Assessing the Managed Hosting SLA: How to Make Sure It’s Right for Your Company

In Cloud by Natalie ValentLeave a Comment

Assessing the Managed Hosting SLA: How to Make Sure It’s Right for Your Company

Let’s face it: Your business can quickly outgrow your in-house infrastructure. One approach to accommodating the increased demand for your organization’s time, talent, space, and equipment is to move to either colocation or managed hosting. Whether you place your servers and equipment at a service provider’s location, or store your data on a vendor’s managed cloud environment, outsourcing some or all your infrastructure and its management can offer your company many efficiencies and savings.

The key to making the most of your colocation or managed hosting relationship is by ensuring your Service Level Agreement (SLA) meets your needs. The SLA is the contract that governs service provision and delivery expectations of both the provider and client. A poorly drafted managed hosting SLA can lead to disappointment with the service, or worse, cause harm to your business. Let’s look at the key areas to consider before signing a service agreement:

Review:

  1. Start with a review of standard forms from major providers to get a sense of common provisions in an SLA.
  2. Put together a team of business and IT leaders in your company to review your business’ needs and create a wish list and must-haves for your hosting needs. As you negotiate your SLA with a service provider, use this team to review the document to ensure you have spelled out key points as clearly as possible. Even after the SLA is in place, the team should continue to meet to review reports and suggest potential revisions as needs and technologies change.

Responsibility:

  1. Service agreements often contain vague language. It is important to include specifics about the responsibilities of both the service provider and the customer. For instance, “guaranteed uptime” is meaningless. The SLA should describe the definition of uptime, the percentage of time secured, the maximum response time, incident notification procedures, and reporting requirements. It should also acknowledge policies, warranties, and legal responsibilities.
  2. Your SLA should describe customer requirements and define service levels as precisely as possible. Customers should not only look for details of how, and under what conditions support will be given, but also negotiate desired performance, as well as requirements and practices such as server availability, storage capacity, and how to report problems. It is unlikely you will be able to get unconditional guarantees, but any defined terms will be better than default standard language designed to apply to mythical corporations.

Report:

  1. You should include a schedule for reports that the vendor will send. The team you bring together to negotiate the language in the SLA should review these reports over the life of the service contract.
  2. Another aspect of reporting to include is your ability to generate your own reports on your own with access to your network or independent monitoring. Consider what information you need and see if there are ways you can obtain it if your vendor doesn’t provide it or if you need information more frequently than they offer.

Remedy:

  1. Data within the cloud requires multiple levels of protection. Physical servers are subject to the same dangers no matter where the equipment resides. Firewalls, intrusion detection, and two-factor authentication are just several ways providers offer mitigation. But, it is important that you know how your service provider will respond, repair, or reimburse you if something does go wrong.

Revise:

  1. Technology changes rapidly. If your company is growing quickly, your needs can shift well before the SLA ends or is up for renewal. Therefore, you should understand how your service (and service agreement) can be customized and scaled overtime to fit ongoing business needs. It is better to anticipate that you will want to make some changes along the way rather than running into a roadblock and having your work slow or halt.

Regulatory Compliance:

  1. If you are in an industry that has data security and privacy regulations, such as healthcare, for example, you must investigate your service provider’s ability to comply with those requirements. What experience do they have working with organizations in your industry? Do they have necessary certifications? If you don’t know your service provider’s knowledge of applicable regulations, you’re putting your company at risk for legal and financial liabilities. You must have a separate business associate agreement that states how your provider will take “reasonable and appropriate steps to protect sensitive data.”

Resources:

  1. Research service agreements and checklists of commonly included items to create a checklist to guide your review and ongoing management of your SLA. We’ve got “The Ultimate Data Center Colocation Resource Checklist” for you here.

Additional Resources on This Topic:

Breaking Down What’s in Your Cloud SLA
A Colocation Agreement You Can Live With
Ask the Right Questions Before Committing to A Colocation SLA Policy – Use SLA Monitoring to Detect Service Provider Shadiness

Photo Credit: Brandz On Web Flickr via Compfight cc

This article was first published on onr.com. 

 

As a Partner Success Manager at OnRamp, Natalie is responsible for onboarding new partners and enabling existing partners through training and co-marketing initiatives. ITIL and HIPAA for Business Associates certificated, she helps OnRamp's partners find the best solutions for their client's compliance, security, disaster recovery, and colocation needs.