Skip to main content

Discover how the Microsoft Cloud can help governments meet their sovereignty requirements. 

Read the blog

Microsoft Cloud for Sovereignty

Meet heightened requirements for data residency, privacy, access control, and operational compliance in the cloud and hybrid environments. 

Meet sovereign requirements with the Microsoft Cloud

Microsoft Cloud for Sovereignty offers trusted public sector solutions designed to help you migrate, build, and digitally transform workloads in the Microsoft Cloud while meeting your compliance, security, and policy requirements.

Transform with public cloud solutions

Improve resiliency, security, and scalability with powerful solutions built on public cloud technology.

Achieve compliance

Satisfy legal, security, and policy requirements with greater control and operational transparency.

Meet unique government needs

Work with local partners to create customized environments that adhere to government standards.


  • National partnerships

    World-class protection against unauthorized access

    Protect workloads from unauthorized access using advanced sovereignty and encryption controls.

    Two people having a conversation and looking at a laptop

    Azure confidential computing

    Protect data in use and ensure the data is processed only after the cloud environment is verified as a trusted execution environment with Azure confidential computing.

    A person working on a laptop at their desk

    Azure Key Vault

    Deliver superior levels of sovereignty and availability with Azure Key Vault Managed Hardware Security Modules (HSM), which provide full administrative and cryptographic control of your HSMs.


    Data sovereignty policies

    Secure workloads from unauthorized access using advanced policies and logging that protect the location and confidentiality of data, whether it’s at rest, in transit, or in memory.

    Back to tabs
  • Governance and transparency

    Create compliant sovereign architectures

    Access codified architectures, workload templates, and tools to assist in creating compliant architectures.

    Two people having a conversation over a laptop

    Infrastructure as code

    Implement consistent configurations and controls using repeatable infrastructure that’s opinionated towards digital sovereignty best practices with the Sovereign Landing Zone, a variation of the Azure landing zone.


    A person working in a server room

    Automated policy enforcement

    Simplify the architecture and deployment of your sovereign controls across any given workflow and use intelligent tools to orchestrate operations of various Microsoft security services and policy controls.

    Workload templates

    Accelerate time-to-value while achieving your compliance goals with ready-to-use workload accelerators that can be deployed and operated in a consistent, repeatable manner.

    Back to tabs
  • Advanced Sovereign Controls

    Meet local regulatory requirements with increased transparency

    Enable local compliance with policy packs for your region and gain transparency over and into your environment’s operations.

    Two people having a conversation and looking at data on a desktop monitor

    Meet specific governance requirements

    Enable your institution to meet compliance requirements with expanded audit rights and the Microsoft Government Security Program.

    Two people speaking in a government building

    Enhanced operational transparency

    Get heightened assurances of operator transparency into cloud data, security, and operations.

    A top down view of a server room

    Policy portfolio

    Get a customizable and flexible policy portfolio that helps you adhere to evolving local policies and regulatory requirements in your country.

    Back to tabs
  • Public cloud capabilities

    Innovate with the powerful capabilities of the public cloud

    Get the resiliency, parity, and security of the public cloud with capabilities that significantly exceed private and on-premises data centers.

    A person leaning against a glass wall using a tablet

    Public cloud technology

    Realize the full power of the public cloud—including innovation, agility, elasticity, resiliency, and scale—with over 60 Azure regions to help you meet your sovereign and local data residency requirements.

    A person standing on the outskirts of a meeting using a laptop

    Trusted security

    Protect your technology infrastructure and your sensitive and mission-critical workloads with more than 100 compliance offerings and over 24 trillion daily security signals from Microsoft Azure and the Microsoft Cloud.

    A server room

    Resiliency and availability

    Benefit from the same high levels of resiliency, availability, and low latency offered by Azure with the most extensive global footprint of any cloud provider.

    Back to tabs

Discover the power of our partnerships

Italy accelerates its digital sovereignty efforts

See how Microsoft and Leonardo are working together to help government customers in Italy overcome obstacles to cloud adoption through collaboration and technology innovation.

See how public institutions are meeting their compliance needs with the Microsoft Cloud

A person sitting at a table using a laptop
VERO logo

Building trust with a more secure cloud

“We’re proud to have built a cloud environment where we can use confidential information. That’s a priority for us, especially due to the legal requirements associated with GDPR.”
—Jarkko Levasma, Chief Information Officer, Finnish Tax Administration

A person sitting at a table outside, sipping a coffee and looking at their mobile phone
NAKIT logo

Making citizen lives easier with e-services

The Czech Republic’s National Agency for Communication and Information Technologies used Microsoft Azure solutions to create a portal, giving citizens access to more than 80 government e-services.

Back to tabs

Explore valuable resources

A person standing at a desk using a laptop

Delivering innovation while maintaining digital sovereignty

Find out how governments are addressing the rapidly evolving demands of their citizens while protecting sensitive data and delivering trust and security. 

A person sitting at their desk working

Digital Sovereignty in the Public Cloud

Learn how governments can embrace digital innovation while ensuring digital sovereignty with the Microsoft Cloud.

Four people having a meeting in an office

Building Blocks for a Successful Digital Transformation Strategy

Learn how to accelerate digital transformation for your public sector agency through technology policy and procurement best practices.

Frequently Asked Questions

  • Data sovereignty is the concept that data is under the control of the customer and governed by local law. While data residency ensures that data stays in a specified geographical location, data sovereignty makes sure that data adheres to the regulations of the country where the public sector customer is located.

  • Every government has a unique view and requirements when addressing their sovereignty needs and requirements. Microsoft believes that many of these requirements are addressed through our public cloud offerings. Microsoft Cloud for Sovereignty provides an additional layer of policy and auditing capabilities that will address individual public sector and government customer needs.

  • The public preview of Microsoft Cloud for Sovereignty was released on October 3, 2023. Discover how government customers worldwide are using the powerful capabilities of the Microsoft Cloud to meet sovereignty requirements and start your journey by visiting Microsoft Learn.


  • Sovereign requirements vary dramatically by country. As such, Microsoft will work with local in-country partners to tailor and customize Microsoft Cloud for Sovereignty for individual customers while also ensuring maximum re-use for benefits of scale and secure implementation. The Sovereign Landing Zone will aggregate requirements and best practices to benefit future countries and customers.

  • Sovereignty requirements vary dramatically by country, by data classification, and sometimes even by workload. Your Microsoft account team or partner can help you determine which elements of Microsoft Cloud for Sovereignty might help you meet your requirements.

  • Governments around the world have varied preferences on sovereignty and residency. For some customers, in-country residency is not a pre-condition to sovereignty. Anyone can use our sovereign controls anywhere in the world, even if they don’t have an in-country hyperscale region. Our hybrid cloud options can be deployed anywhere as well.

  • Each jurisdiction has its own classification requirements, and no blanket statement can be made about what data classifications are applicable for Microsoft Cloud for Sovereignty without local domain understanding. Our approach with Microsoft Cloud for Sovereignty is to provide a menu of capabilities and then empower partners and customers to determine what is appropriate for their specific needs. For the most sensitive workloads that cannot be hosted in the public cloud, we offer hybrid options that enable customers to keep the data on their premises.

  • The Sovereign Landing Zone (SLZ) deploys and configures various Azure resources in a manner that aligns with the enterprise-scale landing zone—which is part of the Cloud Adoption Framework (CAF) best practices—and provides appropriate guardrails an organization can configure to help achieve their data sovereignty requirements. For a detailed overview of an SLZ and its capabilities, see the Sovereign Landing Zone documentation on GitHub.

  • Microsoft provides detailed information about data residency in the Microsoft Cloud through its documentation and the Microsoft Trust Portal. Additional measures to maximize data residency have been announced under the EU Data Boundary.

  • Microsoft commits to challenge every government request for public sector or enterprise customer data where there is a lawful basis for doing so. This includes any request under the CLOUD Act. In addition, to strengthen customer privacy and data security, Microsoft makes available a variety of tools that provide customers with additional control over their data. For example, when Azure confidential computing is enabled and properly configured, Microsoft is not able to access customer data in-use.

  • No. The CLOUD Act amends US law to make clear that law enforcement may compel US-based service providers to disclose data that is in their “possession, custody, or control,” regardless of where the data is located. This law, however, does not change any of the legal and privacy protections that previously applied to law enforcement requests for data—and those protections continue to apply. Microsoft adheres to the same principles and customer commitments related to government demands for user data.

    In the first half of 2022, Microsoft received 5,560 legal demands for consumer data from law enforcement in the United States. Of those, 96 warrants sought content data, which was stored outside of the United States.

    In the same time frame, Microsoft received 41 legal demands from law enforcement in the United States for commercial enterprise customers who purchased more than 50 seats. Of those demands, there were no disclosures of content data related to a non-US enterprise customer whose data was stored outside of the United States. For more information, visit Law Enforcement Request Report | Microsoft CSR.

  • Visit Microsoft Learn to explore documentation and how-to articles that help you make the most of Microsoft Cloud for Sovereignty.

Follow us on