Cloud.bg Recognizes the Basic Rights of Cloud Computing Service Customers and to Protects Their Interests

The globally recognized authority in technology research and analysis Gartner.com has defined 7 basic rights of cloud services customers. The Gartner's "Bill of rights" aims to protect interests of anyone who has hosting applications on the cloud or using any form of Cloud computing based services. Let's see whether Cloud.bg covers the standards set by Gartner.

The Right to Retain Ownership, Use and Control One's Own Data

The first right set by the Gartner. The analysts say that Cloud "service consumers should retain ownership of, and the rights to use, their own data". According to Gartner's Council cloud service providers "must specify what it can do with the consumer's data".

Cloud.bg fully covers this first right - "the right to retain ownership" - set by Gartner. We guarantee our customers that any 3rd party should not be granted access to their data and that Cloud.bg does not use the personal data of its users for any purpose different from accounts management. The only operations which requires our customers' data to be used from 3rd parties are domain registration and registration of digital certificates and security products.

Gartner has stressed that consumers "could lose control of its data if the service provider goes out of business or is sold to another company". Cloud.bg guarantees that in case of a merger or acquisition, we should notify our clients that a change of ownership is about to occur 30 days prior to the date when the new owners take control over the operations.

We have explicitly specified that in Chapter 14 / Paragraph (e) in our Cloud Service Level Agreement, saying that "will notify you, in case of a merger or acquisition, that a change of company's ownership is about to occur 30 days prior to the date when new owners would take control over the operations of Cloud.bg.

In the Chapter 3 or SLA we have also stated that "If for any reason Cloud.bg can no longer provide its customers with the Cloud hosting services, as they are defined in this Service Level Agreement (SLA), we shall publish a 30 days notice in our website and to send such notice to all Cloud account owners on the email addresses registered in Cloud.bg Account management system. If Cloud.bg is unable to provide you with the service as it is defined in this SLA, we shall not keep your account information and personal data. Any personal data or data hosted on your Cloud account must be permanently deleted from Cloud.bg storage area network".

So we consider that our SLA provides for the clear disposition of the Cloud.bg users' data, in case if we should exit the IT hosting business of could no longer provide a cloud hosting service.

The Right to Service Level Agreement which Addresses Liabilities, Remediation and Business Outcomes

Cloud.bg explicitly stated in Chapter 2 that "In a case where there is a forced interruption of service for more than two (2) hours because of problems with the network, rather than hardware, the customer may request to receive monetary compensation equal to 25 times the amount of the the actual forced interruption of network availability".

After the only major interruption of service (3 hours of downtime, we had on July 7, 2003) we had after the launch of Cloud.bg we have added credit or 30 service days to all Cloud account holders., which is a compensations a few times greater that the one specified in Cloud.bg SLA.

Gartner apprehends that "all computing services — including cloud services — suffer slowdowns and failures". The analysts add that cloud services providers seldom commit to recovery times, specify the forms of remediation or spell out the procedures they will follow.

Cloud.bg business development team is proud to commit ourselves to the best possible practices in data recovery. In Chapter 2, we have defined very clear the terms "Network Downtime", "Emergency Break", "Restrictions (Limitations)", "Hardware (Equipment)", "100% guarantee (Network Uptime)" and explained who Cloud.bg applies them to the SLA.

In Chapter 2, Paragraph "Hardware (Equipment)" we have stated that "Cloud.bg issues a principled commitment to get the infrastructure, server, vps or Cloud account back online within five (5) hours if the damage happens during the regular business hours of 9:00 am to 5:00 pm (GMT+2) on weekdays. The recovery period in non-business hours and weekends must not take more than 24 hours. Failure to restore the server within this five hour (24 hours in non-business hours) period will result in a credit for services from Cloud.bg not to exceed thirty times the amount of forced interruption."

Having these warranty in our SLA we consider that Cloud.bg complies with this right defined by Gartner and that our Service Level Agreement is relevant to the best in the emerging Cloud hosting industry.

The Right to Notification and Choice About Changes that Affect the Service Consumers' Business Processes

According to this Right, "protecting the consumer's business processes entails providing advanced notification of major upgrades or system changes, and granting the consumer some control over when it makes the switch". Gartner analysts presume that "every service provider will need to take down its systems, interrupt its services or make other changes in order to increase capacity and otherwise ensure that its infrastructure will serve consumers adequately in the long term".

Cloud.bg keeps following this guideline, which we understand as important not for the Cloud, but for the traditional IT Hosting industry as well. We publish notifications about any scheduled maintenance or emergency procedures in our Cloud.bg website, in section "Announcements", send emails to account owners for any scheduled maintenances on their Account e-mails. If for any reason the Cloud.bg website is not accessible we publish updates and emergency messages in our Twitteraccount Twitter.com/CloudBg and in Cloud.bg Facebook Page. 

The Right to Understand the Technical Limitations or Requirements of the Service Up Front

"Most service providers do not fully explain their own systems, technical requirements and limitations so that after consumers have committed to a cloud service, they run the risk of not being able to adjust to major changes, at least not without a big investment", this conclusion made by Gartner is correct and we have seen it in the Terms of services adopted by many hosting providers.

We must accept that Cloud.bg has not precisely defined the limitations of the CPU time whcih Cloud accounts owners use. Bay saying "not precisely defined the limitations of the CPU time" we mean that we still didn't make the statistics of the used CPU time available in user accounts. In order to make our Clodu hostign services model fully transparent, we should enable CPU statistics by the end of 2010.

To compensate this disadvantage of Cloud.bg we have decided to lift limitations of CPU usage for Cloud.bg Shared Cloud Hosting and Reseller Cloud Hosting account until the advanced statistical tool is added to services. Cloud.bg features hardware redundancy and has enough resources so we can afford to compensate our customers for not providing them with CPU statistical module.

Service consumers and providers must do a better job of keeping each other informed about their technical limitations, particularly for complex, long-term projects or complex architectures and systems5. The right to know what security processes the provider follows — With cloud computing, security breaches can happen at multiple levels of technology and use. Service consumers must understand the processes a provider uses, so that security at one level (such as the server) does not subvert security at another level (such as the network).

The Right to Understand the Legal Requirements of Jurisdictions in Which the Provider Operates

This right must be an "imperative" for any service provider that is serious about their business! Gartner says that "If the cloud provider stores or transports the consumer's data in or through a foreign country, the service consumer becomes subject to laws and regulations it may not know anything about". The analysts conclusion is that "service providers have not done a good job of explaining which jurisdictions they put data in and what legal requirements the service consumer must, therefore, meet". "The service consumer needs reassurance that the provider does not violate any country's rules for which the consumer may be held accountable", adds Gartner Global IT Council.

We have a very clear answer to any question about jurisdiction. Cloud.bg is complies with the laws and regulations of the European Union and all the directives and laws of the United States concerning the data security, email and spam.

The Responsibility to Understand and Adhere to Software License Requirements

Gratner says that "Providers and consumers must come to an understanding about how the proper use of software licenses will be assured". According to the analysts "providers must be held harmless, if the service consumer puts the software it licenses from a third party in the cloud yet violates the licensing agreement".

This is not an issue in Cloud.bg, because we are fully responsible to pay the fees for the software licenses which Cloud.bg Shared Cloud and Reseller Cloud Account owners use. Otherwise this "Right" as defined by Gartner fully applies to Cloud.bg

The Right to Know What Security Processes the Provider Follows

The conclusion Gartner makes on this issue is that "Service providers are not consistent in explaining either their security processes or their business continuity plans"!

"With cloud computing, security breaches can happen at multiple levels of technology and use. Service consumers must understand the processes a provider uses, so that security at one level (such as the server) does not subvert security at another level (such as the network)" is the suggestion made by Gartner in terms of "Cloud Security". The analysts say that "without this knowledge, service consumers risk security violations caused solely by the provider not accounting for the ways in which consumers might use a service".

We agree with Gartner that Cloud service users "need to understand a provider's business continuity plans, so that they can ensure that their own operations continue in an emergency".

Cloud.bg is about to announce the security processes we follow and to make our customers familiar with them. However we should stress that any publicity over the security procedures any Cloud hosting provider follows would expose its infrastructure and its customers' account on risk. Cloud.bg is a quite unique as a Clodu hosting infrastructure solution and we prefer to work with those of our customers who need to understand the security processes in Cloud.bg instead of publicly announcing them.

So, if you are  current or prospective customer of Cloud.bg who needs to receive information about the how we secure your applications and data on the Cloud and about out security policies in general, we kindly ask you to open a support ticket in Cloud.bg Account management system.

Does Cloud.bg Cover All 7 Basic Rights of Cloud Services Customers?

Yes, we do! Those "Rights" are Generally defined and could not apply to all technology and business processes in specific niches in Cloud computing such as the emerging market of Shared and Reseller Cloud hostign services. However as a company which is pioneering the Shared Cloud and Reseller Cloud Hosting market Cloud.bg fully understands its responsibility to adopt and apply the above described 7 basic rights of the Cloud service consumer!