Issues around privacy and government control of information and data are super hot topics right now.
So, Microsoft’s announcement of its new Microsoft Cloud for Sovereignty is timely. The new offering is being built on the Microsoft public cloud to help public sector customers adhere to different government requirements around the globe.
“Government customers will have the power of the public cloud, addressing low cost, agility and scale expectations,” said Corey Sanders, corporate vice president of Microsoft Cloud for Industry, in a blog post.
From the outset, Microsoft Cloud for Sovereignty is being designed as a partner-led solution. In-country partners will play a pivotal role to comply with different government requirements.
Microsoft is particularly focused on its government business in Europe to provide cloud offerings that meet European government sovereign needs in partnership with local technology providers. It’s already working with companies including Capgemini, Orange, SAP and Telefonica.
Microsoft Cloud for Sovereignty customers will also benefit from Microsoft’s global security signals, analyzing over 24 trillion signals every day to help protect against local attacks.
The foundation of Microsoft Cloud for Sovereignty will start with its 60-plus cloud regions. Sanders said its cloud policy controls already help customers meet many regulatory requirements and allow them to implement policies to contain their data and applications within their preferred geographic boundary.
“Microsoft has the most comprehensive compliance coverage of any cloud service provider with 100-plus offerings including more than 50 which are specific to global regions and countries,” said Sanders. “Specifically in Europe, expanding on our data residency commitment, the forthcoming EU Data Boundary will ensure Microsoft not only stores but also processes customer data in the EU and European Free Trade Association.”
In addition, with Microsoft Cloud for Sovereignty, the company will provide customers with additional layers to protect and encrypt sensitive data.
Customers can also leverage Azure Confidential Computing, offering sovereign protection with Confidential Virtual Machines and Confidential Containers, which use specialized hardware to create isolated and encrypted memory called Trusted Execution Environments (or TEEs). Customer-owned encryption keys are confidentially released directly from a managed hardware security module into the TEEs executing on customer encrypted data. This secures customer keys, even while in-use, and ensures data is encrypted while at rest, in transit, and in use.
Last year, Deutsche Telekom said it was teaming with Google Cloud to build and deliver sovereign cloud services to German enterprises, healthcare firms and the public. The two companies say that the goal of this sovereign cloud was to allow customers to host their sensitive workloads while still being able to leverage all the benefits of the public cloud, such as scalability and reliability.