Cloud // Software as a Service
10:11 AM

3 Truths About Cloud Software SLAs

You're not imagining things. Unlike the rigorous SLAs of traditional enterprise IT services, today's cloud software SLAs don't offer much room for customization and tend to cover only the basics.

Complex service level agreements (SLAs) have long been the norm for upholding performance and uptime guarantees for traditional on-premises applications and old-world hosted apps. But experts say when it comes to the shared resource world of cloud-based software, enterprise IT must rethink its tried and true notions for IT contracts.

While SLAs for traditional IT services are typically highly tailored to meet the unique uptime, performance, and availability requirements for a particular application and business process, that same level of granularity and customization rarely exists with cloud software SLAs. Cloud SLAs are generally far more standardized experts say, and overall, far less enforceable.

Truth 1: A one-size-fits-all SLA is common

What's common in the era of cloud-based software is a one-size-fits-all SLA with a base set of performance metrics, intended to meet the needs of the broader user population and a wider variety of use cases. "It would be extremely difficult for anyone to negotiate an SLA with a cloud provider that is in any way significantly different than their standard terms," says Tom Nolle, president of CIMI, a consulting firm that caters to telecommunications, media, and technology issues. "It's almost an inevitable consequence of the cloud."

[ Bring your own cloud is coming to an enterprise near you, CIOs. See If Bono Loves Dropbox, Shouldn't You? ]

What is it about the cloud model that breeds a vanilla SLA? Cloud providers argue that any deviation from a standard agreement impedes the cloud provider's overall ability to deliver on the value proposition and overall economies of scale enabled by the cloud's shared resource pool and multitenant computing architecture.

"Saying that some users are going to get different performance than other users is the antithesis of the concept of a vast resource pool," Nolle contends. "If you're going to make effective allocation of resources in the cloud, you can't make concessions from standard terms of service, because those standard terms of service are the basis for calculating profit, margins, and operating efficiencies. [As an IT department] You're just not going to get radical changes in the SLA."

Truth 2: Expect relatively immature SLA terms

Also know this: Whatever limited terms you are offered are typically just that--pretty basic terms. Given the relative immaturity of the cloud software market and the fact that many of the providers are smaller companies, often startups, contract terms are still evolving. In many cases, these terms only cover the bare minimum.

Most enterprises are accustomed to SLAs that sometimes call out as many as a dozen very specific benchmarks, most commonly a certain percentage of uptime and availability--in many cases, 99.99% is the target number. However, few cloud software providers, at this point, offer such formal guarantees, instead using looser terms to describe uptime availability. Others like Symantec, which tout more comprehensive SLAs, go as far as to promise things like 100% service uptime, with problem solving responses in the range of 75% for an eight-hour response to minor issues, up to a 95% rate for a two-hour response for anything deemed a critical problem.

Truth 3: Multiple layers mean limited accountability

Let's face it--a cloud software provider can promise the moon when it comes to SLA performance levels, but the truth is the software depends on the Internet and overall network infrastructure to run. In that sense, any disruption to critical areas outside of the provider's jurisdiction has everything to do with the performance of their application, making it next to impossible, experts say, to make concrete guarantees about availability and uptime.

That wasn't necessarily the case with previous-generation ASP (Application Service Provider) or on-demand applications, where a provider delivered computing services to a customer via a network dedicated to that particular customer. In this case, the provider had complete control in managing uptime and mitigating network failures.

"One of the risks of cloud-based solutions is network failure between you and the cloud provider," notes Jonathan Shaw, a principal with Pace Harmon, a consulting company. "No one is responsible--that's part of the risk."

Of course, there are upsides to the one-size-fits-all cloud software SLA model as well. For example, in the world of Software-as-a-Service (SaaS), one buyer's requirements resulting from a security audit could translate into new security features that benefit all. Beyond democratizing improvements, most cloud software vendors do maintain pretty high performance standards.

"Cloud software contracts aren't customized like an IBM hosting deal, but there are high and rigorous security standards set," says Liz Herbert a principal analyst at Forrester Research.

The pay-as-you go nature of the cloud makes ROI calculation seem easy. It’s not. Also in the new, all-digital Cloud Calculations InformationWeek supplement: Why infrastructure-as-a-service is a bad deal. (Free registration required.)

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Apprentice
4/11/2012 | 2:20:36 AM
re: 3 Truths About Cloud Software SLAs
Seems like we should be past some of the immaturity in SLA terms referenced in the second point. @readers: what have your experiences been like dealing with SLAs from cloud providers?
Brian Prince, InformationWeek/Dark Reading Comment Moderator
8 Steps to Modern Service Management
8 Steps to Modern Service Management
ITSM as we know it is dead. SaaS helped kill it, and CIOs should be thankful. Hereís what comes next.
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends to Watch in Financial Services
IT pros at banks, investment houses, insurance companies, and other financial services organizations are focused on a range of issues, from peer-to-peer lending to cybersecurity to performance, agility, and compliance. It all matters.
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on for the week of October 9, 2016. We'll be talking with the editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll