Tag Archives: Service Level Agreement (SLA)

Influencing the Quality of Services by Focusing on Service Level Agreements 

Service Level Agreements (SLAs) are enterprise life lines on the Internet. CIOs cannot plead ignorance of the clauses. First, the SLA is often written in plain English, and second, the SLA represents the “consensus” reached between the contracting parties. A focus on the SLA is an imperative; a necessity. So, what does one look for in an SLA?

This paper purports to help readers focus on SLAs for Cloud services and understand the what, why and how of it.

 

Table of Contents

  1. Introduction
  2. Definition of Services
  3. Performance Measurements
  4. Problem Management
  5. Customer Duties – Roles and Responsibilities
  6. Warranties and Remedies
  7. Disaster Recovery and Business Continuity
  8. Security
  9. Termination of Agreement
  10. Conclusion
  1. Introduction

CIOs can not plead ignorance of the clauses in the SLA if enterprise data suddenly vanishes into cyberspace! SLAs are often set out in plain English and a focus on the SLA is an imperative; a necessity for the survival of the organization in this digital age. A focus on the SLA, an understanding of the provisions and sections of the document is a must.

Service level agreements are formal, legally binding documents that are drawn up by the contracting parties. They formally set out the level of service that will be provided by the contractor under the terms of the contract. All Cloud services providers include SLAs that detail the level of service that will be provided for the duration of the contract.

A service level agreement is an “agreement”. It signifies consensus between the contracting parties. It assumes that there is a common understanding about services, guarantees and warranties, responsibilities and priorities. It defines levels of serviceability, availability, operation, performance or other attributes of the service, including billing. It details where and when a customer can expect “minimum” service and how it can be measured or what the target value is.

A few contracts may even contain clauses detailing penalties for failure to meet minimum expected levels of service. To get the right level of service, customers must examine the different sections of the service level agreement in detail.

At a minimum, a typical Cloud service level agreement includes the following sections:

  • Definition of services
  • Performance Measurements
  • Problem Management
  • Customer Duties
  • Warranties
  • Disaster Recovery and Business Continuity
  • Termination of Agreement
  1. Definition of Services

Cloud Service SLAs, like all utility service SLAs are output based. By this, we mean that the level of service that will be provided to the customer is defined in measurable terms. The service provider demonstrates value to the customer by expounding how knowledge, capability, and ingenuity are innovatively organized to deliver the requisite output or service to the customer. This emphasis on the delivery mechanism shifts the risk to the service provider.

The definition of services under the SLA may vary according to the type of service, the type of organization and the needs of the organization. A corporate level SLA may provide generic services to all parts of the enterprise. Multi-level SLAs may split services so that the service provider can cater to the specific service needs of different parts of the organization. Customer level SLAs may provision for services relevant to a particular industry. Service level SLAs may cover specific service requirements of specific service groups.

SLAs may offer layered services. The service provider may define the basic package(s), that will be made available at different prices. Customers can select from a list of “add-ons” (at pre-defined costs) or other specific features that they would like to include in their package. For instance, the basic package may offer the customer 2 GB of space for storage. The customer may choose to “add-on” additional storage by signing up for 20GB of space. The service user may also opt for an email system for the entire organization in addition to the other services being offered as part of the regular package.

All terminology proposed to be used in the SLA are also set out and explained in this section of the document.

  1. Performance Measures

That which is not monitored is not done. SLAs are drawn up to ensure that Cloud service delivery performance can be measured and the customer has the ability to monitor the performance of the service provider on the basis of a pre-defined set of standards and norms. The service provider also commits to a minimum level of service under this section of the SLA and has the opportunity to define the standards and norms that are to be used to evaluate the performance of the service delivery. For instance, “latency” is a term that describes the time taken for data to be recovered to the client machine from the storage server in the Cloud. “Uptime” is a measure that helps both the customer and the service provider understand whether the services are being delivered as promised. Uptime is usually expressed in 9s. As a client, one needs to think thoroughly on the level of uptime. Uptime can be incorporated with much accuracy by determining the number of 9s in the SLA. For example, the table below shows the co-relation between the number of 9s a client might target and the duration of downtime, which may vary from 5 minutes to over 36 days in a given year.

If your availability target is a mere 90%, there will be 36.5 days of downtime in a year (i.e. 10% of 365 days). If, however, your availability target is 99.999% (dubbed as five nines), then you will only have about 5 minutes of downtime in the entire year!

Availability Target Downtime Per Year (Approx.)
90 percent 36.5 days
99 percent 3.65 days
99.9 percent 8.8 hours
99.99 percent 52.6 minutes
99.999 percent 5.3 minutes

Table: Comparison of Downtime Vs Availability Target, using “one to five nines”

  1. Problem Management

This section of the SLA focuses attention on problem-handling systems integrated into the service. The purpose is to minimize the impact of events, incidents, and problems on the customer’s business. For instance, the Cloud vendor may provision for alerts to be generated whenever a backup or recovery fails or unauthorized entities attempt to access the data. The SLA may detail error handling procedures and set out escalation protocols for handling unexpected problems. Time frames for the resolution may be specified. Stipulations may include activation of audit trails and maintenance of logs and records for all types of incidents that may cause failures in delivery of service.

  1. Customer Duties – Roles and Responsibilities

The SLA is not a one-way street. The Cloud vendor has some expectations from customers. The service will work effectively only if the organization collaborates regularly with the vendor for technical and support contract issues. The organization must clearly indicate and designate the license administrator. The administrator is responsible for receiving and administrating the software product licenses, updates and upgrades and payment of all bills due or assigning rights and permissions to other users, who are authorized to access the online storage account. Though they may appoint secondary administrators in multi-level contracts, all secondary administrators must report to the primary administrator, who must remain a single point of contact for the Cloud vendor.

  1. Warranties and Remedies

The Cloud vendor provides the user details of any warranties and remedies under this section of the SLA. This is perhaps one of the most important sections for the customer. The warranties may cover service quality, indemnities, third party claims, remedies for breaches, exclusions and force majeure.

  1. Disaster Recovery and Business Continuity

Recovery is the raison d’etre for online Cloud backup and storage. The Cloud vendor describes in this section, the disaster management protocols that have been put in place by the company to safeguard against disaster.

The disaster recovery and business continuity guarantees may broadly include:

  • Provisioning of geographically dispersed servers for safeguarding against natural disasters such as Tsunamis, earthquakes or tornados
  • Continuous data replication or data mirroring to ensure high availability of information at all times
  • Seamless failover systems
  • Simultaneous creation of local copies of data using the Cloud vendor’s proprietary application even as data is being streamed to the online server over the Internet
  • Provisioning for bare-metal restores to any part of the world
  • Provisioning for data security with impregnable cryptographic modules, both during transmission and storage
  1. Security

This section of the SLA elaborates upon the security systems that the Cloud vendor promises to use. Any certifications obtained by the company for its cryptographic module or the type of encryption that is used (bank grade/military grade) is generally specified here. The encryption protocol may be used only for data in transition and not in storage or for both. If the vendor permits the customization of the encryption key, the fact will find a mention here with suitable warnings that the loss of the key could well mean the loss of data as the vendor does not retain copies of the customized keys.

Further, the vendor urges the customer to ensure that the user management systems provided is exploited to ensure that only authenticated and authorized personnel has access to data and enterprise policies are being adequately implemented through the interface settings.

  1. Termination of the Agreement

The last section naturally talks of when and how the contract can be terminated. The rights and responsibilities of the vendor and the customer are generally detailed in this section. Termination can occur at the end of the initial term, for convenience, and/or for a cause. However, whatever the type of termination, the vendor must undertake to delete all customer information from all primary and secondary servers in which the data has been stored. Some vendors even specify what they will do with the information that is stored by them in their archives and disaster recovery sites. Wherever interoperability of services is possible, the vendor may agree to transfer all customer data and applications to the new Cloud service provider.

  1. Conclusion

It must be reiterated that the SLA is a binding legal document. Both parties to the contract can enforce it and hence, it must be drawn up after both parties are satisfied that they have clarity on promises and expectations. Imperfect understanding on any side can lead to confusion, dissatisfaction and probable loss of business. Therefore, both parties must negotiate the different clauses before signing on the dotted lines and committing themselves to the contract.

In some cases, despite your due diligence, SLAs might not be met; and you won’t discover this until the unexpected happens and disaster strikes. Therefore, it is highly advisable that you understand and get comfortable with the SLA and that you anticipate disasters and plan accordingly. Sometimes, disasters are not fully understood; and administrators might define them vaguely. For instance, disasters that are defined as small instances may have just as big of an impact as the larger, less likely ones.

 

Assess Cloud Storage Services Before Actually Using Them

While cloud backups and storage and recovery solutions are great for your organisation, it is important for you to know that it is not without limitations. For that reason, SMBs that are currently planning to move to the cloud must take some time and check the advantages and disadvantages associated with cloud backup services before migrating to the cloud. So, the extent at which the pros associated with cloud storage outweigh the cons, will determine your decision whether to jump in the waggon and ride the cloud or not.

Cloud backup and storage has been made an interactive backup and storage option suitable for both small, medium and enterprise organisations through bandwidth and capacity optimisation technologies, and multi-tenant architectures on the Internet. There is integration of range of business continuity solutions with the concept of server abstraction; and provision of high availability of critical workloads are the product of the solutions generated in the cloud. This will also facilitate the speeding up of time to market by using highly developed file imaging and site recovery options, coupled with all-embracing interoperability and best practises.

Cloud backup and storage service providers use high-tech tools in order to meet with the needs and demands of their customers. The migrations, upgrades and outdated technology are abstracted to the level of the service provider, giving users the freedom to enjoy data storage as a measurable utility with easy payment option. There are lots of security services that are made available at the price of subscription to the customers in the cloud and some of them include: file compression, disk based backup, encryption, duplication of data, server and storage virtualisation, application of particular security, and tiered storage using security authorisation. Some of the service providers improve their service by incorporating 24/7 customer support, which helps to intimate the customer against any form of security violations.

As cloud services are based on the Internet, the service consumer may not really be in control of the service level agreement (SLA) or even performance guarantees. Limitation of bandwidth is capable of making storage and data recovery a tedious and difficult task. There may be problems with exit strategy if the organisation decides to pull out from the agreement. Termination fees, cancellation charges, data extraction costs are the possible issues you may face. That is why you need to examine the SLAs before signing on the dotted lines.

Therefore, SMBs should embark on a though assessment of cloud services before hitching their waggon to the cloud. You can get competitive edge in your niche and also redefine your company just with effective planning and implementation in the cloud. It is recommended that you embrace the cloud, but ensure that you are entering this market being vigilant and alert. Therefore, you should not migrate to the cloud without getting a real understanding of what you are engaging your company into, as well as the potential disadvantages and advantages associated with cloud services.

At Backup Technology, we are always ready to assist you in your efforts to migrate to the cloud by taking the time and advising you at all levels. We will help you get over bandwidth issues by seeding your initial data to our servers with no hidden fees, with clearly spelt out SLAs.

The Benefits of Cloud Based Email

Cloud based email providers have been growing in leaps and bounds. Today, there are a variety of vendors that provide cloud based email based services. These cloud based email services offer the end user many benefits by accessing the cloud technology.

For example, some providers offer a cloud based storage and collaboration service as part of their email package. This allows the end user not only to store and access their documents in the cloud, but also allows them to collaborate with multiple users, all over the world. Documents can be created in the cloud as part of the company’s email package, and of course once they are created, they can be safeguarded. This is a major convenience which the cloud technology makes possible.

The widespread use of cloud based email service has led to the production of computers that rely primarily on access to a cloud based email service. This is not surprising because more and more people are relying primarily on the cloud to create and store their documents. This is just one example of how the cloud’s reach has been spreading and of the success of the cloud revolution. As time goes on, both companies and individuals, are realising how cloud technology can be a useful tool in regards to the email services they may have.

In fact, some companies are sensibly introducing cloud based email as a back up to their primary email service. That way, if there are any problems with their main email, the cloud based email will be available. Cloud based email also makes it possible for companies to offer email services to employees who may not have a business email account.

In addition, many cloud based email services offer consumers a variety of other benefits as well. Some of these benefits includes day and night customer support by phone or email, anti-spam and virus support, mobility features which include email synchronisation and service level agreements which guarantee almost 100% uptime.

There are many cloud based mailboxes to choose from. Some of these include the extremely popular Google Gmail and the Microsoft Exchange Server. Users are able to migrate mail to their cloud based mailbox from other mailboxes. Another advantage is that these mailboxes that can be tailored to meet their storage needs and permit large attachments.

Ultimately, it is up the end user to choose the cloud based mailbox that best suites their needs. However, whatever they decide to choose, the benefits of cloud based mailboxes and email services are undeniable. Going forward, more and more companies and individuals will make the switch to cloud based email.

Prevent Data Failure with Effective Data Storage in the Cloud

A loss of data can be crippling to a business. Data failures can be costly and time consuming. How is it possible to prevent this from happening? Storing data in the cloud — while not foolproof — is one option.

It should be noted that prior to storing data in the cloud, companies have to ensure that they have an effective data model in place. That is something they need to do before they approach a cloud based company to store their data in the cloud. Not doing so could create unforeseen difficulties for them, and would compound their ability to access the services that cloud based companies have to offer. This is the responsibility of individual companies to ensure that once they start cloud computing that they reduce the risk of anything going wrong. Working with a cloud based company is a partnership and both partners have to ensure that they are doing what they can to make the partnership work.

Structure your data intelligently before storing in the cloud

In fact, proper information management in this technological age is crucial to a smooth functioning of a business. In order for data to be effectively stored in the cloud, the database must be intelligently structured prior to storing data in the cloud because having to redesign the physical structure of the database after storing data in the cloud can be time consuming and costly. Corporations need to ensure that prior to enlisting the services of the cloud that their data is protected from database failure. Once that it is done, they are ready to store their data in the cloud, and be safe in the knowledge that they can access it when they need it and that it is safe and secure.

Avoid defective data models

There may be a variety of reasons why a company’s logical data model may be defective. Some of the reasons (among other things) include a company’s failure to consider use cases of different users, a failure to use appropriate software modelling tools, and a failure to accurately and comprehensively define relationships between entities.

Safe, Mobile, Scalable and Easy

Storing data in the cloud is relatively safe and is easy to retrieve. In addition, the beauty of the cloud is that unlimited amounts of data can be stored and accessed whenever and wherever the end user requires it. In addition, if data is lost, it can be easily retrieved. Cloud companies have data recovery processes that make this possible. How to retrieve lost data can be spelled out in a business service level agreement (SLA) prior to engaging the services of a cloud based company. Spelling things out clearly is a good way to ensure there is no miscommunication.

So, before you approach a cloud based company, make sure that your data is ready for the cloud. This makes it easier for your company and for the cloud service provider, whom you beginning a new partnership with. Doing so will ensure that your cloud computing experience will be worry free.

Should the Cloud be Standardised?

Today, the cloud is not standardised. Companies operate in the cloud under different criteria. Basically, they all do their own thing without regard to what their competitors or other related companies do. Is this an effective strategy or does this lack of standardisation adversely affect the end user? If so, what can be done to streamline and harmonise the activities of cloud vendors?

Presently, we are seeing a plethora of cloud based vendors offering a variety of services ranging from financial management services, video applications, data storage and archiving, email hosting, and many other services. The cloud also allows businesses and individuals to have a virtual office, sharing and storing documents in a cost effective and time efficient manner. This is a boon for anyone wanting to do business more efficiently and cost effectively. However, cloud based vendors currently operate in a vacuum, and as a result, there are some challenges inherent in cloud computing that could be positively affected if the industry was standardised.

For example, portability, moving data from one cloud vendor to another or sharing data between cloud companies is a major impediment to more effective cloud computing. Terminating an agreement with one cloud company and moving one’s data to another vendor is another related problem. In some instances, sharing data between cloud companies has become a major issue for the end user. Such issues need to be addressed and rectified. Standardising the industry could provide a possible solution to this problem and could also have the effect of making cloud collaboration easier. Standardisation would also have the added benefit of attracting more customers to cloud based companies who would feel more confident doing business in the cloud.

Standard service agreements could also be worked out in the industry for the benefit of the end user. These agreements would ensure a seamless service, allowing the user to easily compare technologies. Data can also be migrated from cloud to cloud and files can be shared easily. In addition, as standardisation is adopted, cloud services will be able to support multi-platform technologies by default, including the latest operating systems, mobile devices, and more.

Industry wide standards could be adopted regarding these issues and could be spelled out in their service level agreements. This would ultimately benefit both the end user and the cloud computing industry.

There is a growing awareness that standardisation could lead to a more efficient and productive cloud computing industry. In fact, there are a variety of organisations that are leading the charge to standardisation. However, a lack of a cohesive strategy to standardise the industry puts it at a disadvantage. The sooner the industry addresses this issue, the better.

Privacy and the Cloud

Computing in the cloud, like any developing technology, brings up a number of issues and challenges. Storing data and computing in the cloud is a great technological advancement. However, there are many ways our data and privacy could be compromised in the cloud. What can we do to ensure that our data is protected and our privacy is not compromised?

End user’s security and privacy could be compromised in the cloud, for instance, when files and folders are infected with a virus. The cloud vendor must, therefore, ensure that its servers are not vulnerable to infections and that safeguards are in place to ensure that infections do not occur. However, in the event infection occurs, what will the cloud vendor do to rectify the situation? How will they retrieve data if it is lost or compromised? Perhaps, these kinds of issues can be described in the provider’s service level agreement (SLA) to ensure their customers that they are proactive about such issues and are willing to take action if something goes awry.

Another troubling issue in the cloud is identity theft, which can result as a result of Phishing. What is the cloud vendor doing to ensure that their client’s identity is safe? How are they educating their clients to prevent this from occurring? Phishing is a major problem that cloud vendors must be cognisant of as unscrupulous people find ways of stealing the identity of others in order to access sensitive information, like online banking credentials. This could be disastrous for a customer, and cloud vendors must ensure that proper safeguards are in place and do whatever they can to protect their clients.

Another security issue can occur if the service provider’s software is defective. You need to make sure that the software actually does what it claims by testing the service before you sign up; and also you need to perform regular tests as you go along. Defective software can result in a loss of data and money. The data owner needs to have clarity among other things, as to who can access the data. This is an important security protocol that needs to be addressed with the cloud vendor.

A simple solution to many of these and other related security and privacy issues is education and communication. Cloud vendors need to effectively communicate the dangers of some of these issues to their clients in a clear and comprehensive manner. They should be outlined in the company’s service level agreements (SLAs) and every possible effort should be made to inform their clients of the implications if they don’t take the proper steps to ensure their privacy when doing business in the cloud.

The cloud is a two way street. Cloud vendors and their clients must work together and be vigilant to ensure their data and/or privacy is not compromised.

Our Customers

  • ATOS
  • Age UK
  • Alliance Pharma
  • Liverpool Football Club
  • CSC
  • Centrica
  • Citizens Advice
  • City of London
  • Fujitsu
  • Government Offices
  • HCL
  • LK Bennett
  • Lambretta Clothing
  • Leicester City
  • Lloyds Register
  • Logica
  • Meadowvale
  • National Farmers Union
  • Network Rail
  • PKR

Sales question? Need support? Start a chat session with one of our experts!

For support, call the 24-hour hotline:

UK: 0800 999 3600
US: 800-220-7013

Or, if you've been given a screen sharing code:

Existing customer?

Click below to login to our secure enterprise Portal and view the real-time status of your data protection.

Login to Portal