SLA-Ready: getting the European private sector into the cloud comfort zone

Stephanie Parker, Nicholas Ferguson, Trust-IT Services
Focus Area: 

Tools and services to help European companies manage the cloud service lifecycle. A Common Reference Model to guide the industry on best practices for service level agreements based on industry standardisation recommendations. Priority is given to security and data protection, from defining business requirements through to monitoring and exit from a cloud service.

Who benefits and how: 

European small businesses (SMEs/SMBs) by educating them on all aspects of cloud services so they can make informed decisions, helping them know what to do, what to expect and what to trust in every phase of the lifecycle, from assessment to termination. Regulated industries, e.g. financial services, which can benefit from cloud services in the drive towards digital transformation within the sector based on a proper understanding of risk mitigation. Cloud service providers by encouraging greater transparency and standardisation, and the key role of certification in building trust and confidence in the cloud. Our discussions with small European providers highlight the benefits of implementing security SLAs on top of new software developments.

Why the cloud service lifecycle is important for the Digital Single Market

SLA-Ready has conducted a survey of cloud service providers and their use of service level agreements with partners from Trust-IT, Arthur's Legal, Cloud Security Alliance and TU Darmstadt. Our findings confirm the research detailed in Cloud Computing Law: negotiations from big customers have raised awareness about security and privacy, there is little guidance for small businesses. and this is unlikely to change in the short to mid-term. Key barriers to cloud adoption remain, as the 2015 survey by the UK Federation of Small Businesses shows. When asked what is needed for small businesses to take up cloud computing, most answered: terms and conditions in plain English, transparent pricing, and a balance between rights and responsibilities of users and providers.

Europe has over 20 million SMEs, most are expected to become digital businesses over the next few years. These small businesses are the life blood of the European economy, breathing new life into the European economy and bringing new jobs. But they will only use technology that they truly understand and trust. Very few have the security expertise required to asses a provider’s security measures, let alone monitor levels actually delivered.

The European Digital Single Market is the opportunity to connect with 500 million customers with the potential to bring €15 billion/year to the economy. Revitalising European industry has a strong focus on cloud, big data and the Internet of Things.

Our lifecycle approach to cloud services and level agreements helps businesses of any size climb the cloud curve, not just the contract terms. Our tools and services take businesses through every step of the service, from assessment and acquisition to operation and termination of contract. They help businesses know what to do and trust, whether they are using off-the-shelf services with standard contract terms or have the opportunity to negotiate terms with the provider.

Our practical, hands-on approach is based on a thorough analysis of key concerns and challenges, and is designed to increase understanding and acceptance. We help businesses get to grips with complex legal and technical terms, offer practical guidance on technical standards, and help compare, define, and monitor security and data protection levels. | @SLAReady