Microsoft Cloud for Sovereignty - Part 1 - Overview

Sovereign cloud series - Microsoft Cloud for Sovereignty - Part 1
This blog will explain the Microsoft approach to achieve Sovereignty within the Microsoft Cloud. This information can be found at Microsoft Learn and Azure Confidential Computing Blog.

What is Microsoft Cloud for Sovereignty
In July 2022, Microsoft introduced Microsoft Cloud for Sovereignty, a solution tailored for governments to deploy workloads in the Microsoft cloud while meeting their specific sovereignty, compliance, security, and policy needs. This innovation establishes software boundaries in the cloud, providing extra protection through hardware-based confidentiality and encryption controls. Microsoft Cloud for Sovereignty offers enhanced tools, guidance, and guardrails for public cloud adoption with appropriate sovereign controls, enabling more control while leveraging the capabilities of the Microsoft Cloud to the fullest. Features such as scalability, elasticity, resiliency, compliance, agility, and cybersecurity make it a compelling choice for businesses looking to optimize their operations and enhance security, reaping the benefits of the cloud while meeting sovereignty and compliance demands. Embracing cloud computing while adhering to digital sovereignty requirements can be complex, varying significantly across organizations, industries, and regions.

The goal Microsoft Cloud for Sovereignty is to simplify, standardize, and improve confidence in the digital sovereignty of the public cloud. Cloud for Sovereignty supports both green field scenarios, such as migration of on-premises workloads to the cloud, and brownfield implementations, such as aiming to improve the digital sovereignty and compliance of existing cloud workloads.

Microsoft Cloud for Sovereignty capabilities
Microsoft Cloud for Sovereignty provides capabilities across different layers:

Sovereign control portfolio
Customers now have the ability to add an additional layer of protection for sensitive workloads, ensuring that operators (Cloud Provider) are unable to access customer data and resources. Sovereign control portfolio builds on top of existing concepts and services like Infrastructure-as-Code, Azure Policy, and Policy-as-Code. The portfolio includes the following:

Compliance and transparency
For qualified customers and government agencies, Microsoft Cloud for Sovereignty provides more transparency into Microsoft activities through transparency logs and the Government Security Program. Transparency logs provide details of when Microsoft engineers accessed your resources, to assist with sovereign compliance and other regulatory requirements. The Government Security Program (GSP) provides eligible national or federal agencies with access to security information about Microsoft products and services.

Public cloud capabilities
The foundation of Microsoft Cloud for Sovereignty is Azure hyperscale public cloud, which delivers innovation, scale, and security significantly beyond private or on-premises data centers and protect against cyber-attacks.

Microsoft's Trusted Cloud and Cloud for Sovereignty augmentation
Microsoft prioritises the confidence of its customers by offering a comprehensive and secure cloud platform. All cloud services are built on top of the key principles: security, privacy and compliance, which is the foundation of all cloud services. Microsoft provides Sovereignty controls in the public cloud, provides answers for sovereign customers that need more control and trust to get compliant. For more information, see Trust your cloud | Microsoft Azure and Cloud Data Integrity and Compliance | Microsoft Trust Center.

Stay up to date and receive the latest Microsoft Cloud for Sovereignty updates
Click here to follow the latest updates.