Clearer terms are needed for SaaS cloud contracts, says Gartner

Tuesday 6 August 2013

Cloud computing customers want clearer terms in their Software-as-a-Service (SaaS) contracts where security provisions are concerned, it has been claimed.

According to IT analyst Gartner, too many SaaS contracts have ambiguous terms regarding the maintenance of data confidentiality, data integrity and recovery after a data loss incident.

The firm said this is leading to dissatisfaction among cloud services users, and making it harder for service providers to manage risk and defend their position to auditors and regulators.

Alexa Bona, vice-president and distinguished analyst at Gartner, said the firm is continuing to see frustration among many cloud service users.

"Whatever term is used to describe the specifics of the service-level agreement (SLA), IT procurement professionals expecting their data to be protected from attack, or to be restorable in case of an incident, must ensure their providers are contractually obligated to meet those expectations," she stated.

"We recommend they also include recovery time and recovery point objectives and data integrity measures in the SLAs, with meaningful penalties if these are missed."

Find out how Microsoft cloud services can help your organisation.

Posted by Alex Boardman