Sovereign cloud strategies inevitably involve trade-offs. There is compromise to be found.
In our exploration of sovereign clouds, we’ve delved deep into the complexities of digital sovereignty, striving to decipher its nuances and implications for sovereign cloud strategies. It’s an important issue, top of mind for most CIOs, with Gartner predicting that enterprise digital sovereignty strategies will grow from 10% to 50% by 2028.
In our Taxonomy of a Sovereign Cloud blog post, we established that those looking to deploy a sovereign cloud need to take a holistic approach based on four key pillars: data, operational and technological sovereignty, plus national resilience. Combined, these pillars help establish true digital independence and real sovereign resilience in the cloud.
However establishing true digital independence is not an easy task, especially when requirements are still unclear and evolving, subject to domestic and international politics. According to Gartner’s research, 97.2% of cloud infrastructure and platform services consumed worldwide originate from U.S. (83.7%) and Chinese (13.6%) companies. The overwhelming dominance of a few global cloud providers means that there will always be concerns over adherence to national law, the control over personal data, and the ability for local advanced technology companies to grow.
Therefore, we’ve seen that organizations seeking a sovereign cloud have traditionally favored domestic cloud providers, private clouds, and locally managed infrastructure over public clouds. However, these platforms often lack the extensive functionalities of public cloud providers, causing friction with those who are looking to leverage public cloud technology to drive innovation. This is the crux of the problem. How do you balance competing priorities?
This is particularly true as new technologies like AI emerge where it becomes exceedingly difficult to capture value while still maintaining all the necessary data privacy, resilience, regulatory compliance, and security.
The public cloud vendors have tried to develop solutions by collaborating with domestic partners to provide a technologically capable yet practical solution. However, they come at great cost and complexity and it’s not evident that they meet the growing enterprise market.
Take Europe for example. The divisions within Europe regarding protectionist measures to maintain sovereignty and technological innovation, particularly in the context of cloud sovereignty, reflect broader debates about data protection, and economic competitiveness and serve as an interesting case study into the tradeoffs governments, and by extension, enterprises may face.
Some European countries such as France have been advocating for measures to enhance sovereignty over data and digital infrastructure. This involves promoting the use of domestic or European-based cloud services and ensuring that sensitive data is stored and processed within European jurisdictions. This reduces reliance on non-European tech giants and mitigates risks associated with data privacy and security.
However, other countries, such as the Netherlands, Germany and Poland have expressed concerns about overly protectionist measures that could hinder the free flow of data and impede competition within the digital market. They argue that overly strict regulations could create barriers to entry for non-European companies and stifle innovation. Instead, they advocate for a more open and competitive digital ecosystem.
In this example, each country has its own national interests and priorities when it comes to digital regulation. Some countries may prioritize data privacy and security, while others may prioritize economic growth and innovation. The same can be said for enterprise organizations that may want to utilize AI but can’t due to regulation or security concerns.
These differing priorities can lead to disagreements and tensions, especially when trying to negotiate a long-term sovereign cloud strategy. It will inevitably require delicate diplomacy and compromise.
Recommendations
While navigating sovereign cloud complexities, use our taxonomy of true cloud sovereignty as a guiding framework, focusing on a long-term approach rather than ticking boxes. Considerations include defining sovereign cloud operation in each region, being flexible to evolving motivations and technology changes, and evaluating trade-offs between sovereignty and cloud capabilities against market and political dynamics. As you build your sovereign cloud strategy here are some considerations:
Alignment and support
No region is the same and the motivations behind digital sovereignty differ from government to government or organization to organization. That’s why it’s important to define what it means to operate a sovereign cloud in each country or territory. Be flexible as well. The goalposts are always moving, and technology is always changing.
Focus on the right technology
Technological sovereignty is the hardest to solve. From supply chain management to ownership of the technology, choosing the right technology can solve a number of security issues, as well as open up the path to innovation.
Evaluate trade-offs
Clearly understand the cloud capabilities being sacrificed to achieve desired sovereignty levels in each region. With emerging technologies, be prepared to reassess these trade-offs, ensuring they align with evolving market and political dynamics.
Achieving true cloud sovereignty demands a nuanced approach that balances independence with practicality. By acknowledging market realities, embracing strategic considerations, and leveraging available frameworks, organizations can navigate the complex journey toward their desired sovereign cloud.
