Recently, a major energy company in India, Nayara Energy, sued Microsoft after losing access to its paid services without warning. This incident has many CIOs thinking about a new kind of risk. It’s not just about outages or poor service anymore. Now, vendors could cut off access deliberately, and companies might be left scrambling.

The Growing Threat of Sudden Service Cuts

In this case, Microsoft’s shutdown was linked to EU sanctions aimed at Russia over Ukraine. But what if a different government or a vendor upset with a customer decided to pull the plug? That possibility is now on the table. For big companies relying heavily on cloud or SaaS services, losing access suddenly could be disastrous.

To prepare, some companies consider building redundancy into their systems. This means having backup options for their critical apps and data. But replicating everything — email, supply chain tools, online stores — costs a lot and causes headaches. Still, the risk of being totally cut off makes these investments more tempting than ever.

Why Companies Should Rethink Vendor Contracts

Experts say it’s time to review how contracts with cloud providers are written. Contracts often include clauses allowing providers to terminate services if certain rules are broken. Microsoft might have claimed its actions were justified under EU sanctions, but that leaves companies wondering if they can rely on these agreements to protect them.

One suggested approach is to include clauses that give clients warning before service is cut. Another idea is to work with more local or open-source vendors. This could make it easier to switch providers quickly if needed. On-premises hosting is also worth considering for some critical systems, so they’re not entirely dependent on external vendors.

Changing Strategies for Cloud and Third-Party Risks

This incident is a wake-up call for CIOs. They should revisit their contracts and consider how to handle sudden disruptions. It’s crucial to understand who owns the data and whether access will be maintained if services are interrupted. After all, most cloud contracts specify that a provider can terminate services if terms are violated, which might include sanctions violations.

Risk management experts emphasize the importance of planning for these scenarios. For example, having a grace period before a shutdown could lessen the damage. Also, companies need to think about their operational resilience. If a provider like Microsoft can cut off services instantly, what happens to the business continuity plan?

Ultimately, this situation shows that relying heavily on one cloud provider can be risky. CIOs need to review their contracts, diversify their vendors, and build systems that can survive sudden disruptions. It’s a new era where companies must prepare for the possibility of being disconnected from their data and applications at any moment.

Inspired by

• https://www.cio.com/article/4030789/welcome-to-the-new-world-of-risk-microsoft-cuts-off-services-to-energy-company-without-notice.html

Sources

• gmpg.org
• infotech.com
• msn.com
• cbsnews.com
• retail-week.com