IT Sustainability Think Tank: Assessing a supplier’s sustainability credentials
How can IT leaders separate fact from fiction when weighing up a tech supplier’s sustainability claims? And, crucially, what are the dangers or risks enterprises face if they do not do their due diligence on the green claims of their providers?
Many owners and operators of digital infrastructure have the attitude that using third-party suppliers – cloud and colocation services, IT equipment suppliers, IT hardware recyclers and energy suppliers – absolves them of attendant sustainability responsibilities. They believe the sustainability of an outsourced operation is the supplier’s responsibility.
In today’s marketplace, this view is not only outmoded, but dangerous. Organisations operating without taking a wider and more responsible view will find themselves at odds with customers, regulators and their own senior management. Datacentre operators today must focus on the sustainability credentials of all their key technology providers and partners during contract negotiation and execution, as these suppliers are viewed as extensions of the enterprise’s digital operations portfolio.
Uptime Institute, which recently published a series of advisory reports on how to manage digital infrastructure sustainably, encourages datacentre owners and operators to apply a consistent set of sustainability metrics and goals across owned, colocation and public cloud operations.
Integrating these operations into a single sustainability strategy requires much preparation and negotiation. It will require the supplier’s sustainability strategies and approaches are compatible with their customers in critical areas such as energy efficiency, renewable energy procurement and greenhouse gas (GHG) emissions reductions.
Take, for example, a situation where an operator sets an emissions reduction goal based on the emissions associated with the electricity consumed at each datacentre, while one of the organisation’s colocation providers primarily depends on renewable energy certificates (RECs), guarantees of origin (GOs) and offsets to achieve reductions.
To get an overall view, and to set targets, it will be necessary to reconcile these differences during contract negotiations to ensure the contracted services address sustainability commitments.
Contracts between IT operators and colocation and cloud service providers will need to be changed and updated to meet the emerging requirements of sustainability and regulatory commitments. They will need to specify the exact information and actions required – it is no longer a matter of making vague promises in marketing documents.
Data required may include energy consumption by fuel and generation type, associated emissions factors, the percent of energy use matched by RECs or GOs, the rolling, 12-month average power usage effectiveness (PUE), IT utilisation levels for contracted services (cloud provider) and other sustainability metrics. Action may be required to increase procurement of renewable energy, improve the efficiency of the cooling systems or reduce water consumption.
This information exchange or requirement for specific actions may need to be two-way. There are current or planned regulatory mandates that require datacentre locations to report IT operating data or equipment operations settings. Colocation service providers, which are responsible for all operations (both IT and facilities) on a particular site under most regulations, will need to contractually require their tenants to provide data and to set operating parameters mandated by current and future regulations.
Tackling the challenges
Datacentre owners and operators will face other challenges in interacting with IT hardware suppliers and services companies that, for example, recycle used hardware. For these service and equipment suppliers, contracts will need to set performance criteria to address specific sustainability objectives.
For IT equipment, criteria could include work delivered per unit of energy thresholds at specified utilisation levels (for servers), embedded or lifecycle carbon estimates for the equipment, IT equipment upgradability requirements, availability of specific capacity optimisation methods (for storage), and enablement of power management capabilities on the equipment. For hardware recyclers, criteria could include a minimum percentage of equipment refurbished and reused, reporting and validation of disposal and recycle methods for scrapped equipment, and a maximum percentage threshold for material sent to landfill.
There are challenges involved in procuring renewable energy. Regulated utilities are constrained by various mandates that restrict their ability to supply guaranteed percentages of renewable electricity. Energy retailers, and wind and solar project developers, have greater flexibility, offering a range of contract approaches with varying financial risks and rate premiums. When seeking to increase the procurement of renewable energy, a datacentre operator must grasp the nuances of the marketplace, employ knowledgeable experts, and negotiate contract terms to manage financial risks, costs and reliability of supply.
Data operators must also assess a supplier’s performance on sustainability commitments, both before and after the signing of the services or supply contract. Processes must be deployed to verify that data, metrics and activities are being supplied and/or executed in accordance with the supplier claims and contract provisions.
Checks may include validating the quality and accuracy of supplied data and metrics, the completion of efficiency projects, and the maintenance of key metrics such as PUE and server utilisation within specified thresholds. It is critical to enforce contract requirements, with consequences up to and including loss of business, where a supplier fails to meet their sustainability commitments. Due diligence activities can be accomplished by the supplier management team or through engagement with third-party verifiers.
Third-party verifiers are available to certify or assess the sustainability actions of suppliers, but the criteria of different certification standards and the quality of the assessment vary. There is no universally recognised standard to assess the sustainability characteristics of cloud or colocation services – and those that are available have not, to date, demonstrated the robustness of their assessment process.
There are recognised certification bodies for IT equipment suppliers (TCO and EPEAT, for example) and IT hardware recyclers (such as the e-Stewards and R2 certifications). Where a third-party assessment is desired, the datacentre operator needs to validate that the certification criteria align with their sustainability objectives.
Datacentre owners and operators must include supplier operations in their sustainability strategies. However, it is important to understand the extent to which a supplier’s sustainability actions can be influenced. Where a supplier relationship has significant breadth and depth, it is likely the supplier will partner on sustainability objectives. But if the supplier deals with a multitude of customers (cloud services and equipment procurement), it will likely be necessary to work within the boundaries of the supplier’s sustainability strategy. The nature of the relationship will dictate the degree of pre-contract due diligence and the contract conditions needed to interlock sustainability strategies.
Sustainability activities do not come for free – operators may need to pay a premium for services and equipment that meet and further sustainability objectives. Additional costs are likely to be incurred to validate and verify that suppliers meet their contractual sustainability commitments. The bottom line is that datacentre operators must back up their commitments with investment, working with and assessing suppliers on their sustainability strategies and actions.