Bluelock Blog

Rights and Responsibilities in Cloud Computing (via Gartner)

July 19, 2010 by Alicia Gaba
Gartner recently released six "rights" and one "responsibility" for cloud service users/clients to help enable better business relationships between vendor and client. This list, although short, is actually quite exhaustive in terms of outlining some major topics a client should cover BEFORE entering a cloud hosting agreement.

Gartner's list of Cloud Computing Rights & Responsibilities:

The right to retain ownership, use and control one’s own data - Service consumers should retain ownership of, and the rights to use, their own data.

The right to service-level agreements that address liabilities, remediation and business outcomes - All computing services - including cloud services - suffer slowdowns and failures. However, cloud services providers seldom commit to recovery times, specify the forms of remediation or spell out the procedures they will follow.

The right to notification and choice about changes that affect the service consumers’ business processes - Every service provider will need to take down its systems, interrupt its services or make other changes in order to increase capacity and otherwise ensure that its infrastructure will serve consumers adequately in the long term. Protecting the consumer’s business processes entails providing advanced notification of major upgrades or system changes, and granting the consumer some control over when it makes the switch.

The right to understand the technical limitations or requirements of the service up front - Most service providers do not fully explain their own systems, technical requirements and limitations so that after consumers have committed to a cloud service, they run the risk of not being able to adjust to major changes, at least not without a big investment.

The right to understand the legal requirements of jurisdictions in which the provider operates - If the cloud provider stores or transports the consumer’s data in or through a foreign country, the service consumer becomes subject to laws and regulations it may not know anything about.

The right to know what security processes the provider follows - With cloud computing, security breaches can happen at multiple levels of technology and use. Service consumers must understand the processes a provider uses, so that security at one level (such as the server) does not subvert security at another level (such as the network).

The responsibility to understand and adhere to software license requirements - Providers and consumers must come to an understanding about how the proper use of software licenses will be assured.

This list brings light to what BlueLock is already doing right to better our relationships with our own clients. Based on the Gartner list provided, we are certainly in the right place.
1. Our clients do own and control their own data. We just provide and help manage the infrastructure platform.
2. BlueLock's Service Level Agreement (SLA) addresses liabilities, remediation and business outcomes the organization follows in the case of a service fall down.
3. BlueLock sends notifications and updates to our clients prior to, during and after any changes or updates to our environment that may or may not affect our client's environments. We even ask that our clients make us aware of any changes or updates on their end so that we can plan together to better alleviate any chance of disruption.
4. Technical limitations and service requirements are always discussed in the sales process.
5. We provide legal documentation upfront.
6. Our security procedures are very important to our clients, and therefore, our clients want and need to know what security processes we follow and adhere to.
7. Software license requirements are important - BlueLock must stay true to its software providers, and therefore, our clients must stay true to them as well.

To learn more about BlueLock's cloud hosting services, contact us or visit our website.

Comments for Rights and Responsibilities in Cloud Computing (via Gartner)

blog comments powered by Disqus