Cloud services
are not based only on technical requirements but on different non-technical
requirements that enterprises require. These requirements (e.g., application
performance, uptime, reliability, connectivity and availability) are expressed
and negotiated by means of Service Level Agreements (SLAs). In the following
posts we will look at the standard SLA’s for Microsoft; Amazon and Google’s
SLA’s covering their cloud services.
My objective
here is to make sure we can compare SLA’s between vendors and make sure points
that need to be understood are out in the open so they can discuss with IT,
Legal, Business and our vendors.
In this post we
will look at Microsoft’s SLAs for its Azure cloud services (Compute, storage,
sql, service bus and access control).
Security:
You or your organizations are responsible for determining whether our security meets your requirements.You are entirely responsible for maintaining the confidentiality of your password and account.
You are entirely responsible for any and all activities that occur under your account.
You could be held liable for losses incurred by Microsoft or another party due to someone else using your account or password.
Microsoft will store the information you provide on computer systems with limited accesses, which are located in controlled facilities.
Microsoft when transmits highly confidential information (such as a credit card number or password) over the Internet, they will protect it through the use of encryption, such as the Secure Sockets Layer (SSL) or Transport Layer Security (TLS) protocol.
Microsoft only uses data encryption on data that they believe to be private. Microsoft recommends any data you feel to be private that you use encryption.
Information collected:
Like any corporation today Microsoft loves to know information about its customers. So in your dealings with Microsoft; in setting up accounts, etc, for cloud services be cogitative the following information is being collected.
Including the site you came from.
The search engine and the keywords you used to find Microsoft sites.
The pages you view within Microsoft sites.
Your browser add-ons.
Your browser's width and height.
The pages you view.
Links you click and other actions you take on our sites and services.
Your Internet Service Provider.
Your IP address.
Browser type and language, access times and referring Web site addresses.
They also can and will supplement information they collect with information obtained from other sources. I.e., derive your general geographic area based on your Internet Protocol (IP) address.
Including the site you came from.
The search engine and the keywords you used to find Microsoft sites.
The pages you view within Microsoft sites.
Your browser add-ons.
Your browser's width and height.
The pages you view.
Links you click and other actions you take on our sites and services.
Your Internet Service Provider.
Your IP address.
Browser type and language, access times and referring Web site addresses.
They also can and will supplement information they collect with information obtained from other sources. I.e., derive your general geographic area based on your Internet Protocol (IP) address.
Data Locality:
Information you provide or upload to the Portal may be stored outside the country in which you reside.
Information that is collected by or sent to Microsoft may be stored and processed in the United States or any other country in which Microsoft or its affiliates, subsidiaries, or service providers maintain facilities.
Microsoft abides by the Safe Harbor framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of data from the European Union, the European Economic Area, and Switzerland.
I asked a
Microsoft Senior Developer Evangelist what he knew
about data locality his response was “OK – I checked around a bit, and although I am not a lawyer,
the general consensus is that it’s based on the physical location of where the
data center is located, not the location of the company that owns the data, or
the location of company that owns the datacenter.” Given the point of having cloud
services is suppose to release us from knowing where the actual data is or
where is has been replicated for backup purposes I think this is a big concern
if you are storing data in the cloud where privacy laws or government
regulations may apply.
Performance:
Basic SLA is 99.9%
(“Three nines”) for Azure services. This would give your organization 8.76
hours of downtime per year, 43.2 minutes per month and 10.1 minutes per
day.
Failure to
comply with the SLA uptime percentages would result in a 10% or 25% discount on
the monthly billing for the service, depending on the degree of the failure.
No comments:
Post a Comment