Cloud Contracts: 12 Ways to Protect Yourself

Valerie Helmbreck
Tweet

Anyone who makes a move to the cloud expects lower costs, fewer hassles and rock-solid security.

Good luck with that.

As most computer professionals understand, promises in the technology world are easily broken and service is rarely what it’s supposed to be.

This is especially true with new and emerging tech tools and resources. The cloud’s no different. Today, its services face a variety of challenges, among them:

  • Fluctuating market
  • Emerging and changing legal precedents
  • Acute lack of legislative and regulatory guidelines, and
  • Perplexing and convoluted contract agreements.

You’re unlikely to have much influence over markets, the legal landscape or regulatory agencies.

Cloud contracts are another matter.

While a lot of providers will tell you their contracts are standard and set in stone, bargaining is the only way to find out for sure.

Don’t think of your cloud contract as just another outsourced function. This is a unique and dynamic relationship that involves your data, its accessibility and how you interact with it.

Consider these important aspects of your contract:

Get lawyers and finance advisors involved from the start

Their input will be needed to support IT expertise in the technology. If they don’t understand the technical risks, they can’t protect you from the threats you may encounter. Explaining technology to people who don’t work with it every day is a challenge. Having someone translate technical jargon may be a necessary part of your contract review and approval process.

Get references and recommendations

Talk to other technologists and heed their advice. The cloud is new and so are its customers. If possible, talk with others in your industry who’ve had experience using the cloud. But don’t count on vendors to make the introductions. Seek out others in your field at conferences and other gatherings.

Negotiate, if possible

Many providers have a business model that’s impenetrable, but on the off chance yours doesn’t, see if you can negotiate items critical to your operations. As I mentioned before, you can only find out if terms are negotiable by actually negotiating with the vendor.

Don’t get dumped

Make sure the deal can’t be terminated without cause. This means ensuring an agreement to end services. If you can’t get that guarantee, be especially cautious.

Guarantee an open door

Conversely, make sure that you can get out of the agreement if the services you depend on are suspended or dropped by the provider. If this happens, you should be able to end the agreement and  pay no penalty.

Craft an exit strategy

It’s important that you are able to end services in a way that causes as little disruption as possible. Carefully define the vendor’s obligations to help you transfer out in a straightforward and simple manner that’s both orderly and organized. Be sure to be explicit about how long the vendor will keep your data.

Don’t get bullied

A vendor can hold your data hostage in a dispute, which means you could lose access to it if the relationship sours.  Make sure that can’t happen with legal language that protects you from this tactic.

Get full disclosure

You need to know every provider who’ll be storing or managing your data. If your provider sub-contracts some services to others, know who they are and where they’re located.

Don’t get snagged in a merger or acquisition

The cloud is young and volatile. Make sure your contract ensures services from new owners or successors.

Secure the right to audit your vendor

Cloud service consumers need to make sure they can bring in an independent auditor to validate that they’re getting what they’ve paid for from the vendor.

Get acquainted with your vendor

Many cloud providers are new and in the early stages of formation. Be sure you know who they are and where they are located so that you don’t wind up chasing down an offshore outfit that disappears with your data and your critical systems.

Get your agreement on paper

Many of today’s cloud agreements list the terms online and ask for customers to “click” to agree to them. For a lot of companies and especially government agencies you my work with, this won’t wash. Get a hard copy, wet-ink version that can only be amended with the agreement of both parties to the contract.

Free book: Jump Start HTML5 Basics

Grab a free copy of one our latest ebooks! Packed with hints and tips on HTML5's most powerful new features.

  • ROBSON SILVA

    Hi Valerie Helmbreck very good the articles. I’m from Brazil.

  • http://www.egocentrix.com Richa

    Cloud contract is the first step towards streamlining your IT and businesses processes. Understanding Cloud SLAs is very important therefore. Apart from above mentioned points we would like to add some important questions you should ask your cloud vendor and confirm in the contract too in written:

    What measures would you provider take in case of any interruption?
    Do they have divisions in a geographically different area, which could be used in case of any outage or emergency?

    Including these things in contract simply increases credibility of provider.

    Richa
    Egocentrix (http://www.egocentrix.com)