Sovereign cloud: sensitive data safe in the public cloud
Published on 06/01/2023 in Innovate
How can you benefit from the advantages of the public cloud without putting your sensitive data in the hands of American hyperscalers? Sovereign cloud provides the answer with flexibility, scalability, and compliance with European regulations.
The cloud has changed the world. Thanks to the cloud, all sorts of innovative applications have come within reach of every business. The fact that almost everything is now done digitally is the great achievement of the cloud.
But here too, you do not get something for nothing. Data form the most important raw material for the cloud. And for many organizations that is a big barrier to fully opting for the public cloud. They manage a lot of sensitive data, not only about themselves, but also about their employees, customers, citizens, patients, suppliers, and so forth.
Public cloud with European framework
While European legislation provides stricter standards for the use and processing of that data, the public cloud is in the hands of a few American hyperscalers.
“It’s that discrepancy that sovereign cloud solves,” says Jetro Wils, Product & Solution Manager Cloud at Proximus. “Sovereign cloud allows full compliance with European regulations (consider GDPR and Schrems II), but at the same time you benefit from all the advantages of the public cloud.”
In the public cloud, compliant data security was a critical issue. The sovereign cloud solves that now.
Jetro Wils, Product & Solution Manager Cloud at Proximus
Strong encryption
Simply put, with sovereign cloud it is not possible for the cloud provider to read unencrypted data. Strong encryption of the data is provided, not only during storage (“at rest”), but also when data travel over the network (“in transit”), and even when they are being used (“in use”). The latter is new. This way, the cloud provider cannot read the unencrypted data at any time.
As an extra security measure, the key to encrypting and decrypting the data is not located in the public cloud, but at Proximus. “Sovereign cloud guarantees that an organization’s data are always secure,” says Jetro. “It’s a hallmark. It shows that you have everything under control in terms of data access.”
Future-proof
The use of sovereign cloud is also a competitive advantage. “That is undoubtedly the case at the moment,” says Jetro, “although in time it will probably become a requirement. There are stricter and stricter standards for data security. So, it’s only logical that the use of sovereign cloud will no longer be optional, but will be a condition, for example to be able to collaborate with a certain company.”
Today sovereign cloud is a competitive advantage; in time it will become a requirement.
Jetro Wils, Product & Solution Manager Cloud at Proximus
That last argument in particular is growing in importance. In the future companies will share more and more sensitive data. Thanks to sovereign cloud, the new, essential link in the multicloud landscape, that can be done in an airtight way.
“Consider a lab that collaborates with a hospital,” says Jetro. “Sovereign cloud offers a secure alternative to sending confidential medical data over the network. The data, strongly encrypted, are located in a safe place, where the lab and the hospital can consult and process the data. The future of healthcare is personalized care, so sensitive medical data will have to be processed and shared. Sovereign cloud is the basis for this.”
Innovation and cybersecurity
Ultimately it is the combination of the advantages of the public cloud and compliance with European data regulations that really makes the difference with the sovereign cloud.
“The innovation of the public cloud lies in the services that the hyperscalers offer on their infrastructure. That level can only be found in the public cloud.”
The same applies to security. “A company like Microsoft spends four billion dollars annually on cloud cybersecurity. What company can take on such a commitment?” In short, we cannot do without the public cloud for those innovative and safe services.
Classification of sensitive data
“But it’s true that compliant data security was a critical issue for a long time,” says Jetro. “That’s exactly what sovereign cloud now addresses.”
The other forms of the cloud will also continue to exist in addition to sovereign cloud, of course. Not all data need the strict security of the sovereign cloud.
“For organizations there’s an extra issue: which data are sensitive and which aren’t. So, there are several new tasks on the agenda in the framework of sovereign cloud, classification of data and examination of the workloads involved.”
Experts
Our experts keep you informed on the latest news and trends for ICT professionals.