Cloud sovereignty is increasingly becoming a priority for organizations looking for secure, innovative, and scalable solutions to manage their data, according to Capgemini Research Institute’s latest report, “The journey to cloud sovereignty: Assessing cloud potential to drive transformation and build trust”.
The report finds that cloud sovereignty adoption is primarily driven by regulation and organizations’ need to control their data, but they also expect it to build trust, foster collaboration, and accelerate the move to a data-sharing ecosystem.
According to the report, organizations have some concerns about using the public cloud as the core of digital transformation projects: 69% of organizations cite potential exposure to extra-territorial laws in a cloud environment, 68% a lack of transparency and control over what is done with their data in the cloud, and 67% mention operational dependency on vendors based outside their region’s jurisdiction.
A large majority of organizations globally believe they will adopt cloud sovereignty to ensure compliance with regulations (71%) or to bring in controls and transparency over their data (67%), whereas ensuring immunity from extra-territorial data access (65%) comes third.
Nearly half of organizations (43%) globally define cloud sovereignty as keeping their data within their preferred jurisdiction, whatever the origin of the cloud provider, whereas only 14% define it as the exclusive use of cloud providers based in the same legal jurisdiction.
When selecting a cloud provider, the four key factors organizations focus on primarily are identity, access management, and encryption (82%), isolation of their sensitive data in the cloud (81%) and cost competitiveness (69%) and having local/regional datacenters (66%).
Demand for cloud services is shifting in line with new expectations around sovereignty
When asked about their expected cloud environment for the next 1-3 years, more than one-third (38%) of organizations expect to have a public/hybrid cloud environment with local data centers. 30% expect to use a disconnected version or the local legal entity of a hyperscaler, whereas 11% plan to work exclusively with cloud providers based within the same legal jurisdiction.
Nearly half (48%) of public sector organizations are either already considering cloud sovereignty as a part of their cloud strategy or planning to include it in the next 12 months. They are slightly more driven by complying with regulations (76% versus 70% for private organizations) and ensuring immunity from extra-territorial data access (69% versus 64%). However, they are also expecting more data-related benefits from sovereign cloud than private organizations.
Fostering collaboration and data-sharing ecosystems
The report also indicates that, while meeting highest regulatory concerns and data security requirements, organizations are looking at cloud sovereignty to unlock the benefits of the cloud for them, including better collaboration, increased data sharing, greater trust, and opportunities for innovation. 60% of organizations believe that cloud sovereignty will facilitate sharing data with trusted ecosystem partners, and 42% of surveyed executives believe that a trusted interoperable cloud service can help them to scale new technologies such as 5G, artificial intelligence (AI), and the internet of things (IoT).
Marc Reinhardt, Head of Public Sector at Capgemini, said: “In our current environment, the sovereignty of one’s supply chain and IT has become truly strategic. For those organizations currently still reluctant to leverage the obvious benefits of the cloud, sovereignty is a way to get there. As a result, it is gaining importance across sectors and regions, to enable organizations to control and protect their data to an even greater extent – for the Public Sector, with emphasis on trust, transparency, choice, portability. And it is not a surprise that Government and Public Sector bodies are among the leaders in pursuing or considering a sovereign cloud in their organizations.”
“In designing their cloud strategies, organizations should not just focus on compliance requirements but also have a true ‘enterprise view’ of their data. In so doing, they will fully reap the benefits from sovereign cloud, including trust, collaboration, and innovation for even the most sensitive of data areas, and build a competitive advantage or better service for their constituents.”