Kamis, 25 Juni 2020

Website Development Contracts Part 3: Important Cloud and SLA Considerations

The cloud is an essential component of all e-commerce sites. Not all clouds, however, are created equal. The key thing here is reliability. Making sure that the cloud service and Service Level Agreement (SLA) are right for your business may not be clear before you enter into a website development contract.

This is Part 3 of a series providing advice about website development contracts for businesses engaged in e-commerce. Also see: Part 1: How to Avoid Major Disasters.Part 2:Who Owns the IP on Your Site?

Interesting aside -- while the term "Cloud" derives from a marketing label created in 2006 by Google, the remote cloud technology itself has been around since, at least,1964 when Dartmouth University launched remote computer access (at the time, called "Dartmouth timesharing").

In 1964, the timesharing model used by Dartmouth students dialed up over telephone lines to access mainframe computers, which is not much different than the cloud except to say that now we all access the remote computer systems on the Internet. Conceptually, the remote computer system of 1964 is not too different from the cloud we use today, albeit far faster, cheaper and with far more computing power than its 1964 predecessor at Dartmouth.

Cloud Contracting

Everyone reading this is familiar with the names of the major cloud providers: Amazon, Microsoft, Google, Dell, and Rackspace (the "Big Cloud Vendors"). There are also dozens of smaller entities around the world that provide cloud services. In fact, many of the smaller entities actually provide their cloud services from the Big Cloud Vendors.

The most important part of this discussion is knowing the contractual terms for the cloud services that you might want to buy. Cloud agreements are all entered into online and remotely. Most people simply assume these agreements are non-negotiable, without ever taking the time to reach out and negotiate these online terms. Which is not necessarily the case.

While not all terms are readily negotiable, there are several examples of industry-specific provisions that can and should be tailored to suit. For instance, if your e-commerce business is regulated by the federal government (for example a bank), then the data in the cloud must reside in the U.S.

Actually, even more broadly speaking, the physical location of data storage is a provision that cloud providers will negotiate, even though you may have to pay a premium for picking a country for data storage.

Also, most of the Big Cloud Vendors have dozens of online contractual terms and conditions available from interconnected URLs, with varying terms and conditions, not just one. So, it is wise to investigate which online terms will apply to your arrangement and how those specific terms may impact your particular e-commerce business.

For example, depending on which Software as a Service (SaaS) you select, you may have a number of different options between using Microsoft, Oracle, SAP, or Infor software for ERP applications, or disaster recovery, or customer relationship management. You would be well-advised to look at the specific SaaS agreements and negotiate the provisions that are important to your e-commerce business.

Is a SLA really an Agreement?

Of course! The term SLA includes the word Agreement, but actually the SLA is more a description of the online service availability like for instance 99.999% availability over a 12-month period means the system can be down 5.25 minutes while 99.999% over a month means the system can be down 26.30 seconds. Here's a chart showing SLA availability:

SLA availability chart

If the cloud SLA does not clearly specify the agreed-upon availability percentage then the user should receive a credit. In certain instances, the SLA provides specific credits against the monthly fees, and other times the SLA is silent.

Beware an e-commerce cloud contract without an SLA. Think about it, what would you do? Probably ask the vendor for an SLA or just hope for the best? It makes more sense to have a specific SLA.

Generally, the SLA availability is provided on a monthly basis, but it could also be on a rolling 30-day period. In which case, the timing for the SLA does not begin anew on the first of every month and might allow for terrible service the last couple of days of a month and the vendor a restart when the new month begins of system unavailability.

Big Cloud Vendors SLAs

Also, most Big Cloud Vendors provide a variety of SaaS and the SLAs will vary depending on the SaaS used. We often find that the e-commerce website will use multiple SaaS so there is not just one SLA.

For instance, we recently assisted an e-commerce business that used one of the Big Cloud Vendors and actually used 16 different SaaS to run its business. As a result, the SLA varied depending upon the actual SaaS. And to make things more complicated, that Big Cloud Vendor actually had 172 different SLAs.

Conclusions

Take your time and investigate prospective cloud providers, including Big Cloud Vendors. Make sure you understand what you are contractually obligating your e-commerce business to and for how long. Of course, it would not be bad idea for you to engage a lawyer who has experience in drafting and negotiating website development contracts and SOWs, including cloud contracts and SLAs.

This website development contract series should help you learn more about legal issues to consider and what to negotiate. So please stay tuned for the future installments, which will include topics such as, indemnification, lawsuits and arbitrations, and related topics. image

Peter VogelPeter Vogel has been an ECT News Network columnist since 2010. His focus is on technology and the law. Vogel is Of Counsel at Foley & Lardner LLP, and focuses on cybersecurity, privacy and information management. He tries lawsuits and negotiates cloud contracts dealing with e-commerce, ERP and the Internet. Before practicing law, he received a master's in computer science and was a mainframe programmer. His blog covers IT and Internet topics. Email Peter.

Chelsea HilliardChelsea Hilliard has been an ECT News Network columnist since 2019. As an associate at Foley & Lardner LLP, she focuses her business litigation practice on trade secret noncompetition and securities enforcement. She also helps clients with complex electronic discovery disputes and has been recognized as Texas Rising Star attorney by Texas Monthly, and a Top Lawyer under 40 by D Magazine. Email Chelsea.

LHoFT Webinar: The Employment Landscape Covid19 and beyond

Tidak ada komentar:

Posting Komentar

'Offensive capability': $1.3b for new cyber spies to go after hackers

Australian security agencies believe China is behind the cyber raids on all levels of government, although the Morrison government has chose...