Understanding the foundation of Sovereign Cloud as regulations grow.

Since the start of the pandemic, we’ve seen enterprises strive to transform at a faster rate than ever before — whether it be to address increased client demand for digital-first experiences or to enhance security strategies following major cyberattacks. Today, businesses across industries are grappling with a vast number of disruptive forces.

At the same time, we’re in an era where certain countries are taking an assertive approach to the governance of data and technical infrastructure to reduce risk. In fact, today, many countries have existing legislation or draft legislation to secure the protection of data and privacy. As nations enact laws designed to protect data, IBM is focused on helping clients as they prepare to address their local requirements while driving innovation at the same time. 

What is the foundation of Sovereign Cloud?

As countries evaluate how to best mitigate risk, we’re increasingly seeing nations put regulations into place that are designed to help protect and control nationally generated data and assert countries’ rights to technological autonomy. We believe the primary objective of these policies is to protect data and the privacy of citizens, businesses and government organizations against misuse, exploitation, cyberthreats and terrorism. 

As more regulations are enacted, we see a common foundation based on the idea of self-determination and freedom from outside interference, with the core principle being that data and data operations are subject to the legal protections and penalties of a single legislative jurisdiction. Across the globe, we’ve seen the legislative jurisdiction is typically only in the country or region in which the services and data reside. 

As organizations move further into their hybrid cloud journeys, a defined approach to Sovereign Cloud can help deliver the levels of security and data access required to meet specific local jurisdiction laws on data privacy, access and control. 

How IBM Cloud can help clients protect data and address local requirements

As countries embark on their data sovereignty journeys, IBM Cloud is committed to helping clients prepare while continuing to help them protect their data with high levels of security where their data resides. While Sovereign Cloud is an evolving cloud operating model for the industry, sovereignty encompasses data privacy, data residency and service locality. Locality entails moving all services to where the data is, potentially also running disconnected from cloud, while residency requires moving the data handling services to where the data is, keeping it at the client location or within the target regulatory jurisdiction.

These capabilities are each topics related to sovereignty, and together they build toward the full vision of Sovereign Cloud, helping clients meet the legal and regulatory requirements of a set of selected jurisdictions while running locally. IBM Cloud recommends a strong Sovereign Cloud approach — one that puts data privacy and locality at the very forefront. By helping address the individual issues composing sovereignty, this approach accommodates a variety of scenarios clients may face. 

For example, a Sovereign Cloud approach with locality at its center can help governmental entities that are looking for full local operation. They want the benefits of full cloud support, including multitenancy, but with complete local resources and control. In contrast, enterprise organizations may have less stringent internal requirements in some areas, but still face a variable mix of requirements from multiple regions that can make them more complex to serve — in this case, it is key to ensure that data privacy, residency and location are well architected.

As we help clients as they address risk and compliance with the evolving landscape of data regulations, IBM Cloud’s focus is on building solutions that can help clients adhere to global sovereignty requirements, working with them both directly and through our ecosystem of partners around the world.  

Regulations will likely continue to change, and IBM remains committed to helping protect data — where it resides — and will continue to work closely with clients as they address their unique country requirements.

Learn more about how we’re helping clients on their data residency journeys.

More from Cloud

Strengthening cybersecurity in life sciences with IBM and AWS

7 min read - Cloud is transforming the way life sciences organizations are doing business. Cloud computing offers the potential to redefine and personalize customer relationships, transform and optimize operations, improve governance and transparency, and expand business agility and capability. Leading life science companies are leveraging cloud for innovation around operational, revenue and business models. According to a report on mapping the cloud maturity curve from the EIU, 48% of industry executives said cloud has improved data access, analysis and utilization, 45% say cloud…

7 min read

Kubernetes version 1.27 now available in IBM Cloud Kubernetes Service

< 1 min read - We are excited to announce the availability of Kubernetes version 1.27 for your clusters that are running in IBM Cloud Kubernetes Service. This is our 22nd release of Kubernetes. With our Kubernetes service, you can easily upgrade your clusters without the need for deep Kubernetes knowledge. When you deploy new clusters, the default Kubernetes version remains 1.25 (soon to be 1.26); you can also choose to immediately deploy version 1.27. Learn more about deploying clusters here. Kubernetes version 1.27 In…

< 1 min read

Redefining the consumer experience: Diageo partners with SAP and IBM on global digital transformation

3 min read - In an era of evolving consumer preferences and economic uncertainties, the beverage industry stands as a vibrant reflection of changing trends and shifting priorities. Despite the challenges posed by inflation and the cost-of-living crisis, a dichotomy has emerged in consumer behavior, where individuals untouched by the crisis continue to indulge in their favorite beverages, while those directly affected pivot towards more affordable luxuries, such as a bottle of something special. This intriguing juxtaposition highlights the resilient nature of consumers and…

3 min read

IBM Cloud releases 2023 IBM Cloud for Financial Services Agreed-Upon Procedures (AUP) Report

2 min read - IBM Cloud completed its 2023 independent review of IBM Cloud services and processes. The review report demonstrates to its clients, partners and other interested parties that IBM Cloud services have implemented and adhere to the technical, administrative and physical control requirements of IBM Cloud Framework for Financial Services. What is the IBM Cloud Framework for Financial Services? IBM Cloud for Financial Services® is designed to build trust and enable a transparent public cloud ecosystem with features for security, compliance and…

2 min read