Many seem to want to limit their IT and voice spends to a fixed monthly cost. A chief concern that customers want to avoid is finding out later about hidden costs. These hidden and extra charges tend to lurk in managed service offerings and will derail efforts to achieve a fixed monthly cost. ROI is negatively impacted because hidden costs rear their head in moves/adds/changes and in the event of ongoing service issues related to the integration of more cloud service providers.
What seems to cause issues for clients is when they assume that their provider puts customer interests first. For example, does Microsoft guarantee that Office 365 meets HIPAA compliance? While this is just one example, the answer is no they don't--and it's also a misconception. Microsoft is willing to sign a "HIPAA business associate agreement," and this does NOT mean that customers of 365 are HIPAA compliant. Microsoft also states that 365 on its own does not achieve HIPAA compliance and that customers must ensure they have taken appropriate steps to meet HIPAA's and HITECH Act's requirements. But this is reasonable. What's not reasonable is when customers assume that using a particular platform makes them compliant.
Compliance and depending upon the provider has a lot to do with those details found in the agreements--sometimes found in the fine print. Managed services that guarantee compliance will have it clearly stated in their contract and terms of service.
Are you prepared to insure your firm against the potential liabilities of cloud computing? You may want to look long and deep at everything the insurance company throws at you when deciding about cyber insurance. Then, will you insure for disruption to the firm? Microsoft's "Limitation of Liability" clause for loss of data, excessive downtime, data breach, etc. is limited to $5,000 or to the last 12 months of service as a maximum value for damages. See the article: "Office 365's Fine Print: What you need to know."
Upon reviewing a recent managed services solution, I found that every site included a beefy server, and the provider didn't provision battery backup (UPS) for any of the locations. The cost of running these servers is borne by the customer. What happens when the server that manages the node is down? What is the expected response, and what is the impact to the customer network?
Then, what are the charges for customers seeking to make changes within their infrastructure managed by the provider? A bigger problem for this particular customer was available space to even accommodate the beefy servers.
When the customer inquired about integration with other cloud providers, they found that these requests were all billable. Even after negotiating a scope and cost for the work, the next roadblock was whom could the customer call in the event of an issue. Then, how would the customer handle service calls between different cloud providers? What happens when one cloud provider states that the problem isn't theirs but is the problem of another provider?
These issues are concerns that need to be worked out before inking a contract, not afterwards. In another area of concern, the customer discovered that the local changes for the LAN were all billable changes and that the customer could not do whatever they needed to do since they gave up control to their provider. This reminds me of the Centrex days when the answer was either no it can't be done, no it won't be done, or no we won't make exceptions. Perhaps the cloud provider will, but will they charge fees to do so?
While cloud services may be robust and even great, what are the supporting details to assure customers that they will capture a positive ROI, and how will they handle service issues when multiple cloud providers touch one another's services? The more upfront planning and discovery that goes into these efforts upfront translates to dividends on the backend post-implementation. To avoid total derailment of a compliance question, due diligence means that customers cannot assume or even presume to pass risks along to service providers. Microsoft isn't willing to assume these risks and losses, and clearly customers must consider the risk of loss before signing up with any managed service provider.
Follow Matt Brunk on Twitter and Google+!
@telecomworx
Matt Brunk on Google+
