Microsoft Cloud for Sovereignty is an important development at the nexus of rising national data privacy and control laws and global innovation demand. It ushers in a new age for governments all around the world by giving them a safe way to update their digital infrastructure and processes.
The Microsoft Cloud for Sovereignty has a public preview that they are announcing today. Additionally, Microsoft cloud are announcing the Microsoft Cloud for Sovereignty’s anticipated December public release. Governments will be able to use the cloud to benefit their residents while still meeting their compliance, security, and policy requirements thanks to this solution.
Government customers have experienced challenges with digital transformation since the cloud’s beginnings, in part due to the necessity for controls to satisfy certain national and regional needs. To lower the cost of owning and running datacenters and to make modernization easier, innovators inside international governments have recently called for alternatives to the costly capital expenditure and operational costs of a legacy model. The EU-U.S. Adequacy Decision issued by the European Commission in July 2023 in accordance with the EU General Data Protection Regulation (GDPR) also provides legal support for the ongoing adoption of hyperscale cloud computing by EU government clients.
Given the convergence of these two developments in the public sector and the variation in national regulations, Microsoft Cloud for Sovereignty is built on a repeatable best-practice methodology that can be used to support complicated regulation accomplishments. Governments may simply develop solutions specifically suited to help address regional and national requirements thanks to this solution’s market-leading data sovereignty and encryption controls.
A moral strategy for digital sovereignty
At Microsoft, they support openness so that individuals and organizations can manage their data and make informed decisions about its use. Microsoft support each user of their goods and services in making informed decisions about their personal data privacy.
Microsoft ethical approach to data privacy in the cloud serves as the foundation for our ethical approach to digital sovereignty. They are aware that sovereignty may mean different things in many contexts, and as they collaborate with clients and partners globally, one theme that keeps coming up is the need for individuals to decide for themselves where their data is stored, how it is safeguarded, and who has access to it.
The additional capabilities Microsoft are providing with the Microsoft Cloud for Sovereignty are tailored for nations with jurisdictional requirements around sensitive data because the security, privacy, and compliance capabilities of the Microsoft Cloud already meet the requirements, regulations, and standards of the majority of government needs. Customers receive industry-leading cybersecurity, the broadest compliance, and more geographies than any other cloud provider with all Microsoft Cloud products.
A foundational offering for national needs
Microsoft are able to provide a worldwide solution for local requirements thanks to our partnerships with companies that have a thorough understanding of national standards. Because of a layered landscape of changing policy, trends, and regulations, these requirements are frequently complicated. Governments and their partners have approved the solutions provided by Microsoft Cloud for Sovereignty as a preferred method of releasing the value of the cloud.
The National Cyber Security Centre (NCSC), a pioneer in cyber security recommendations and guidelines, particularly those pertaining to secure cloud adoption, is establishing a cloud center of excellence to facilitate compliant and quick cloud adoption in the Netherlands. In order to comply with the Dutch BIO law, NCSC is now testing Microsoft Cloud for Sovereignty, which includes sovereign landing zones and built-in policy initiatives.
According to Arnoud van Petersen, CIO & Head of IT Services at NCSC-NL, “The National Cyber Security Centre (NCSC) is piloting avenues to adopt and use secure, robust public cloud offerings.” “Microsoft Cloud for Sovereignty, with its specialized features like sovereign landing zones, and well-developed security and AI capabilities, provides a solution that fits our strategy of enabling cloud innovation without compromising sovereign controls.”
A fully specialized Microsoft Cloud Incubator for mission-critical infrastructures for the public sector and businesses is InSpark (a Royal KPN subsidiary). With Microsoft Cloud for Sovereignty, InSpark is trying to deliver a compliant and repeatable method to fulfill the needs of Dutch public sector customers, such as the Municipality of Amsterdam.
“Cloud for Sovereignty will allow Municipality of Amsterdam to utilize cloud capabilities for procedures that use or generate sensitive information. According to Patrick Scholte, Director Platforms & Development, Municipality of Amsterdam, “by migrating from an on-premises datacenter to the cloud in compliance with the relevant classification within the Dutch BIO regulation, this enables us to efficiently offer modern services and ultimately improve the experiences of our citizens.
A few additional local and international partners
- With the help of Microsoft Cloud for Sovereignty, Atea is leading the way in Sweden in exploring new opportunities for using technology and capabilities through the public cloud. Atea is enabling public customers to provide digital services and working with government organizations to better people’ digital experiences with these improved capabilities for managing sensitive data in the cloud. Additionally, Atea enables customer use cases that enable improved predictive healthcare by analyzing extremely sensitive data with Microsoft Cloud for Sovereign technology.
- G42 provides access to the newest cloud and AI features available on Azure and helps clients in the UAE’s public sector and regulated industries comply with local privacy and regulatory requirements while using new platform capabilities for securing data and workloads.
- Leonardo is a member of the consortium in Italy that provides the Polo Strategico Nazionale (PSN), also known as the “National Strategic Hub,” which aims to provide a centralized, secure, and compliant set of cloud services for Italian public administrations, ranging from central organizations like the ministries to regional and local governments like health agencies and schools. In order to provide solutions for a number of customers that take advantage of the economies of scale, security standards, and rate of innovation that are now only possible with hyperscale clouds, Leonardo is employing Microsoft Cloud for Sovereignty.
- Recent Accenture data shows that European businesses are embracing sovereign cloud more and more, with 37% already investing and 44% planning to do so in the next two years. Accenture can leverage Microsoft Cloud for Sovereignty to assist governments with a good sovereign cloud strategy to create control over their data while unlocking new sources of wealth in the digital sphere, with 137 countries passing some type of data protection and sovereignty regulations.
Implementing customized policies under sovereign control
Microsoft goal with the Microsoft Cloud for Sovereignty is to enable government use of cloud innovation through specialized sovereign controls. Their technical approach is based on repeatable best practices and is intended to assist clients in meeting their local and governmental requirements.
Microsoft are publishing the following as of today’s commencement of the public preview:
- The Sovereign Landing Zone and policy initiative, which is now publicly accessible on GitHub, creates guardrails for sovereign cloud environments for customer workloads, allowing customers to take advantage of best practices for secure and consistent environments while assisting them in their efforts to comply with changing local regulations.
- Support for the Netherlands BIO legislation and Italy’s ACN regulations makes it easier for clients to monitor, secure, and report on their compliance in Azure.
- Customers who qualify for Transparency Logs get access to critical operational Microsoft engineers’ actions to help customer service and service reliability issues.
- Automated workload templates for Azure Confidential Computing and Azure Lighthouse are provided as illustrations for creating workloads for sovereign environments using these capabilities, speeding up.