Many governments are implementing digital sovereignty regulations that govern digital operations and cloud use. Businesses and public sector organizations should develop a comprehensive digital sovereignty strategy and evaluate sovereign cloud solutions to address evolving regulatory requirements.
Digital sovereignty refers to the regulations that specify how organizations manage their digital assets, including their use of the cloud. Organizations may require data to remain within a certain jurisdiction and specify how it must be managed. Other areas of regulation include technical portability, operations, and in-country business continuity. Digital sovereignty is complex; laws rapidly evolve and can vary widely in different jurisdictions. Sovereign cloud solutions are evolving alongside these regulatory changes to address the growing demand for digital sovereignty.
The commercial public cloud can address some aspects of digital sovereignty. For example, organizations may store their data in a cloud region within their country to satisfy data residency requirements. Many organizations, however, find they need more-specialized sovereign cloud capabilities to meet regulatory requirements while using sensitive data and applications in the cloud. When evaluating sovereign cloud solutions, it’s critical to understand the capabilities of different sovereign cloud solutions.
Customers can use a variety of sovereign cloud capabilities to help them address digital sovereignty requirements.
Your choice of technologies including Kubernetes and containers.
Use separated clouds and disconnected operations.
Control encryption keys and more.
Organizations have widely different digital sovereignty requirements. Cloud providers must be able to offer a range of cloud solutions to address their customers’ specific and localized needs. These solutions include clouds restricted to operations in a specific country or a specific geography, clouds dedicated to a single organization, clouds for use by ministries of a single government, and clouds for use by defense and intelligence organizations. By offering each country and each organization its own cloud, cloud providers put the benefits of the cloud and greater digitalization within reach for users across the world.
Cloud providers that add sovereign cloud capabilities to their public cloud platform shouldn’t compromise the functional, operational, and economic benefits their customers already receive. Sovereign cloud solutions should provide a common platform to users with the same experience as commercial public clouds. Cloud providers should offer the same services, usage rates, support, and service level agreements as an extension of their existing commercial programs and business relationships. In this way, organizations can use their existing skills, processes, and tooling as they adopt sovereign cloud solutions.
Most global, hyperscale public clouds have been designed for security but not sovereignty. The autonomy necessary for digital sovereignty can be difficult to achieve using clouds with large, general-use regions in a globally connected network. Cloud solutions architected with sovereignty in mind can more easily offer these protections. For example, several providers, including Oracle, have created separate cloud regions for sensitive data used by the US government. Separating these regions strengthens protections against unauthorized user access and data movement. Operating them separately simplifies addressing compliance frameworks.
The General Data Protection Regulation (GDPR) in the European Union is just one of a growing set of local data privacy and protection laws that govern how organizations must store and handle personal identifiable information (PII). Sovereign cloud solutions can help organizations responsibly manage this data in the cloud to address digital sovereignty requirements.
Many companies are subject to digital sovereignty regulations specific to their industry, such as the European Union’s Digital Operational Resilience Act, which applies to financial organizations. A sovereign cloud enables organizations to innovate in the cloud while addressing the compliance requirements arising from digital sovereignty regulations.
A company operating in different locations must comply with the different local digital sovereignty regulations in each of the jurisdictions. A sovereign cloud can help global organizations manage and navigate the dynamic and emerging global digital sovereignty landscape.
Many governments have created specific guidance for how the public sector should operate in the cloud, such as FedRAMP in the US, Canada’s Protected B classification, or the Information System Security Management and Assessment Program in Japan. Sovereign cloud capabilities can help public sector organizations operate in accordance with local digital sovereignty compliance frameworks.
Governments have authorized services from cloud providers to be used for government workloads and sensitive data; examples include clouds that Oracle operates that are authorized for public sector use in the US, the UK, and Australia. Additionally, governments may more directly authorize a cloud service for workloads and industries of national interest to establish digital sovereignty—for example, the government cloud of the Sultanate of Oman.
더 많은 퍼블릭 클라우드, 멀티 클라우드, 하이브리드 클라우드 및 전용 클라우드 기능으로 고객의 클라우드 옵션을 확장합니다.
민간 기업이나 공공 분야 조직을 위한 OCI의 소버린 클라우드 및 분산형 클라우드 솔루션에 대해 자세히 알아보려면 Oracle에 문의하세요. Oracle의 전문가가 도와 드리겠습니다.
Oracle EU Sovereign Cloud는 독일 프랑크푸르트 및 스페인 마드리드에서 제공됩니다. 자세한 내용이 궁금하신가요? Oracle의 전문가가 도와 드리겠습니다.
업계 애널리스트가 제공하는 클라우드 내 옵션에 대해 자세히 살펴보세요. 최신 전략과 솔루션에 대해 자세하고 객관적인 시각을 제공합니다.