For web apps, get a service guarantee
IT and corporate procurement departments are getting involved and extracting more service guarantees from vendors
By Juan Carlos Perez, IDG News Service | Published 15:00, 06 March 08
The company's 22 employees, located in six countries and four continents, operate in 14 different time zones, and since most of their work is collaborative, Google Apps — which lets users jointly edit documents located on a central server — was a better alternative than e-mailing Microsoft Office documents back and forth.
Harrison would also like to see Google Apps provide an offline component that would allow users to work on their local PCs when disconnected from the Internet, a capability he knows Google is pursuing with its Gears technology.
That Harrison would feel more at ease with an SLA is telling. His company isn't an ordinary Google Apps customer. Although the relationship between Google and Abraham Harrison is purely of the vendor-client type, meaning that the company receives no compensation from Google, the Google Apps team has singled it out as a model small business whose feedback it regularly seeks. As a result, Harrison is in close contact with the Google Apps team.
What should a business manager look for in a service level agreement? The most basic item should be an uptime commitment for application availability, ideally 99.9 percent of the time or above. It should also address planned maintenance downtime, which, if too frequent, can become bigger burdens on customers than accidental outages.
When negotiating, inquire whether the SaaS vendor owns its own datacentres or whether it depends on a partner, and be sure to investigate who the partner is and the extent of its infrastructure. Also verify that the SaaS vendor has key certifications, such as the SAS 70 Type II audit.
The SLA should address performance, as well, because an application that is extremely slow will affect a company's operations. It's also a good idea to include provisions for the data created with the applications and to put in writing what responsibility the vendor will assume for data that is lost, corrupted, or stolen, along with statements about the vendor's data security measures and data backup and recovery services.
Kaplan recommends assuming the worst — that the vendor may go out of business altogether. To protect against that eventuality, customers can request that the vendor bring in a third-party "escrow" provider that will, for example, house the applications source code and data, in case the SaaS vendor goes under.
