Microsoft has announced a preview for its Microsoft Cloud for Sovereignty to reduce government regulatory worries revolving around cloud ecosystems. The preview anticipates a wider release toward the end of 2023, with its main target audience being governments.
Governments have historically exhibited trepidation regarding the adoption of cloud technology, as legal and regulatory requirements can complicate digital transformation efforts in the public sector.
Microsoft expressed confidence that its current cloud ecosystem is comprehensive enough to satisfy most governmental needs, but stated that the additional tools provided by the new Microsoft Cloud service cater specifically to nations with nuanced operational requirements for sensitive data.
Enhanced Data Protection
Microsoft will retain hosting responsibilities for the services, but will implement a unique mechanism to safeguard data. According to Steinar Sonsteby, CEO at Atea, the technical mechanism will essentially lock the data, enabling only the customer to unlock it. The CEO underscored the importance of data security citing technical, legal, and financial reasons, and reaffirmed Atea's commitment to data protection.
Atea is a company that provides IT solutions and services to customers in the Nordic and Baltic regions. It helps them to access, manage, and secure their IT resources, and to achieve their digital goals. Atea works with many leading technology companies and offers a wide range of products and services. The company is a partner in Microsoft Cloud for Sovereignty.
In addition, Microsoft is launching the Sovereign Landing Zone (SLZ), a variant of its enterprise-scale Azure Landing Zone. It's equipped with Infrastructure-as-Code and Policy-as-Code, and adopts Bicep as the deployment technology rather than Terraform. Bicep deployment technology is a new way of creating and managing Azure resources using code. It makes it easier to write and reuse code by simplifying the syntax and structure of Azure Resource Manager templates.
Transparency Logs and Customer Visibility
Microsoft's transparency logs allow sovereign clients to track instances where Microsoft engineers obtained access to their resources. This utility offers sovereign customers a level of visibility that surpasses what's available in the Azure commercial cloud.
Despite this, some critics insist that storing data in a place where Microsoft engineers can access it contravenes the principle of sovereignty. Microsoft responded by noting that the meaning of sovereignty can vary depending on the situation, and highlighted a common need across various customers and partners: having control over where their data is stored, how it's safeguarded, and who can access it.