One of the key concerns upon which the enterprise cloud framework is based is the efficacy of the service-level agreement offered by the cloud service provider. Without this formal contract, in which CSPs offer and enforce services that maintain and build infrastructure and keep data secure, among other duties, cloud computing couldn't be effective. Few would consider adopting the cloud if it might put their business-critical operations or consumer data at a greater risk than in their traditional models.
Every SLA is different, however, a fact which can potentially make cloud computing seem more ambiguous to organizations looking to adopt. In the drive to present more exciting-looking offerings, some high-profile CSPs can neglect the terms of their SLA, or focus on lowering costs at the expense of providing premium functionality and enforcement assurance, according to CloudTweaks. Businesses that do their research and read between the lines of an SLA can discover which CSPs are offering hosted operations assistance and which are providing comprehensive solutions, with the guarantees to back up their word.
It's useful to break down SLAs into the three categories that industry analysts generally consider to be the most important: negotiation, monitoring and enforcement.
Enterprise-class cloud computing adoption success begins by getting an SLA with teeth. TechTarget outlined a few things that businesses should look for in a basic SLA agreement, including uptime guarantees, accurate estimates of scheduled downtime and credit provisions for any sustained outages or other problems.
Some of the larger CSPs have been the subject of complaints regarding inflexible SLAs, CloudTweaks reported. Some providers operate with a more 'take it or leave it' or 'one size fits all' approach that can end up presenting insufficient solutions for adopting businesses.
SLA language for enterprise IaaS cloud adoption should contain provisions pertaining to system monitoring. In SaaS and IaaS cloud agreements, the SLAs need to provide significant guarantees since any downtime or latency can hamper progress across the organization. IaaS providers should take an active role in preserving business critical operations. In some cases, as in those where a company is connecting to a data center in a remote geographic location, latency issues can cause downtime, according to CloudTweaks. CSP monitoring efforts should reflect any possible issues with regard to the way information is stored and make efforts to ensure that all contingencies are in place.
Additionally, companies should seek SLAs that are more flexible in the event of either planned or unplanned downtime. In the case of planned downtime, it comes down to CSP schedule flexibility, and establishing a time when their system updates will not interfere with any critical business functions. For unplanned downtime, according to TechRadar, it's important to know when the clock starts and who starts it. SLAs should present a clear picture of how unplanned downtime will be monitored and measured.
According to TechTarget, making sure to examine enforcement and liability strategies will go a long way toward making enterprise clouds an asset during times of business concern.
"[T]he SLA should include an expectation that the SaaS provider will take some proactive action toward mitigating potential outages," TechTarget stated.