Convergence of solutions and contracting terms top priority for negotiating cloud services

A survey report released by Baker McKenzie reveals it is critical to understand what parts of the cloud contract are negotiable and what is not, particularly in newer portions of the marketplace that have greater variance in solutions and contracting terms.

The longer an offering has been on the marketplace and the longer an application has been made available as an online service, the greater the convergence between the offering and contract, according to the companies surveyed.
“Our survey results indicate that there may be convergence in the more established parts of the cloud marketplace, such as Software-as-a-Service, but less so in others, such as Infrastructure-as-a-Service and integration with machine-to-machine/Internet of Things solutions,” said Peter R. George, Partner, a Partner in Baker McKenzie's TMT Group.
“As more cloud technologies come to the forefront and the laws applicable to them advance, it's the buyers and suppliers that can adapt to the evolving business realities of cloud arrangements who will seize the opportunities,” he added.
The survey report, now in its third year, highlights the top objectives, hesitations, and criteria that buyer respondents factored into their cloud procurement determinations. These factors are almost identical to the responses from cloud providers, potentially indicating further convergence in the marketplace.
Interestingly this year, 80% of buyers and providers, up from just under 50% last year, indicated that their contract stipulated a specific security standard to be complied with, rather than a general obligation to keep data secure. The majority mandated an ISO 27000 series standard, though other standards referenced included HIPAA, NIST 800 series, ITIL, PCI-DSS, FedRAMP and COBIT.  
Another notable negotiation trend to emerge was that buyers and providers are remarkably close together in what limitation of liability levels they consider acceptable. The majority of both groups responded that the liability cap in their contract was a multiple of fees, with a range of 1-5 times annual fees for buyers, and 1-3 times for providers. In a minority of cases (10% less than last year), parties had negotiated for, or accepted, uncapped liability for data security breaches. Providers indicated that caps for data security breaches were typically a multiple of fees rather than a dollar amount, while for buyers there was a nearly even split between those two options.
The survey also asked respondents to identify the best way to structure contracts for solutions involving multiple cloud providers. 42% of respondents indicated buyers contracting with each provider as the best solution; 35% said a buyer contracting with a prime contractor was the preferred approach; and 23% suggested a hybrid approach with some buyer contracting.
Additional key findings from the report:
·        About 60% of buyers indicated that their cloud offerings met their goals (last year, 70% of buyers responded positively).
·        A majority of providers indicated they offer solutions that may be tailored for IoT integration.
·        Our respondents indicated that where there was a mix of paper, the parties would typically pull certain buyer terms (e.g., security requirements) into provider’s paper.
·        80% of buyers/providers indicated that the agreement required provider to follow specific security standards.
·        A majority of buyers indicated they included at least some prohibitions on where a provider may host their data.
MariaDB strengthens its cloud offerings by re-integrating SkySQL's advanced serverless...
atNorth partners with Crusoe to expand cloud capacity at ICE02 data centre, meeting rising demand...
Capgemini is set to acquire Cloud4C, enhancing its cloud managed services with automation and...
Keepit's survey highlights the risks of relying solely on native SaaS backups, underscoring the...
Hitachi Vantara offers new storage solutions on Azure for improved management and cost-efficiency.
Nokia is hailed as the leading core network vendor in Omdia's 2025 report, excelling in...
Financial institutions benefit from hosted private cloud solutions, balancing modernisation with...
HANDD Business Solutions teams up with Cloudhouse to modernise legacy systems and protect sensitive...