What is Cloud Infrastructure as a Service (IaaS)?

Cloud infrastructure as a service (IaaS) provides on-demand compute, storage and networking, while leaving you in control of the operating system and application layer. For UK organisations, IaaS decisions often come down to operational ownership, audit readiness and where infrastructure is hosted.     This FAQ sets out what IaaS includes, who it suits, how responsibility is typically split, and what to look for when comparing IaaS cloud solutions. 

Q: What does IaaS mean?

A: IaaS is a model where the underlying infrastructure for running workloads is delivered as a service, including virtualised compute, storage and network capability. Your team manages operating systems, applications, identities, data and configuration, while the provider operates the underlying platform and data centre environment. It suits organisations that want infrastructure control without owning and operating physical hardware on site.

Q: What does infrastructure as a service in cloud computing include?

A: Infrastructure as a service in cloud computing typically includes virtual machines or compute capacity, storage services, network segmentation and routing, and management tooling to provision and scale resources. Depending on the provider, it may also include options for single-tenant or multi-tenant environments, plus add-on services for backup, disaster recovery, and connectivity to public cloud services.

Q: What is the difference between IaaS, PaaS and SaaS?

A: IaaS provides the infrastructure layer and leaves operating systems and applications under your control. Platform as a service (PaaS) includes more managed runtime components such as databases or application platforms, reducing infrastructure management but narrowing configuration control. Software as a service (SaaS) delivers complete applications managed by the vendor, where you configure usage and data policies but do not manage the underlying application stack.

Q: How does cloud IaaS compare with on-premise infrastructure?

A: On-premise infrastructure is owned and operated within your facilities, including power, cooling, physical security, hardware lifecycle, and capacity planning. Cloud IaaS moves those infrastructure responsibilities to a provider, so you can provision capacity when required and scale it based on workload demand. The trade-off is that governance, access control, and configuration discipline become even more important because the infrastructure layer is service-delivered.

Q: What are IaaS cloud solutions used for?

A: IaaS cloud solutions are commonly used for application hosting, development and test environments, line-of-business systems, and workloads that need predictable performance with the ability to scale. They are also used to support resilience programmes where services need replication across locations, and where backup and recovery objectives must be defined per workload.

Q: Who is responsible for security in an IaaS model?

A: Security is shared. The provider secures the data centre environment and the core platform, including physical security and resilience controls at the infrastructure layer. The customer remains responsible for operating system hardening, application security, identity governance, access permissions, patching routines, and data handling policies inside workloads. Clear responsibility boundaries matter because audit evidence needs to show who operates each control.

Q: How do backup and disaster recovery fit into cloud infrastructure as a service?

A: Backup and disaster recovery sit alongside IaaS as continuity controls. Backups protect against data loss events such as deletion, corruption, or ransomware, while disaster recovery focuses on restoring service availability following a major incident. Pulsant includes Backup as a Service (BaaS) and Disaster Recovery as a Service (DRaaS) within its cloud services portfolio.

Q: What does “connectivity to global clouds” mean in IaaS?

A: In an IaaS context, “connectivity to global clouds” means having private, managed network access from your hosted infrastructure to major public cloud platforms. This matters for hybrid setups where applications, data, backups, or DR processes need to move between environments on predictable routes with clearer control and monitoring. Pulsant provides this through Edge Fabric connectivity and its Cloud Connect service, which supports access to peering exchanges and public cloud services.

Q: What should you check when comparing cloud IaaS providers?

A: A due diligence review usually covers hosting location, tenancy model (single-tenant or multi-tenant), how resilience is engineered, what monitoring and logging access you have, how backup and disaster recovery are delivered, and what contractual service levels apply. For regulated workloads, it also helps to confirm audit evidence availability, support and escalation processes, and how identity and privileged access are managed.

Q: When does cloud infrastructure as a service make sense for UK governance requirements?

A: It can make sense when hosting location, jurisdictional control, audit readiness, and operational ownership are part of the requirement set. Organisations typically consider IaaS when they need clearer control over where workloads run, how access is governed, and how evidence is produced for internal assurance or external audit, while still using a service-delivered infrastructure model.