New direction on SLAs offers hope for cloud computing providers and procurers

Clare Hopping

Wednesday 27 August 2014

New guidelines for EU cloud computing providers could help standardise SLAs, making it more cost effective and secure for businesses to store data in the cloud. However, not all experts agree that SLA guidelines are what’s needed.

If you’ve ever sourced a cloud provider, you’ll know that it can be hard to assess and compare the stated availability, reliability and security of different services.

The global nature of the cloud has meant that service-level agreements (SLAs) are complex, with different providers using different terminology, stating different applicable requirements and offering different products and services that require a different approach to SLAs.

But there is hope on the horizon.

C-SIG offers new direction on SLAs

New guidelines around the European Cloud Computing Strategy, particularly related to SLAs, were presented to the European Commission (EC) at the end of June, with the intention of helping businesses save money and get the most out of cloud computing services by standardising the agreements.

The EC believes the new standards will also help generate trust in innovative computing solutions and help EU citizens save money, meaning companies can welcome higher revenues.

EC vice-president Viviane Reding has said the guidelines are in the same spirit as the EU data protection reform that aims at boosting trust.

“A competitive digital single market needs high standards of data protection,” she announced recently. “EU consumers and small firms want safe and fair contract terms. Today’s new guidelines are a step in the right direction.”

Not all experts agree

However, Quocirca founder and analyst Clive Longbottom questions what an SLA means in a cloud world and whether it is relevant.

“The C-SIG seems to be looking at this as being uptime, security levels and so on – all stuff that can be written down for a prospect to compare and contrast between differing cloud providers,” he says.

“The cloud should, however, herald a complete change in the way that IT is implemented and run – a move from monolithic applications that are hosted on a dynamic, multi-tenanted, flexing resource platform to a more flexible composite application environment where the application is built up on the fly from functions pulled from a range of different cloud (and sometimes non-cloud) environments.”

“The cloud should herald a complete change in the way that IT is implemented and run…”

Longbottom says the form of SLA that is required in a cloud environment is an in-line one: from a white or yellow-pages directory of services, an application provisioner needs to be able to ask (in real time) a possible functional supplier things like:

– What latency is there between me and you?

– What number of transactions per second can you handle?

– Do you support these levels of security?

– Do you have the APIs to interact with this service from a different supplier?

“These then require a codified, proceduralised means of requesting and responding at the technical level – no documentary approach to SLAs can manage to deal with this kind of requirement.”

The SLA policy needs to adapt as the industry changes

Although the new C-SIG-led SLA policy will benefit companies on paper, resulting in a more reliable service for businesses as they are able to choose services to suit their needs, it may need to be extended in future to include a wider range of requirements from cloud providers and answer more questions CIOs have when choosing which services to sign up to.

The new initiative from the EC is certainly a step in the right direction to help boost adoption of cloud services, and with more directives planned for the future, we can expect to see a shift happening as companies move away from hardware and into the cloud.

What’s been your experience sourcing cloud providers? Do you agree that standardising SLAs is a step in the right direction?