Apps & Cloud3 min read

Why Sovereign Cloud Should Be About Choice and Control

Laurent Allard
Sovereign Cloud
cloud computing. The data transfer and storage concept consists of a white polygonal interconnected structure within it. Dark blue background with small padlocks scattered on the background.

Technology has been driving human-kind forward for decades. New and improved technologies breed new and improved technologies and so on. And at the heart of this relentless march forwards is the cloud. It is the enabler driving this constant evolution because it is critical to storing, managing and distributing the data from which change is derived.

But as this latest research report, ‘Implementing Digital Sovereignty in the Journey to Cloud’ from IDC has uncovered, this is not without issue.

Classified data in the public cloud

The almost ubiquitous nature of the cloud is clear from the data. The report found that 90% of organisations in Europe and 88% in the Middle East, Turkey, and Africa (META) now use cloud technology. However, the recent explosion in data volumes, combined with access to the cloud as a facility to store it, has pushed more and more organisations to store confidential information in the public cloud.

The report found that half (50%) of European companies are putting classified data in the public cloud. While private on-prem cloud remains an organisation’s primary cloud environment for storing high-sensitivity data, almost a quarter (23%) of those surveyed chose public cloud for this data class. In addition to this, almost a third (32%) of companies in META use global public cloud providers to store confidential data.

It is a situation that creates a number of challenges relating to managing sensitive data and keeping it secure.

Data sovereignty is imperative for the regions

The report found these challenges to be numerous and far-reaching. The biggest concern cited was around the threat of ransomware and cyberattacks - this by 52% of those questioned. But both metadata management and data loss due to human error were both also listed as the key challenges by over 50% of respondents. There are other factors playing a role too including; meeting evolving local regulations, data theft and compliance breaches to name a few. It is clear that continuing with current cloud adoption plans is a risky strategy. The challenges of managing and securing sensitive data are growing but so too is the amount of data of this type businesses need to store - 64% of organisations have increased their volume of highly sensitive data in the last two years.

The size of the challenge is clear when you consider what is happening at a geopolitical level. The war in Ukraine, supply chain dependencies, constant data growth, increasing severity of cyberattacks on critical infrastructures, more adversarial trade and security relationships with China and the ongoing redistributed transatlantic partnership are all exposing the regions’ vulnerabilities when it comes to managing and control its own data.

It’s a scenario that means achieving data sovereignty is not a ‘nice-to-have’ but an imperative for the regions.

Varying drivers for adopting sovereign cloud solutions

A fact not lost on the companies questioned in the IDC report. In fact, data sovereignty was cited as “very important” or “extremely important” by 88% of very large organisations (5,000 FTEs) and 63% of all EMEA organisations. Around 60% of organisations across Europe and META consider data sovereignty to be strategic or very important for their cloud strategies. While this is a considerable majority, the research found discrepancies at a regional level as to what is driving this sentiment. In Europe, organisations are driven by the need for continuous compliance, regulations, and legal obligations, while in META, organisations are driven by the introduction of internal/corporate policies.

This breaks down even further when looking at specific countries. The research found that French organisations want to become future-ready for data-driven business innovation, while meeting compliance requirements is the top benefit of a sovereign cloud for organisations in the UAE. Those in Germany expect sovereign cloud to help them become future-ready for upcoming regulations and new principles and in the U.K., organisations want control of data transfers.

Businesses, too, have differing drivers still. The research found that continued macroeconomic volatility, ambiguity, and uncertainties are heightening interest in sovereign solutions.

Choice and control

Whatever the driver, it is clear that the majority of businesses in Europe and META see cloud sovereignty as key to taking back control over data and boosting the competitiveness and resilience of the regions. The question therefore is, ‘what next?’

Sovereign cloud is all about choice and control. To make this a reality, we need to get to a stage where local technology companies can contribute to the development and implementation of policy and regulation and, by extension, the roll-out of critical cloud and data services that drive innovation and data collaboration in Europe. Doing so will address the strategic imperatives for sovereignty on data security, protection, residency, interoperability, and portability.

Read more from the IDC research on sovereign cloud

A follow-up blog, in fact, that looks in-depth at the challenges businesses face in adopting sovereign cloud and the potential benefits when they do. You can read that here.