Organizations collect vast volumes of data but struggle to get value from it. Data privacy and sovereignty laws place limits on what can be done with the data, and 63% of enterprise leaders state they cannot use some of their data due to privacy concerns.
A Sovereign Cloud must be deployed in locations entirely under the jurisdictional control of the nation or international federation where the data is collected. VMware Sovereign Cloud provides secure access to sensitive data and protects its integrity to allow organizations to unlock value from their data. In-region data centers with high availability, resilient infrastructure, and low latency make data accessible when needed. Backups, disaster recovery, and air-gapped immutable storage safeguard data integrity so it is always complete, accurate and in a secure cloud environment. Trusted partner networks, artificial intelligence, and machine learning enable data analysis that remains compliant with data privacy and sovereignty laws to fuel innovation.
A sovereign cloud provider must ensure data can be accessed quickly and securely whenever needed. That means having sufficient backups, disaster recovery, data center connectivity, and secure networking to support their customers. The sovereign cloud provider should have at least two data centers, and to meet sovereignty requirements, they must all be located in the jurisdiction where data is collected. This ensures the data is always available whenever needed, with 99.999% uptime – highly performant and reliable.
The other side of the access coin is preventing unauthorized or undesired access, which is one of the main reasons for choosing a sovereign cloud over a public one. Only the people and organizations you want to grant access to, along with local authorities, are granted to see your data. Not even the sovereign cloud provider can access your data, lowering your risk, chance of downtime, and resources needed to keep your cloud up and running.
Restricted access also protects data integrity—the accuracy, completeness, and quality of data as it’s maintained over time and across formats. Integrity shouldn’t be confused with data security, although there is a connection between the two. Data security is about protecting data from external and internal threats and maintaining privacy, which in turn helps ensure the integrity of data.
With authorized access to complete and accurate data, organizations can start to gain insights for improvement. Some may be reticent to perform analysis on confidential or restricted data for fear of an unintentional privacy breach, but a sovereign cloud mitigates the risk and presents new opportunities.
Sovereign cloud allows organizations in highly regulated industries, such as healthcare, to conduct new and valuable research. One such example is a hospital in the UK that had previously been unable to analyze patient data due to privacy concerns. But after moving to a sovereign cloud, they were able to uncover new medical insights about COVID-19 based on the patient records of 2.5 million people.
The insights available from analyzing sensitive data can fuel innovation and improve local economies. Shifting some business from U.S.-based public cloud providers (who control 66% of the European cloud market) to a local sovereign cloud provider will also put more money back in the local economy.
VMware has published a set of guiding principles and best practices for delivering cloud services that adhere to the data sovereignty requirements of the specific jurisdiction in which that cloud operates as mandated by the relevant government or commercial body. The framework is intended to be flexible enough to accommodate different design considerations depending on the scope of the sovereign cloud.
Within this framework, we must understand the business requirements that drive the architecture. This includes assessment of any compliance requirements and risk as well as defining the scope of our data boundaries.
We can then design the data sovereignty layer by enabling policies across apps and data, and by leveraging micro-segmentation and encryption to create data boundaries and control data flow between locations. This is where we create a data space or sovereign domain that might span endpoints.
VMware Cloud providers offering sovereign cloud can help you attain integrity, security, and availability of information systems and sensitive data. Sovereign Cloud providers protect your systems and data from security risks by providing the following:
- All of your sensitive data, including metadata, remains under sovereign control, preventing compelled access by foreign authorities that could violate data privacy laws
- Protection of your applications and data against rapidly evolving attack vectors while maintaining continuous compliance with a trusted platform, built-in frameworks, and local experts
- Reacts quickly to changing data privacy regulations, security threats, and geopolitics
- Avoid cloud vendor lock-in with portability for workloads, applications, and data
- Securely share and analyze data with trusted partners to fuel innovation without violating privacy laws - data integrity is protected to provide accurate insights