(no title)

* Less prone to human error. We have one well-secured, central firewall that only a few developers can access. So, even if a developer forgets to properly secure something downstream, it will still be protected by the firewall. One could argue that this is possible in the cloud, but managing VPCs, etc., introduces risks. There’s always the possibility of something critical being left outside the VPC. On-prem, there’s no way something can physically escape our ethernet cables.

* IAM and bucket management issues. Anything in the cloud is inherently exposed to the Internet and, in most cases, open by default. You need to manage countless IAM configurations.

* Physical inspection. We can actually look at our setup, and if necessary, visually inspect if a server is physically encrypted.

* Simplicity and transparency. Things are simpler and more straightforward: Storage is storage, a disk is a disk, and ethernet is ethernet. Canot stress how beatufill this is, even with 100 servers it easy to manage them than in the cloud.

* Modern open-source software. Modern open-source solutions have incorporated many smart features from the cloud, making on-premise setups more powerful and easier to manage.