Guidelines to help business users save money and get the most out of cloud computing services were presented to the European Commission on 26 June. Cloud computing allows individuals, businesses and the public sector to store their data and carry out data processing in remote data centres, saving on average 10-20 per cent.
Advertisement
The guidelines have been developed by a Cloud Select Industry Group as part of the Commission’s European Cloud Strategy to increase trust in these services. Contributors to the guidelines include Arthur’s Legal, ATOS, Cloud Security Alliance, ENISA, IBM, Microsoft and SAP, Telecom Italia.
The announcement is a first step towards standardised building blocks for Service Level Agreements (SLAs) terminology and metrics. An SLA is a part of a service contract that defines the technical and legal aspects of the service offered. The recent findings of the Trusted Cloud Europe survey show SLA standards are very much required by cloud users.
The guidelines are expected to help professional cloud users ensure essential elements are included in plain language in contracts they make with cloud providers. Relevant items include:
- The availability and reliability of the cloud service,
- The quality of support services they will receive from their cloud provider
- Security levels
- How to better manage the data they keep in the cloud.
As a next step, the European Commission will test the guidelines with users, in particular SMEs. It will also be discussed within the Expert Group on Cloud Computing Contracts set by the Commission in October 2013. This discussion will also involve other C-SIG activities, for example the data protection Code of Conduct for cloud computing providers that was prepared by the C-SIG on Code of Conduct. The draft Code of Conduct has been presented to the Article 29 Data Protection Working Party (European Data Protection Authorities).
This initiative will have deeper impact if standardisation of SLAs is done at international level, e.g. through international standards, such as ISO/IEC 19086. To this end, the C-SIG on SLAs is also working with the ISO Cloud Computing Working Group, to present a European position on SLA Standardisation. The SLA guidelines will thus feed into ISO’s effort to establish international standards on SLAs for cloud computing.
Background
Internet service providers commonly include SLAs in contracts with customers to define the levels of service being sold. SLAs form an important component of the contractual relationship between a customer and a provider of a cloud service. Given the global nature of the cloud, cloud contracts often span different jurisdictions, with varying applicable legal requirements, in particular with respect to the protection of personal data hosted in the cloud. Also different cloud services and deployment models will require different approaches to SLAs, adding to the complexity.
Under its second key action safe and fair contract terms and conditions -, the European Cloud Computing Strategy called for work on model terms for cloud computing service level agreements for contracts between cloud providers and professional cloud users. The C-SIG on SLAs was convened to address this provision. This Strategy also called to identify safe and fair contract terms for contracts between cloud suppliers and consumers and small firms. For this purpose the Commission created its Expert Group on Cloud Computing Contracts.