Photo: Microsoft
Governments and public sector clients around the world are tasked with accelerating their digital transformation, creating opportunities for social and economic growth and improving services to citizens. The catch: unlike most private sector customers, the usual requirements for a public cloud solution are not sufficient for them. They are also required to meet specific requirements for different data classifications. These include data governance, security controls, citizen privacy protection, data residency, state protection and compliant operations under regulatory requirements such as GDPR.
With Cloud for Sovereignty unveiled at this year’s Inspire 2022 partner conference, Microsoft believes it has found a way to work with strategic partners to support the digital transformation of government customers – while simultaneously addressing governance, security, transparency and sovereignty issues like no other other cloud provider coverage technology.
Government customers could benefit from the public cloud while meeting expectations of low cost, flexibility and scalability with the full range of capabilities, including modern developer services, flexible infrastructure, secure DevOps, open source platforms, modern collaboration and low-code development, he writes. Microsoft on its corporate blog. They also benefited from Microsoft’s Global Security Signals, which analyzes more than 24 trillion signals every day to detect and protect against local attacks.
Microsoft Cloud for Sovereignty relies on more than 60 local Azure data centers and specific policies to keep data and applications from the Microsoft cloud, including Microsoft 365, Dynamics 365 and Azure, within customers’ preferred geographic boundaries. Microsoft advertises that customers can specify the country or region for most service implementations to meet industry, national or global security, privacy and compliance requirements.
In addition, the company plans to provide a range of functions across the entire Microsoft cloud to SaaS services, such as Microsoft 365, Dynamics 365 and Power Platform, to offer customers additional options for protecting and encrypting sensitive data. These include Azure Confidential Computing, which works with Confidential Virtual Machines and Confidential Containers and uses specialized hardware to create isolated and encrypted storage known as Trusted Execution Environments (or TEEs).
SaaS solutions such as two-key encryption also allowed Microsoft 365 users to classify emails and documents as “sensitive” and encrypt customer data with customer-supplied keys.
Microsoft Cloud for Sovereignty also includes a Sovereign Landing Zone for easier data classification. This solution is designed to help maintain architecture and development workflows, as well as provide intelligent tools to orchestrate the operation of various security services and policy controls, Microsoft explains.
Sovereign Landing Zone is based on the enterprise Azure Landing Zone for regulatory compliance for Infrastructure-as-Code (LaC) and Policy-as-Code (PaC) capabilities in Azure and is enhanced with Azure Information Protection (AIP) and enables policies and tags to control access and protect email and document data.
In addition, the extension of the Government Security Program (GSP) to critical elements of the cloud offering should ensure more governance and transparency. As part of the program, eligible participants receive controlled access to source code, engage with technical content about Microsoft products and services, and access five global transparency centers. Microsoft Cloud for Sovereignty also enables auditing of Azure’s compliance processes and evidence based on non-disclosure agreements and available audit terms.
It’s no coincidence that Microsoft is presenting its new cloud offering at the Inspire partner conference. As the company explains, Microsoft Cloud for Sovereignty was designed from the ground up as a partner-centric solution. In Europe, for example, we work closely with partners such as Arvato, Capgemini, Minsait, Orange, SAP and Telefonica to meet each government’s specific requirements.