Official document reveals the rules of Oracle's cloud
Analysts: Oracle cloud services customers should be mindful of the fine print
IDG News Service - An official document containing policies and pledges for customers of Oracle's cloud services reveals that many aspects fall in line with industry standards, while others may prompt cause for worry among customers, according to analysts.
The document was last updated Dec. 1 and is marked "confidential," despite being openly available on Oracle's website. It lays out the rules by which Oracle and its cloud customers must play, apart from any special terms that may exist in individual contract agreements. Oracle launched a wide array of cloud services this year, including its Fusion Applications as well as a PaaS (platform as a service), IaaS (infrastructure as a service) and social network.
Analyst Ray Wang, CEO of Constellation Research, offered a measured perspective after viewing the document this week.
In many respects, Oracle's policies fall in line with principles spelled out in a cloud customer "bill of rights" document Wang recently created, he said.
But customers should be mindful of other policies, such as one that allows Oracle to turn off access to accounts in the event of a dispute or account violation. "Customers may want to get clarity on the type of incidents that would result in a temporary turn-off of service," Wang said. "Unlike on-premises software, this is a potential concern, so the process and triggers should be carefully outlined."
But another analyst took a more critical view of Oracle's cloud policies.
Oracle's pledge of 99.5 percent availability "sounds pretty good, until you understand that it is only measured against planned availability," said analyst Frank Scavo, president of IT consulting firm Strativa. Oracle grants itself a number of exceptions with respect to "unplanned downtime," some of which seem overly generous, Scavo noted.
For example, one gives Oracle an exception in the event of the "unavailability of management, auxiliary or administration services, including administration tools, reporting services, utilities, or other services supporting core transaction processing," Scavo noted. "Inasmuch as the availability of system components are under Oracle's control, why does Oracle grant itself an exception for their unavailability?"
In another instance, Oracle dictates that it is taking responsibility for cloud security, including system hardening, Scavo said. "But it then turns around and grants itself an exception to its service level agreement in the event of 'a hacker or virus attack.'" The vendor is also more than capable of thwarting a denial-of-service attack, and therefore such attacks should not be grounds for Oracle to fall short of its availability promise, Scavo added.
Scavo also took issue with Oracle's apparent reluctance to allow customers to perform independent monitoring of its cloud services. "Exceptions to this are the Oracle Database Cloud Service and Oracle Java Cloud Service or if otherwise expressly permitted in the ordering document," the policy sheet states.
- Social Media Education: The New Edge for Success Failure to train for social media will cost your business money. A recent report showed how digitally prepared companies can unlock up to...
- Social Media in Technology: A Unified Strategy for Success Find out how social media is sparking a new era of customer and industry-understanding in technology enterprises and how industry leaders are overcoming...
- How Network Connections Drive Web Application Performance Users around the globe, on all sorts of devices, expect Web applications to function as seamlessly as desktop applications. This paper discusses the...
- Gartner MarketScope for Group Video Systems The Gartner "MarketScope for Group Video Systems" evaluates 7 group video system vendors based on 6 customer-focused criteria such as customer experience, market...
- Keep Servers Up and Running and Attackers in the Dark An SSL/TLS handshake requires at least 10 times more processing power on a server than on the client. SSL renegotiation attacks can readily...
- On Demand: Mastering the Art of Mobile Content Management Mobile device usage in the enterprise has skyrocketed, and it continues to escalate. IT must answer to users who demand access to their... All Internet White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!