Creating a Standard Approach to Cloud SLAs

NIST is one of several organizations working jointly to develop an international standard for service level agreements.

The Internet is full of tips for demystifying and rethinking service level agreements in the cloud.

The problem is that SLAs vary wildly across cloud vendors, and even divisions within companies may offer different agreements for providing services that meet or exceed agencies’ expectations, said John Messina, a computer scientist at the National Institute of Standards and Technology.

“If you’re in a situation where you’re comparing cloud services, they could be identical from two different cloud providers, but the underlying SLAs are such that you can’t even really compare them,” Messina told attendees this week at the Federal Cloud Computing Summit in Washington, D.C. “They use different terminologies, different metrics, they’ll be all over the map. It’s really like comparing apples to oranges to footballs.”

And you’ve heard the SLA buzzwords: resiliency, fault tolerance and availability. They could mean different things depending on which definition you use or what company you do business with.

But there are developments on the horizon aimed at standardizing SLAs.

International Standard for SLAs

NIST identified the need for standard service level agreements as one of 10 high-priority requirements to further the government’s adoption of cloud computing. That was in 2011. The good news is that a lot of smart people have joined forces to create a solution.

The agency is one of several organizations collaboratively developing a standard for identifying the components that should appear in an SLA, the metrics that can be used within an SLA and the requirements.

An international working group is dedicated to developing a voluntary, consensus-based standard for SLAs, Messina said. But creating it won’t be easy. “Metrics and measurements are very hard. It’s not as simple as just identifying what a metric is. You also have to develop a standard way by which you will always make that measurement.”

There are metrics that deal with the contract and connectivity and availability and metrics that focus on service use, he noted. The committee is trying to identify ways to create a global database of potential metrics.

Messina expects a working draft of the committee’s efforts will be released to participants and interested parties this fall.

Cloud Standards in the EU

The European Commission recently published cloud SLA standards “to give EU businesses more certainty around what cloud service providers and consumers are responsible for when entering into contractual agreements,” reports Business Cloud News.

The commission is urging influential entities, such as the International Organization for Standardization, to adopt the framework and broaden its impact. The next step involves testing the guidelines with businesses and deciding whether they should be modified.

To learn more about how cloud computing solutions can help your organization get ahead, visit

Jul 11 2014