A cloud SLA (cloud service-level agreement) is an agreement between a cloud service provider and a customer that ensures a minimum level of service is maintained. It guarantees levels of reliability, availability and responsiveness to systems and applications, while also specifying who will govern when there is a service interruption.
A cloud infrastructure can span geographies, networks and systems that are both physical and virtual. While the exact metrics of a cloud SLA can vary by service provider, the areas covered are uniform: volume and quality of work -- including precision and accuracy -- speed, responsiveness and efficiency. The document aims to establish a mutual understanding of the services, prioritized areas, responsibilities, guarantees and warranties provided by the service provider.
Metrics and responsibilities among the parties involved in cloud configurations are clearly outlined, such as the specific amount of response time for reporting or addressing system failures.
Financial penalties a provider must pay for failing to live up to the guaranteed terms are also included. These penalties are often in the form of credits for service time.
What to look for in a cloud SLA
Service-level agreements have become more important as organizations move their systems, applications and data to the cloud. A cloud SLA ensures that cloud providers meet certain enterprise-level requirements and provide customers with a clearly defined set of deliverables.
The defined level of services should be specific and measureable in each area. This allows the quality of service (QoS) to be benchmarked and, if stipulated by the agreement, rewarded or penalized accordingly.
An SLA will commonly use technical definitions that quantify the level of service, such as mean time between failures (MTBF) or mean time to repair (MTTR), which specifies a target or minimum value for service-level performance.
A typical compute and cloud SLA articulates precise levels of service, as well as the recourse or compensation the user is entitled to should the provider fail to deliver the service as described. Another area to consider carefully is service availability, which specifies the maximum amount of time a read request can take; how many retries are allowed; and so on.
The SLA should also define compensation for users if the specifications aren't met. A cloud storage service provider usually offers a tiered service credit plan that gives users credits based on the discrepancy between SLA specifications and the actual service levels delivered.
Most public cloud storage services provide details of the service levels that users can expect on their websites, and these will likely be the same for all users. However, an enterprise establishing a service with a private cloud storage provider may be able to negotiate a more customized deal. In this case, the cloud SLA might include specifications for retention policies, the number of copies that will be retained, storage locations and so on.
Cloud service-level agreements may be more detailed to cover governance, security specifications, compliance, and performance and uptime statistics. They should address security and encryption practices for data privacy, disaster recovery expectations, data location, as well as data access and portability.
Cloud SLAs may not specify data availability
TechTarget Senior Writer Carol Sliwa interviews Terri McClure, a former senior analyst at Enterprise Strategy Group, regarding what users can expect in a cloud SLA.
Data protection processes, such as backup and disaster recovery, should also be addressed. The agreement should outline the responsibilities of each party, the acceptable performance parameters, a description of the applications and services covered under the agreement, procedures for monitoring service levels, and a schedule for the remediation of outages.
Examine the ramifications of the cloud SLA before signing. For example, 99.9% uptime, a common stipulation, translates to nine hours of outage per year. For some mission-critical data, that may not be adequate. You should also check to see how terms are defined.
SLAs that scale
Most SLAs are negotiated to meet the needs of the customer at the time of signing, but many businesses change dramatically in size over time. A solid cloud service-level agreement outlines intervals for reviewing a contract so that it meets the changing needs of an organization.
Some vendors even build in notification workflows that indicate when a cloud service-level agreement is close to being breached so new negotiations can be initiated based on the changes in scale. When entering any cloud SLA negotiation, it's important to protect the business by clarifying uptimes. A good SLA protects both the customer and supplier from missed expectations.
Finally, the cloud SLA should include an exit strategy that outlines the expectations of the provider to ensure a smooth transition.