Slack waters down cloud SLA after $8.2 million payout
Slack reworked its service-level agreement to be less generous to customers after outages cost the team messaging vendor $8.2 million last quarter.
Slack still promises to keep its service online 99.99% of the time, higher than the 99.9% uptime most cloud vendors guarantee. But it will no longer pay every customer regardless of whether they were affected by an outage. Plus, Slack will average uptimes over each fiscal quarter, rather than issuing credits each month.
Slack also reduced its payout ratio. It used to provide credits worth 100 times what each customer paid for the service during the time Slack was inaccessible. Moving forward, the credits will be worth 10 times that cost. As before, the promise applies to customers on Plus and Enterprise Grid subscription plans.
TechTarget identified recent changes to the service-level agreement (SLA) by comparing Slack's current policy to a version of the document from May available through an internet archive. In a statement, Slack said it had alerted customers to the new policy, effective Aug. 15, early last month.
In a conference call with investors Wednesday, CEO Stewart Butterfield said the old policy dated to when Slack was a young company, supporting customers with tens of users -- not tens of thousands.
The $8.2 million worth of credits issued for recent outages reduced Slack's revenue by 5.3% in the quarter ended July 31. The company expects the credits issued during the quarter to shrink revenues by another $5 million over the remainder of the fiscal year.
A significant outage on June 28 left some customers unable to use basic features in Slack for 12 hours. The vendor also reported outages during the quarter on May 2, July 26, and July 29. Uptime fell below the industry standard of 99.9% in both June (99.83%) and July (99.87%) but hit 99.993% in May.
"Slack has become so integrated in the way many people, departments and companies work, any outage for any percentage of users makes the news," said Wayne Kurtzman, an analyst at IDC. "Slack had to -- and did -- recently update their downtime policy to prevent getting a big hit from an event where perhaps not every customer was affected."
Cloud SLAs are often difficult to compare across companies. Microsoft commits to keep the rival app Microsoft Teams online 99.9% of the time, less than Slack's 99.99% guarantee. But Microsoft makes that promise every month, rather than every fiscal quarter.
On the other hand, Microsoft requires customers to submit claims to receive refunds for downtime, whereas Slack issues credit automatically.
Slack updated its SLA "to be more in line with industry standards, while still remaining very customer-friendly," Allen Shim, Slack's chief financial officer, told investors. "We do not expect a revenue impact of this magnitude again."
Slack reported nearly $145 million in revenue in the second quarter, up 58% from the same period last year. It expects to generate between $603 million and $610 million for the year, after bringing in $400 million last fiscal year.
Slack attributed its recent service disruptions to ongoing growing pains. The company had 10 million daily active users as of January, up from 6 million in September 2017.
"This is a big area of investment," Butterfield said on the call. "We've made some great hires on the infrastructure side. We've put a lot more tooling in place, a lot more automated testing."
Studies show that reliability is among the top considerations for businesses looking to buy collaboration software, said Irwin Lazar, an analyst at Nemertes Research. By reducing payouts, Slack may find it harder to draw contrasts with competitors based on reliability. But meeting uptime targets will ultimately be more important than the details of its policy, he said.
"If Slack can demonstrate that they are routinely meeting or exceeding 99.99%, I don't think the reimbursements will matter much to current and prospective customers," Lazar said.
Industry: Unified Communications
- DevSecOpp- Security design / review consultant. SC Clearance. London
CH7838 London £70,000 DevSecOpp- Security design / review consultant. DevSecOpp- Security design / review consultant will ensure that newly created, public facing apps are secure by design and by default by aligning them to current / best practice security policies and standards into the design phases. The individual must have a technical software / application development background with specalist experinece in secure architecture design. (Frameworks, processes, best practice etc) Practical experience translating and ensuring that the OWASP top 10, ISO27001, HMG frameworks requirements are reviewed and embedded into project designs which are implemented is essential. Experience working projects through a full development lifecycle is key. You will work along side the design and project teams to idenitfy and mitigate risks throughout the design phases. This is a permanent role. SC clearance is essential as is the ability to get to the London office. (When appropiate #covid) Security DevSecOps consultant. To arrange a discreet call book via https://calendly.com/chris-holt/devsecopp--security-design-review-consultant
- SPLUNK SOC Analyst level 3, London.
SPLUNK SOC Analyst level 3, Must be able to commute to the City of London. Onsite role. Security clearance needed. The SPLUNK SOC Analyst level 3 must have current experience working within a SOC environment with specific experience using a range of tools and techniques to investigate security incidents. Current experience with Splunk is essential. any additional experience Individuals with Elastic Security SIEM are highly desirable. Any of the following certifications are desirable Splunk Phantom certified admin, Splunk Core Certified Power User / Advanced, Splunk Certified Enterprise Security Admin, etc The role will include, but not be limited to working with sophisticated information security tools, investigating security incidents, incident management, technical escalation, process improvement, research into the latest threats, reporting etc The individual MUST currently be living in the UK and be able to achieve UK security clearance. (SC) This is a permanent role To arrange a call with Chris Holt https://calendly.com/chris-holt/arranged-call-with-chris-holt-elastic-siem-engineer-soc Chris.Holt@dclsearch.com
- ISO 27001 & Business Continuity Security Specialist, End User
- United Kingdom
CH7828 ISO 27001 & Business Continuity Security Specialist, End User, £70,000 United Kingdom ISO 27001 & Business Continuity Security Specialist needed to join a Cyber team within an end user. The ISO 27001 & Business Continuity Security Specialist will have end to end responsibility for the information security and Business Continuity management system. ISMS/BCMS. Both from an information security and technical security perspective working alongside the CISO. Experience must include, but not be limited to; a mix of Information Security standards, frameworks, audit principles, controls / policies and the management and use of the technical tooling to achieve compliance. ISO 22301, ISO 27001, NIST Cybersecurity Framework etc An ideal candidate will be working within an end user environment with a cyber consultancy background. Experience taking a company through accreditation is highly desirable Experience managing internal stakeholders, technical teams and external third parties essential Flexible working, very occasional travel to London office This is an exclusive role to DCL Search & Selection. Looking to interview immediately. https://calendly.com/chris-holt/iso-27001-business-continuity-security-specialis
- PCI- DSS Security Consultant, End User
PCI- DSS Security Consultant needed to join a Cyber team within an end user. The PCI- DSS Security Consultant will have end to end responsibility for PCI - DSS and its continuing certification. Both from an information security and technical security perspective working alongside the CISO. Experience must include, but not be limited to; a mix of Information Security standards, frameworks, audit principles, controls / policies and the management and use of the technical tooling to achieve compliance. PCI objectives / 12 key requirements, OWASP top 10, ISO 27001, NIST Cybersecurity Framework etc An ideal candidate will be working within an end user environment with a cyber consultancy background. PCI Cloud compliance, specifically someone with experience taking PCI-DSS from on premise into the cloud is HIGHLY desired. However, someone with Solid PCI experience with a strong technical background which include Cyber / Secure by design etc would be considered. Experience managing internal stakeholders and external third parties essential. Flexible working, but with the ability to get into London. This is an exclusive role to DCL Search & Selection. 1st stage interviews to happen the week of the 14th September Arrange a call with Chris on https://calendly.com/chris-holt/arrange-a-call-chris-dcl-pci-compliance