The European Digital Agenda foresees precise constraints for investments in local data centre; meanwhile it promotes the diffusion of cloud computing architectures among the Public Administration.
How to deal this passage with? Here is a check list of the main points to be considered and the characteristics to be defined and required for a SaaS cloud service:
- in case the service is used by several entities or sites, a multi-instance or mono-instance service can be chosen; in the second case a multi-tenant logic is preferable, that means one domain for each entity;
- the respect of privacy and personal data protection, with the obligation to use data centres located on the European region, but granting the application of local laws;
- the right levels of resilience and security to assure the service continuity (24/7);
- the required levels of performance which can differ relating to the application area;
- the architecture scalability to face the different charge during the day, better if through resources automatic management (auto-scaling);
- criteria and services to monitor the resources availability and the performance levels;
- the foreseen environments: production, test, development and learning ones;
- environment and management of business continuity and disaster recovery;
- the provision of disaster recovery procedures, like the emergency plan and operational continuity, the physical protection of data, the hardware and software updating and maintenance;
- back-up and data recovery services;
- the connectivity shall be composed of almost two direct lines with different physical paths;
- almost 1 Gbps of granted band width, maximum latency time of 10 ms;
- the operational management services should be detailed and circumscribed through SLA and penalties.
As you can assume, a cloud service SaaS is hard to describe and write down in a contract but, due to the importance this infrastructure has, it is mandatory to dedicate the right time and resources to this activity.