The "White Label" decision

vom 11.06.2019

30.04.2019 by Henrik Hasenkamp

System houses are expanding their own portfolio with white label cloud solutions. To do this, however, they must have some of their own know-how.

  • The SLAs should be formulated as follows
  • Benefits of White Label Cloud Solutions
  • Technical parameters that must be strictly observed
  • Necessary scope of the management platform
  • Legal protection requirements (DSGVO & Co.)

Usually, system houses are closer to their customers than cloud providers. They advise companies on the selection of the right technology and help implement it. It is ideal if system houses are not dependent on a single provider, but can find the optimal cloud solution for their customers largely independently of the provider. Most IT service providers therefore cooperate with several providers of all cloud facets - from IaaS to PaaS to SaaS (Infrastructure, Platform & Software as a Service).

So-called "white label" solutions are particularly attractive for system houses because they can be better integrated into complete offers under their own brand. But there is also a risk: if customers are not satisfied or there are technical problems, the reseller himself is more responsible for this because the product is offered under his own brand name. It is therefore advisable to carefully check which product offered with the "white label" option is actually suitable as such. Which criteria should be particularly taken into account when selecting a product?

With "White Label" to the Cloud Provider

With the help of a "white label" solution, a system house - regardless of its size - becomes a cloud provider itself. Which parameters the cloud platform should fulfill depends strongly on the size and industry of the system house customers. In any case, a systematic evaluation should take place, for example on the basis of a checklist, divided into k.o. and "nice to have" criteria.

In addition to technical parameters, it is rather overarching topics such as the multi-client capability of the solution and reliable support that are particularly important for the selection. The decisive points also include whether the cloud provider operates its data centers in Germany, offers APIs (programming interfaces) for automation and integrates itself into existing toolkits in order to reduce the risk of a "vendor lock-in". Does the potential partner only provide infrastructure or is a PaaS offering more meaningful, fully managed and inclusive of important administration services?

Multi-client capability of the solution

It is important for system houses to manage many customers and infrastructure projects simply, clearly and transparently. Because customers put together the right package for them, which typically consists of solutions from several manufacturers, customer management is not only the basis for billing, but also for upselling.

The chosen cloud solution should therefore be multi-client capable and have a clear management panel: an interface for managing many customers, user-defined domains for customers that are adapted to the CI of the system house and connected via SSL encryption, and a "reverse DNS" feature to be able to assign requests to a domain via the IP address.

The more powerful such a management tool is, the more flexibly the solution can be configured individually for each customer. In addition to minute-by-minute billing per resource used, it makes sense if, for example, access rights or feature releases can be set individually for each customer. It is also possible to adjust prices flexibly and include specific offers. A good administration tool provides the basis for various business models: While one system house customer books extensive managed services, another may only want infrastructure resources. Here, too, system houses must be able to remain as flexible as possible with a "white label" solution.

Service and Support

Companies that purchase cloud resources - for example as managed services - via a system house do so in order to obtain a pre-selected and integrated solution. In short, the goal is to reduce technical complexity. Sometimes, especially when it comes to the cloud, companies find it difficult to see through and compare offerings.

Clicking cloud resources together in fast self service may be suitable for individual companies or start-ups that need additional computing capacity at short notice. But many customers demand fully managed cloud services. System houses that want to offer such services have to work more closely with their cloud providers and often need their support to provide their customers with the tailor-made solutions they want. Only in this way can the system house leave the technical complexity and the associated management with the provider.

It goes without saying that the service and support agreements (SLAs) between the cloud provider and the system house must at least cover what the reseller wants to offer his customers. Ideally, the SLAs should be even more narrowly defined so that the system house still has room for action in the event of a case. Medium-sized and smaller system houses in particular often fall by the wayside with large cloud providers.

However, this is not a cloud-specific problem, but an everyday occurrence when the market power and orientation of two business partners do not fit together. In personal preliminary talks, one quickly notices whether cloud service providers and medium-sized system houses can meet at eye level and work together as partners.

DSGVO and Security

The European Data Protection Regulation (DSGVO) is binding and customers demand legal certainty from their service providers. When choosing a "white label" partner in particular, fundamental issues need to be clarified from the outset - the solution is ultimately sold under the company's own system house brand.

Resellers should therefore have their compliance with the DSGVO requirements confirmed and be particularly critical if the parent company of the selected partner is not domiciled in Europe or if the data centres on which the service is based are operated outside the DSGVO area. It is a matter of maximum security for sensitive data, in particular personal data. To protect against physical access to the data centre and access to the data, operators should offer a multi-level security concept, round-the-clock monitoring by security personnel and various access controls. ISO certifications and regular audits must be verifiable.

In addition to physical protection, authentication mechanisms and protection against unauthorized access also play an important role. If employees of the cloud provider receive access due to maintenance or similar work, this must be explained in detail and logged. Strong industry-standard encryption, both within the cloud infrastructure and when connecting to the customer's IT, should be a matter of course.

Degree of innovation and automation

System houses that do not opt for a global player but, for example, for a local cloud provider, should not lower their expectations with regard to high-end technologies and degree of innovation. Deep learning algorithms, which can be used to predict anomalies in data center operations, currently represent the state of the art. Through the acquisition and real-time evaluation of operating data, such as ambient temperatures, voltage levels, latency times, power consumption or the behavior of individual software components, an appropriate algorithm can learn when an unwanted event is about to occur. The goal: 100% availability from the cloud user's point of view and extensive automation.

On this basis, dynamic capacity management can be set up in order to operate resources even more efficiently and thus more cost-effectively. If no load is expected, unused CPU nodes automatically shut down. They are also available in a timely and automated manner when a system load is announced. For example, software updates can be imported during operation - the customer does not notice this by transferring used resources to other nodes and algorithmically planning and carrying out any necessary restarts. Such automated routine activities reduce complexity and make cloud resources convenient to use.

The original article in german can be found here.

    Back to overview