Guise Bule

@guisebule

The SLA is a Lie

Four nines they call it, industry standard they say.

99.99 UPTIME GUARANTEED.

We have all seen this before or variations of it somewhere before.

As a cloud provider, I know that four nines is bullshit and so do the other cloud providers that I know, although we never talk about it publicly.

In my defense, all the other cloud providers were offering four nines too, everyone else was doing it, seemed like we had to as well and our legal team gave it the green light, so we went ahead and rolled out a four nines SLA too.

I am talking about our service level agreement, the document that cloud providers give to customers when they ask about service levels.

An SLA is a promise we make to our customers about the level of service we will provide to them, the key word in the equation being promise, usually we provide higher levels of service than our SLA promises, but usually things do not go wrong.

A promise is all an SLA is and a promise is only ever kept until it is broken.

Four nines, how did we arrive at that figure ?

The cloud computing industry falls over itself to guarantee 99.99% uptime, but who originally worked that figure out ? How did we as an industry arrive such a precise figure when we came to make our uptime promises ? Maths ?

Four nines, it rolls off the tongue. It sounds lovely does it not ?

It is of course absolute bullshit at least 99.99% of the time.

We place so much faith in the four nines promise that we actually go ahead and migrate entire businesses to the cloud, not just the data, but also the apps, the desktops, the servers, our email and suddenly there it is.

Total cloud dependency.

This is not a fantasy scenario I am describing, it is pretty much every other small business out there these days and all of our customers. There are two hundred million people who keep their personal files on dropbox.

You migrated all your stuff to the cloud, because everyone else was doing the same thing, it seemed like you had to as well and the legal team gave it a green light. Your CEO said it wa sa good move and so you did it.

Nothing wrong that in principle, people move to the cloud for good reason.

But let me tell you something I learned the hard way, four nines means nothing when every single one of your customers loses connectivity.

Four nines means nothing when that loss of connectivity goes on for long enough to cause damage and even less when it begins to cost real money.

Four nines means nothing when entire organizations are reduced to sitting at their desks doing nothing because they cannot access their cloud stuff.

I know this, I have been a cloud provider, other cloud providers know this, they have been through nightmares too, the entire industry knows this.

Yet we persist in telling the four nines lie.

If you are really lucky, when the worst happens, your cloud provider will give you some service credits as compensation for the pain.

Yes thats right, you heard me correctly. After causing you pain through lack of service, the cloud providers turn round and offer you compensation in the form of more of their services. Lovely, just what you needed.

If you as a cloud customer decide that you are not happy with this, if you decide that your cloud provider has caused you enough damage for you to be really really upset and that you need money to make it right, well then usually you have to go to court to settle the dispute with the cloud provider.

Aint nobody got time for that.

So usually when downtime occurs, you say thank you for the service credits and you renew your faith in the four nines, because the four nines do actually work 99.99% of the time and it really does roll off the tongue nicely.

Let me change the conversation a little and ask you to pretend that you are a small business owner, one considering migrating your business to the cloud.

Ask us about insurance.

Do not worry we will tell you, we have cyber insurance.

Not only that, our cyber insurance is underwritten by Lloyds of London and covers us for up to 20 million dollars in damages. Do not worry we will tell you, we have so much cyber insurance that if the absolute very worst happens, the insurance company will give us money to make it right, thats a promise.

Let us not speculate on the loss adjustment practices of major insurance companies, but instead focus on the message that the entire cloud computing space is communicating to their customer base when asked about insurance.

We tell you that OUR organizations are insured against the risk of bad things happening to OUR cloud and that OUR company will have funds made available to US by OUR insurance company to put things right if they do go wrong.

Then we ask you to place all of your faith in the idea that we have our asses covered as far as insurance is concerned, right before telling you about the four nines again and showing you our SLA again.

What we do not mention is that OUR insurance does not extend to your business and we do not mention that OUR insurance will not financially recompense you for any damages that OUR worst case scenarios may cause to YOUR business.

As a customer, you seem to ignore the fact that we have failed to mention this and decide that the risk of moving to our cloud is worth taking.

You are probably vaguely aware that downtime does occur, but the four nines seems reassuring. You probably did read our SLA, its beautifully written, looks legit and promises you service credits if we cause you pain.

You also probably did check out our insurance certificates, just to check that OUR company is insured against the inherent risks involved in the cloud.

Then you go and migrate your stuff to OUR cloud.

First of all thank you, we really do appreciate it and we will genuinely work incredibly hard not to betray the trust you have placed in us.

I must also tell you that we worked really hard on our SLAs, we thought long and hard about how many service credits we should give you if the worst goes wrong and we think our SLA is really fair.

Also, we usually provide a much higher level of service than we promise in our SLA, the SLA is in fact one of the most serious documents we have.

But let us get real here, if you ever actually come to us and said that we had caused you to suffer downtime, that we lost your data, or perhaps that our obvious security lapses had exposed your business to cyber crime and therefore we owed you real cash damages, we would lawyer up straight away.

Then we would respond with some sort of rigorous defence based on our four nines SLA and hope it is enough of a reason for you not to sue us.

Why ? Because there is no other mechanism in place to settle this grievance, there is no mechanism in place to financially compensate you and protect you against the inherent and obvious risks of cloud computing and we as cloud providers are not about to start giving you money every time downtime happens.

Go on, read your SLA and try to find the bit where you get actual money back, it does not exist, not on Amazon´s SLA, not on Microsoft Azure´s SLA or on any of the big cloud providers service level agreements anywhere.

If you are really really upset, so much so that you feel financial compensation is needed to settle the grievance, then you will probably have to take us to court to see satisfaction.

We will settle out of court and yes that is a gag order if you want that settlement. A hypothetical situation for sure, but not so far fetched.

This situation could be so easily avoided too, its ridiculous. I am writing this story from an airport, waiting for my plane to arrive.

I arrived at the airport in a rental car and when I hired the car they asked me if I wanted to buy additional insurance on top of the basic insurance that already came included with the car rental, I always take the additional insurance.

Just in case, because the risks are real.

When I booked my flight, they asked me if I wanted to buy travel insurance, to insure myself and property against the risks of traveling, I already have travel insurance because I travel a lot.

Yet when cloud providers convince you to migrate all of your stuff to the cloud, they offer you absolutely no insurance at all.

This is the dirty secret of the cloud industry that nobody talks about, there is a whole lot of risk and the cloud customers carry pretty much all of it.

The SLA is a lie and you do not have cloud insurance.

How does that make you feel as a cloud customer ?

This is not just a problem for small businesses, but also the hundreds of millionsof cloud consumers who keep their photos and personal files in dropbox or iCloud, who keep their personal email on gmail or hotmail.

What are all of your dropbox files worth to you ? How much are those thousands of emails in your gmail folders worth to you ?

If they are lost, who pays for that ?

Neither Google or Dropbox actually bother offering an SLA, at least they do not use the four nines lie, but somehow that feels even worse.

Not only do they not provider hundreds of millions of cloud consumers with an SLA, they also completely fail to offer even the most basic kind of insurance to protect their customers against worst case scenarios.

The entire cloud industry is letting hundreds of millions of cloud consumers down by failing to provide the basic protections we enjoy when we rent a car, go on holiday or buy a new smartphone.

And nobody is talking about it.

Connect with me on Linkedin or Twitter, like a business hippy I practise open hand networking and mindshare, all conversation and opinions are welcome.

More by Guise Bule

Topics of interest

More Related Stories