May 13, 2022 By Hillery Hunter
Dan Waugh
3 min read

Understanding the foundation of Sovereign Cloud as regulations grow.

Since the start of the pandemic, we’ve seen enterprises strive to transform at a faster rate than ever before — whether it be to address increased client demand for digital-first experiences or to enhance security strategies following major cyberattacks. Today, businesses across industries are grappling with a vast number of disruptive forces.

At the same time, we’re in an era where certain countries are taking an assertive approach to the governance of data and technical infrastructure to reduce risk. In fact, today, many countries have existing legislation or draft legislation to secure the protection of data and privacy. As nations enact laws designed to protect data, IBM is focused on helping clients as they prepare to address their local requirements while driving innovation at the same time. 

What is the foundation of Sovereign Cloud?

As countries evaluate how to best mitigate risk, we’re increasingly seeing nations put regulations into place that are designed to help protect and control nationally generated data and assert countries’ rights to technological autonomy. We believe the primary objective of these policies is to protect data and the privacy of citizens, businesses and government organizations against misuse, exploitation, cyberthreats and terrorism. 

As more regulations are enacted, we see a common foundation based on the idea of self-determination and freedom from outside interference, with the core principle being that data and data operations are subject to the legal protections and penalties of a single legislative jurisdiction. Across the globe, we’ve seen the legislative jurisdiction is typically only in the country or region in which the services and data reside. 

As organizations move further into their hybrid cloud journeys, a defined approach to Sovereign Cloud can help deliver the levels of security and data access required to meet specific local jurisdiction laws on data privacy, access and control. 

How IBM Cloud can help clients protect data and address local requirements

As countries embark on their data sovereignty journeys, IBM Cloud is committed to helping clients prepare while continuing to help them protect their data with high levels of security where their data resides. While Sovereign Cloud is an evolving cloud operating model for the industry, sovereignty encompasses data privacy, data residency and service locality. Locality entails moving all services to where the data is, potentially also running disconnected from cloud, while residency requires moving the data handling services to where the data is, keeping it at the client location or within the target regulatory jurisdiction.

These capabilities are each topics related to sovereignty, and together they build toward the full vision of Sovereign Cloud, helping clients meet the legal and regulatory requirements of a set of selected jurisdictions while running locally. IBM Cloud recommends a strong Sovereign Cloud approach — one that puts data privacy and locality at the very forefront. By helping address the individual issues composing sovereignty, this approach accommodates a variety of scenarios clients may face. 

For example, a Sovereign Cloud approach with locality at its center can help governmental entities that are looking for full local operation. They want the benefits of full cloud support, including multitenancy, but with complete local resources and control. In contrast, enterprise organizations may have less stringent internal requirements in some areas, but still face a variable mix of requirements from multiple regions that can make them more complex to serve — in this case, it is key to ensure that data privacy, residency and location are well architected.

As we help clients as they address risk and compliance with the evolving landscape of data regulations, IBM Cloud’s focus is on building solutions that can help clients adhere to global sovereignty requirements, working with them both directly and through our ecosystem of partners around the world.  

Regulations will likely continue to change, and IBM remains committed to helping protect data — where it resides — and will continue to work closely with clients as they address their unique country requirements.

Learn more about how we’re helping clients on their data residency journeys.

Was this article helpful?

More from Cloud

Enhance your data security posture with a no-code approach to application-level encryption

4 min read - Data is the lifeblood of every organization. As your organization’s data footprint expands across the clouds and between your own business lines to drive value, it is essential to secure data at all stages of the cloud adoption and throughout the data lifecycle. While there are different mechanisms available to encrypt data throughout its lifecycle (in transit, at rest and in use), application-level encryption (ALE) provides an additional layer of protection by encrypting data at its source. ALE can enhance…

Attention new clients: exciting financial incentives for VMware Cloud Foundation on IBM Cloud

4 min read - New client specials: Get up to 50% off when you commit to a 1- or 3-year term contract on new VCF-as-a-Service offerings, plus an additional value of up to USD 200K in credits through 30 June 2025 when you migrate your VMware workloads to IBM Cloud®.1 Low starting prices: On-demand VCF-as-a-Service deployments begin under USD 200 per month.2 The IBM Cloud benefit: See the potential for a 201%3 return on investment (ROI) over 3 years with reduced downtime, cost and…

The history of the central processing unit (CPU)

10 min read - The central processing unit (CPU) is the computer’s brain. It handles the assignment and processing of tasks, in addition to functions that make a computer run. There’s no way to overstate the importance of the CPU to computing. Virtually all computer systems contain, at the least, some type of basic CPU. Regardless of whether they’re used in personal computers (PCs), laptops, tablets, smartphones or even in supercomputers whose output is so strong it must be measured in floating-point operations per…

IBM Newsletters

Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters