Skip to content

Microsoft Cloud for Sovereignty: a solution for companies concerned about their sovereignty

Introduction

Cloud computing has become essential for businesses of all sizes. It offers many advantages, such as reduced costs, improved flexibility and scalability, or even access to innovative technologies without the excessive delays in purchasing and installing equipment within your datacenter. .

But cloud computing also raises questions of sovereignty. Indeed, company data is stored on the cloud provider’s servers, which may be located in another country. This may therefore raise concerns regarding privacy, security and compliance with local laws.

Moreover, it is a problem which will become recurrent as evidenced in the following analysis done by IDC by the end of 2023: https://www.idc.com/getdoc.jsp?containerId=prEUR251542423.

But you can also find some other sources:

So it doesn’t matter how much seems to be increasing with each new analysis. This allows us to understand why players like Microsoft but also AWS and Google are careful to position themselves on sovereignty subjects. 

To address these concerns, Microsoft has developed a framework called: Microsoft Cloud for Sovereignty which applies to its Azure cloud.

Microsoft Cloud for Sovereignty: what is it?

Microsoft announced its Cloud for Sovereignty kit by the end of November 2023 to address sovereignty requirements with the Microsoft Public Cloud.

  • Will use the same data centers used by Microsoft Public Cloud offer
  • Microsoft offers a set of rules and best practices – in the same format as Landing Zones – to allow you to meet sovereignty expectations
  • This program is called “Microsoft Cloud for Sovereignty“. Available in GA since October 4, 2023. Creation of Sovereign landing Zone

Microsoft Cloud for Sovereignty is a suite of cloud tools that allows businesses to store and process their data in their own country or region. These services comply with local privacy, security and sovereignty laws and regulations.

Main Microsoft Azure datacenters worldwide – to date over 50 regions and 140 countries. This amount is continuously increasing. (source Microsoft)

Microsoft Cloud for Sovereignty is available in a number of regions, including Europe, North America, Asia Pacific, and the Middle East but not necessarily in all Azure regions. That being said, the list is likely to grow in the short/medium term.

Kit Cloud for Sovereignty proposed by Microsoft for Azure

The kit is available on the following official GitHub repository: https://github.com/Azure/cloud-for-sovereignty-policy-portfolio. In a few clicks, the objective is to allow you to add a set of settings and Azure Policy which will allow you to strengthen your level of control and security over the different Azure components that you deploy within your subscriptions. I think for example:

  • Force the use of a very specific Azure region according to needs or the project (France Central, etc.)
  • Guarantee encryption of compute resources such as VMs, Containers, etc.)
  • Creation of a so-called sovereign Landing Zone on Azure (SLZ).
  • When necessary, use specific “Azure Confidential Computing” resources for the most critical data.

The benefits of Microsoft Cloud for Sovereignty

The Microsoft Cloud for Sovereignty approach in 4 pillars

The goal of the Microsoft Cloud for Sovereignty kit is to give businesses more controls over how they deploy their components in the Azure cloud:

  • Data sovereignty: Company data is stored and processed in their own country or region, in accordance with local laws and regulations.
  • Privacy and security: Microsoft Cloud for Sovereignty uses advanced security technologies to protect business data from cyberattacks.
  • Compliance: Microsoft Cloud for Sovereignty meets the strictest compliance standards, such as GDPR and HIPAA.

Microsoft Cloud Use Cases for Sovereignty

Via this methodology, Microsoft is obviously seeking to convince companies which have not already joined the Cloud due to regulatory concerns.

I am thinking, for example, of hospitals, regional and/or departmental authorities… And more broadly, all organisations that are subject to strict requirements in terms of data sovereignty (financial data, health data, etc.).

Depending on your company or the regulations with which you must comply, it is of course appropriate to adapt the configuration of the objects that you are going to deploy in Azure. It is entirely possible that some workloads/servers or data simply cannot be hosted in the Cloud. And Microsoft understands this well since the approach must be adapted according to your use case.

Adapt your configuration according to your needs and projects: in the Cloud or on the contrary in your “own” data center.

As you will have understood, the market for cloud sovereignty solutions is growing rapidly. More and more companies are concerned about how their data is stored and where it is located… and this is why this is also the subject that Devoteam M Cloud is working on!

Join us for the next Devoteam M Cloud online webinar planned for the 20th of March

We will discuss all the sovereignty constraints you may encounter in your organisation and will present Microsoft Cloud for Sovereignty kit available on GitHub but also the Azure Confidential Computing initiative to secure your workload in Azure.

More details on this event on following this link: