Discover how the Microsoft Cloud can help governments meet their sovereignty requirements.
Microsoft Cloud for Sovereignty
Meet heightened requirements for data residency, privacy, access control, and operational compliance in the cloud and hybrid environments.
Meet sovereign requirements with the Microsoft Cloud
Microsoft Cloud for Sovereignty offers trusted public sector solutions designed to help you migrate, build, and digitally transform workloads in the Microsoft Cloud while meeting your compliance, security, and policy requirements.
Transform with public cloud solutions
Improve resiliency, security, and scalability with powerful solutions built on public cloud technology.
Achieve compliance
Satisfy legal, security, and policy requirements with greater control and operational transparency.
Meet unique government needs
Work with local partners to create customized environments that adhere to government standards.
Capabilities
-
World-class protection against unauthorized access
Protect workloads from unauthorized access using advanced sovereignty and encryption controls.
Azure confidential computing
Protect data in use and ensure the data is processed only after the cloud environment is verified as a trusted execution environment with Azure confidential computing.
Azure Key Vault
Deliver superior levels of sovereignty and availability with Azure Key Vault Managed Hardware Security Modules (HSM), which provide full administrative and cryptographic control of your HSMs.
Back to tabsData sovereignty policies
Secure workloads from unauthorized access using advanced policies and logging that protect the location and confidentiality of data, whether it’s at rest, in transit, or in memory.
-
Create compliant sovereign architectures
Access codified architectures, workload templates, and tools to assist in creating compliant architectures.
Infrastructure as code
Implement consistent configurations and controls using repeatable infrastructure that’s opinionated towards digital sovereignty best practices with the Sovereign Landing Zone, a variation of the Azure landing zone.
Automated policy enforcement
Simplify the architecture and deployment of your sovereign controls across any given workflow and use intelligent tools to orchestrate operations of various Microsoft security services and policy controls.
Back to tabsWorkload templates
Accelerate time-to-value while achieving your compliance goals with ready-to-use workload accelerators that can be deployed and operated in a consistent, repeatable manner.
-
Meet local regulatory requirements with increased transparency
Enable local compliance with policy packs for your region and gain transparency over and into your environment’s operations.
Meet specific governance requirements
Enable your institution to meet compliance requirements with expanded audit rights and the Microsoft Government Security Program.
Enhanced operational transparency
Get heightened assurances of operator transparency into cloud data, security, and operations.
Back to tabsPolicy portfolio
Get a customizable and flexible policy portfolio that helps you adhere to evolving local policies and regulatory requirements in your country.
-
Innovate with the powerful capabilities of the public cloud
Get the resiliency, parity, and security of the public cloud with capabilities that significantly exceed private and on-premises data centers.
Public cloud technology
Realize the full power of the public cloud—including innovation, agility, elasticity, resiliency, and scale—with over 60 Azure regions to help you meet your sovereign and local data residency requirements.
Trusted security
Protect your technology infrastructure and your sensitive and mission-critical workloads with more than 100 compliance offerings and over 24 trillion daily security signals from Microsoft Azure and the Microsoft Cloud.
Back to tabsResiliency and availability
Benefit from the same high levels of resiliency, availability, and low latency offered by Azure with the most extensive global footprint of any cloud provider.
Discover the power of our partnerships
Italy accelerates its digital sovereignty efforts
See how Microsoft and Leonardo are working together to help government customers in Italy overcome obstacles to cloud adoption through collaboration and technology innovation.
See how public institutions are meeting their compliance needs with the Microsoft Cloud
Building trust with a more secure cloud
“We’re proud to have built a cloud environment where we can use confidential information. That’s a priority for us, especially due to the legal requirements associated with GDPR.”
—Jarkko Levasma, Chief Information Officer, Finnish Tax Administration
Making citizen lives easier with e-services
The Czech Republic’s National Agency for Communication and Information Technologies used Microsoft Azure solutions to create a portal, giving citizens access to more than 80 government e-services.
Explore valuable resources
Discover how to make the most of Microsoft Cloud for Sovereignty with docs and how-to articles
Discover how government customers worldwide are using the powerful capabilities of the Microsoft Cloud to meet sovereignty requirements and start your journey by visiting Microsoft Learn.
Unlocking global government innovation with Microsoft Cloud for Sovereignty – public preview available today
Find out more about how Microsoft Cloud for Sovereignty unlocks cloud innovation for governments through tailored sovereign controls, and a technical approach grounded in repeatable best practices designed to help customers achieve their regional and national requirements.
Digital Sovereignty in the Public Cloud
Learn how governments can embrace digital innovation while ensuring digital sovereignty with the Microsoft Cloud.
Building Blocks for a Successful Digital Transformation Strategy
Learn how to accelerate digital transformation for your public sector agency through technology policy and procurement best practices.
Delivering innovation while maintaining digital sovereignty
Find out how governments are addressing the rapidly evolving demands of their citizens while protecting sensitive data and delivering trust and security.
The most flexible and comprehensive solution for digital sovereignty
Find out about our new solution that will enable public sector customers to build and digitally transform workloads in the Microsoft Cloud while meeting their compliance, security, and policy requirements.
Frequently Asked Questions
-
Data sovereignty is the concept that data is under the control of the customer and governed by local law. While data residency ensures that data stays in a specified geographical location, data sovereignty makes sure that data adheres to the regulations of the country where the public sector customer is located.
-
Every government has a unique view and requirements when addressing their sovereignty needs and requirements. Microsoft believes that many of these requirements are addressed through our public cloud offerings. Microsoft Cloud for Sovereignty provides an additional layer of policy and auditing capabilities that will address individual public sector and government customer needs.
-
The Sovereign Landing Zone (SLZ) deploys and configures various Azure resources in a manner that aligns with the enterprise-scale landing zone—which is part of the Cloud Adoption Framework (CAF) best practices—and provides appropriate guardrails an organization can configure to help achieve their data sovereignty requirements. For a detailed overview of an SLZ and its capabilities, see the Sovereign Landing Zone documentation on GitHub.
-
Microsoft Cloud for Sovereignty will be generally available on December 14, 2023. Discover how government customers worldwide are using the powerful capabilities of the Microsoft Cloud to meet sovereignty requirements and start your journey by visiting Microsoft Learn.
-
Sovereign requirements vary dramatically by country. As such, Microsoft will work with local in-country partners to tailor and customize Microsoft Cloud for Sovereignty for individual customers while also ensuring maximum re-use for benefits of scale and secure implementation. The Sovereign Landing Zone will aggregate requirements and best practices to benefit future countries and customers.
-
Sovereignty requirements vary dramatically by country, by data classification, and sometimes even by workload. Your Microsoft account team or partner can help you determine which elements of Microsoft Cloud for Sovereignty might help you meet your requirements.
-
Governments around the world have varied preferences on sovereignty and residency. For some customers, in-country residency is not a pre-condition to sovereignty. Anyone can use our sovereign controls anywhere in the world, even if they don’t have an in-country hyperscale region. Our hybrid cloud options can be deployed anywhere as well.
-
Each jurisdiction has its own classification requirements, and no blanket statement can be made about what data classifications are applicable for Microsoft Cloud for Sovereignty without local domain understanding. Our approach with Microsoft Cloud for Sovereignty is to provide a menu of capabilities and then empower partners and customers to determine what is appropriate for their specific needs. For the most sensitive workloads that cannot be hosted in the public cloud, we offer hybrid options that enable customers to keep the data on their premises.
-
Microsoft provides detailed information about data residency in the Microsoft Cloud through its documentation and the Microsoft Trust Portal. Additional measures to maximize data residency have been announced under the EU Data Boundary.
-
Microsoft commits to challenge every government request for public sector or enterprise customer data where there is a lawful basis for doing so. This includes any request under the CLOUD Act. In addition, to strengthen customer privacy and data security, Microsoft makes available a variety of tools that provide customers with additional control over their data. For example, when Azure confidential computing is enabled and properly configured, Microsoft is not able to access customer data in-use.
-
No. The CLOUD Act amends US law to make clear that law enforcement may compel US-based service providers to disclose data that is in their “possession, custody, or control,” regardless of where the data is located. This law, however, does not change any of the legal and privacy protections that previously applied to law enforcement requests for data—and those protections continue to apply. Microsoft adheres to the same principles and customer commitments related to government demands for user data.
In the first half of 2022, Microsoft received 5,560 legal demands for consumer data from law enforcement in the United States. Of those, 96 warrants sought content data, which was stored outside of the United States.
In the same time frame, Microsoft received 41 legal demands from law enforcement in the United States for commercial enterprise customers who purchased more than 50 seats. Of those demands, there were no disclosures of content data related to a non-US enterprise customer whose data was stored outside of the United States. For more information, visit Law Enforcement Request Report | Microsoft CSR.
-
Visit Microsoft Learn to explore documentation and how-to articles that help you make the most of Microsoft Cloud for Sovereignty.
Follow us on