Cloud Storage SLAs
When it comes to using cloud-based storage, the service level agreement (SLA) is everything. It's a rather dry document, but it lays out in writing exactly you can expect from the storage service provider in return for your monthly payment—both when things go right and when things go wrong.
A key benefit of any cloud service—storage or otherwise—is that economies of scale enable the cloud service provider to offer a commoditized service at a lower price than you could provide it yourself. And that means that the SLA that a service provider will offer you is likely to be the same as the one offered to all of its other customers buying the same service. In practice, that means terms like the types of media that the data will be stored on and the average data access time will usually be fixed.
But that's not to say that you can't negotiate. IDC estimates that about 80 percent of cloud customers accept the boilerplate SLA they are offered. But for larger customers, including enterprises buying storage services, there is certainly some maneuvering room.
So which SLA terms might you want to alter?
One of the key terms for any cloud SLA covers availability and downtime. It's often necessary to read the fine print to establish exactly how this is measured, according to Cal Braunstein, chief research officer at the Robert Frances Group. That's because it could be done on a monthly, quarterly or annual basis, he says.
"If a service provider offers you 'four nines' (i.e. 99.99 percent) uptime, then that allows 50 minutes per year of downtime. That comes to about 5 minutes per month, which you might be able to live with," he says. "But if it is measured on an annual basis, then the service could be down for 30 minutes or more in one month, and you would have to wait until the end of the year just to find out if the SLA has been breached."
Clearly, the way that downtime is measured makes a great deal of difference, and it's something that needs to be pinned down to match your business's needs. "You could certainly negotiate this, and say that you want the SLA to specify no more than 15 minute downtime in any one month or penalties apply, for example," Braunstein says.
Of course, it's important to remember that the SLA doesn't guarantee anything—it simply stipulates what the service provider is supposed to provide. When the service provider is in the breach of the SLA, it faces penalties. Usually these penalties are in the form of service credits, which are not tied directly to the impact of the breach on your business. When serious breaches occur, such as all your data becoming corrupt, you may get monetary payments instead of service credits. But these are unlikely to exceed four times your annual contract value—which is unlikely to be anything like the loss to your business.
The potential for very high losses is the reason why storage providers insist that SLAs include some limit of liability. Clearly, it is in the interest of the service provider to make this as low as possible. But it is not necessarily the case that it is in your interest as a customer to make it as high as possible, says Martin Kratz, head of the technology practice group at Calgary-based law firm Bennett Jones. "You are going to have to pay more to a service provider if you want them to accept more liability," he points out. "You certainly want them to have some level of liability, to encourage them to provide the service you expect, but when it comes to managing the risk of loss to your business, you might want to investigate if insurance might possibly be a cheaper option," he adds.