Sovereign cloud has emerged as key area of interest as companies seek intelligent solutions to obtain digital sovereignty. Sovereign cloud computing architecture provides data access in compliance with national laws and regulations. As international laws and regulations evolve, it’s essential to have a cloud architecture that protects from unauthorized access and ensures data is stored in compliance with privacy mandates.
Cloud sovereignty requires cloud service providers (CSPs) to monitor cloud and data storage services and validate compliance with national data privacy and security laws. To determine the sovereignty of a cloud computing architecture, regular assessments are established including records that log access permissions and data movement during a period of time.
HCLTech has a three-pronged approach for helping customers adopt a sovereign cloud structure. There are advisory services for sovereign cloud adoption, in-country and in-region services who work toward assurance, security, data, and controls, as well as onboarding ISVs that can self-test and enhance their offerings to meet sovereign requirements.
“While we have been working with North American customers for the sovereign cloud environments for some time now, we are seeing significant interest from Europe with a specific, especially Germany and France in particular need to mandate sovereign cloud requirements for some regulated industries and for public sector entities.
Google Cloud’s sovereign offering
Google Cloud’s sovereign cloud offerings spread across three pillars, which include: data, operational and software sovereignty.
Under the first pillar, data sovereignty, Google Cloud’s assured workload offering enables customers to maintain control of their data through local encryption key management and enhanced regulatory compliance. No unauthorized entity can access a customer’s data in this way—not even Google Cloud.
Operational software is a pillar that allows customers to get a multitenant environment while having the controls in place like a traditional on-prem environment.
Through software sovereignty, customers can run and control the availability of their workloads without being dependent on providers' software. Google Cloud can also provide survivability services that enable air-gapped and disconnected operations for customers.
Advice to customers considering a sovereign cloud infrastructure
Customers must establish the critical drivers for moving to sovereign cloud infrastructure. Customers will need to evaluate the level of regulatory compliance that is mandated under old sequences.
Some requirements, like data residency and cryptographic control over data access, can still be managed without an end-to-end sovereign cloud environment. If a customer is looking into operational support services where local presence and personnel are needed, they will need to involve a local partner. In many cases, survivability requirements can be necessary and require an air gap mode.