Negotiating Non-Negotiable Cloud Agreements
One of the greatest advantages of cloud computing is the low cost of what are essentially commoditized services. The big downside, however, is that some vendors take commoditization a bit too far and present their contracts as essentially non-negotiable, offering the services on more or less an “as-is” basis. In those cases, what is a business to do?
These types of engagements may present significant business advantage and, if they don’t involve the rendition of a critical service or the hosting of highly sensitive data, may be entirely appropriate. The trick is ensuring you have a way out of these as-is engagements. That means ensuring you have clear termination rights. Since the service is likely being provided with little or no warranties or performance standards, a termination right that requires a showing of breach on the part of the vendor is of little practical use. This is because it is not possible to show a vendor in breach (and therefore have the ability to terminate) when the vendor has no real obligations under the agreement. That means, the termination right must be for convenience: “Customer may terminate this Agreement at any time, without cause or further obligation, on fourteen days prior written notice to Vendor.”
If termination for convenience cannot be negotiated, the next best thing is to negotiate termination rights for poor performance. That is, ensure you can terminate the agreement if the vendor has a substantial service level failure (e.g., failing to be available at least 95% in a given month, which would be extremely poor performance by almost anyone’s standard) or if there are lesser service level failures, but those failures are repeating (e.g., failing to be available at least 98% of the time in any two out of five months). The point is not to become trapped in an agreement where the vendor has little in the way of performance obligations, yet your payment obligations are absolute.
By paying attention to termination rights, it is possible to mitigate some of the risk in these smaller, non-critical, as-is engagements.
WHITE PAPER
Enter the Security KnowledgeVault
The resources in this Security KnowledgeVault provide expert advice on everything from creating a multilayered security strategy and deploying a more proactive fight against cybercrime, to realizing when it's time to stop going it alone and seek outside, expert help.
WEBCAST
Protecting Your Data on Mobile Devices
Protecting data on mobile devices creates a whole new batch of security headaches. Join experts in this Videocast lead by John Girard, VP and Distinguished Analyst at Gartner, to hear how you can deploy a comprehensive enterprise encryption strategy.
Recent Comments
Webcasts
- Introduction to VMware vCenter Site Recovery Manager 5
- Reliable Disaster Protection with VMware vCenter Site Recovery Manager
- Introduction to Virtualization
- Preventing Unplanned Downtime with Server Virtualization
- Secure Cloud Infrastructure and Next-Generation Data Centers - An Interactive Panel for Decision Makers
- Gartner Next Generation Network IPS Webcast
White Papers
- Identity Governance: The Business Imperatives
- CA Technology Brief: CA Point of View: Content Aware Identity & Access Management
- Data Loss Prevention Solution for Managing E-Discovery
- Enterprise Strategy Group: The Case for a New Data-centric DLP White Paper
- Business Centric DLP
- Data Loss by the Numbers
CSO Corporate Partners
