Microsoft puts its Cloud for Sovereignty in public preview

Microsoft on Tuesday moved its Cloud for Sovereignty offering from private preview to public preview and said the offering is likely to be made generally available this December.

Microsoft Cloud for Sovereignty, which is aimed at helping government bodies meet specific compliance, security, and policy requirements, was first introduced in July of last year. Since then the company has released two private releases of the offering.

The public preview version of the offering includes new features such as the Sovereign Landing Zone, support for two country-specific requirements, transparency logs, and automated workload templates.

The Sovereign Landing Zone and policy initiative, which is now available on GitHub, instantiates guardrails for sovereign cloud environments for customer workloads, enabling customers to leverage best practices for secure and consistent environments while supporting their efforts to meet evolving local regulations, the company said.

Transparency Logs, on the other hand, are designed to provide eligible customers with visibility into key operational activities of Microsoft engineers to support customer service and service reliability issues of the Cloud for Sovereignty offering.

In an effort to provide examples for building workloads on the offering, Microsoft is also packing in automated workload templates for Azure Confidential Computing and Azure Lighthouse.

Microsoft’s Azure Confidential Computing is a service aimed at protecting data in use, the company said, adding that it allows data to be processed only after the cloud environment is verified to be a trusted execution environment.  

“In this way, confidential computing helps protect data from being accessed by cloud operators, malicious admins, and even privileged software such as the hypervisor,” the company wrote in a blog post.

Additionally, in Azure, the root of trust is with independent hardware and this stops even Microsoft operators from accessing the memory encryption keys, the company wrote, adding that this independent hardware root trust is what helps government customers to independently cryptographically verify the identity for execution.

Other security features include Microsoft’s Azure Key Vault Managed Hardware Security Module, which allows government customers to maintain control of the cryptographic key.

In addition, Microsoft has also added support for Italy’s ACN requirements and Netherlands BIO regulation to aid government customers in these countries.

Microsoft is currently working with a network of partners, such as Accenture, Atea, G42, and Leonardo, to provide security or any other solution to the customers of Cloud for Sovereignty.

Current governmental bodies, either using or planning to use the offering, include the Dutch National Cyber Security Centre and the Municipal Corporation of Amsterdam.

Microsoft’s foray into Sovereign Clouds could be seen as a direct result of the demand for secure cloud computing architecture that allows governmental bodies or companies in heavily regulated industries, such as banking and healthcare, to take advantage of the cloud while complying with regulations.

Last month, Microsoft said that it was partnering with G42 to build out UAE’s Sovereign Cloud.