This content is part of the Essential Guide: A CIO's guide to cloud risk management
News Stay informed about the latest enterprise technology news and product updates.

How to develop a clear cloud contract with your provider

Crafting a specific, clearly defined cloud contract with your provider is crucial to staving off security problems and SLA breaches. In this tweet jam recap, participants shared tips on how to best communicate needs to cloud providers.

A detailed and clearly defined blueprint for purchasing cloud services isn't a nice-to-have -- it's a necessity....

A service-level agreement (SLA) functions as this roadmap for both the customer and the cloud service provider: It not only defines expectations around the provider's level of services unique to the customer and offers stopgaps should a service fail, but also details the customer's rights and responsibilities.

Developing clear SLAs is crucial because a cloud computing infrastructure, like any other, is susceptible to unforeseen problems, which can range from security breaches to availability issues to legal risks and more. Not adequately setting each party's responsibilities against your business requirements in a cloud contract might set up your organization for unwelcome surprises. In a disaster, for example, it's important to ask the provider questions around its level of transparency with the customer, said Larry Carvalho, a consultant at RobustCloud LLC, in a tip on our sister site, SearchCloudComputing. "The answer to these questions may be surprising. While you might expect otherwise, in the event of failure, the onus is often not on the provider. It can be up to the customer to identify a service failure and its impact," he said.

In SearchCIO's recent cloud provider-themed #CIOChat, Larry Bolick, CIO at Aquent, and other participants sounded off on the importance of carefully crafting cloud SLAs to best communicate enterprise needs to cloud providers.

How can corporate IT better communicate needs to cloud service providers?

Before signing a cloud contract, companies need to do their homework and identify their specific business requirements, Bolick said:

Because many providers' websites only list the services and products they offer, IT leaders should establish key performance indicators that are specific to their business' requirements, such as maximum downtime tolerance, acceptable latency levels and the necessity of constant access to corporate data.

SearchCIO Senior Managing Editor Rachel Lebeaux agreed with Bolick, tweeting that an explicit SLA makes an organization's expectations clear to the provider. Participant Tim Crawford warned that SLAs can be tricky:

IT leaders should confirm SLAs' coverage in terms of how the provider will credit their organization in the event of a breach of contract, for example. "In general, SLAs won't actually help you recover anything in the event of an SLA violation," Chris Moyer, vice president of technology at Newstex, explains on SearchCloudApplications. "For that reason, it's important to identify your own recovery steps to prevent provider outages from costing you money."

Preparations in case of outages are but one of many potential issues that should be specified in a cloud SLA:

Speak to providers with a 'unified voice'

When considering the cloud, it's essential that IT establish relationships with business managers so that everybody's goals are aligned before signing off on a cloud contract:

One group of business managers CIOs might want to work with: procurement professionals. "They're like the important quarterback in these negotiations," Cynthia Nustad, CIO at Health Management Systems, told SearchCIO Features Writer Kristen Lee. "You need a third party from the outside looking at the vendors without any bias."

Crawford and Bolick brought up some caveats, however:

How are cloud providers accommodating digital enterprise needs?

Digital technology is constantly reshaping organizations' infrastructure, business processes and operations. Tweet jammers weighed in on how cloud providers can keep pace, starting with cloud peering issues:

Cloud providers are also increasingly zeroing in on security and governance, risk and compliance in their SLAs to maintain customers' trust, particularly in today's breach-a-minute landscape:

Want to share your two cents on contracting with cloud service providers? Let us know in the comments section below.

This SearchCIO #CIOChat recap reviews our tweet jam on the theme of managing cloud providers. For more recaps or to get information about our next hosted chat, follow @SearchCIO on Twitter.

Next Steps

Cloud providers discuss the ins and outs of SLAs

Growing use of cloud means SLAs are more important than ever

The need for cloud insurance and identity management

Dig Deeper on Small-business IT strategy

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

Which business managers do you consult in establishing cloud contracts with vendors?