According to Gartner (research institute), companies should take measures to reduce project risks in the cloud.
To be aware of the challenge for companies to find the best options for outsourcing, the Gartner research institute recommends caution when considering contract terms in order to reduce the risks in cloud services projects.
Many cloud computing service providers appear reluctant to negotiate contracts with the premise that their basic model is a highly advanced, standardized approach. Starting point contractually often favors the vendor, says Gartner analyst.
Gartner list, in particular a couple of terms that should be the focus of attention.
Negotiators should be aware of SLAs required and ensure they are well documented. If the agreed performance levels are not achieved, penalties should be applied. Penalties for SLAs are used to influence the behavior of service providers, they need to be accompanied by financial penalties, accounting and mechanical solution levels provided in the contract. Attention exclusions penalties for SLAs providers realize that they need to add guarantees and quality measures for services sold in the cloud. In order to manage risk, providers usually put rigid exclusion criteria penalties in contracts. Companies should look closely for these limitations to the right to impose fines.
As a part of the strategy of outsourcing in the cloud, executives responsible for the acquisition and protection of the environment should ensure that levels of the security provider are on par with or go beyond known practices, especially in relation to legal or compliance requirements of the stock exchanges.
Continuity and Disaster Recovery
Business Contracts of cloud rarely have clauses about disaster recovery. Some providers of infrastructure as a service (IaaS) assume no responsibility for backing up customer data. This needs to be addressed in the contract.
Conditions in Data Privacy
If the provider meets the privacy regulations of personal information on behalf of the organization, the client needs to be explicit about the specific requirements and analyze the gaps. Contracts should contain all the customer requirements (including as documentation for audit purposes.)
Suspension of Service
Some contracts provide that if the late payment exceeds 30 days, the service may be suspended. This enables the provider considerable negotiation power in the event of a dispute about payment. Organizations should negotiate an agreement in which payment in any case, should not lead to a suspension of service.
Many of cloud contracts allow the provider to terminate the agreement with 30 days written notice, or at least in within 30 days of renewal. Users should negotiate in advance for the notice of suspension of service.
Most contracts restricts liability to the maximum value of the bills in the last 12 months. Therefore, companies must negotiate greater protection.