The big seven factors that often come about when negotiating an SLA with a cloud provider are:
Privileged User Access
– Know as much as you can about those who touch your data
– Ensure the provider is willing to undergo an audit
– Ensure legal privacy standards are upheld by location
– Identify the need for encryption, or providing some separation of your data from the data of others in the cloud
– Ascertain what will happen when the service or data is unavailable, and how long a complete restore will take
– What capabilities and support does the provider offer to investigate illegal activities
– What happens if the provider is acquired
In the instance of multiple datacenters, however, it’s oftentimes unclear as to exactly where your data resides, and the privacy standards set forth by the cloud provider.
Microsoft has just released a whitepaper titled Privacy in the Cloud Computing Era. In it Microsoft sets forth ten guiding privacy principles by which policies surrounding privacy in the cloud are directed. The whitepaper also addresses legal and regulatory issues as part of Microsoft’s foray into Cloud Computing.
The whitepaper may be found here.