The European Commission (EC) recently released guidelines intended to increase professional users’ trust in the technology and to standardize service level agreements (SLAs). The guidelines were developed by the Cloud Select Industry Group (C-SIG) as part of the EC’s European Cloud Strategy. Contributors included ATOS, Cloud Security Alliance, ENISA, IBM, Microsoft and SAP, and Telecom Italia.
According to the EC press release on Europa.eu, the guidelines are the first step toward standardizing SLA terminology and metrics. They will help business cloud users ensure that key elements regarding technical and legal aspects of the services provided are included in plain language in their contracts with cloud providers. Examples of these essential items are:
- The availability and reliability of the cloud service
- The quality of support services the user will receive from the cloud provider
- Security levels
- How to better manage the data stored in the cloud
The next step, according to the press release, is for the EC to test the guidelines with users, particularly small and mid-size enterprises. C-SIG is also working with the ISO Cloud Computing Working Group “to present a European position of SLA standardisations.”
ARMA International developed and issued a similar set of guidelines in 2010. That publication, Guideline for Outsourcing Records Storage to the Cloud, is available for purchase in the ARMA online bookstore at www.arma.org/bookstore.
Key highlights from the ARMA guideline include:
- A brief description of various cloud strategies (e.g., private cloud, public cloud, hybrid)
- Identification of benefits and risks to using cloud storage providers
- Identification of key legal considerations in the outsourcing process
- Identification of key technology capabilities and concerns during cloud deployment
- A variety of factors to consider when vetting a vendor’s services
- Description of various best practices in contracting for this service