Customers worldwide frequently express to me their prioritization of digital sovereignty as they navigate new compliance and industry regulations. According to the International Data Corporation (IDC), 82% of global organizations are currently using, planning to use, or considering sovereign cloud solutions within the next two years. However, leaders often face challenges as policies and requirements continually evolve, and they have concerns about acquiring the necessary knowledge and skills at an affordable cost to simplify their efforts in meeting digital sovereignty goals.
At Amazon Web Services (AWS), we recognize the importance of protecting your data in a rapidly changing landscape of regulations, technology, and risks. We are committed to ensuring that the AWS Cloud remains sovereign-by-design, as it has been since its inception. We strive to provide customers with more options to meet their unique sovereignty requirements through our offerings in AWS Regions worldwide, dedicated sovereign cloud infrastructure solutions, and the recently announced independent European Sovereign Cloud. In this blog post, I will discuss how the cloud is helping organizations meet their digital sovereignty needs and how we can assist you in navigating this ever-evolving environment.
The digital sovereignty needs of customers vary based on multiple factors. Each country or region has its own set of requirements, adding to the complexity. Moreover, there is no uniform guidance for the workloads, industries, and sectors that must adhere to these requirements. Despite these variations, key themes that we have identified through conversations with customers, partners, and regulators include data residency, operator access restriction, resiliency, and transparency. AWS collaborates closely with customers to understand their desired digital sovereignty outcomes and determine the appropriate AWS solutions to help them achieve those outcomes.
We introduced the AWS Digital Sovereignty Pledge in 2022 as part of our commitment to provide all AWS customers with the most advanced sovereignty controls and security features available in the cloud. We actively engage with regulators to ensure that AWS meets various standards and certifications that our customers inherit, enabling them to meet requirements while driving continuous innovation. Recently, Information Services Group (ISG), a global technology research and IT advisory firm, named AWS a leader in Sovereign Cloud Infrastructure Services (EU).
Customers who utilize our global infrastructure with sovereign-by-design features can optimize their operations for increased scale, agility, speed, and cost reduction while benefiting from the highest levels of security and protection. Our AWS Regions are powered by the AWS Nitro System, which guarantees the confidentiality and integrity of customer data. To enhance transparency, the security design of our Nitro System was independently validated by the global cybersecurity consulting firm NCC Group.
Regarding data control, customers have full authority over their data on AWS. They can determine where it is stored, how it is stored, and who has access to it. We provide tools to automate and monitor storage location and encrypt data, including data residency guardrails in AWS Control Tower. Additionally, we recently announced over 65 new digital sovereignty controls that customers can choose from to prevent actions, enforce configurations, and detect undesirable changes.
Every AWS service supports encryption, and most services also support encryption with customer-managed keys that AWS cannot access. Our hardware used in AWS Key Management Service (KMS) and firmware used in AWS CloudHSM are both FIPS 140-2 Level 3 compliant, certified by a NIST-accredited laboratory.
AWS offers infrastructure choices to support unique needs and local regulations, including hybrid cloud storage and edge computing capabilities. We ensure that customers can use the same infrastructure, services, APIs, and tools across their environments. This consistency accelerates innovation, enhances operational efficiencies, reduces costs, and allows for the adoption of cloud security wherever applications and data reside.
We collaborate closely with customers to support infrastructure decisions aligned with their workload needs and local regulations. For organizations burdened by strict regulatory requirements, we launched AWS Dedicated Local Zones. This infrastructure is fully managed by AWS, exclusively used by a specific customer or community, and located in a customer-specified location or data center for running sensitive or regulated industry workloads. At AWS re:Invent 2023, I had a discussion with Cheow Hoe Chan, Government Chief Digital Technology Officer of Singapore, about how we partnered with Singapore’s Smart Nation and Digital Government Group to create this dedicated infrastructure.
Additionally, we recently announced our plans to launch the AWS European Sovereign Cloud. This independent cloud, located and operated within the European Union (EU), will provide customers in highly regulated industries with more options to meet varying data residency, operational autonomy, and resiliency requirements. It will offer the same high-level security, availability, and performance as our existing AWS Regions, with features specifically tailored to evolving EU regulations.
In addition to our vast range of AWS offerings, customers can access our global network of over 100,000 AWS Partners specialized in various competencies and industry verticals to receive local guidance and services.
Navigating the evolving digital sovereignty landscape can be complex, but you don’t have to do it alone. Leveraging the cloud and partnering with AWS and our network of experts can help you accelerate your progress and operate more efficiently while keeping costs low. We are committed to aiding you in meeting necessary requirements while fostering innovation. We look forward to witnessing the advancements that you will continue to drive.
If you have any feedback on this post, please submit your comments in the section below. If you have questions regarding this post, please reach out to AWS Support.
Max Peterson is the Vice President of AWS Sovereign Cloud. He leads our efforts to provide all AWS customers worldwide with the most advanced sovereignty controls, privacy safeguards, and security features available in the cloud. Prior to this role, Max served as the VP of AWS Worldwide Public Sector (WWPS) and created and led the WWPS International Sales division, focused on empowering government, education, healthcare, aerospace, satellite, and nonprofit organizations to drive rapid innovation while meeting evolving compliance, security, and policy requirements. Max brings over 30 years of public sector experience and has held various technology leadership roles before joining Amazon. He holds a Bachelor of Arts degree in Finance and a Master of Business Administration degree in Management Information Systems from the University of Maryland.
