SLAs: The Ties That Bind

Solution providers continue to adopt managed services at a rapid pace. According to the VARBusiness State of the Market study, 41 percent of solution providers are offering some form of managed services, and 22 percent will add services this year.

The list of potential service offerings is exhaustive: network monitoring and management; security monitoring and response; patch management; storage and disaster recovery/business continuity; e-mail and voice communications; online training; help desks and even printer management.

"There's not a day when I don't wake up and think of another service we could offer [as an annuity]," says Al Gossett, president and CEO of service provider Digital DNS, Greenville, S.C.

But getting into managed services isn't as easy as flicking a switch. For some services, solution providers must build substantial infrastructure and expertise before they can place a single node under management. But those challenges pale in comparison to meeting the operating expectations of a service agreement.

Service-level agreements (SLAs) are more than contractual obligations. They establish the expectations of a customer and set the tone of the relationship with the service provider. A good SLA will spell out everything from what services the VAR will supply and how; limitations on the VAR's actions and reach inside the customer's infrastructure; appropriate response actions and times; escalation procedures and reporting requirements. Often, SLAs will outline performance rewards and penalties.

"Setting the appropriate service expectations with customers" is one of the most important factors, says James Hare, vice president of worldwide sales at SilverBack Technologies, an enabler of managed services and a VARBusiness five-star partner program vendor.

Solution providers interested in making the leap into managed services need to understand the costs of certain SLA levels and how to establish expectations carefully. "Done right, service-level agreements can be an effective sales tool and can help customers understand the value they're getting," Hare says.

NEXT: What you need to consider when drafting and negotiating SLAs with clients:

1. Manage Expectations: You need to establish reasonable and achievable expectations. You're moving your customer from the familiar ground of owning and operating their own IT infrastructure to letting someone else manage it transparently for them. This breeds uncertainty in end users, and many will want to create unreasonable performance requirements such as continuous 24/7 monitoring and five-9s availability, among others.

As the service provider, it's up to you to set and manage reasonable expectations.

"Some customers are going to ask for 99.99 percent uptime. The best way to handle that is to show them what that level of uptime--while probably not even possible--will cost, compared with 98 percent," says Skip Tappen, vice president and general manager of managed services at Netivity Solutions, a VAR in Waltham, Mass. "Most will quickly opt for the more reasonable and cost-effective performance levels."

Many solution providers focus their SLAs on business requirements, says Tappen, who says it's wise to offer SLAs as tiers of service, such as bronze, silver, gold and platinum. "For the less business-critical systems, they can opt for the lower performance levels and response times and pay more for very high levels of uptime for business-critical services and applications, such as the e-Commerce server," he says.

Providers should consider there may be penalties for SLA shortcomings. Customers may demand rebates or credits for a failure to meet requirements, particularly for outages affecting transactional infrastructure such as e-commerce servers.

For instance, if you agree to correct an e-commerce server outage within an hour of the report and fail to do that, you could be slapped with financial penalties. You might, for example, have to waive the repair fees to cover the transactional losses.

Once the expectations are set, you need to assign responsibility for certain tasks. If the customer wants only monitoring services, you should ensure your SLA specifies that the customer is responsible for initiating a response. For instance, if a solution provider is providing traffic-monitoring services but not automated response, the SLA would detail the course of action. Notify the customer and allow them to respond.

2. Assign Responsibility: Assigning responsibility can be a good selling tool, too, since a customer usually doesn't understand what it wants until an incident occurs. Once they see it's their responsibility to correct a problem, they may opt to add that to their agreement.

3. Define Value: Proving the value of your service isn't easy. Research has shown that users' perceived value of a service diminishes with each passing year. They appreciate the services they receive but take them for granted and become desensitized to their value if things run without incident. You need to show them through regular performance tracking and incident response reports just what they're getting for their money.

Digital DNS' Gossett, who offers managed security services, provides his customers with weekly and monthly reports on incidents, corrective actions and performance trends.

"We detail any issues they had and what we did, and how well we did [in resolving] those issues," he says. "They see the value. They see how much we saved them in not having to add head count and software maintenance costs."

Tappen says one of the biggest changes he witnesses for customers that opt for the subscription model is the fact that Netivity becomes a more integral part of the customer team. "In many cases the relationship is a shared responsibility. It's a more sophisticated partnership," says Tappen. "But you have to constantly remind them of the value you provide."

It's also a good idea to schedule periodic reviews of the service--from the perspective of the customer, who wants to see how the service provider is performing, and from the perspective of the provider, who may want to see if there's additional services that can be applied.

Periodic reviews--typically done annually--give the engaged parties an opportunity to assess the services, evaluate their delivery and make adjustments. At this time, solution providers can show the added value of new services, which is an important consideration when trying to maintain a steady revenue stream.

"If you don't consistently show value, you can forget the renewal when your contract expires," Gossett says.