Chapter 4
Deep dive on the different levels of sovereignty
When talking about the sovereign cloud, we can state that there is no single universal definition. What we have is a market where companies adhere to different internal and external guidelines. Every company has its own set of requirements and sovereignty needs. Even within a specific company, the sovereignty requirements will vary between datasets and applications. It comes down to finding the solution that fits your specific needs.
Data, operational, and technical sovereignty
In general, sovereignty requirements can be split into three domains: data, operational, and technical sovereignty.
Data sovereignty gives you full control over how data is encrypted, where it is stored, and how it is accessed. For example, a lot of European companies need to ensure that sensitive data stays within EU borders.
Operational sovereignty provides you with a transparent and complete view of the operational activity of the cloud provider. For example, some companies have restrictions on the number of personnel that get physical access to the cloud infrastructure.
Technical sovereignty allows you to move your workloads to any cloud, without having a dependency on the cloud provider’s technology or software. For example, adherence to a specific vendor ecosystem is often unwanted.
Our vision of sovereignty goes beyond data protection
The Proximus Sovereign Portfolio
The philosophy of Proximus NXT is to bring a portfolio of cloud solutions to the market that meet different sovereignty needs. Proximus NXT has an on-premise offering, where we help you in building a private cloud in your own datacenter by providing you with hardware, software, and different services. With this on-premise solution, your data is in your own datacenter and operated by your own staff, resulting in a high level of data and operational sovereignty.
An alternative cloud solution is the Proximus NXT Private Cloud, whereby we host your applications within the Proximus NXT datacenters. These datacenters are in Belgium and offer you a high degree of data sovereignty, as your data is guaranteed to stay within Belgian borders. These datacenters are also operated by Proximus NXT local staff, resulting in operational sovereignty.
Proximus NXT has extended its portfolio with two new sovereign cloud solutions through exclusive partnerships with Microsoft and Google. These innovative solutions enable you to benefit from using the public cloud while keeping your sensitive data secure.The philosophy of Proximus NXT is to bring a portfolio of cloud solutions to the market that meet different sovereignty needs. Proximus NXT has an on-premise offering, where we help you in building a private cloud in your own datacenter by providing you with hardware, software, and different services. With this on-premise solution, your data is in your own datacenter and operated by your own staff, resulting in a high level of data and operational sovereignty.
Encrypted Public Cloud
Encrypted Public Cloud is our Microsoft Azure-based sovereign cloud offering, which gives you the benefits of Azure while keeping your most sensitive data secure. The data and applications on Encrypted Public Cloud operate on confidential compute hardware, removing the cloud provider from the chain of trust. In simple terms, using confidential compute ensures that no unwanted party (like the cloud provider) can access your unencrypted data, even when it is being processed.
We see four key ingredients that make up Sovereign Cloud
Sources:
Sarah James, A. D. (2023). Gartner Research: Over 100 Data and Analytics Predictions Through 2028. Gartner.
Google disconnected cloud hosted
With Google Disconnected Cloud Hosted, Proximus NXT aims to take the non-European cloud provider completely out of the picture, while still providing you with a tailored public cloud feature.
Operated from datacenters in Luxembourg, dedicated hardware stacks are hosted and managed for each customer. These setups include specific features from the Google Cloud Platform. Even though we use Google technology, the setup is entirely isolated from Google, ensuring extra security measures.
The Google Disconnected Cloud hosted platform is based on the same open-source principle as the full public Google Cloud Platform, ensuring that application and data mobility in and out of the platform is always guaranteed. It is a public cloud experience but located and operated in Europe by a European service provider. This is a solution directed towards companies that are looking at using new technologies like PaaS services, AI, or machine learning but have mission-critical data that is not allowed on public cloud platforms.
