{"id":53,"date":"2008-09-12T10:51:30","date_gmt":"2008-09-12T15:51:30","guid":{"rendered":"http:\/\/www.webadminblog.com\/?p=53"},"modified":"2008-09-12T14:31:26","modified_gmt":"2008-09-12T19:31:26","slug":"beware-the-deceptive-sla-my-friend","status":"publish","type":"post","link":"https:\/\/www.webadminblog.com\/index.php\/2008\/09\/12\/beware-the-deceptive-sla-my-friend\/","title":{"rendered":"Beware the Deceptive SLA, My Friend"},"content":{"rendered":"

We’re trying to come to an agreement with a SaaS vendor about performance and availability service level agreements (SLAs).\u00a0 I discussed this topic some in my previous “SaaS Headaches<\/a>” post.\u00a0 I thought it would be instructive to show people the standard kind of “defense in depth” that suppliers can have to protect against being held responsible for what they host for you.<\/p>\n

We’ve been working on a deal with one specific supplier.\u00a0 As part of it, they’ll be hosting some images for our site.\u00a0 There’s a business team primarily responsible for evaluating their functionality etc., we’re just in the mix as the faithful watchdogs of performance and availability for our site.<\/p>\n

Round 1 – “What are these SLAs you speak of?”\u00a0 The vendor offers no SLA.\u00a0 “Unacceptable,” we tell the project team.\u00a0 They fret about having to worry about that along with the 100 other details of coming to an agreement with the supplier, but duly go back and squeeze them.\u00a0 It takes a couple squeezes because the supplier likes to forget about this topic – send a list of five questions with one of them being “SLA,” you get four answers back, ignoring the SLA question.<\/p>\n

Round 2 – “Oh, you said ‘SLA’!\u00a0 Oh, sure, we have one of those.”\u00a0 We read the SLA and it only commits to their main host being pingable.\u00a0 Our service could be completely down, and it doesn’t speak to that.\u00a0 Back to our project team, who now between the business users, procurement agent, and legal guy need more urging to lean on the supplier.\u00a0 The supplier plays dumb for a while, and then…<\/p>\n

<\/p>\n

Round 3 – “Oh, performance and availability of the service we’re supposed to be providing you!\u00a0 Yeah, we have that.”\u00a0 From somewhere comes a huge set of legalese with definitions of “to the glass” performance and everything.\u00a0 Until this week they had “no idea” what we meant about a service performance SLA.\u00a0 So we read that – the definitions look good, but now we go down to the remedies.\u00a0 They define all these performance metrics, but down in the clause that says “you get money back if we jack it up” they carefully only list their total ping outages.\u00a0 And you can only get compensation for one of these total outages if you report it *during* the outage.\u00a0 And if you do that, you get a credit for 1\/10 of your monthly bill.\u00a0 No dice.\u00a0 So back to the project team.\u00a0 The procurement agent is very concerned that having to continuously work on this will interefere with has carefully crafted deal.\u00a0 “Sorry, no SLA no go,” we say.\u00a0 Meetings worth of internal friction occur, until we go back to the vendor yet again.<\/p>\n

Here’s where you get into the truly deceptive territory.\u00a0 If you read the SLA, up front you see all these definitions and tables about “to the glass performance” and “over DSL!” and everything so you think “great, it’s taken into account!”\u00a0 But their lawyers have done their job well, so they can put in all the stuff they want but if down in the bottom it doesn’t say “and if we don’t live up to that we give you money back” it’s worthless.<\/p>\n

Round 4 – Still pending.\u00a0 But we’ve seen this all before, this supplier isn’t unique by any means.\u00a0 We’ll get another two drafts in before we’re done, assuming that our business users don’t freak out and just say “we’ll accept the risk!!!” and sign the contract.<\/p>\n

Next will come up how it’s measured.\u00a0 The supplier will say “we’ll measure it!\u00a0 Trust us!”\u00a0 Obviously that’s stupid.\u00a0 We usually pay for a Keynote or similar monitor as an impartial third party (expensive, but less expensive than a sucky SaaS service).\u00a0 Then they’ll try one final draft where they’ll say they’re accepting all our terms but will cleverly revert one of the earlier edits to break the link between definitions and remedies.\u00a0 It’s like there’s some script they all follow.<\/p>\n

And every supplier does this.\u00a0 It’s how they “protect” themselves.\u00a0 This isn’t a fly by night operation, it’s a large supplier and 90% of you have their software loaded up on your PC right now.\u00a0\u00a0 They rely on you either not bothering with the SLA in the first place, or not reading it carefully enough, or not having the gumption to go 6 rounds with them to get an enforceable one in place.\u00a0 That’s good odds for them.\u00a0 Don’t accept it.\u00a0 You’re paying for a service and you deserve to get that service, and get your money back if they don’t supply it in a usable way.<\/p>\n","protected":false},"excerpt":{"rendered":"

We’re trying to come to an agreement with a SaaS vendor about performance and availability service level agreements (SLAs).\u00a0 I discussed this topic some in my previous “SaaS Headaches” post.\u00a0 I thought it would be instructive to show people the standard kind of “defense in depth” that suppliers can have to protect against being held […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[98],"tags":[629,122],"class_list":["post-53","post","type-post","status-publish","format-standard","hentry","category-saas","tag-saas","tag-sla"],"aioseo_notices":[],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/pfI0c-R","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/posts\/53","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/comments?post=53"}],"version-history":[{"count":6,"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/posts\/53\/revisions"}],"predecessor-version":[{"id":57,"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/posts\/53\/revisions\/57"}],"wp:attachment":[{"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/media?parent=53"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/categories?post=53"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/tags?post=53"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}