Plan and prepare for Microsoft Cloud for Sovereignty in 2023 release wave 2

Important

This content is archived and is not being updated. For the latest documentation, go to What's new in Microsoft Cloud for Sovereignty. For the latest release plans, go to Dynamics 365, Power Platform, and Cloud for Industry release plans.

Important

The 2023 release wave 2 plan covers all new functionalities planned to be delivered to market from October 2023 to March 2024. In this article, you'll find the product overview and what's new and planned for Microsoft Cloud for Sovereignty.

Overview

The Microsoft Cloud for Sovereignty enables governments to build and digitally transform workloads in Microsoft Cloud while meeting many of their specific compliance, security, and policy requirements. Microsoft Cloud for Sovereignty creates software boundaries in the cloud to establish the extra protection that governments require, using hardware-based confidentiality and encryption controls.

Adopting cloud computing while meeting digital sovereignty requirements is complex and can differ greatly between organizations, industries, and geographies. Microsoft Cloud for Sovereignty addresses the sovereignty needs of government organizations. Further, Microsoft Cloud for Sovereignty is customizable and adheres to evolving local policies and regulatory requirements around the handling of data. Governments need not choose between digital innovation and control over their data, and digital workloads. They can implement secure, consistent, and compliant environments and adhere to evolving local regulations while taking full advantage of the cloud.

The benefits and value of running your applications in the Azure public cloud are substantial and include scalability, elasticity, resiliency, compliance, agility, and unmatched cybersecurity. With Microsoft Cloud for Sovereignty, you can meet digital sovereignty and compliance requirements and still gain the benefits of the public cloud. Cloud for Sovereignty aims to simplify, standardize, and improve confidence in the digital sovereignty of the public cloud by providing tools and guidance throughout the cloud implementation lifecycle for IT professionals, information security officers, and decision makers. Cloud for Sovereignty supports both greenfield scenarios, such as migration of on-premises workloads to the cloud, and brownfield implementations, such as aiming to improve the digital sovereignty and compliance of existing cloud workloads.

Microsoft Cloud for Sovereignty provides capabilities across different layers.

  • Built on top of the Azure public cloud capabilities.
  • Regulatory compliance and transparency into the cloud operator's activities.
  • Sovereign guardrails through codified architecture, workload templates, localized Azure Policy Initiatives, tooling, and guidance.
  • Advanced sovereign control services like Azure Confidential Computing and Azure Key Vault Managed HSM.

Investment areas

Investment areas

Compliance and transparency
Governments require confidence in the security and privacy of their data and the ability to keep innovating while protecting that data. They must also be able to meet their legislative or regulatory obligations and have more insights into the cloud operator's activities.

Microsoft Cloud for Sovereignty builds on top of the compliance and transparency capabilities that Microsoft already provides. Eligible customers can also take advantage of increased transparency over – and into – their environments' operations with tools and programs such as source code review, access to technical data, audit logs and monitoring reports.

For qualified customers and government agencies, Microsoft Cloud for Sovereignty provides additional transparency into Microsoft activities through transparency logs. Additionally, eligible government agencies can take advantage of the Microsoft Government Security Program.

Sovereign control portfolio
Microsoft Cloud for Sovereignty helps customers configure and protect their data and resources in ways that comply with their specific regulatory and sovereignty requirements. It includes ensuring that parties outside the customer's control, including Microsoft, can't access customer data. With the sovereign control portfolio, customers can add extra protection over sensitive workloads to prevent operator access to their data and resources, providing them with more data sovereignty. Th portfolio includes Azure Confidential Computing (ACC), customer-managed keys CMK), Azure- managed Hardware Security Modules (mHSMs), and other Azure services, via the Azure Portal as well as through APIs.

Sovereign guardrails and guidance
Microsoft Cloud for Sovereignty provides guidance to support customers in configuring and operating their environments. In addition to leveraging existing concepts and services such as Infrastructure as Code and Azure Policy as Code, it provides access to codified architectures, workload templates, and tooling to help create environments that comply with sovereignty, privacy, and regulatory requirements. Additionally, Cloud for Sovereignty reduces the complexity of cloud implementations by providing automation and tooling that make the process simpler, predictable, and repeatable by design.

To learn more about the entire set of capabilities being delivered during this release wave, check out the release plan for Microsoft Cloud for Sovereignty below: