Guidelines to help business users save money and get the most out of cloud computing services were presented to the European Commission last week.
The guidelines have been developed by a Cloud Select Industry Group (C-SIG) on Service Level Agreements as part of the Commission’s European Cloud Strategy to increase trust in these services. Contributors to the guidelines include Arthur's Legal, ATOS, Cloud Security Alliance, ENISA, IBM, INTUG, Microsoft, SAP and Telecom Italia, among others.
Today's announcement is a first step towards standardised building blocks for service level agreements (SLAs) terminology and metrics. An SLA is a part of a service contract that defines the technical and legal aspects of the service offered. The recent findings of the Trusted Cloud Europe survey show SLA standards are very much required by cloud users.
These guidelines will help professional cloud users ensure essential elements are included in plain language in contracts they make with cloud providers. Relevant items include:
- The availability and reliability of the cloud service
- The quality of support services they will receive from their cloud provider
- Security levels
- How to better manage the data they keep in the cloud
European Commission Vice-President NeelieKroesEU said:
"This is the first time cloud suppliers have agreed on common guidelines for service level agreements. I think small businesses in particular will benefit from having these guidelines at hand when searching for cloud services.”
Vice-President Viviane Reding said:
"Today's new guidelines will help generate trust in innovative computing solutions and help EU citizens save money. More trust means more revenue for companies in Europe's digital single market." She added: "This is the same spirit as the EU data protection reform which aims at boosting trust. A competitive digital single market needs high standards of data protection. EU consumers and small firms want safe and fair contract terms. Today's new guidelines are a step in the right direction."
As a next step, the European Commission will test these guidelines with users, in particular SMEs. It will also be discussed within the Expert Group on Cloud Computing Contracts set by the commission in October 2013. This discussion will also involve other C-SIG activities, for example the data protection Code of Conduct for cloud computing providers that was prepared by the C-SIG on Code of Conduct. The draft Code of Conduct has been presented to the Article 29 Data Protection Working Party (European Data Protection Authorities).
This initiative will have deeper impact if standardisation of SLAs is done at international level, e.g. through international standards, such as ISO/IEC 19086. To this end, the C-SIG on SLAs is also working with the ISO Cloud Computing Working Group, to present a European position on SLA Standardisation. Today's SLA guidelines will thus feed into ISO's effort to establish international standards on SLAs for cloud computing.