Cloud adviser: Contract for functionality, not a brand
Your cloud-computing contract should specify what you expect the vendor to do, not just the name of its cloud service
Computerworld - Before buying a cloud computing service, you evaluate it, test it, see it in action, so you know what it's supposed to accomplish for you, right? Well, a description of that functionality belongs in the contract. You'd be amazed at how many contracts simply state the cloud service's name without specifying what that service is supposed to do.
That's inadequate. A well-formed contract will describe the results you expect the service to achieve for you. If your contract merely says that you are buying the XYZ cloud service, you will have no recourse if the vendor repositions that service so that it no longer offers all the functionality you thought you were paying for. The vendor's argument will be that you contracted for the XYZ cloud service, and the XYZ cloud service can be whatever the vendor says it is.
One commonly touted benefit of cloud computing is that the services automatically update so that you're always using the current version and functionality. It's great that your IT staff doesn't need to continually update and patch the software running on your in-house systems because the cloud vendor does it all for you. But you can't just assume that all updates will be to your benefit. Standard cloud-vendor contract clauses regarding updates usually say something very one-sided, such as:
"We may change, discontinue or deprecate any element of the service, or change or remove features or functionality of the service from time to time. We will notify you of any material change to or discontinuation of the service offerings."
That changed, discontinued or deprecated functionality could be something that you're counting on, and maybe even the sole reason that you acquired the service in the first place. To ensure that you don't lose the expected functionality, the cloud contract should include language regarding your rights to decline an update if possible, or at least requiring the vendor to provide a specific amount of notice prior to discontinuing or changing any functionality of its service. The notification period should be in line with the time that it would take your institution to move to another service provider if necessary. Without such clauses, a vendor could effectively force you to shift to a replacement service at a potentially higher cost than you had contracted to pay.
Additional, important elements of functionality that can be easily overlooked when negotiating a cloud contract include:
Technical Access Requirements
How will your users access the cloud computing services? Have you standardized upon a particular Web browser or mobile device? If so, you'll want to protect your investment in the cloud service by contractually obligating the vendor to ensure that these access channels will continue to work. And require a specific amount of advance notice about any changes.
Other columns by Thomas Trappler
- NASA's cloud audit holds value for all
- Who can pry into your cloud-based data?
- Does your cloud vendor protect your rights?
- Software licensing in the cloud
- For credit card handlers, cloud computing guidelines just got clearer
- Regulations and the cloud: HIPAA modification provides clarity
- Certification programs are making it easier to know all about a cloud vendor
- The do's and don'ts of safeguarding cloud-based data with encryption
- For a good cloud contract, start with an RFP
- It takes a team to create a good cloud contract
- Silicon Valley's 19 Coolest Places to Work
- Is Windows 8 Development Worth the Trouble?
- 8 Books Every IT Leader Should Read This Year
- 10 Hot Hadoop Startups to Watch
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Data Warehouse Augmentation: The Queryable Data Store While organizations have, to date, been busy exploring and experimenting, they are now beginning to focus on using big data technologies to solve...
- Rebranded Quadmark revamps its IT solutions with Google Apps Switching to Google Apps halved Quadmark's IT admin costs while achieving 10% time savings per employee. The global consulting firm now spends 80%...
- CrashPlan PROe Security Because mobile laptops often are connected to unsecured networks, a very high standard of security is required to ensure privacy.
- Protecting Digitalized Assets in Healthcare Healthcare providers face an urgent, internal battle every day: security and compliance versus productivity and service. For most healthcare organizations, the fight is...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- Make or Break: New Auto Products Must Go To Market On Time This Webcast quantifies the value of time to market for the auto industry and highlights how Primavera Enterprise Portfolio Management can help organizations. All Data Storage White Papers | Webcasts