isn’t one monolithic type of offering, but an assortment of services aimed at meeting the various IT needs of an organization.

One such service provided via the cloud is infrastructure-as-a-service (IaaS), which delivers virtualized computing resources to organizations typically via the internet. IaaS is one of main types of cloud services, along with () and ().

In the IaaS model, third-party service providers host hardware equipment, operating systems and other software, servers, storage systems, and various other IT components for customers in a highly automated delivery model. In some cases, IaaS providers also handle tasks such as ongoing systems maintenance, data backup, and business continuity.

Organizations that use IaaS can self-provision the infrastructure services and pay for them on a per-use basis. Fees are typically paid by the hour, week, or month, depending on the service contract. In some cases, providers charge clients for infrastructure services based on the amount of virtual machine (VM) capacity they’re using over a period of time.

IaaS vs. PaaS vs. SaaS

Similar to other cloud computing services, IaaS provides access to IT resources in a virtualized environment, across a public connection that’s typically the internet. But with IaaS, you are provided access to virtualized components so that you can create your own IT platforms on it—rather than in your own data center.

IaaS is not to be confused with PaaS, a cloud-based offering in which service providers deliver platforms to clients that allow them to develop, run, and manage business applications without the need to build and maintain the infrastructure such software development processes typically require.

and a can help you and and avoid .

However, you do have to be careful to monitor your usage and make sure your applications and other systems use cloud resources efficiently. Because, in the metered world of IaaS, you’re paying for wasteful usage at the same price as effective usage.

One other benefit of IaaS is flexibility in terms of location. Organizations can access IaaS offerings from virtually any place where there is access to the internet.

There’s also the advantage of availability. Because cloud providers rely on multiple facilities, there is no single point of failure. They also distribute their facilities to reduce latency based on where the customer location is.

IaaS applications

You can use IaaS for a variety of workloads. But according to a July 2019 , there are typically four broad categories of need for these services:

  • Digital business: With nearly every business affected by digital disruption, digital business needs account for a majority of workloads in IaaS. The digital business use cases include digital marketing, e-commerce, customer resource management, software-as-a-service, data services, and internet of things (IoT) applications.
  • Agile projects: Many organizations have launched IT projects that they’re . Rapid application development, prototyping, experiments, and other projects that require agility, flexibility, and the ability to meet urgent infrastructure needs are often executed on IaaS.
  • Data center substitution: At many organizations, IaaS is gradually replacing or supplementing traditional, on-premises data center infrastructure. In these cases, IaaS is typically used similarly to an organization’s internal virtualization environment, and companies generally begin with development environments or less-critical production applications, then gradually expand their use of IaaS to host critical applications as they gain more experience and trust.
  • Batch computing: This is the least common need for IaaS, Gartner says. In these cases, IaaS serves as a substitute for traditional high-performance or grid computing. Possible applications include rendering, video encoding, genetic sequencing, modeling and simulation, numerical analysis, and data analytics.

IaaS providers and technology

Among the are Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform, IBM Cloud, Alibaba Cloud, Oracle Cloud, Virtustream, CenturyLink, and Rackspace.

The major technology components of every IaaS offering include compute resources, storage, and networking.

Some also offer self-service interfaces including web-based user interfaces and APIs, management tools delivered as services, and cloud software infrastructure services.

Key features of IaaS offerings include, according to Gartner:

  • Both public and private cloud IaaS. A single architecture and feature set and cross-cloud management for both public and private clouds let you move workloads across the different service models depending on your needs.
  • High security standards. Although all the provides claim they have high security standards, the extent of the controls they provide to customers varies greatly. All generally offer services that meet common regulatory compliance requirements, and they typically have SSAE 16 audits for their data centers. Some might also have third-party security assessments for their IaaS offerings.
  • High availability. Monthly compute availability service-level agreements (SLAs) of 99.95 percent and higher are typical—generally higher than availability SLAs for managed hosting. Many providers have additional SLAs that cover network availability and performance, as well as customer service responsiveness.
  • Hourly pricing. All the providers offer per-hour metering of VMs, and some offer shorter metering increments that can be more cost-effective for short-term batch jobs, Gartner says. Most providers charge on a per-VM basis, and some offer a shared-resource pool pricing model or are flexible about how they price services.

IaaS risks and challenges

As with any other type of cloud service, IaaS comes with several risks and challenges that organizations need to address.

Among the key concerns are cyber security threats. depends highly on the security of the cloud infrastructure owned by the service provider. VMs could be exposed if there’s a compromised hypervisor, for example.

There’s also the security risks that come when employees of the service provider have direct access to the cloud infrastructure, including hardware, networks, and hypervisors.

Some of these security and privacy risks might lead to difficulties complying with government regulations. This is especially true for companies in highly regulated industries such as health care and financial services.

Another potential challenge is the an IT environment that relies heavily on cloud services provided by an outside entity. There will naturally be some loss of control as a result of relying on a service provider for critical IT functionality, and because IaaS providers own and maintain the infrastructure, management and monitoring might be more difficult for companies.

Finally, there are risks associated with the service providers themselves. As Gartner notes in its report, many of the providers in the market are re-evaluating their IaaS businesses as the market continues to consolidate around AWS, Microsoft, and Google—so you should be aware that some providers could make significant changes in the direction of their IaaS strategy. That includes replacing their current offering with a new platform, or even getting out of the IaaS business altogether.

Despite these and other challenges, IaaS is clearly on the rise as a way for organizations to create more agile and cost-efficient IT environments.