparation for the near future. 

Many banks may find it’s not only safe but critically important to move their core and periphery applications and systems into a virtual private cloud on the public cloud to take full advantage of all cost, flexibility, and scalability benefits the cloud has to offer. Others may find a private cloud solution or hybrid cloud solution offers the right amount of control, allowing them to balance cloud benefits while ensuring compliance and managing the complexities of regulatory obligations. Portfolio+ offers banks the former option, a highly secure and isolated virtual private cloud on the public cloud, using Amazon AWS as the preferred public cloud service provider. 

Whether banks choose a public, private, hybrid cloud, or virtual private cloud, one thing is clear—the risk of complacency in an industry intently focused on modernization is far greater than the risk of a cloud banking migration. 

It’s time to move.

Sources: 

https://www.crnrstone.com/banking-2020 (Retrieved November 23, 2021) 

https://www.investopedia.com/terms/c/cloud-computing.asp#types-of-cloud-computing (Retrieved November 17, 2021)

https://www.spglobal.com/marketintelligence/en/news-insights/latest-news-headlines/as-big-tech-dominates-cloud-use-for-banks-regulators-may-need-to-get-tougher-59669007 (Retrieved November 26, 2021)

https://azure.microsoft.com/en-ca/overview/what-are-private-public-hybrid-clouds/#public-cloud (Retrieved November 22, 2021)

https://en.wikipedia.org/wiki/Virtual_private_cloud (Retrieved December 1, 2021)

https://www.cloudflare.com/en-ca/learning/cloud/what-is-a-virtual-private-cloud/ (Retrieved December 1, 2021