The heads of informatics departments regularly exercise tight control over the technical specifications for traditional on-premises or outsourced IT data storage and processing facilities and services. But taking full advantage of cloud computing, in terms of near-infinitely scalable and flexible IT capabilities, requires considerable acceptance of off-the-shelf services.

Recent developments (September 2014)

The EU is making good progress towards better, more robust Service Level Agreements (SLA) – a prerequisite to the legal certainty needed to boost cloud computing.

A sub-group of the Cloud Select Industry Group’s published new cloud SLA standardisation guidelines for cloud users in June 2014. An agreement between a cloud service provider and a cloud computing customer is typically attached to a contract between the two and defines the technical and legal aspects of the service offered.

The guidelines will help reassure cloud users that the Service Level Agreement and the contract with the cloud provider meet key requirements. These include:

  • the availability and reliability of the cloud service being purchased
  • the quality of support services they receive from their cloud provider
  • what happens to their data when they terminate their contract
  • the security levels they need for their data
  • how to better manage the data they keep in the cloud.

The guidelines were the outcome of detailed discussions within the C-SIG Service Level Agreements Sub group (C-SIG SLA) on questions such as whether SLAs should be the same for public and private clouds, whether SLAs should be standardised (and if so whose responsibility this is), and how to help SMEs identify their SLA requirements for cloud services.

The guidelines have now been passed on to the International Organisation for Standardisation (ISO) working group on cloud computing as an input to ISO Woking Group on cloud computing. The C-SIG SLA will present the SLA Standardisation Guidelines as well as its comments to the ISO draft during the meeting of this organisation in Sao Paolo in October. This international impact will maximise the impact and value of the guidelines.


As a result it is more difficult to specify the exact service offer; and this, combined with reduced legal certainty for the customer, cedes direct control over data centres. It also makes the specification of service level agreements (SLAs) and eventual contracts with cloud providers different and therefore challenging for corporate cloud buyers.

Take it or leave it?

  • What are these challenges? There may be unforeseen costs and risks hidden in the terms and conditions of such services. The use of “take-it-or-leave-it” standard contracts might be an optimal cost-saving solution for the provider, but they are not necessarily the best option from the customer’s perspective. Standard SLAs often fail to address the operational and legal risks inherent in cloudbased service offerings. For example, they may not deliver the right performance outcomes, or might shift many significant risks to the customer.


    The Public Consultation Report on Cloud Computing1 was drafted by the Commission during the preparation of the Cloud Computing Strategy. This document and the results of the study “Quantitative Estimates of the Demand for Cloud Computing in Europe and the Likely Barriers to Takeup” 2, underline that the need for SLA model contracts at the European level is shared across all respondent groups. This is addressed by the second “key action” within the European Cloud Strategy which calls for the identification and development of consistent solutions for contract terms and conditions to increase consumer trust, and thus encourage wide take up of cloud computing services. The Strategy states that this should be done not only at the level of consumers and small firms, who are offered ‘takeit- or-leave-it contracts’, but also at the level of service level agreements between professional users.

    Stakeholder involvement – expert advice

    To get key actions in place, the Commission has started to work with industrial stakeholders to develop model terms and conditions for SLAs with the aim of facilitating crossborder transactions in the Single Market.

    In February 2013 a subgroup of the Cloud Select Industry Group (C-SIG) on Service Level Agreements3 was established (see pages 5 and 7). The subgroup is drawing up a checklist intended to help IT resource directors ask the right questions, and to make sure they get the right answers when procuring cloud services. The initial drafts were presented to the European Cloud Partnership Steering Board in July 2013. The initial set of 11 important attributes to define standard options for SLAs and contracts were agreed by the group. The main goal is to develop the templates for service level agreements and present them to the Steering Board in the first half of 2014.

    In parallel, the Commission set up an expert group in summer 2013 to work on safe and fair conditions for cloud computing contracts. This will make it easier to improve contractual arrangements for consumers and small firms. The group has had the first meeting in November 2013, where main fields for the future discussion were identified. The main aim of this group is to identify best practices for cloud computing contracts for consumers and small firms and work towards ensuring that terms and conditions in cloud computing contracts are safe and fair4.

    1. Public Consultation Report on Cloud Computing, December 2011, available at
    2. See: Study Quantitative Estimates of the Demand for Cloud Computing in Europe and the Likely Barriers to Take-up, D3 – Analysis of the demand of cloud computing services in Europe and barriers to uptake, IDC (2012) op cit.


    (Article from net-cloud future magazine (2013) - for complete magazine click here)