Like all promises made in business, service-level agreements (SLAs) for managed services should be complete and concise -- and written -- in order to define a provider's responsibilities, penalties for noncompliance and a customer's expectations.
Without this clear documentation, both managed service providers (MSPs) and their clients can suffer if a problem occurs, industry executives say. But before pen and paper collide, customers must feel comfortable with the company -- and individuals -- looking to take over service management.
"Prospects want to perform due diligence and reference checking to be sure you are a reputable firm and you will be around to support them for the duration of the contract," said Steve Lubahn, vice president of sales and marketing at LockNet Inc., a LaCrosse, Wis.-based MSP whose specialty is customers in financial services.
Service-level agreement pluses
Strong service-level agreements remove gray areas, reducing everything to black and white. Providing an example, or negotiable sample, of a service-level agreement early in negotiations supports an MSP's pricing proposal, allows clients to compare services from potential MSPs and eliminates questions later in the deal.
"If you have properly positioned the proposal before it is presented, price should not be an issue during negotiations, [which should be] more focused on what are the desired services and delivery timing," Lubahn said. "We supply the SLA and statement of work at the time we present pricing. We have not had many issues since there are no surprises later on with how the statement of work relates to the pricing we have proposed to the customer."
Like many MSPs, Riata Technologies offers several types of customizable service-level agreement, depending on how sensitive a customer is to outages and downtime, according to Tony Williams, vice president and chief technology officer of the Austin, Texas-based MSP.
"You can't really shoehorn a solution," he said. "We'll develop a contract or agreement to meet the needs of the client."
Riata Technologies does recommend that all customers sign on for at least 90 days of outsourced service management, since it takes 30 days for end users to adjust to the concept of an MSP, another 30 days for employees to completely understand the support system and 30 more for the remote staff to know end users' names, responsibilities and personal preferences, such as email vs. telephone, Williams said.
The MSP also aims to respond to all problems within 30 minutes, he said. Some customers need 24/7 support, while others only need support during regular business hours. And some industries -- retail, florists and tax preparation, for example -- have business surges which add stress to their network and infrastructure requirements at certain times of the year.
The ABCs of service-level agreements
Although MSPs generally tweak the service-level agreement to meet each client's specific needs, there are certain basic functions each contract must cover.
One is an in-depth description of the service provider's responsibilities, including resources to be used, notification process for infrastructure changes or planned outages, extent and timing of customer training and workload limitations.
SLAs also should address the customer's responsibilities -- such as informing end users of help procedures, infrastructure plans and details, how performance and trend data will be used, and end-user contingency plans.
Other key areas include customer escalation procedures, general maintenance responsibilities, length of contract and review mechanisms.
"One of the primary functions [of managed services] is not just to be passively monitoring, but to set off alerts and logs," said Corey Merchant, vice president of product management at SecureWorks Inc., an Atlanta-based managed security service provider.
But not all MSPs create legally binding documentation to support their services. Some companies -- especially smaller providers with a core group of long-time customers -- prefer to do business the old-fashioned way: on a handshake.
"We know our customers intimately. We have long, long-term relationships with most of them and are key components of their business," said Roy Barrow, owner of The Memory Bank Inc., a 27-year-old solution provider and MSP in Salisbury, N.C. "They trust our judgment. We actually operate on the good ol' boy network -- a handshake. In this part of the South a contract isn't necessary. I certainly understand the need for most places to have one in place, though."
Even though an inked service-level agreement isn't part of The Memory Bank's business approach, the company knows it must provide quality, timely service. While it may not end up in court over a breach of contract, poor service could have the same result: no business, Barrow said.
"One disgruntled client could basically ruin you," he said.
Alison Diana is a freelance writer and editor who has reported on the IT channel for almost 18 years. She is based in Merritt Island, Fla.