What are Community Clouds?

The nature of any public cloud is to meet the requirements that a majority of its users need. There are always trade-offs in functionality, standardization and costs. So, in the end, the implemented requirements are some kind of least common denominator.

While this might be good (enough) for most industries, it often is not enough for client groups with special requirements, like financial institutions, government organizations or pharmaceutical companies. To drive cloud adoption for those clients, we need a type of cloud that can meet their particular needs. Such clouds are referred to as community clouds because they are designed to serve a special community of clients. A community cloud is an infrastructure that is shared by several organizations with similar concerns.Prescription Medicine 3348667

But why are community clouds so important for both the service providers and the industries and communities that use them?

The service providers can target new client segments that they could not reach with a standard cloud offering. Although investments into the cloud’s underlying infrastructure and security processes might be higher, competition in this segment is lower, and marketable prices are potentially higher than for standard public cloud services. Depending on the targeted industry, the offered cloud services develop from a commodity business to a high-value, high-margin business, which might be more attractive for service providers.

For special industry clients, a community cloud provides the possibility to gain the benefits of cloud computing but stay compliant with their industry requirements. The service provider takes over the burden for required certifications like the Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry (PCI) data security standards and so on.

Another attractive aspect might be the fact that a client’s neighbor in a community cloud is most likely from the same industry. In a governmental community cloud, sharing of infrastructure (as is the nature of public clouds) is only done between other governmental organizations, which might relieve them from certain security concerns they have with open public clouds.

government bldg


Although community clouds are still niche products, they are becoming more and more important with general cloud adoption across industries. They can be a good solution for both the service provider, who gets better margins with higher value services, and for the client, who can be sure that its industry-specific needs and regulatory requirements are met in a professional way. The fact that only clients from the same industry are on such a community cloud might help to increase trust in cloud computing, even for highly regulated and sensitive industries.

Could community clouds help increase cloud adoption? Continue the conversation with me on Twitter @eMarcusNet.

Trust, but verify!

If you ask five people to give a definition of cloud computing, you get six answers! This is a common joke about cloud computing. The same might be true if you ask cloud service providers about their service portfolio and service levels. Today, the cloud service provider market is very diverse. You find all kind of providers, from small local startups to large enterprises that are well known in the IT business.

Each of these cloud service providers might have their own set of services, business model and client base. Depending on their background, the understanding of Service Level Agreements (SLAs) and what they could mean for clients is completely different. There is no right or wrong here, but every client needs to make sure that the service provider’s perception of SLAs does meet the client’s expectations and requirements.

Penalty driven SLAs are useless!

Cloud computing is a service offering and SLAs are a valid way to describe what a client actually gets. So, we need SLAs to define a cloud service. However, the main question arising is:how much is the given SLA for a specific service worth? – also meaning, how motivated is the service provider to meet the SLA?

Today, a common approach to make an SLA stronger is to tie penalties in case of missing. I can give you two reasons why I think penalty driven SLAs are useless:

  • Penalty driven SLAs are mainly agreed on critical workloads or infrastructures because these SLAs are more expensive than penalty free Service Level Objectives (SLOs). However, talking about important workloads, the agreed penalty will never ever cover the actual loss a client might have because an important or even critical system goes down.
  • Penalties on SLAs are financial risks for the service provider. And, this risk is usually priced into the service. So, actually, clients pay their own penalties over the duration of the contract.

But what can a client do to make sure to contract the right cloud service provider? One recommendation would be to analyze the cloud service provider’s understanding of SLAs and its background as a service provider in general.

A few questions to ask:

  • Experience and operational excellence — is the provider well known in the market for providing services, does he have proper processes in place, does he comply to industry standards (ITIL) and certifications (ISO, SSAE)?
  • Is being cloud service provider his core business or is that just something he does to utilize his IT equipment?
  • What is the typical client base and how important is his reputation as a service provider for him?


When choosing a cloud service provider, penalty driven SLAs shouldn’t be trusted blindly, but rather being verified as to how likely it is that those SLAs are actually met. Is the provider just gambling, or does his technical infrastructure, processes and culture give me confidence. A service provider that requires a $ 100 penalty for motivation to hold SLAs might not be the right choice!