With colocation, a company buys and maintains its own IT infrastructure, e.g. servers. It just so happens that this infrastructure is located on the premises of a third-party vendor and that hence the third-party vendor takes care of physical security/protection, power, and internet.
There are two key differentiators between colocation and managing to host. The first is that with colocation the client is responsible for maintaining their infrastructure. This means that they either need a capable in-house IT team or to organize an IT managed services partnership. The second is that the colocation model keeps the purchase of IT infrastructure as capital expenditure rather whereas managed hosting turns it into an operating expense.
This second point has wider implications, especially for SMBs. With colocation you effectively move back to the legacy “data center” model of managing IT infrastructure. In other words, you generally have to purchase sufficient infrastructure to cope with your period(s) of maximum demand, even if that is literally one day a year (e.g. Black Friday) and leave it idling the rest of the time.
You can certainly run your colocated servers as a private cloud to maximize overall efficiency, but you can just scale up and down with the same degree of flexibility as you can with managed hosting let alone the public cloud.
The public cloud
Technically, public clouds are actually just a specific way of implementing managed hosting. There are, however, two big differences between public clouds and managed hosting. The first is that, literally by definition, a public cloud is open to anyone. Each customer (or “tenant”) has its own private space within the public cloud, but the privacy depends on controls implemented by the public cloud platform provider.
The second is that tenants in a public cloud platform have no meaningful control over the platform itself. In fact, there are limits to the extent to which they can customize it to their needs. Public clouds are flexible in the sense that they are massively scalable. They can be ramped up or spun down at, literally, the click of a mouse. They are not, however, massively customizable. Tenants get what the cloud platform provider has to offer.
For the most part, this is not likely to be a problem. The range of services on offer in any decent public cloud platform is still likely to be vastly greater than anything the average SMB could sustain as in-house infrastructure. The issue is the fact that tenants are very much dependent on the public cloud provider to maintain robust security and this does not necessarily sit well with the principles of data protection or the various compliance programs which enforce them.
Managed hosting sits in between colocation and the public cloud. You lease infrastructure rather than buying it. This means that you can exchange capital expenditure for operating expenses. You are also likely to have more flexibility to scale up and down than you would with colocation, albeit less than you would in the public cloud. Using colocation means that “scaling up and down” requires you to buy new hardware or to dispose of old hardware (or at least leave it idling), with managed hosting, you can just lease infrastructure for a short period.
Similarly, the level of management provided by your vendor traditionally sits somewhere between the “bare bones” approach of collocation and the “fully-serviced” model of the public cloud. The default assumption has generally been that the managed host partner will manage everything up to and including the operating system and the client would manage their own data and applications.
This approach is still quite common, but managed hosts are now increasingly moving into managed services and hence being able to offer additional services such as application management, should their clients wish them. This means that managed hosts can really become a “one-stop-shop” for clients who want to have their own private cloud and/or maintain legacy infrastructure, usually in addition to using the public cloud.
Managed Endpoint security services 2020