As governments as we speak have a look at expertise innovation, there’s a want to deal with the quickly evolving calls for of their residents whereas defending essentially the most delicate information and delivering on guarantees of belief and safety. Modernization of presidency providers with out compromising safety, digitization of handbook processes and improved consumer experiences for each residents and authorities workers are all advantages of digital transformation, and the proper expertise platforms can create even higher alternatives for social and financial progress.
The cloud can provide agility and suppleness, superior cybersecurity options, and entry to the most recent improvements, together with AI, to speed up digital transformation and the supply of important public providers. Many governments need to reap the benefits of the advantages of the general public cloud whereas additionally managing their information in accordance with their native insurance policies and regulatory necessities. They want options that guarantee digital sovereignty, giving them management over their information within the cloud. In July of final 12 months, we introduced Microsoft Cloud for Sovereignty, a brand new resolution that can allow governments to construct and digitally remodel workloads within the Microsoft cloud whereas serving to to satisfy a lot of their particular compliance, safety and coverage necessities. Microsoft Cloud for Sovereignty creates software program boundaries within the cloud to ascertain the additional safety that governments require, leveraging hardware-based confidentiality and encryption controls.
Since then, we now have engaged with quite a few authorities leaders, policymakers and public sector organizations in Europe and the remainder of the world about why the cloud is the perfect resolution for sovereignty wants. We now have delivered two Microsoft Cloud for Sovereignty non-public preview releases that validated the ability and scale of the cloud with adherence to authorities necessities and empowered authorities clients with the digital transformation they’re striving for. It additionally helped establish three key obstacles impeding governments from assembly their digital transformation and innovation targets: Complying with legislative and regulatory necessities; defending and securing delicate information; and innovating with out compromise.
Adjust to legislative and regulatory necessities
Earlier than benefiting from the various advantages of the cloud, authorities policymakers need to trust within the safety and privateness of their information and the power to maintain innovating whereas defending that information. A key ingredient of that is assembly their legislative or regulatory obligations. That is the place Microsoft’s transparency commitments are available in.
Many governments require transparency concerning how Microsoft responds to third-party information requests. On the core of our enterprise, we adhere to the next insurance policies throughout our providers and commit this to our clients:
As all main cloud service suppliers function globally, governments usually marvel how laws such because the U.S. CLOUD Act impacts cloud suppliers. This legislation doesn’t change any of the authorized and privateness protections. Microsoft adheres to the identical rules and buyer commitments for authorities calls for for consumer information.
Microsoft’s semi-annual legislation enforcement request report, a part of our transparency measures, reveals that the overwhelming majority of our clients are by no means impacted by authorities requests for information. For instance, within the first half of 2022, Microsoft obtained 41 authorized calls for from legislation enforcement in the US for industrial, academic, and public sector clients who bought greater than 50 seats. Of these calls for, there have been no disclosures of content material information associated to a non-U.S. buyer whose information was saved exterior of the US.
With Microsoft Cloud for Sovereignty, we offer extra sovereign guardrails that assist guarantee information is protected in transit and in storage by customer-owned keys not accessible to Microsoft and guarded in use when utilizing Azure confidential computing, delivering unmatched software program and {hardware} protections such that solely clients with the right keys can entry the info when unencrypted.
Skill to guard and safe delicate information
With the fast will increase in quantity, severity, and class of cyberattacks, it’s more and more clear that the cloud is one of the simplest ways to guard information. The cloud offers authorities clients with world-class safety and unmatched sources and scale to detect, reply and deter assaults early on.
Microsoft Cloud and Azure are trusted by hundreds of thousands of shoppers with their most delicate and mission-critical workloads. We provide all kinds of instruments to observe and reply to safety threats, in addition to specialised providers to assist governments hold their information protected. With greater than 8,500 Microsoft safety specialists throughout 77 international locations, we now have helped present a vital perspective on the safety panorama and are repeatedly fine-tuning our safety approaches as we study from every cyberattack. With the addition of the Microsoft Cloud for Sovereignty, authorities clients can set up their very own software program boundary within the cloud whereas taking full benefit of Azure’s best-in-class safety, resilience and scale capabilities. Microsoft Cloud for Sovereignty permits clients to leverage key Azure capabilities together with:
- Microsoft’s Azure Key Vault Managed {Hardware} Safety Module permits clients to keep full management of the cryptographic key, whereas nonetheless benefiting from the redundancy, resilience, cybersecurity and managed expertise of the cloud.
- Azure confidential computing is a novel service that protects information in use and permits the info to be processed solely after the cloud setting is verified to be a trusted execution setting. On this method, confidential computing helps defend information from being accessed by cloud operators, malicious admins, and even privileged software program such because the hypervisor. It helps hold information protected all through its lifecycle — along with present options of defending information at relaxation and in transit, information is now protected whereas in use. In Azure, the foundation of belief is with unbiased {hardware}, so even Microsoft operators can’t entry the reminiscence encryption keys. This unbiased {hardware} root belief is what helps authorities clients to independently cryptographically confirm the id and “recognized good state” of the cloud working setting they’re counting on.
With Microsoft, governments can reap the benefits of our view of the evolving risk panorama. With industry-leading AI, we synthesize 65 trillion safety indicators a day throughout all varieties of units, apps, platforms and endpoints, which is an eight occasions improve from the 8 trillion day by day indicators captured simply two years in the past. And we apply the learnings from that sign intelligence, in addition to from our world-class risk intelligence, into all of the services we provide. Moreover, we now have greater than 15,000 companions working with us throughout our safety ecosystem, serving to to carry higher options and extra selections to the market. Our international risk intelligence perspective permits early detection and response to rising threats throughout multi-cloud, hybrid, on-premises and heterogeneous platforms.
Innovation with out compromise
Embracing digital innovation whereas making certain digital sovereignty is a problem for governments. Investing in a personal, remoted on-premises datacenter would possibly, at face worth, appear to be the one method to obtain the extent of management and safety a authorities requires. However constructing on a personal cloud requires sustaining on-premises datacenters, that are not viable resulting from their lack of ability to scale and ship the safety and performance that the cloud offers. Lastly, we additionally hear from our clients that they’re working beneath more and more restrained sources and shrinking budgets. The cloud provides governments the power to function on a lean price range, in comparison with on-premises. Migrating to the cloud can allow governments to reap the benefits of the agile advantages of the cloud and focus their spending on the most recent improvements within the supply of providers.
As applied sciences advance, they’re taken to the cloud first. Governments that undertake the cloud profit from the most recent improvements altering how governments function, together with AI, blockchain, digital id and on-line providers, whereas people who keep or develop their non-public cloud investments might not profit from the identical progress and innovation.
Innovating whereas assembly digital sovereignty necessities is complicated and might differ enormously between clients, industries and geographies. We consider a cloud resolution designed to deal with sovereignty must have superior capabilities constructed with the wants of presidency clients in thoughts and should be customizable and versatile to stick to evolving native insurance policies and regulatory necessities across the dealing with of knowledge.
Now for the primary time, governments aren’t compelled to decide on between digital innovation and information management; they’ll have each. With Microsoft Cloud for Sovereignty, we’re investing additional in guardrails equivalent to Sovereign Touchdown Zones, native coverage packs and elevated transparency all through Azure, making a digital sovereign cloud setting for buyer workloads. This helps allow clients to reap the benefits of finest practices and implement safe, constant and compliant environments and cling to evolving native rules whereas taking full benefit of the cloud.
Guaranteeing compliance and driving digital transformation
The general public sector will at all times want to guard and safe delicate information, adjust to legislative and regulatory necessities and innovate with out compromise. At Microsoft, we attempt to satisfy these wants by offering clients with transparency and unsurpassed information controls, investing in cybersecurity and collaborating with governments worldwide to satisfy their coverage and regulatory wants.
It’s not obligatory for governments to decide on between innovation and digital sovereignty. Governments can now harness the total energy of the cloud, together with broad platform capabilities, whereas having higher management over their information and elevated transparency to the operational and governance processes of the cloud — permitting governments to make sure compliance whereas driving their digital transformation.
For extra info, please go to microsoft.com/sovereignty.