08 Sep A Commercial Approach To Cloud Service Agreements
This course is suitable for anyone with limited experience in verifying cloud service agreements and those who want to understand the general regulatory environment for cloud services. The service level for response time is closely related to the service level for uptime and often entangled with it. The service level for the fixed response time of latencies and maximum response times for a customer`s use of the services. Services that do not provide timely responses to their users are virtually unavailable. As with the uptime service tier, the specific service level objective depends on the facts and circumstances of each case, including the complexity of the transaction, the processing time required, and the critical speed to achieve the customer`s business goals. Typically, a cloud computing service is offered in a “pay as-you-go” or “pay-per-use” cost structure (for example.B. per virtual machine per hour, per gigabyte of memory per month, per active user, and per month). Accordingly, the agreement should provide for the possibility of adding and removing resources, adjusting service charges upwards and downwards. Before signing the contract, the customer must negotiate rates for incremental and decremental use and attempt to set recurring fees for a set period of time (one to three years). Thereafter, an escalator should apply on the basis of a cost performance index (CPI) or other third-party index. Cloud computing includes remote access to a vendor`s software and infrastructure and often includes storing the customer`s data with that vendor.
To this end, cloud computing agreements have some similarity to traditional software licensing agreements, but often have more in common with application hosting or service agreements. Therefore, the most critical issues and concerns that arise in the context of hosting and service application agreements also apply to cloud computing agreements. The customer should always address technical insurance issues in cloud computing situations, both with regard to the customer`s insurance and the provider`s insurance. Most data protection and security laws make the customer liable for a security breach, whether it is the fault of the customer or the supplier. Therefore, the customer should contribute to insuring himself against IT risks, including those related to data and data protection, by allowing him to obtain a cyber liability policy. As a general rule, a supplier`s limitation of liability clause limits liability to the customer to the amount of fees paid under the contract or part of the contract (e.g. B the costs paid for the relevant part of the services in question) and (2) excludes accidental consequential damages (e.g. B loss of revenue), punitive and other consequential damages. While a customer may not be able to fully waive the limitation of liability, it should require the following concessions: the customer should be able to assign its rights under the contract to its related enterprises and other enterprises that, as a result of a reorganization, consolidation, assignment or other similar entities, may become successors or related companies.
In order to eliminate the supplier`s doubts about such an assignment, the customer may require any assignee to accept all the customer`s obligations under the contract. Similarly, the customer should be confident that each supplier-assignee agrees to be bound by all the terms of the agreement, including, but not limited to, service level obligations. Cyber liability insurance can protect the customer from a large number of losses. Most cyber insurance covers damage caused by unauthorized access to a computer system, data theft or destruction, hacks, denial-of-service attacks, and malicious code. . . .