The Small Print in Cloud Computing Contracts

Cloud Computing Contracts

“The universe never did make sense; I suspect it was built on government contract.”
– Robert A. Heinlein (1907-1988), American science fiction writer.

A contract is defined as “a legally enforceable agreement between two or more parties for the doing or not doing of something specified.” Contracts are the cornerstones of business. Unfortunately, for cloud computing, contracts are still a grey area that has the potential for causing serious problems.

In some of my previous articles, I had mentioned how lack of clarity of contracts is holding back widespread adoption of cloud computing. A lot of the problem can be traced back to the absence of “established contextual standards to assist the integration of cloud services into existing IT infrastructures, to support the exchange of information between different clouds, or to allow swift procurement and contract negotiation.” (See: Cloud Computing Standards: How Important Are They?).

This had led to vagueness on what is legal and what is not, the most notable example in recent times being the debate on the morality and legality of Amazon’s action on WikiLeaks (See: Cloud Computing and WikiLeaks: Was Amazon’s action justified?). Now, IT research analyst firm Gartner has come out with a report that highlights some of these very issues.

The report, titled “Four Risky Issues When Contracting for Cloud Services” enumerates the main risks Chief Information Officers (CIOs) should address when looking to go on the cloud:

1.  Contracts are not mature for all markets
Gartner said that cloud computing contracts “lack descriptions of cloud service providers’ responsibilities and do not meet the general legal, regulatory and commercial contracting requirements of most enterprise organizations.”

2. Contract terms generally favor the vendor
Gartner said that current contracts favored vendors and contracting companies need to “to be clear about what they can accept and what is negotiable.”

3. Contracts are opaque and easily changed
Gartner found that many contracts are not very detailed, with many critical points being absent from paper but put on linked web pages. This gives rise to a potential problem: clauses that are only fully documented on these pages can change over time, often without any prior notice. Companies were advised to ensure “terms cannot change for the period of the contract and, ideally, for at least the first renewal term without forewarning.”

4. Contracts do not have clear service commitments
Gartner said that most providers remain vague on service commitments by limiting their area of responsibility to what is in their own network by saying they cannot control the public network. Therefore, contracting companies should understand the possible situation in case of service failure.

Cloud service providers will need to address these structural shortcomings to achieve wider acceptance of their standard contracts and to benefit from the economies of scale that come with that acceptance,” cautioned Frank Ridder, research vice-president at Gartner. “Chief information officers and sourcing executives have a duty to understand key areas of risk for their organizations.”

Alexa Bona, also a research vice-president at Gartner, suggested, “It’s essential that organizations planning to contract for cloud services do a deep risk analysis on the impact and probability of their risks. This might cost additional money, but it is worth the effort. Risk should be continuously evaluated, because contracts can change — sometimes without notification.”

By Sourya Biswas

Sorry, comments are closed for this post.

Hoarders And Data Collectors:  On The Brink Of Unmanageability

Hoarders And Data Collectors: On The Brink Of Unmanageability

Hoarders and Data Collectors In our physical world, hoarders are deemed “out of control” when they collect too much.  Surely the same analogy applies in our online world.  When providers collect realms of data from us, it seems they lose control of that too?  In the last months it’s not just the frequency of data…

Is Fear Holding Back a Next Generation of Cyber Security Approaches?

Is Fear Holding Back a Next Generation of Cyber Security Approaches?

Next Generation of Cyber Security As I walked through RSA last week, I was struck by the usual fear laden messages “You’re not safe and never will be but I (vendor) have a silver bullet that will protect you.” And, I wondered if this fear-based approach is deterring a badly needed next generation of cyber…

The Cloud on Your Terms – What to look for in an EFSS Provider

The Cloud on Your Terms – What to look for in an EFSS Provider

The Cloud on Your Terms Your company has a mandate to go to the cloud and now it’s time to decide which services to use to help your business grow. You might be wearing several hats or you might be a dedicated IT professional and the responsibility has now been handed to you. So what…

Cloud Computing – The Real Story Is About Business Strategy, Not Technology

Cloud Computing – The Real Story Is About Business Strategy, Not Technology

Enabling Business Strategies The cloud is not really the final destination: It’s mid-2015, and it’s clear that the cloud paradigm is here to stay. Its services are growing exponentially and, at this time, it’s a fluid model with no steady state on the horizon. As such, adopting cloud computing has been surprisingly slow and seen more…

Jargon Free: The Three Real Main Benefits of Cloud IAM Solutions

Jargon Free: The Three Real Main Benefits of Cloud IAM Solutions

Main Benefits of Cloud IAM Solutions There are significant discussions concerning cloud applications and software solutions, such as identity and access management (IAM) solutions, which are used in conjunction with them. These articles often discuss complex technical reasons and benefits, which may be difficult for a non-technical person to understand. Cloud applications and cloud IAM…

Weighing in on Recurring Revenues to Tip Your Business’ Scale

Weighing in on Recurring Revenues to Tip Your Business’ Scale

Tip Your Business’ Scale CEOs, investors, analysts, and business advisors have fallen in love with the recurring revenue business model. In fact, when comparing like software companies, Wall Street gives 2x higher valuations for businesses with successful recurring revenue models in place. It’s no wonder that research indicates 50% of US businesses have already adopted…

The Concept Of Securing IoT To Secure Your Building

The Concept Of Securing IoT To Secure Your Building

Securing IoT Ah, security. It is the dulcet tone of a symphony that we play over and over in the IT world. IoT (Internet of Things) and the myriad of connected devices allow us some intriguing security options. For example, in a mesh array of sensors, you could effectively force users to correctly identify themselves…

CloudTweaks is recognized as one of the leading influencers in cloud computing, infosec, big data and the internet of things (IoT) information. Our goal is to continue to build our growing information portal by providing the best in-depth articles, interviews, event listings, whitepapers, infographics and much more.

Sponsor