Microsoft has redefined it's Cloud Sovereignty to meet organization needs for Reliability in Sovereignty and Trust

calendarJun 20, 2025 · 5 min read · Privacy Residency Sovereignty Protection & Management Security Azure Microsoft 365 Microsoft Sovereign Cloud National Partner Sovereign Private Cloud Sovereign Public Cloud  ·
Share on: linkedincopy

What is new ?
Microsoft has significantly expanded its Sovereign Cloud portfolio to give European organizations more control, compliance, and resilience across public, private, and partner cloud environments. At the core of the update is an evolution of the Microsoft Cloud for Sovereignty, now offered across all European datacenter regions without requiring customers to migrate workloads. This expanded suite is designed to help enterprises, government agencies, and regulated industries meet stringent data residency and governance requirements while still benefiting from cloud innovation.

Key new capabilities include Data Guardian for European operations, which strengthens data privacy by ensuring that any remote access by Microsoft personnel is approved and monitored in real time by staff residing in Europe, with all actions logged in tamper-evident records. External Key Management lets customers maintain full control over encryption keys via on-premises or third-party HSMs. Regulated Environment Management simplifies configuration and oversight of sovereignty features. Additionally, Microsoft 365 Local brings core productivity services like Exchange and SharePoint into private cloud environments under full customer control.

Beyond public and private sovereign clouds, Microsoft is supporting National Partner Clouds in France (with Bleu) and Germany (with Delos Cloud), offering fully independent sovereign cloud operations tailored to national compliance requirements.

Below an overview.

  • Sovereign Public Cloud
  • Sovereign Private Cloud
  • National Partner Clouds


    Together, these enhancements represent one of the industry’s most comprehensive sovereignty offerings, balancing local control with cloud-scale innovation.

From Microsoft Cloud for Sovereignty to Sovereign Public Cloud
Microsoft’s Sovereign Public Cloud is an evolution and expansion of its existing Microsoft Cloud for Sovereignty, bringing enhanced sovereign controls to enterprises across all European datacenter regions without requiring workload migration to specialized environments. It is offered as part of the broader Microsoft Sovereign Cloud suite — alongside Sovereign Private Cloud and National Partner Clouds — and is designed to give organizations, especially in regulated sectors and the public sector, greater control over where their cloud data resides and who can access or operate it.

At its core, the Sovereign Public Cloud ensures that customer data stays in Europe and remains subject to European law, with operational and access controls managed by European personnel. Encryption control is extended to customers through features like External Key Management, enabling integration with customer-owned Hardware Security Modules (HSMs) for full control of encryption keys.

To simplify governance and compliance, Microsoft is introducing Regulated Environment Management, a centralized tool that lets organizations configure and monitor sovereignty features from a unified interface. In addition, Data Guardian enhances data privacy by requiring that any remote access by Microsoft engineers to systems storing European data be approved and monitored in real-time by European-resident personnel, with activities recorded in tamper-evident logs.

Previewed in 2025 and set for broad availability across Europe later in the year, Sovereign Public Cloud aims to balance data sovereignty assurances with the innovation and scale typical of public cloud services — including access to core Azure, Microsoft 365, Security, and Power Platform capabilities — without forcing customers into separate, isolated clouds.


Sovereign Private Cloud extension
Microsoft’s Sovereign Private Cloud is designed to support the strictest data residency, operational autonomy and business continuity requirements for governments, critical industries and regulated sectors. It is built on Azure Local—a deployment of core Azure services (compute, storage, networking and virtualization) that can run in-country, on-premises or in partner-operated datacenters while preserving a consistent Azure management and developer experience. This enables organizations to meet specific sovereignty requirements by keeping workloads physically located where data is generated or regulated.

Integrated with Azure Local is Microsoft 365 Local, a new component that brings Microsoft’s productivity server software (such as Exchange Server and SharePoint Server) into these customer-controlled environments. Microsoft 365 Local simplifies deployment and management of productivity workloads within a sovereign private cloud, giving organizations full control over security, compliance and governance while supporting familiar Microsoft productivity services.

Together, Azure Local & Microsoft 365 Local combine cloud-scale capabilities with physical operational control. This hybrid architecture supports hybrid or air-gapped environments, ensuring resiliency and business continuity for critical collaboration, communication and virtualization workloads without compromising on sovereignty. The Sovereign Private Cloud is currently in preview and expected to become generally available later in 2025.


Where to start as customer?
National Partner Clouds and a thriving AI partner ecosystem are central to Microsoft’s Sovereign Cloud vision because they bring local operational control, regulatory alignment, and deep expertise directly into the European digital landscape. By working with trusted in-country partners, such as Bleu (Orange and Cap Gemini venture) in France and Delos Cloud (SAP AG subsidiary) in Germany, Microsoft enables independently operated cloud environments that align with each nation’s specific sovereignty requirements, compliance standards, and legal frameworks, rather than relying solely on a global provider model. This local ownership and management ensures critical workloads for the public sector, regulated industries, and essential infrastructure remain under the jurisdiction they legally require, with transparent governance and auditability.

Equally important is the expansion of the Sovereign Cloud specialization within the Microsoft AI Cloud Partner Program, designed to help European customers identify partners with proven capabilities in deploying and operating sovereign cloud and AI solutions at scale. These partners bring specialized technical, regulatory, and industry experience, enabling organizations to adopt advanced cloud and AI technologies in ways that meet strict European data protection, residency, and compliance standards. By integrating partners into the ecosystem, Microsoft strengthens European digital autonomy and helps organizations implement sovereign solutions with confidence, balancing innovation, control, and regulatory compliance.


Learn more about these exciting changes

To get a better understanding in what Microsoft can offer and read the official Microsoft announcement