This is an interesting angle of insight on the public/private/hybrid cloud discussions that I haven't seen much. AWS is clearly above and beyond the leading option and that market dominance -- and the duration of that dominance for years now -- brings to the Amazon offering a number of advantages we might not normally think about.
Jason raises a big one IMO: security.
Fact is, AWS may be more hardened in more ways and more times than what you're going to consider (or be able to afford) for your private cloud. So, if security is a big consideration, you may have just made the decision for yourself in the public-vs-private cloud debate.
Jason Bloomberg: Well, there was a great article that quoted me as saying that private clouds are less secure than public clouds, when that's not precisely what I was saying. It's more that there's no reason to believe that private clouds are inherently more secure than public clouds, and it's expensive and difficult to make them as secure as public clouds. So it's not that it's impossible or that it's always the case, but it's more difficult than you might think.
So, if you compare an enterprise's private cloud to what Amazon is doing […], well, Amazon has very well-hardened infrastructure. People have been attacking it for years, so they see all of the attacks.
Well, what penetration testing can you do? Well, you'll run your pen test and you'll try a bunch of things, but no – you're going to get nowhere near the level of penetration testing that Amazon does simply by being a leader in the marketplace for so many years.
You're going to try to hire the best security people to secure your cloud, so where are you going to find these people? Well, the really good ones are already working at Amazon. And they're not going to work for you; they love working at Amazon. So it's really hard to hire the best security people.
Now you're going to have to go buy the best security gear. So you shop for best security gear, you buy a bunch of security gear, and a couple of years later, your infrastructure manager comes to you and says – comes to the CIO and says, we should replace all the security gear with the latest and greatest. Well, maybe, maybe not. I don't know. Can we keep it for another year? You want to save money. You're not going to have the economies of scale of one of the big cloud providers, so you're not going to have the same sort of cost efficiencies and get the very best equipment.
So you have a skills gap, you have a technology gap, you lack the economies of scale that you need to provide cost-competitive level of security. So it can be done, but it's difficult and expensive.