While it’s true that any enterprise cloud arrangement should include a Service Level Agreement (SLA), the cloud service provider’s liability is most often quite limited. So, when you’re looking to go to the cloud, due diligence is critical. What criteria should you consider in your process of enterprise cloud provider due diligence? Here are five.
Whatever reason you’re going to cloud — disaster recovery (backup), storage, application development & testing, enterprise collaboration, business productivity, or any other use case — assuming that you care about what you’re sending to or running in the cloud, due diligence is essential. After all, if you were going to invest a million dollars in a company, you’d do due diligence to ensure that the company’s story is supported by its numbers. The same principle applies here: Any cloud provider can tell a good story; due diligence is the process to make sure the story makes sense and that the facts back it up.
“But wait,” you might say, “the cloud provider’s SLA guarantees a certain level of performance, security, support, etc. So if they mess up, it’s on them.”
While it’s true that any cloud arrangement should include a Service Level Agreement (SLA), the provider’s liability is most often quite limited. TechRadar explains it well: “The penalties that apply if the service provider breaches the agreement…generally take the form of service credits or reductions from the monthly bill, and only rarely will they result in actual payments being made by the service provider to the customer…In other words, don’t expect there to be much of a connection between any compensation and the actual loss your company could suffer if the service is unavailable for an extended time or if your data becomes corrupted.”
So, when you’re looking to go to the cloud, due diligence is critical. What criteria should you consider in your process of cloud provider due diligence? Here, we’ve listed five.
Your cloud service provider’s SLA does not make performance, security, governance, or any other issues their problem rather than yours. They’re your applications, your business — so your problem. Fortunately, with due diligence it is possible to ferret out the providers that only talk a good game and those with a proven track record of delivering on performance, security, support, pricing, and governance.