This is because, as with security issues, corporate customers have begun to realize their application service provider (ASP) probably has better systems in place than they could reasonably purchase themselves. They are looking at SLAs more as a guide to the ASP/client relationship than as a way to penalize their ASP for not providing a predetermined level of service.
"The old uptime SLA is not as important to customers anymore," Craig Whetstone, senior director of business practices at San Carlos, Calif., ASP Corio said. It's "table stakes" to get into the ASP game, he added.
"What's more important is the actual service that you are offering," agreed Margaret Rimmler, director of Product Marketing for Lexington, Mass., ASP Surebridge. "It's good for setting up the expectations as to how we are going to work together."
Five-9s Not Financially Feasible
The exuberant era when ASPs were promising "five-9s availability" (i.e., a connection to the ASP guaranteed to be reliable 99.999 of the time) has passed. Most customers don't want to pay for that level of reliability. Technologically speaking, five-9s is an elusive and costly target for most ASPs, or their associated hosting provider, to attain. At the same time, few customers actually require that level of reliability.
"It's a trade off between diminishing returns," Whetstone said. "The approach that we take is we want to offer the customer the most cost effective solution. It sounds great to get five-9s, but it's going to cost you a lot get there. Is it really worth it to your business?"
Like other ASPs that have survived the recent industry upheaval, Corio has been around long enough to have developed basic SLAs that it customizes for each client. Some clients are very happy with Corio's basic uptime guarantee of 99.4 percent, but want robust disaster-recovery services instead, while others require uptime into the 9s.
This same is true for Surebridge, Usinternetworking, and IT outsourcer and health care ASP Antares Management Solutions.
"The key is more than just 98 percent" uptime, Ed Hartzell, CEO of Cleveland-based Antares, said. "It's what 2 percent were you down? What time of day was it?"
From Availability to Applications
SLAs are now moving beyond simple availability agreements to cover the applications being delivered. As customers become confident they can get to their ASP-supplied applications, they want their ASP to cover the performance of those applications when in use.
Some off-the-shelf products that accommodate this request are emerging, but the technology is still in its infancy, Corio's Whetstone said. Because of this, Corio is now working on in-house solutions that will track the progess of, for example, a purchase order. That allows Corio to guarantee responsibility for the utility of the e-commerce applications they are delivering.
"We're not guaranteeing the software won't lose the purchase order -- we're guaranteeing we're going to do these processes around keeping the application working in a manner that minimizes the chance that will happen," Whetstone said.
Antares has similarly limited initiatives in place. Surebridge, on the other hand, takes a different tack for the applications it fields. If a problem occurs, its first priority, regardless of who is at fault, is to get things up and running again. Once that is accomplished, they then go back and reverse-engineer the problem to find its source. But current Surebridge SLAs don't provide for any penalty if its applications are found to be faulty, Rimmler said.
It Ends at the End User
As a full-service provider with its own data centers, USinternetworking also offers its customers application support, but they do not cover "end-user functionality expectations," said Dave Collier, vice president of business operations for Annapolis, Md.-based USi. This holds unless data is inaccessible or unusable due to fault on the part of USi. USi offers help desk staff trained in its various applications.
"Someday, in the future, when the tools are right, we could possibly do some more application-layer-performance-type SLAs," Collier said. "But we're not there yet on the technology side, and we're not there yet on the customer demand side."
ASPs are still addressing the current levels corporate pain in using their relatively new services. And customers have yet to start asking for promises that the applications they buy will perform better than the ones theyve developede in-house.
As these requests become more common and issues such as security fall by the wayside, a new generation of SLA that guarantees service levels could come into being.
"The technologies for doing this are beginning to exist," Collier said. "But ASPs will respond [with] SLAs covering service only when the market starts to ask for them -- and [when] I'm able to increase my sales by 40, 50, 80 percent because I have that differentiation."