Making Cloud SLAs readily usable in the EU private sector

Negotiating & Contracting

This phase can include preparing for negotiation and the actual negotiation and deal making with one or more CSPs, including sharing concerns, discuss in-scope and out-of-scope (cloud) services, debating about trade-offs and finding common grounds, reaching agreement, double-checking needs, goals and assumptions, and of course documenting the contractual arrangements, and signing thereof.

Commoditised public cloud services on a shared infrastructure (off-the-shelf services) come with standard contracts (“take-it-or-leave-it”) by default. The major benefit for customers is having access to sophisticated computing technologies at relatively low cost. Not having to make upfront investments, gives start-ups and IT savvy SMEs entry into almost any sector, or let’s face, it can just mean business survival in the digital age.

Some service providers sell through indirect channels via partners. This means the SLAs and associated contract is signed between the partner (integrator, ISV, VAR, etc.) and the final end-user. This may (or may not) leave room for negotiation.

As outlined in Cloud Computing Law, Common drivers for negotiated contracts are mostly commercial issues where high service levels are required for mission-critical services and risk allocation between customer and provider

Irrespective of your ability to negotiate, having a clear understanding of the SLAs and monitoring the provider’s commitment to them are paramount – it’s really all about transparency.

Negotiations by large customers have helped raise awareness about privacy and security. Research in Europe is giving much greater emphasis on security, data protection and privacy, monitoring mechanisms, and open source solutions, so make sure your migration plan allows for new market offers.

What to bear in mind when negotiating

From the very beginning, it is very important to clarify the specific responsibilities of each party, whether shared or individually owned. Taking these steps means you can mitigate the risk of losing key protections and efficiencies that SLAs can provide.

Before implementing a cloud contract, both parties should make an exhaustive review and negotiation of the service level agreements, wherever this is possible.

Agreements with the provider should include SLAs that not only benefit the vendor but also safeguard your business or agency, so clarify the specific responsibilities of each party, whether shared or individually owned. Define penalties with documented credit amounts for each missed deliverable.

Pay special attention to the termination phase during negotiation, as conditions prove critical in protecting against cloud vendor lock-in. Ensuring all conditions are properly in place gives you, the customer, greater control over the cloud services you are using.