Keeping data on in-house servers used to be the gold standard for doing analytics safely and securely. But cloud-based analytics platforms have been steadily gaining market share as well as – and more importantly – the trust of organizations.
In the cloud, clients aren’t responsible for the software, services and hardware, which cuts their costs. However, on-premises hosting also has advantages that are extremely important for certain types of customers, like banks or governments.
Is the cloud really that convenient to use? Is it less safe and privacy-friendly than private cloud and on-premises hosting? Which option is the most suitable for companies and organizations that handle sensitive user data? We’ll answer these questions in this article, where we describe the key pros and cons of:
- Public cloud
- Private cloud
- On-premises hosting
We’re deliberately ignoring what’s called the hybrid cloud. This is a combination of a public cloud, a private cloud and even on-premises hosting. Its structure varies depending on the particular client’s requirements.
To help you get a better grasp of this complex topic, we’ll use examples of deployment options offered by Piwik PRO. Let’s get started.
Public cloud is the most widely used model on the market. Servers offered in the public cloud belong to an external provider. The storage space is shared between all the organizations that lease the environment from the same company.
Popular services that use public cloud include:
- Google Drive
In the analytics realm, public cloud is used by Google Analytics and Adobe Analytics. It’s also one of the options offered by Piwik PRO, along with private cloud and on-premises deployment.
Here’s how the model works in practice:
It’s important to note that the software, service and hardware layers don’t always belong to the same provider. For example, Piwik PRO uses Azure servers to accommodate customers who choose cloud deployment for Piwik PRO Analytics Suite.
Public clouds are typically recommended for small and medium-sized organizations, which are sensitive to the costs of building and maintaining infrastructure. It’s also a perfect option for software as a service (SaaS) subscription models, where access to a product or service comes with a recurring fee.
- Costs – Using public cloud is typically less expensive than other deployment options:
- You don’t need to invest in physical servers, their storage and maintenance.
- You pay for the selected plan, while the vendor’s team is responsible for fitting and scaling the infrastructure.
- You save time when expanding your cloud environment. Your employees can focus on more business-related tasks and not ordering additional machines and servers.
- Your team doesn’t have to handle software or servers updates, server maintenance and preservation – all of this is done by the server provider.
- You reduce general cost related to items like electricity or server room maintenance.
- Fast implementation – With analytics products installed in the cloud, you can get up and running fast. In the case of Piwik PRO, the technical onboarding takes about 24 hours.
- Scalability and flexibility – Public cloud can also scale up and down rapidly. Buying additional resources is easy. This allows you to quickly scale up infrastructure during permanent, cyclical and planned traffic spikes.
- Quick development – Thanks to fast and comfortable scaling, companies can quickly and inexpensively check and test new functionalities.
- Ease of use – Connecting to the public cloud is easy and requires internet, a web browser and dedicated access account.
- Data security and responsibility – In public cloud, data is stored on the external provider’s servers. The responsibility for the data security rests with the provider. This might be convenient, but it also limits the ways in which you can protect your data to the methods used by your cloud server’s vendor.
Many public cloud providers mitigate the potential risks by undergoing pen tests by external auditors and ensuring compliance with the strictest security standards. For example, the cloud infrastructure used by Piwik PRO holds ISO 27001, ISO 27017, SOC 1, SOC 2 and SOC 3 security certificates.
- Privacy compliance – Many cloud-based analytics providers don’t let you choose the exact location in which you will store user data. This might work for some companies. But those that need to comply with strict internal data protocols or data residency regulations might not be satisfied with this arrangement.
With Piwik PRO you can choose between four cloud hosting options – Germany, the Netherlands, the US and Singapore.
- Limited control over infrastructure – All organizations that lease public cloud from a given provider use the same infrastructure. The cloud is fully managed and supported by the service provider. This means you won’t have influence over, e.g., maintenance windows in which your analytics platform will be unavailable. Also, handling hardware problems and working out solutions is a matter for external teams that work according to their own schedule.
- Development of functionalities – When using a solution which is fully maintained by an external provider, you don’t have any impact on the development of its functionalities, e.g. support for the appropriate type of multi-factor authentication (2FA), custom domains, audit log and IP whitelisting. For some teams this can be limiting.
Another type of deployment is private cloud. As with public cloud, the location of the private servers depends on an external provider. But what differentiates private cloud is that it’s built exclusively for only one organization. That’s why this model is often called “company cloud” or “organization cloud”.
This model is typically selected by companies that want to or must physically separate their data from other cloud users. This gives them all the convenience of using public cloud with better data security.
In this deployment method companies pay for the real use of resources. It’s relatively more expensive than public cloud because all the resources are installed for, and used by, just one customer. However, the investment can be worthwhile, as the equipment used for the construction of the private cloud will belong to them forever.
- Security – Private cloud solutions give easy access to resources, while the data is stored in a separated server space, improving security.
- Compliance – This kind of deployment allows you to meet the demands of HIPAA and local data residency laws. The private cloud location depends on external providers, but in this case the resources aren’t shared.
With Piwik PRO you can take advantage of over 60 locations of Microsoft Azure and AWS private cloud servers.
- Ease of use – Just like with public cloud, connecting to private cloud is easy and requires internet, a web browser and a dedicated access account.
- Control and adjustments – Public cloud gives you full control over the environment. You can adjust it to your own needs and security requirements, e.g. you can completely isolate your data infrastructure.
- Performance – Public clouds are run for one client and access to them is limited (usually) only to the client’s network. That’s why access to data is generally more efficient and secure.
- Decisiveness – The client influences the schedule and mode of maintenance tasks, which are properly planned and agreed in advance.
- Higher price – The cost of building your own private cloud infrastructure is significantly higher compared to public cloud. The expenses include buying equipment, but also software, licenses and retaining a team responsible for maintaining the infrastructure.
- Longer implementation time – The installation time for private cloud is typically longer than with public cloud. For example, with Piwik PRO, the technical onboarding for private cloud clients takes about two weeks.
- More tasks related to updates and maintenance – In public cloud, this responsibility rests with the service provider. In the case of private cloud, depending on the selected model it’s either the service provider or the owner of the private cloud who takes on this task. If these responsibilities belong to you, you’ll need to take care of:
- Maintenance resources
- Regular systems updates
- Renewal of licenses
- Fixing errors and failures
- Retaining qualified maintenance staff
In an on-premises model the infrastructure is built and managed by the company or organization, with employees having physical access to all resources. The company stores the data on their own servers or servers that they rent or lease from third parties.
The costs related to the on-premises solution include private servers but also elements such as wiring, server lockers and air conditioning.
However, storing data in a chosen location and having full physical access to the infrastructure allows companies to securely process personal data and even protected health or financial information.
- Security – Having your own data center allows you to select your equipment, and software, and you determine the security level yourself. Your data stays in the company network, which also significantly enhances the safety of it. Moreover, with platforms such as Piwik PRO Analytics Suite you can even install your analytics platform in offline mode. This means that your infrastructure can be totally cut off from any internet connection.
- Control and accessibility – You decide about the frequency of updates made to the environment. Your IT team will have physical access to the infrastructure, making their everyday work a lot easier. Finally, access to infrastructure won’t depend on any external factors, such as an internet connection.
- Compliance – In on-premises solutions it’s easier to meet legal requirements imposed on companies by e.g., GDPR, HIPAA, LGPD as well as sectoral and regional data protection regulations. This is because you know the exact location of user data and you keep it within your own security perimeter.
- High price – Owning infrastructure involves significant costs. These costs are generated at the beginning, when scaling infrastructure physically or buying new resources, but also by regular maintenance. They include:
- Server room
- Air conditioning
- Internet connection
- A team of specialists (in-house or outsourced)
- Unlimited but delayed scalability – Scalability in on-premises models is about buying new equipment and installing it on your infrastructure. The time needed for scaling up your infrastructure will be longer than with public cloud and will depend on your company’s internal processes for buying new hardware.
- Longer implementation time – Building and running your own data center is a long and complicated process, which requires qualified specialists. Errors and negligence in the early phases of designing, ordering or implementing infrastructure can lead to serious issues in the future.
In the case of Piwik PRO, technical onboarding takes about 3-4 weeks. For increased security, installation can be performed on the client’s infrastructure without accessing the internet.
As you can see, every hosting option has its unique set of advantages and disadvantages. On the one hand, using public cloud is a huge convenience for companies because the entirety of management and maintenance issues can be handled by the service provider. On the other hand, it can be a no-go for those that require physical access to data and full control over the infrastructure.
All of this comes with more privacy-friendly deployment methods such as on-premises. That said, these models are considerably more expensive and require more technical expertise on your end. Finally, private cloud marries some conveniences of public cloud with some safety advantages of the on-premises model.
For a good summary of the subject, read a brief comparison between public and private cloud, and on-premises hosting. It’s based on the offer for Piwik PRO Analytics Suite:
|Public cloud||Private cloud||On-premises|
|Control over security|
|Access and control||Remote access||Remote access||Physical access|
|Management||By browser||By browser||By browser or physical access to the servers (SSH)|
|Maintenance||Updates performed in the maintenance windows designated by the service provider||Updates performed in the maintenance windows consulted with a client||Updates performed in the maintenance windows planned and agreed with the client|
(based on Piwik PRO Analytics Suite offering)
|Implementation time||~ 24 hours||~ 2 weeks||~3-4 weeks|
|Application/use||Medium and small companies that can’t incur additional costs and can store data on public servers||Companies with funds for investment in a more secure and controlled environment than the public cloud||
If you’d like to learn more about analytics hosting options or Piwik PRO Analytics Suite, be sure to contact us. Our team will be happy to answer your questions.