Making Cloud SLAs readily usable in the EU private sector

Enterprises need to understand Cloud SLA

An enterprise who wants to purchase Cloud services from a Cloud Service Provider (CSP), has to be able to negotiate, compose and review the Service Level Agreement (SLA) that is going to accept by signing the cloud contract.

Chief information security officers (CISOs) and anyone who leads IT security for a business has to know which clauses a Cloud SLA needs to contain in order to guarantee the enterprise's security.





Among others, the following are the main elements on which a business should focus its scrutiny:

  • availability of the service;
  • encrypting of stored and transmitted data;
  • location of data:
  • termination procedure;
  • disaster recovery;
  • terminology;
  • credits.

Negotiation is the main instrument that allows CISOs and businesses to obtain these requirements. By leveraging on the availability of CSPs offers present in the market, enterprises can get what they need: an effective and tailored Cloud SLA.


Negotiation is the third phase of the Cloud Service Lifecycle: find more on what to look for and what to ask for when you are about to sign a Cloud contract.

Source: What CISOs need to incorporate into cloud service-level agreements, Mike O. Villegas,