Added Value and Control for Businesses: Microsoft Sovereign Cloud

Microsoft is not only investing financially in Europe – it is also reinforcing the continent’s digital sovereignty through concrete, targeted offerings.

At the heart of Microsoft’s latest offering is the Sovereign Cloud, available in Public and Private variants as well as National Partner Clouds – the latter currently operating only in France and Germany. These new cloud models are currently in preview and are expected to be widely available across all European regions by the end of the year. The experts at Baggenstos assess each company’s specific cloud needs and provide tailored architectural recommendations.

Customer First

The Sovereign Public Cloud is offered across all existing European Microsoft datacentre regions and is available to all European customers via services such as Microsoft Azure, Microsoft 365, Microsoft Security, and Power Platform. It guarantees that customer data remains within Europe, is subject to European legislation, is managed and accessed exclusively by European personnel, and that encryption keys remain fully under customer control. The new Sovereign Private Cloud enables mission-critical communication and collaboration solutions to be operated using Azure Local – a service designed to manage local cloud workloads. Microsoft 365 Local and the Microsoft Security platform are integrated into Azure Local. This solution is designed to meet the highest demands for resilience and business continuity.

Local Control Meets the Cloud

Azure Local delivers Microsoft cloud services directly at customer locations, helping organisations meet specific requirements for data residency and sovereignty. It is ideal for deploying services close to the point of data creation or regulation – whether in-country, on-site, or in datacentres operated by trusted partners.

Microsoft 365 Local offers customers additional flexibility by combining familiar Microsoft services within an Azure Local environment that can be run entirely within their own datacentre.

This allows organisations to operate Microsoft productivity servers in fully controlled environments. Based on validated reference architecture and powered by Azure Local, companies can deploy workloads in their own facilities – with full control over security, compliance, and governance.

Three New Capabilities for Greater Independence

Data Guardian enhances Microsoft’s EU Data Boundary commitment. When enabled, only employees residing within Europe can log in and remotely manage or administer systems. Any remote access by Microsoft personnel is logged and recorded in an immutable ledger.

External Key Management complements Azure Managed HSM by offering full encryption control to customers. Azure can be connected with keys stored on customer-owned hardware security modules (HSMs).

Regulated Environment Management provides a centralised platform to manage all of the above features within regulated environments.