If you want to get the best deal from a datacentre provider, it pays to prepare.
What you get depends on your buying power and willingness to negotiate, says Anthony Day, associate at law firm DLA Piper.
Bigger, more sophisticated companies have been able to secure competitive contracts, he said in an interview with Computer Weekly.
“They treat it like any large IT project. They understand the levers they have, and they go through a competitive process to secure the best deals,” he says.
The size of the deal is important. If you are going for a co-location service, data centre providers will commit less than if you are going for a fully managed service.
“If you are looking at a managed service, or spending a lot more money than other customers, or a big bank, or regulation body, you will have more leverage,” he says.
Day offered six tips to organisations thinking of negotiating a datacentre contract:
1. Do you really have enough space?
Make sure your datacentre providers can provide you with expansion room to add more hardware over time.
Ideally that space should be contiguous, so your equipment can be easily linked together.
Datacentre providers may promise you space, but make sure they have it available.
“A lot of the time, datacentres with multiple customers, have already promised or over-promised space to other customers,” says Day.
2. Make sure service levels match your needs.
Find out what service levels you can expect for each application you hold in a managed service.
That means, for example, checking when scheduled maintenance takes place, and making sure it doesn’t take place in your core working hours.
More legal advice for CIOs
- Negotiating cloud contracts
- Data Protection Masterclass: New EU Data Protection Regulation
- Data Protection Masterclass: Global Privacy
- European IT Law Briefing: Monitoring employees' use of social media
Your service provider should be geared up to respond quickly, when there is a need for emergency maintenance, says Day.
But its important that your contract does not prevent you from claiming compensation if there is a disruption to service.
“The buck for incident response very much stops with the provider. You would want to have very short initial response times,” he says.
It is also worth looking at the impact of any service issues on your end users.
“Slowness of applications can actually waste a lot of cumulative headcount in your business,” he says
In some cases, its possible to negotiate service level agreements that will ensure your end users applications have a guaranteed response time.
3. Take the temperature.
It sounds basic, but its worth double-checking that the datacentre provider has the right temperature and climate controls in place for the equipment you want to use.
“Make sure they have done analysis on the equipment, to understand what tolerance it can be kept in, and understanding what service levels are for chilling and cooling,” says Day.
Similarly, its worth making sure the datacentre has the right equipment in place to minimise outages.
Although datacentres are resilient when it comes to power supply, and emergency power back-ups, even small power failures or power spikes can cause problems.
“You might have a tiny power outage but the business consequences could be significant.”
4. Avoid single points of failure.
No matter what the capability of the datacentre, it is only as good as the data pipes that link it to your network, says Day
Its important to make sure there are no single points of failure. If someone digs up your only cable link, your service could out for hours or days.
“People are becoming more savvy. They want to make sure they have diverse routes,” he says.
5. Be clear who is liable when things go wrong.
Download Antony Day's briefing paper on datacentre contracts
- Key legal and commercial issues with datacentre services
Co-location services should offer incident response times to agreed metrics, says Day.
“If they don’t hit the fixed times, you should be able to recoup some service credits or get money back, because you are not getting the service you expect,” he says.
Datacentre providers will always shy away from responsibility for data losses, but there is room for negotiation.
Organisations with large contracts may be able to persuade datacentre providers to take responsibility for most data loss incidents, typically from the point of the last backup
6. Don’t overspecify your requirements
Datacentres will always try to up-sell services, so it is important for organisations to understand exactly what their needs are.
“A lot of people overspec or are oversold services they don’t really need, when there is a good vanilla option,” says Day.
It can be very tempting to specify a gold-plated service, when you go out to competitive tender, but do you really need it ?