Glossary
Sovereign Cloud
A sovereign cloud is a cloud environment that is physically located within one country, facilitating compliance with local laws.
More than half of all companies use cloud computing to store their data. But their hosting systems are often located outside their home country. This can lead to issues around data protection and meeting local regulations and laws. That’s where sovereign cloud computing provides a useful option. So what is a sovereign cloud? Is it mandatory? How do you set it up?
What is a sovereign cloud?
A sovereign cloud is a cloud computing environment that stores each organization’s data (including metadata) on servers located within their local country. This means data is stored in compliance with local laws and is protected from foreign access. Essentially a sovereign cloud hosts data within the borders of a specific country and is governed by its laws.
Why is the sovereign cloud growing?
Data security and confidentiality
Currently, the majority of cloud providers are headquartered in the United States. This means that the stored data is governed by US law. Specifically, it must comply with the Cloud Act and the Patriot Act, which gives the US government the right to consult the data if they deem it necessary. However, this situation can be problematic in terms of state sovereignty, especially at the European level.
With the sovereign cloud, stored data is subject to local country legislation. In other words, it cannot be consulted without prior authorization. The sovereignty of the digital cloud does a better job of protecting national interests by limiting third-party access to sensitive information.
Creating an ecosystem
Although a sovereign cloud is limited to the territory of a single country, you can still create communities within the group. Just like with a public cloud, organizations using a sovereign cloud as their storage solution can continue to share their data to find new uses for it and create value.
The idea is to control access to the information, without shutting the doors completely.
The efficiency of the hosting system
Despite their geographic limitations, sovereign clouds are highly effective.
They work the same way as any other cloud computing solution, wherever they are based.
But the proximity of their IT facilities increases their efficiency tenfold. Organizations using a sovereign cloud enjoy faster execution speeds and greater stability.
Is sovereign cloud use mandatory?
Some countries, such as France, make use of a local, sovereign cloud mandatory for public sector organizations. Other organizations, such as in the fields of health and research might also use a sovereign cloud in order to protect their data, which is considered highly sensitive.
When it comes to businesses, sovereign cloud use is not required. However, the GDPR and CCPA both require companies (of all sizes, and in all business sectors) to protect and secure their data. As such, it’s important for them to find a reliable, efficient hosting solution.
How do you set up a sovereign cloud?
Establishing a sovereign cloud is essential for local government, public institutions in certain countries. But besides a hosting service located in-country, it’s important to pay close attention to the following details:
- Data security: The service provider must ensure an appropriate level of security. To do so, they’ll need to follow certain rules concerning physical, operational and contractual security. For example, they must use an encryption device, electronic signatures, etc.
- A guarantee that third parties won’t access your data: Since sovereign clouds exist to ensure data confidentiality, your data cannot be consulted or used by third parties (including by the government) without prior authorization.
- Data traceability: Data must be easy to locate.
- Quality of service: This concerns the availability of databases, response rate, updates, UX, languages, adaptability, compatibility, etc.
- Localization: All data (including metadata) must be hosted and managed locally. This ensures that local laws will be applicable.
- Compliance with national standards: The provider must be compliant with all relevant national standards, particularly sector-specific ones, such as in healthcare.
Learn more
Product
Opendatasoft integrates Mistral AI’s LLM models to provide a multi-model AI approach tailored to client needs
To give customers choice when it comes to AI, the Opendatasoft data portal solution now includes Mistral AI's generative AI, alongside its existing deployment of OpenAI's model. As we explain in this blog, this multi-model approach delivers significant advantages for clients, their users, our R&D teams and future innovation.