Microsoft adds 'Cloud for Sovereignty' to its line-up
Microsoft is adding yet another cloud bundle to its Microsoft Cloud line-up. The latest is known as the "Microsoft Cloud for Sovereignty." It's similar to Microsoft's own Cloud for Government, except that it's not only for US government customers; instead, it's for government and public sector customers worldwide.
Sovereignty is a bit of a loosely defined buzzword. It's often used in conjunction with "data," as in "data sovereignty." But sovereignty doesn't just apply to where data resides. It also has to do with security, compliance, and policy requirements that are particular to various countries' governments.
In its announcement on Day 1 of its annual Inspire partner conference, Microsoft officials said its Cloud for Sovereignty will start with its Azure regional data centers and be anchored in data residency. Officials said they are beginning the private preview of the Cloud for Sovereignty in select locations and will offer more details over time.
Microsoft will offer Microsoft 365, Dynamics 365, and Azure under the Cloud for Sovereignty banner, making data residency and management core to this offering. Officials also highlighted the company's Azure Confidential Computing service, which offers sovereign protection with confidential virtual machines and containers, as an example of an option available to customers as part of the Cloud for Sovereignty.
"Customers can specify the country or region for most service deployments with the ability to satisfy industry, national, or global security, privacy, and compliance requirements," officials said in a blog post about the new cloud offering. And in Europe specifically, Microsoft will not only store but also process customer data in the EU and European Free Trade Association as dictated by the forthcoming EU Data Boundary, officials said.
The Microsoft Cloud for Sovereignty includes a Sovereign Landing Zone, which officials describe as a way that customers can streamline the architecture, deployment workflow, and orchestration of operations of Microsoft's security services and policy controls. (Microsoft currently uses the "Landing Zone" terminology to describe an Azure environment "for hosting your workloads, pre-provisioned through code" via Infrastructure as Code and Policy as Code capabilities.)
Microsoft already has some agreements in place to build sovereign clouds (or, at least, sovereign-type clouds) in certain countries. In February this year, Microsoft won a contract to develop a sovereign cloud in Singapore with HTX, Singapore's science and technology agency. Because of its strict data residency requirements, Germany is another place where Microsoft has been working for years to create a sovereign-like situation using a data-trustee model.
Microsoft officials said the Cloud for Sovereignty will be designed as a "partner-led and partner-first solution" from the get-go, meaning customers will be working with in-country partners with the required industry and technical experience to help with planning, onboarding, and operating their clouds. This includes data residency, confidential-computing, document classification, and hybrid deployments, where appropriate.
I'm curious whether Microsoft's own US government cloud offerings are considered part of the Cloud for Sovereignty solution. (It seems some at the company already consider its government clouds as "US Sovereign Cloud.") I also wonder whether Microsoft is treating the Cloud for Sovereignty as yet another one of Microsoft's industry clouds -- a group which already includes Cloud for Healthcare, Retail, Manufacturing, Finance, Non-Profits, and Sustainability. I've asked about both of these questions; no word back so far.
Update: And here are the answers, courtesy of a Microsoft spokesperson. Yes, the Cloud for Sovereignty is part of the Industry cloud stable, joining the aforementioned bundles. But no, Azure Government is not considered a Microsoft Industry cloud. Here's the reason: "The Azure Government portfolio has been built to meet the specific requirements of the U.S. government. Azure Government achieves these controls through service instancing and personnel citizenship validation, while MCFS (Microsoft Cloud for Sovereignty) leverages encryption, confidential computing, and audit rights to meet the very differing needs of the U.S. Government versus the rest of the world, respectively."
In other government-cloud-related news, Microsoft announced at Inspire today plans for a Windows 365 SKU for US government customers. This offering will be for Government Community Cloud (GCC) and GCC High customers in the US, providing local, state, and federal customers with a way to securely stream their Windows apps, data, content, and settings from the Microsoft Cloud. I've asked when this will be available; no word back so far. Update: Microsoft is declining to provide a timeframe for the Windows 365 SKU for U.S. government.
Speaking of Windows 365, last week, as part of yet another reorg, Microsoft Executive Vice President and Chief Product Officer Panos Panay is now officially responsible for Windows 365. The move isn't surprising, given that officials promised earlier this year to more tightly integrate local Windows 11 clients with Windows 365.