With cloud sovereignty a hot-button topic, businesses might be thinking they too need to jump on the bandwagon. However, industry players tell ITPro that it's still very much a public-sector play.
Often confused with data sovereignty, the sovereign cloud concept is more about the frameworks governments put in place to gain or maintain control over the national cloud environment.
"It's broader than having sovereignty over your data," explains Eamonn O'Neill, chief technology officer and co-founder at cloud services and solution provider Lemongrass.
Sovereign cloud data may entirely reside within national borders and comply with that country's laws and regulations - as per data sovereignty and data residency. However, with sovereign cloud there's typically a further implication - that the data has reduced risk of being seen or accessed from another nation-state.
Multiple governments have stated interest in developing sovereign clouds, from Egypt, Singapore and the United Arab Emirates (UAE), to Germany, Equatorial Guinea, Ireland, and beyond – in fact, Oracle boss Larry Ellison is betting big that every country will soon have its own sovereign cloud.
O'Neill says governments may want more control beyond what hyperscalers currently offer, and for them the economics can work versus many business or private-sector customers.
"Most enterprises are quite happy with cloud provider controls because they're audited against so many standards," says O'Neill. "Users of Azure, Google Cloud Platform (GCP) and AWS get incredible control frameworks by default, and that's usually enough for enterprises."
That said, cloud service providers (CSPs) might still need to cover off sovereign cloud, which might typically be a more or less fully disconnected version of a cloud environment with limited functionalities.
Sid Nag, US-based analyst and vice president for cloud and AI services and technologies at Gartner, argues that offering full data sovereignty to business customers requires a thorough understanding of local regulations, data protection laws, and sovereignty requirements.
Advantages of sovereign cloud: Demand for control and transparency
Nag notes that effective service delivery in sovereign cloud environments specific to a region or country may in some cases entail the creation of local partnerships to manage and operate public cloud regions dedicated to serving specific country needs.
"Some providers offer their services as private cloud deployments, sometimes with a fully disconnected capability, with the same service catalog and user experience as public cloud deployments," Nag adds.
CSPs must ensure they can provide independence, autonomy, and technology control through disconnected cloud environments if they are to meet the highest achievable state of sovereignty for end-user organizations, he warns.
Disconnected sovereign options might run as a regional offering, a country offering, or on customer premises to fulfil this requirement. Done right, feature and service parity can offer a consistent global cloud experience, and CSPs have roles to play.
"Treat partnership activities as a strategic asset to focus on addressing customer sovereignty requirements by including partners in your local sovereign cloud go-to-market strategies," Nag advises. "Either through ...
Comments