News

European Commission inches closer to standardising cloud SLA guidelines

Archana Venkatraman

The European Commission (EC) has received a cloud guidelines document – aimed at helping users save money and increase cloud trust – from service providers and industry bodies. The EC will now test the SLA guidelines with users, in particular SMEs before formalising it.

The guidelines, when fully implemented, will help cloud users ensure essential elements are included in plain language in contracts they make with cloud providers, the EC has said. The guidelines will explain, in simple terms, the availability and reliability of the cloud service, security levels, quality of support services from suppliers and data management in the cloud.

Neelie_Kroes_European-Parliament_Pietro Naj-Oleari_290x230.jpg

The document has been developed by a Cloud Select Industry Group (CSIG) which includes industry bodies such as Cloud security Alliance and ENISA, legal experts such as DLA Piper and cloud and IT service providers including Atos, Amazon, Microsoft, Google, SAP, IBM, Salesforce, Cisco, HP, Accenture, Intel and EMC among others (see full list of companies involved in developing the cloud SLA guidelines here).

According to the EC, the document from CSIG is the “first step towards standardised building blocks for Service Level Agreements (SLAs) terminology and metrics” for cloud use in the region.

Its own research showed that SLA standards are required by cloud users.

“The new guidelines will help generate trust in innovative computing solutions and help EU citizens save money. More trust means more revenue for companies in Europe's digital single market," said EC vice-president Viviane Reding.

"This is the same spirit as the EU data protection reform that aims at boosting trust. A competitive digital single market needs high standards of data protection. EU consumers and small firms want safe and fair contract terms. Today's new guidelines are a step in the right direction."

As the next step, the EC will put the guidelines to test with cloud customers and discuss it with the “Expert Group on Cloud Computing Contracts” set by the EC in October 2013.

"This is the first time cloud suppliers have agreed on common guidelines for service level agreements,” said EC vice-president Neelie Kroes. “I think small businesses in particular will benefit from having these guidelines at hand when searching for cloud services.”

“We see cloud as an engine of change and a central ingredient for innovation in Europe,” Francisco Medeiros, deputy head of unit, software and services, cloud computing at EC had previously told Computer Weekly. But Europe needs a Europe-specific cloud strategy to encourage its uptake of cloud computing by enterprises, he said.

According to the EC, SLAs form an important component of the contractual relationship between a customer and a provider of a cloud service. But, given the global nature of the cloud, contracts often span different jurisdictions, with varying applicable legal requirements, especially with regards to data protection. 

Also different cloud services and deployment models require different approaches to SLAs, adding to the complexity. All this causes confusion and hinders cloud adoption.

It is hoped that the new guidelines will inspire standardisation of SLAs at an international level, said legal experts from DLA Piper.

"The lack of a common contracting template has been a real stumbling block to the roll-out of cloud computing in Europe. For this reason, guidance on developing a standardised SLA that can be adopted by both providers and users is hugely welcome,” said Patrick van Eecke, partner at DLA Piper law firm. "We look forward to continuing the industry-wide dialogue to remove the barriers to the adoption of cloud computing."


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy