Cloud vs On-Premise: Where to draw the line?


For my first blog post I’d like to shine a light on the burning question in everyone’s mind recently. The cloud. There will always be salesmen trying to pitch on-premise or hosted solutions to your problems but unfortunately they’ve often only known about your business for 10 minutes and are hardly the ones to be making such a recommendation!

I’ve been reviewing a lot of my services recently and I’ve been trying to draw boundaries as to where the simplicity of hosted can become a pain. Your mileage will always vary but I tried to break this down into my three S’s of best practice.


Cloud: The cloud will only be as good as your internet connection, especially when you start to run multiple different cloud applications through your connection you need the bandwidth to support your users. You can’t expect stellar performance for 20 users on a standard ADSL line.

Local: On premise will only be as good as the hardware you are running the service on. You can’t expect to have the performance of a Datacenter on a five year old consumer PC that you repurposed as a shared drive.


Cloud: How are you connected to the cloud application? Is it a direct presentation through your fibre line? Do you need USB keys to sign in?

It’s good to review the sensitivity of the data you wish to upload to the cloud and then background checks on the cloud provider aside focus on how you access that data, how could someone else that wants your data steal it since it’s not under your lock and key?

I see more and more frequently now that cloud providers are no more than Amazon Web Services resellers and truth be told you don’t know what measures they are taking to segregate your data from anybody else’s.

If you can get a direct console access and you’re running virtual servers my advice would be to look at something like Sophos Safeguard to run Power on Authentication against that VM and having your virtual disks encrypted. That way if someone does take a copy of your data at rest it’s useless to them. As a side note it also can’t hurt to see relevant independent audit and accreditations such as ISO27001.

Local: How would you prevent a user walking up to the server with a USB key and taking a copy of the data or worse taking the server?

With physical office space in the city being at a costly premium it can become an uphill struggle to justify actually creating an IT area. Reason being why increase your own infrastructure when you could just have a small locked box with your fibre running into it?

Side note for managed offices: I’ve supported a business before that rented an office that was purely “bring your own IT”. The building owners supplied the internet, phones, meeting rooms and even coffee for a set fee monthly. The key downside I found to this is that you get no visibility of the security of your data once it touches the first of their cables and should be treated the same as connecting to the internet. I was setting up a new computer in that office and the network port they’d supplied was still configured to another business and I could see all their files without even trying! Don’t let that be you!


Cloud: This needs to be factoring in more than just the uptime of your host but also the other potential failure points in the chain.

From data centre to internet connection to router/switch setup in your building. Do you have any single point of failures?

Consider these questions:

Who hosts your data and services? What’s their resiliency and disaster recovery plan?

How many distinct ways to you have to access the internet? By distinct I mean truly different routes, not just two cables running next to each other to the same location. More on this another time.

Do you have any backup for your routers or switches? Even if it’s just another identical model in a box.

If you don’t know the answer to those questions I’d suggest finding the answers urgently. Trying to drive your monthly spend to the very bottom by skimping on these points will likely involve costly downtime in the form of wasted staff costs down the line.

Local: Again factoring this in looking inwards:

Whats the speed and resource limitations of your internal system?

How do you expect to grow them as your company does?

If you have knowledge of your average daily ingestion of data, how long until you run out?

How much will that cost?

Do you have a hardware maintenance contract or spare server in the event of failure?

Since I doubt anyone really has an unlimited budget it’s worth keeping these core questions in mind to ensure you’re covered for the near term and then you know what you’ve got left over to focus in the long term.

Helpful hint, easy decisions:

If these questions are proving hard to answer then there’s some easy wins for where cloud and local are generally better suited. Can you still use them without the internet? I asked myself this question and found myself migrating e-mail, phones & Internet Security to the cloud. My thought process being that without a connection to the outside world I can’t access e-mail or phones anyway and if my network connection is down the odds of me being hit by a zero day virus are extremely slim! The amount of time spent on maintenance and downtime I’ve saved as a result was well worth the initial setup.


The cloud is a growing platform that doesn’t show any signs of slowing down, I’m not against the adoption of the cloud at all but I feel too many people are drawing their own lines too invested or too reserved from the cloud to actually get the best benefits for their own business. Ultimately every business has different needs and businesses that have a lot of remote workers would see more benefits than a single office business but by asking these questions of your environment and your company’s expansion plans you can at least consider your own journey to a hybrid platform that suits you best.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: