Strategic CIO // IT Strategy
News
9/28/2011
03:35 PM
Connect Directly
RSS
E-Mail
50%
50%

Don't Get Burned: 4 Steps To A Cloud SLA

Negotiating service-level agreements with providers is a matter of metrics, performance targets, and realistic remedies.

For IT teams that like control, the "black box" cloud model, where customers implicitly give up the right to direct how and when most tasks are performed, can be stressful. The remedy: robust service-level agreements tailored to the as-a-service paradigm. The problem is that not all service providers agree. To the extent that cloud computing providers offer SLAs at all, in our experience their agreements tend to be weak, laden with unfavorable credit terms, and overly standardized with scant room for negotiation.

The trick for enterprise IT teams is to get the protection afforded by a tailored SLA without negating the benefits--lower cost, increased scalability, and simpler management--that led them to the cloud model in the first place. In fact, an SLA itself isn't enough; just as important is a service specifications document, which spells out the respective responsibilities of the provider and customer; your ability to remove data from the cloud and mechanisms for doing so; and requirements relating to security, compliance, and data retention. (We discuss the service spec document in more detail in a free report.)

As for customized SLAs, we've heard plenty of providers argue that they can't deviate from a standard agreement because their multitenant offering requires a standard product description and contract. While this reasoning has some merit with respect to service capabilities, it's less clear why it should be the case when requesting an SLA that measures an existing aspect of the service. For example, while most software-as-a-service providers don't guarantee that transactions will complete in a certain amount of time in their standard SLAs, transaction execution is an implicit element of the provider's service, so it should be possible to negotiate a service level.

Providers' inflexibility may be due simply to their not having been pressured to change--yet.

If you want a custom SLA, we recommend submitting a request for proposal with your requirements. Depending on your leverage, however, the provider may mark up the proposed SLA extensively or refuse it outright and require you to negotiate from its baseline. Worst case, it could simply insist you accept its canned set of terms.

What then? That depends on the uniqueness of the cloud offering and whether the business side has latched on to a desired provider. How you negotiate SLAs should be tailored to reflect the strength (or weakness) of your company's position, anticipated provider behavior, and the quality of the provider's standard SLA. If you must move ahead with a cloud service and you have little negotiating leverage, use your limited influence to address only the most egregious aspects of the provider's SLAs, rather than asking for something overly aggressive that will likely result in outright refusal.

Our four-step plan for getting the best cloud SLA will help.

Step 1: Build The Service-Level Portfolio

The first step in developing an SLA is identifying the portfolio of service levels that best measure and manage provider performance. In determining these metrics, a company should:

>> Make the metrics relevant to business performance, not technology. Service levels should focus on business outcomes, rather than provider compliance with technical parameters that don't relate directly to business value. For example, if an application is used predominantly in support of monthly closing activities, measuring availability over the entire month doesn't reflect how critical the software is at the month-end period.

>> Develop a collectively exhaustive metric portfolio. Ensure that any failure to meet the business' needs will be reflected in a failure to meet one or more service levels. For example, if a substantial increase in screen update time would sink user productivity, include a related metric in the portfolio. A problem we frequently encounter in "distressed" service relationships is dissatisfaction with service quality even though SLAs are consistently being met.

>> Be sure service levels are mutually exclusive. Avoid overlapping service-level metrics that can dilute provider focus and result in misleading performance reports. For instance, an infrastructure-as-a-service customer might consolidate metrics for "average time to provision a server instance" and "provision success rate." By avoiding duplication and overlap, you also eliminate the need for the provider to set pricing to protect itself against "double jeopardy" credit situations.

>> Institute checks and balances between metrics. Your SLA portfolio should consider each service level in the context of the overall SLA framework and the outcome you want. Address any potential adverse incentives with a counterbalancing metric. A common example comes from outsourced service desks, where emphasis on "average handle time" can lead to lower-quality call outcomes unless a compensating metric, such as "first-call resolution," is included.

>> Limit the size of the portfolio for manageability. An SLA portfolio of more than eight to 10 service levels can become unwieldy. You want to keep the provider's attention on the metrics most critical to your business, which in most cases relate to service availability, service performance, and timeliness of fixing problems.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Flexera
50%
50%
Flexera,
User Rank: Apprentice
10/11/2011 | 9:21:37 PM
re: Don't Get Burned: 4 Steps To A Cloud SLA
Interesting posts. All SLA's and Cloud Services should be selected based on their ability to meet specific user and/or application requirements that fit with key business directives. The promise of the Cloud can be quickly dilluted if the costs of compliance (security, business, regulatory, license), migration (can you, should you) and process automation (development, service desk, operations, asset management) are not part of the planning process. Each piece can have a significant impact on the importance and overall negotiating power to procure SLAs that meet the needs of the business. Before negotiating any SLA it is important that cloud consumers have ways to track and migratethe applications and users across a variety of devices, infrastructure (Cloud and Current), and network connections. Through employing tools that enable tracking and usage across various environments - companies are able to more accurately understand risks, calculate costs, and maintain overall compliance. For more information - www.flexerasoftware.com
Transformative CIOs Organize for Success
Transformative CIOs Organize for Success
Trying to meet today’s business technology needs with yesterday’s IT organizational structure is like driving a Model T at the Indy 500. Time for a reset.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - July 22, 2014
Sophisticated attacks demand real-time risk management and continuous monitoring. Here's how federal agencies are meeting that challenge.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.