Sovereign cloud - the what, the why and the how

What is the purpose of Sovereign cloud?
Sovereignty means that Cloud computing architecture are designed and built to provide data access in compliance with local laws and regulations.Sovereign clouds protect government, public sector, or other regulated data behind a veil of data privacy, blocking its access by other nations or corporations. Countries impose data regulations for a variety of reasons, out of national security interests or to protect citizens’ personal data. To meet these challenges, Sovereign clouds are created to bridge the competing needs of governments and enterprises. They allow countries to maintain data sovereignty and enterprises to stay competitive in an interconnected global digital economy. Sovereign clouds are built on the three principles:

Data Sovereignty
Data Sovereignty means that customers have full control over their data. Under data sovereignty, no unauthorized parties can access customers’ data, including even the employees of the particular Cloud Provider where data is stored. Also, users can encrypt their information with local encryption key management. Data sovereignty is critical for organisations to:

  • Protect data from security breaches and malicious activity;
  • Maintain data confidentiality to protect privacy;
  • Protect data against unauthorized access to data;
  • Secure data to prevent negative business and financial impact.

Operational Sovereignty
Operational sovereignty gives complete visibility into cloud operations and provides users with a comprehensive end-to-end view of how their data is being stored and accessed.

Software Sovereignty
Software sovereignty provides assurance to customers that they can run their workloads wherever and whenever they want without being tied to a single Cloud Service Provider. By avoiding dependency, it becomes easier to migrate applications and services onto a different IT infrastructure at any time.

Why is Sovereign cloud so important?
Sovereign clouds protect sensitive data according to the standards where that data is collected and stored. It provide autonomy to both enterprises and countries and give countries a way in how data is handled within their jurisdiction. Sovereign clouds offer guard rails to get and stay compliant with local law and regulations. And Sovereign clouds are efficient and scalable solutions that enable companies to quickly and securely deploy data to the cloud while remaining compliant. As a result Sovereign clouds ensure localized infrastructure, isolated support teams and tools that ensure data does not leave the country.

Who are Sovereign clouds for?
Sovereign clouds are for any enterprise that collects, stores, and handles data in multiple countries or regions. They are particularly pertinent to enterprises that operate within highly regulated sectors, such as public utilities, health, insurance, and finance, which are have to be held to local laws and regulations. Also (local) governments are candidates for sovereign clouds to keep confidential data secure out of national security interests.

How can you achieve Sovereign cloud?
Best way to start is to describe the specific usecases that needs Sovereign cloud protection. Think about the priniciples which are mentioned above. Categorize your workloads and data based on their sensitivity level, based on data classification. Then select a Sovereign Cloud Provider in order to meet the data privacy and compliance requirements.

Use best practices, references, and other guidance based local regulations to:

  • Provide data residence options;
  • Always enforce private connectivity;
  • Ensure granular control/restrictions on data access;
  • Force data in transit, use and rest is encrypted;
  • Apply policies to implement sovereign controls.

Cloud Provider Solutions
To get a better understanding in what each Cloud Provider (Microsoft, AWS and Google) can offer and how the solutions can be used, the sovereign-cloud blog series are in the making, which can be found on this website.
Microsoft - click here, to learn more about Microsoft Cloud for Sovereignty.