Why Your Cloud SLA Could Be The Most Important Contract You Ever Sign

Service Level Agreements. All providers have them, and not too many break them – but with a rocky end-of-2014 for many providers that suffered outages, what will 2015 hold for the cloud Service Level Agreement, and how important is an SLA in a cloud business plan for customers?

Ian Wells, VP North-West Europe at Veeam Software:

“The simple fact is that modern businesses are always-on; whether IT services are in-house or in the cloud, even the smallest outage can cost tens, or even hundreds of thousands. As a result, the SLA will be a focal point for businesses that want to ensure that their cloud services won’t let them down at the worst possible time. The uptime guarantee is the most obvious part of an SLA and the first item most businesses will check. However, there are many more items that need to be considered to ensure IT services’ availability. For instance, what are the data protection procedures?

“Is data backed-up or replicated, and if so where, and are those backups verified? In the event of a failure, how fast will services be resumed and what is the maximum amount of data that could be lost? Will there be any planned downtime, for instance when updating services? And does the business still have the option to take control of data protection itself – for example, by backing-up or replicating data to a separate environment? Businesses need to carefully consider the answers to all of these questions before deciding if SLAs will meet their availability and broader business needs.”

Ann Marie Murray, product marketing manager, at Tangoe:

“This is an interesting question and presents a topic that Tangoe monitors very closely. Before implementing a cloud contract both parties should engage an exhaustive review and negotiation of Service Level Agreements (SLAs). Cloud vendor agreements should include SLAs that not only benefit the cloud service provider but also safeguard your business. That’s why we strongly advise companies to heavily scrutinise and negotiate firmly all Service Level Agreements (SLAs).

“SLAs for cloud services will typically address vital elements such as: availability, performance, issue response time, disaster recovery, data ownership and access, compliance and termination. Precise termination conditions prove especially critical in protecting against cloud vendor lock-in. If properly documented in the SLA, these conditions will help ensure that a clear migration strategy is in place and prevent providers from holding your data hostage. Accordingly, SLAs should also include penalties for any missed objectives. Penalties must be clearly defined, with documented credit amounts for each missed deliverable.

“Flawless communication is paramount. I cannot emphasise this enough. If the responsibilities of each party are not clearly defined (whether shared or individually owned) from the beginning, enterprises risk losing key protections and efficiencies that SLAs can provide.”

Michael Allen, Solutions VP, Dynatrace said:

“Handing over the degree of control that the cloud entails can be perceived as a major risk for many organisations; particularly where business-critical IT services are concerned. As such, cloud Service Level Agreements (SLAs) should cover all eventualities and assure peace of mind under any circumstance; but current SLAs do not seem to be quite cutting it. Even if the service is ‘available’, it may be running slowly or causing other unforeseen problems for end-users.

“Recent research confirms these concerns; showing that 79% of IT professionals think cloud SLAs are too simplistic, failing to provide the reassurance needed to counteract the loss of control. What’s more, the majority (73%) even believe that cloud providers will actually hide service problems from them.

“As such, cloud service providers must make it their New Year’s resolution to address these concerns by sharing performance metrics beyond basic availability and uptime with their customers. It’s not enough to simply keep tabs on whether all the lights are on in the data centre; cloud providers need to offer insight into IT performance from an outside-in perspective so that they can monitor how their cloud infrastructure is impacting on their customers and report back to them transparently.”

Richard Blanford, managing director of managed cloud provider Fordway:

“The SLA is a key part of any cloud service. We are frequently amazed when we discuss this with organisations that operate their IT without defined and agreed service levels, or who have defined service levels but no way of measuring them to ensure they are being met.

“First the organisation needs to define and understand the characteristics of the service they want. Then they need to map it to the available options and choose the most appropriate ones for their needs. Finally, they need to independently manage the service and monitor it against SLAs themselves. They need to have an audit function to ensure that the service is and remains fit for purpose and independent service monitoring and management either in house or contracted through an independent third party to ensure the provider actually provides what they are contracted to.”

Dan Sloshberg, Product Marketing Director at Mimecast, comments:

“IT system outages are inevitable.  Cloud services are likely to fail at some point just like systems run in-house always have. We’ve seen that some of the largest providers are not immune with the likes of Azure, Verizon and others suffering downtime. Entrusting critical IT services, like email, to a third party can bring many benefits including lower and more predictable costs, simplified infrastructure and improved flexibility.

“Service Level Agreements (SLA’s) help compensate clients when things do go wrong and hold the vendor to accountability. But anyone not starting at 100% is basically asking you to accept a degree of performance degradation at the outset, even before you’ve signed the contract.

“There’s no doubt that as organisations entrust even more core systems and data to cloud service providers, 2015 will see more SLA breaches than in prior years. But an SLA only goes so far in compensating for downtime or other issue. It certainly does not cover the full cost or impact.

“Organisations must consider how they choose and protect their cloud services. They must be able to answer the question: What happens if my cloud service goes down? Business continuity in the cloud is still as critical as it was on-premises.”

The 451 Research Take

“SLAs are just marketing tools: guarantees give consumers faith that the service provider can deliver, and service credits make them believe they can ‘punish’ the provider if the provider lets them down. But in reality, service providers structure their contracts so they have much to gain, and little to lose, if something goes wrong. Although SLAs may provide an indication of a service’s performance, enterprises must remember that downtime, poor performance, security breaches and data losses are their risks to bear. End users must evaluate the risks, against the costs and the benefits, and plan accordingly.”

Andy Soanes, CTO, Bell Microsystems

“IT services are subject to constant change and are always evolving: meaning that CIOs must make decisions that will decide the future of their organisation for several years to come. As a result, the CIO needs complete confidence that, when they sign up for an IT service, they are getting exactly what they paid for. Whilst the cloud can mean flexible, always-on, accessible-anywhere IT services for organisations, if a service cannot provide the performance that the business demands, or meet the regulatory needs of their industry, then it will only be a hindrance.

“SLAs are a crucial tool for IT departments who need to show they have complete ownership and control over their IT services. By studying and comparing SLAs, CIOs can be certain that they are choosing service providers that will give them the level of control and confidence they need. Crucial in this is aligning SLAs back to service and application needs to ensure the correct balance of SLA, from data centre to individual infrastructure, with optimum costs.

“In addition, there must be the ability to flex SLAs up or down in line with customers’ business and service demands. Most importantly, once a contract is entered into, the CIO must ensure that their cloud provider is meeting SLAs, and hold it accountable if performance is below standard. In this environment, cloud providers that can both provide thorough, flexible SLAs, including accountability if performance targets aren’t met, and demonstrate that they are being followed will have a huge advantage in attracting and keeping business.”

Take our cloud computing quiz here!