Is there a template to follow for a typical cloud service-level agreement?
It's important to understand your expectations of your cloud provider and come to a set of agreeable terms in a service-level agreement, your contract with your vendor. But what should go into a cloud SLA? Fortunately, there are a number of resources to help.
When planning to purchase cloud services from a provider, there are many features and parameters to discuss beforehand. Your cloud service-level agreement (SLA) should specify minimum levels of performance for each service, codified with specific parameters. Consider the requirements to document an outage and how long you have to submit a claim. It's vital to understand outage documentation procedures before using any cloud service. You wouldn't want to be running a cloud application and have an outage, only to realize you should have been running a more detailed log level.
It may seem obvious, but clearly state that you maintain ownership of your data and have a right to get it back. There are a number of document procedures that should be available, including downloading data using Secure File Transfer Protocol (SFTP) or having data shipped to you on a disk or other media for dealing with large volumes.
Cloud SLAs should also include specifications for data security, cloud governance and the ability to audit a provider's compliance -- or at least have access to their audit reports written by a trusted third party.
For companies looking for comprehensive SLA templates, a good place to begin is with Thomas Trappler's "If It's in the Cloud, Get It on Paper: Cloud Computing Contract Issues." Trappler is the director of software licensing at UCLA as well as an instructor and adviser on cloud computing contracting issues. His tutorial covers key topics such as the basic elements of a service-level agreement, SLA parameters, definitions you should know and remedies for any issues that arise. It also delves into topics you may not think about, such as the location of data and vendor outsourcing.
IBM DeveloperWorks also has a paper that is worth consulting, "Best Practices to Develop SLAs for Cloud Computing." If you have time for a longer report, review the European Commission's report on Cloud Computing Service Level Agreements.
About the author:
Dan Sullivan holds a Master of Science degree and is an author, systems architect and consultant with more than 20 years of IT experience. He has had engagements in advanced analytics, systems architecture, database design, enterprise security and business intelligence. He has worked in a broad range of industries, including financial services, manufacturing, pharmaceuticals, software development, government, retail and education. Dan has written extensively about topics that range from data warehousing, cloud computing and advanced analytics to security management, collaboration and text mining.
Everything you need for a strong cloud SLA
Keeping cloud providers in check with cloud SLAs
Dig Deeper on Negotiating service-level agreements and billing with cloud providers
Related Q&A from Dan Sullivan
Docker's recent upgrade introduced support for hardware signing and in the future, automated security analysis on Docker images. Expert Dan Sullivan ...continue reading
Cisco's new project Contiv automates operational policies for containerized applications in the cloud. Expert Dan Sullivan explains the benefits of ...continue reading
Dropbox API abused by attackers posing as legitimate users in a huge spear phishing campaign. Expert Dan Sullivan explains how to mitigate the risks ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.