We’re trying to come to an agreement with a SaaS vendor about performance and availability service level agreements (SLAs). I discussed this topic some in my previous “SaaS Headaches” post. I thought it would be instructive to show people the standard kind of “defense in depth” that suppliers can have to protect against being held responsible for what they host for you.
We’ve been working on a deal with one specific supplier. As part of it, they’ll be hosting some images for our site. There’s a business team primarily responsible for evaluating their functionality etc., we’re just in the mix as the faithful watchdogs of performance and availability for our site.
Round 1 – “What are these SLAs you speak of?” The vendor offers no SLA. “Unacceptable,” we tell the project team. They fret about having to worry about that along with the 100 other details of coming to an agreement with the supplier, but duly go back and squeeze them. It takes a couple squeezes because the supplier likes to forget about this topic – send a list of five questions with one of them being “SLA,” you get four answers back, ignoring the SLA question.
Round 2 – “Oh, you said ‘SLA’! Oh, sure, we have one of those.” We read the SLA and it only commits to their main host being pingable. Our service could be completely down, and it doesn’t speak to that. Back to our project team, who now between the business users, procurement agent, and legal guy need more urging to lean on the supplier. The supplier plays dumb for a while, and then…