June 8, 2016

Sleep well with a good SLA and your data in the cloud

Eirik Tryggeseth

Lead Solution Architect, Tieto

Moving to the cloud, demands a partner that provides a Service Level Agreement (SLA) that guarantees you a good night’s sleep. A good SLA provides the necessary security governance, authorization within data centres and quality assurance. This forms the foundation of the continuity that your business requires and your own customers expect.

When discussing a move to cloud services, the main concern of our energy utilities customers is data security. Utilities must meet national regulations regarding the physical locations of data storage within regions and countries while securing the personal information of their customers. Our customers ask us one question again and again: “If we move our data out of our data centers, how can we know that data access and management will be as good as if it were still in our internal data centres?”

To address this issue, let’s reflect on ordinary consumers. Most of us take photos on our mobile devices and want access to them on other devices too. Often our images are stored in a cloud service synchronized with our mobile phones 

In practise this means that many of us are unconsciously accepting the cloud service provider’s terms of service, often without any further consideration of the data security of those images. What happens if the cloud service provider loses some data? It is critical that data is backed up so that it is available even when some of their primary storage is destroyed.

Similar consumer data issues — related to both security, safety and availability of data — arise in all corners of the modern economy, and utilities are no exception. An important question is: how do they handle your energy consumption data and personal information?

How to ensure the availability and security of your data in the cloud

These concerns also apply to companies. If your business requires you to keep your customers’ data, you need to ensure that the storage of that data is governed by a very good agreement with the data solution provider.

When your company is concerned with data breaches and is also dependent on the information being selectively available from outside of the data centre through apps and APIs, you must put your data in the hands of a reliable cloud service provider. You must ensure that the service provider has a good process and service agreement that ensure the data is safe and accessible. A good service level agreement (SLA) should include the following:

  • Security — data is stored securely and is inaccessible to unauthorised personnel
  • Safety — data is managed to eliminate data loss
  • Availability — backup and backup storage are managed in a comfortable and understandable way

The foundation of a reliable Service Level Agreement (SLA)

Irrespective of which delivery service model you use for your data — i.e. (1) a local data centre, (2) a private cloud solution in a data centre managed by your service provider or (3) cloud software as a service — you must take steps to ensure that the data managed by your service provider is protected. Again, this is true no matter which delivery model you use. Accordingly, the following must be considered:

  1. A good security governance policy must establish how your service provider actually stores data and the specific roles of the organisation that manages your data. This ensures that your business can run properly. If you use a private cloud from our data centre or you purchase cloud services, we will develop a good security governance and service level agreement. 

    If you purchase services from a public cloud, you are only purchasing the infrastructure or cloud service. Hence, you do not have a service level agreement, which means you do not have any formal governance of the level of service.
  2. Authorisation within data centres should be clarified to prevent all resources withinthe data storage organisation from accessing your data. For example, having a clear agreement with energy utility customers that their data is inaccessible from outside of the European Union without their signed, written consent.
  3. Quality assurance is vital to data storage.When you use data centres, it takes some effort from your organisation to utilize all available features. Often, you don’t have time to fully review whether you need those features or not. If you are buying a service, the SLA with your software provider is responsible for quality assurance. If the data storage organisation is not taking full responsibility, the SLA’s terms are broken. This gives a data service organisation a much higher incentive to actually ensure the uninterrupted operation of the service by actually rolling out new features.

Just as consumers have begun to utilise cloud services for their data, so too are businesses such as energy utilities. This shift opens up new opportunities, but it is not without its risks. Fortunately, these risks can be mitigated through the use of a dependable SLA that establishes a good security governance policy, appropriate authorisation within data centres and overall quality assurance. Hence, your business can rely on the security, safety and usability that you and your data need.

We as Tieto, through our ecosystem with leading global cloud partners, offer you a reliable service – for whichever cloud delivery model your company wants to embrace – with valuable additional services and defined appropriate and necessary SLAs. 

Stay up-to-date

Get all the latest blogs sent you now!