Virtual Private Clouds (VPCs) have obvious promise, delivering the best compromise between Public and Private Clouds. The idea with a VPC is to create an enclave in a Public Cloud that your organization accesses via a Virtual Private Network (VPN) connection. As a result, your Public Cloud enclave is logically on your corporate network, behind your corporate firewall. You get the economies of scale and depth of experience of the Public Cloud, with the security benefits of Private Cloud. What more can you ask?
Not so fast. First, that Public Cloud is likely to be multitenant, meaning that you share physical hardware with other customers. True, you’re on a separate network, but hackers may have a way of breaking through the virtual security that keeps instances separate. And asking for a single-tenant enclave in a Public Cloud will cost you a pretty penny, assuming your Cloud provider is even willing to set your account up that way.
But there’s another issue here. Do you really want to trust your Cloud environment to a VPN? All corporate knowledge workers use VPNs these days, and all of them hate VPNs. Connecting is slow and unreliable. Connections tend to flake out. And the server end of the connection bogs down easily. And let’s not forget it’s a tightly coupled interaction: the software on both ends of the line have to match properly. Upgrade one and you’d better upgrade the other.
Of course, with issues come opportunity. Expect a new class of VPN technologies — or replacements for VPNs altogether — that provide a more reliable, secure VPC connection. In the meantime, don’t expect too much from your VPC.