The cloud is creating a greater sense of capability and collaboration and compelling financial benefits, which can, if not checked drive contractual and operational ambiguity, according to research.

The findings point to a transformation in the way IT is procured. Furthermore, the research illustrates how diverse and fragmented it often is for both end users and the IT channel to contract cloud services.

In traditional markets there is often a practical path to establish relationships between parties such as a physical point of presence for the business supplying the goods or services, a track record or personal relationship to add trust between the parties and clarity of who is in charge and what can be delivered. The research shows that end users are seeking comfort on reliability, control, integration and security of hosted services as they expand their IT infrastructure from on-premise to encompass online.

In the online world where the number of suppliers is growing at an astonishing rate, these traditional norms are eradicated and we are returned to the basic fundamental principle of Caveat Emptor – or ‘Buyer Beware.

Frank Jennings, Partner DMH Stallard, continued: “The research has highlighted that there is a patchy understanding of cloud service contracts. There is no one-size-fits-all approach that can be taken unilaterally and service, geography and scope will all play a part on the shape of any final agreement. However, there is a need for clarity and transparency in all contracts on key issues that impact and concern end user organisations as set out in the Code of Practice, championed by the Cloud Industry Forum.”

A sample of the key findings:

  • Just over half (52 per cent) of end user organisations currently using the Cloud claim to have negotiated the legal terms of their contract with their Cloud Service Provider.
  • A third (32 per cent) stated that their CSP can impose changes to their contract by posting a new version online. This figure rose to 50 per cent amongst resellers.
  • Just under half – 46 per cent – of end user contracts are renewed automatically. This becomes a greater percentage the smaller the organisation. The larger the organisation or indeed if it is in the public sector, the greater the chance these are reviewed.
  • End users are looking for far greater assurances in their contracts with CSPs than traditional service level agreements. This is more often about data and its location, security and ultimate ownership. When contracting for a Cloud Service almost eight in ten cloud users are looking beyond an SLA for comfort in the service to be provided.
  • Two thirds of the channel sample are also looking for greater assurances – 72 per cent on data access and privacy controls, documented policies on data protection (61 per cent) accredited information management security (46 per cent) and the application of the laws of the country where the data resides on 44 per cent.
  • 75 per cent of end users felt it was important that their data was stored by their CSP within the UK, EU or European Economic Union, a figure that increased to 82 per cent amongst SMBs.
  • Almost three quarters of cloud users are content that their contracts within their CSPs do not allow their provider to take ownership of their data or intellectual property.

Frank Jennings added: “As with all new markets, there are new entrants who are credible, well intentioned, capable and professional, and there are unfortunately those that are looking to make a quick profit and whose public claims won’t pass the test of scrutiny. Coupled with this is the increasing prevalence of online click-through agreements, originally designed to make procurement easier.

“However, after a decade of on-premise software End User License Agreements and web services agreements, this experience is to some extent muted in impact as many have adopted the behaviour of ticking the ‘I agree’ box to move forward in the process without the necessary caution of reading the small print.”

Paul Byrne CEO of ChannelCloud UK/Ireland and On Line Computing stated: “In my 20+ years working in the IT industry this is the first accreditation programme I’ve actively participated in, which can and will deliver real and quantifiable assurances to the end user around Cloud services. Such assurances have been inherent with other professional services bodies for many years now – so this is long overdue.

“This research serves to highlight that legal terms, security and data access amongst others are real & tangible fears for many end users. Therefore ChannelCloud UK/Ireland looks forward to working with it’s industry peers in helping the Cloud Industry Forum achieve transparency and best practice around the contracting of cloud computing.”

The Cloud Industry Forum has called on end users to always assume and maintain ultimate responsibility for decisions they make either on-premise or in terms of adopting Cloud Services, and good governance requires them to be clear on their choice, their back-up plan and their insurance cover.

The research illustrates that there is a proven benefit for CSPs to be certified to provide an independent frame of reference to compare and contrast differing CSPs. This was endorsed by 83 per cent of end users and 72 per cent of cloud service resellers.