blogs.vmware.com
Open in
urlscan Pro
2a02:26f0:480:5a0::2ef
Public Scan
Submitted URL: https://marketing.vmware.com/MDQ4LVNaVy0wNDUAAAGLYJNRqplOgN2VoLJVH-62BuIjM5W2Q5bYp2ERkcSSo22pOwj32SWjAmhikahGWA4vv5dT5xM=
Effective URL: https://blogs.vmware.com/emea-en/2023/03/the-real-risk-of-avoiding-cloud-sovereignty/?mkt_tok=MDQ4LVNaVy0wNDUAAAGLYJNRqiX...
Submission: On April 27 via api from IE — Scanned from DE
Effective URL: https://blogs.vmware.com/emea-en/2023/03/the-real-risk-of-avoiding-cloud-sovereignty/?mkt_tok=MDQ4LVNaVy0wNDUAAAGLYJNRqiX...
Submission: On April 27 via api from IE — Scanned from DE
Form analysis 2 forms found in the DOM
GET https://blogs.vmware.com/emea-en/
<form class="search-form" method="get" action="https://blogs.vmware.com/emea-en/">
<label class="sr-only" for="s">Search</label>
<input class="search-field" placeholder="Search" name="s">
<input type="submit" value="Submit Search" class="search-submit btn">
</form>POST https://blogs.vmware.com/emea-en/wp-comments-post.php
<form action="https://blogs.vmware.com/emea-en/wp-comments-post.php" method="post" id="commentform" class="comment-form" novalidate="">
<p class="comment-notes"><span id="email-notes">Your email address will not be published.</span> <span class="required-field-message">Required fields are marked <span class="required">*</span></span></p>
<div class="comment-form-comment"><label for="comment" class="sr-only">Comment</label> <textarea id="comment" name="comment" cols="45" rows="8" maxlength="65525" required="required"></textarea></div>
<div class="form-wrap">
<div class="form-left">
<div class="comment-form-author">
<label for="author" class="sr-only">Name</label>
<input id="author" placeholder="Name*" name="author" type="text" value="" size="30" maxlength="245" required="required">
</div>
<div class="comment-form-email">
<label for="email" class="sr-only">Email</label>
<input id="email" name="email" type="email" value="" size="30" placeholder="Email*" maxlength="100" aria-describedby="email-notes" required="required">
</div>
<div class="comment-form-url">
<label for="url" class="sr-only">Website</label>
<input id="url" name="url" type="url" value="" size="30" placeholder="Website" maxlength="200">
</div>
</div>
<div class="form-right">
<div class="comment-form-cookies-consent">
<label for="wp-comment-cookies-consent">
<input id="wp-comment-cookies-consent" name="wp-comment-cookies-consent" type="checkbox" value="yes"><span> Save my name, email, and website in this browser for the next time I comment</span></label>
</div>
</div>
</div>
<p class="form-submit"><input name="submit" type="submit" id="submit" class="submit" value="Post Comment"> <input type="hidden" name="comment_post_ID" value="87258" id="comment_post_ID">
<input type="hidden" name="comment_parent" id="comment_parent" value="0">
</p>
<p style="display: none;"><input type="hidden" id="akismet_comment_nonce" name="akismet_comment_nonce" value="49aa88168b"></p>
<p style="display: none;"></p><input type="hidden" id="ak_js" name="ak_js" value="1682595357996">
</form>Text Content
Menu VMware EMEA Blog
Search
Search
* VMware Blogs
* Communities
* RSS
* Twitter
* LinkedIn
* YouTube
* News & Highlights
* Explore by SolutionToggle submenu
* App Modernization
* Digital Workspace
* Multi-Cloud
* Intrinsic Security
* Virtual Cloud Network
* Explore by Success Stories
* VMware Explore
* Partners
* RSS
* Twitter
* LinkedIn
* YouTube
Virtual Cloud Network Intrinsic Security
THE REAL RISK OF AVOIDING CLOUD SOVEREIGNTY
VMware EMEA
March 23, 2023
Share on:
* Share on Twitter
* Share on LinkedIn
* Share on Facebook
* Email this post
0
Guy Bartram, Director Product Marketing, Sustainability Ambassador
Adopting cloud computing has become increasingly popular, with many
organizations taking advantage of its benefits, such as reduced costs, improved
flexibility, and scalability. However, with this increased adoption comes the
need for increased attention to security, particularly regarding sensitive data,
data classification, privacy, and Sovereign Clouds. Sovereign Clouds are managed
and operated privately or through a third-party Sovereign Cloud Provider, such
as a VMware Sovereign Cloud Provider, often used for sensitive data and
applications. Sensitive data may have a broader scope than people realize and
can vary depending on the context and the industry the company focuses on. For
example, in healthcare, sensitive data might include medical records, while in
finance, it might include financial records and credit scores. In government, it
might include classified information related to national security.
Unfortunately, many organizations still need to be more open to using Sovereign
Clouds, despite the risks of avoiding them. This blog post will explore the
risks of avoiding Sovereign Clouds and why considering them is essential.
There could be several reasons why organizations are not adopting Sovereign
Clouds:
However, avoiding Sovereign Clouds and using Hyperscale clouds can pose several
risks to an organization’s security and privacy.
* Public clouds are typically owned and managed by third-party providers who
may have different security controls and protocols than in your organization.
This means your data could be vulnerable to unauthorized access, theft, or
misuse by hackers, insiders, or other malicious actors. This is something
recently highlighted by President Biden, that there needs to be regulation of
the security practices in Public Cloud, which poses a considerable risk for
sensitive data.
* Public clouds often rely on shared infrastructure, meaning that the data and
resources of multiple organizations are stored and processed on the same
servers and networks. This increases the risk of data leakage or
cross-contamination, where sensitive data could accidentally or intentionally
be accessed or exposed to other users on the same platform. Shared platforms
come at a functional cost, typically security and performance. Resource
contention and degraded performance can exist depending on the underlying
hypervisor used in the public cloud. Hyperscale clouds often limit the
compute, network, and storage resources customers can use to work around
this, resulting in high costs vs. resources and many customers moving
workloads out of their cloud. Recent examples in the press are basecamp and
37Signals.
* Public clouds are subject to legal and regulatory requirements that may not
align with an organization’s security and compliance needs. For example, some
public cloud providers may be subject to foreign laws such as U.S. Cloud Act
or government surveillance such as FISA, which could compromise the
confidentiality and integrity of the classified data. In Europe for example,
the U.S. Cloud Act raises concerns about the privacy and data protection of
EU citizens, as it potentially allows US authorities to access their personal
data without sufficient safeguards or oversight. In summary, it conflicts
with the EU’s General Data Protection Regulation (GDPR), which requires
companies to obtain explicit consent from individuals to process their
personal data and ensure adequate data protection measures are in place.
Consider data as all forms, including metadata, telemetry data, accounting
data and support data, the sphere of influence to consider here is much
larger than you think. Exposure has been documented many times in the press.
An excellent example of this is the 2022 Data Protection Impact Assessment
(DPIA) from the Dutch ministry, stating “high risk related to unencrypted
streaming and stored special categories of data” and:
“There is a high data protection risk related to the possible access by US law
enforcement and secret services to very sensitive and special categories of
personal data. This risk occurs even though the Teams, OneDrive and SharePoint
Content Data are already exclusively processed and stored in the EU, because
access to this data can be ordered through US legislation such as the US CLOUD
Act.”
* The organization should control the management and visibility of its data as
it is stored and processed in a third-party environment. Public cloud lack of
standardization can limit the organization’s ability to audit, monitor, and
enforce security policies and procedures. Public clouds are highly
distributed and complex, making a comprehensive view nearly impossible. This
is compounded by a shared responsibility model for security where customers
are responsible for using the public cloud features to secure their own data.
The public cloud is very good at rapid scaling, which can challenge keeping
track of security policies over multiple resources. Finally, all public
clouds have differing capabilities and toolsets, creating challenges with the
levels of security possible but also the enforcement of security.
Overall, the risks of putting any data in a public cloud can be significant, and
organizations should carefully evaluate and mitigate these risks before deciding
to use such services. However, is Sovereign Cloud a nirvana? Organizational
concerns about Sovereign Clouds range from the availability, performance, and
cost of Sovereign Cloud solutions to traditional cloud offerings. Are they
correct?
Availability
Sovereign cloud solutions may have a different global reach and availability
than traditional public cloud offerings; a view could be that this limits their
ability to support geographically dispersed workloads and users.
Sovereignty is not a global matter but a national one or shared regional in the
EU, for example. Sovereign Cloud solutions ensure high availability within
national geographies and data centers within the Sovereign region; going across
borders would mean differing jurisdictions and laws about all aspects of data
and cloud. Ensuring the availability of data and services is critical for
operations that Sovereign Cloud providers manage, such as operations of national
interest.
Availability is a crucial aspect of the VMware Sovereign Cloud 20-point
certification; VMware Sovereign Cloud partners must attest to providing data
integrity and availability with redundant infrastructure and failover mechanisms
to ensure that data and applications remain available in the attested territory
in the event of a regional outage or disaster.
Performance
Sovereign Cloud solutions, as all cloud solutions, will have different levels of
performance and scalability than public cloud offerings. This could be viewed as
limiting their ability to handle high-volume, resource-intensive workloads.
Sovereign Clouds are built and designed to meet sovereign customers’ needs; many
Sovereign Clouds operate at very high levels of availability, exceeding
hyperscale offering capabilities. Operations of National interest and specific
verticals have unique application requirements, and valuable items such as
autoscaling are available to VMware Sovereign Cloud providers.
VMware has pioneered exceptional performance, including some faster than bare
metal capabilities (see Tanzu Kubernetes example). For a long time, VMware has
had technologies to avoid performance issues inherent in virtualized
environments and has outperformed public cloud services. For a great example of
this, see this report from a VMware Cloud Provider Expedient.
Cost
Sovereign cloud solutions may be more expensive than traditional cloud offerings
due to higher operational costs, lower economies of scale, and the need to
maintain specialized infrastructure and talent.
Cost is a critical cloud component, and VMware Cloud Providers work on a pure
consumption model. Unlike hyperscale cloud, where you must purchase reserved
instances, you can have a resource pool of compute and storage and use as much
or little as you need. Resource pooling is one option for cost-sensitive
Sovereign customers, even those that want dedicated hardware and private clouds
can quickly scale out without incurring significant costs.
Sovereign Clouds deal in security and compliance; Sovereign Cloud partners
invest significantly in the enhanced vetting of personal, infrastructure and
systems aligned to the data classification and industry vertical, that you will
not find available in Hyperscale clouds.
If you choose a VMware Sovereign Cloud Provider, they can offer secure, shared
infrastructure and dedicated isolated private clouds. Both come with full
automated lifecycle management and can reduce cost dramatically, have a look at
the VCF TCO calculator to see for yourself.
Granted, regional cloud providers do not have economies of scale like public
cloud providers, but in terms of volume, many Sovereign Cloud partners have very
large Cloud estates. For example, OVH Cloud in France builds its own hardware
and has 100,000’s workloads running in its environments.
Lastly, specialized infrastructure and talent are where VMware Sovereign Cloud
partners excel; this is undoubtedly a good thing. Most VMware Cloud Providers
deliver managed services, which require operational skills in many different
areas, unlike Public Cloud vendors who do not. VMware Cloud Providers,
especially Sovereign partners, can help you on your cloud journey, skilled and
resourced appropriately to support your business, not just be an infrastructure
endpoint.
Innovation
Sovereign Cloud solutions may have a different level of innovation and feature
development than traditional cloud offerings, limiting their ability to keep
pace with evolving business needs and technology trends.
VMware doesn’t just mean vSphere. VMware’s portfolio of solutions is extensive
in capabilities and supports workloads, apps, containers, and data science
solutions. VMware Sovereign Clouds must be innovative, most governments and
industry verticals have vital requirements to get ahead of the pack, and
innovation is mandated in their cloud.
Thinking about this differently, public clouds, to be resident, must limit their
portfolios to only those that can be resident, separated from SaaS control
planes, and this limits innovation. VMware has always offered disconnected
solutions; everything runs in the region, in jurisdiction already, so you are
automatically gaining control of your cloud.
Innovation can be seen in 1 or 2 ways; that which is out of the box (SaaS and
PaaS) and that which must be built using new infrastructure and services. An
out-of-the-box solution, such as an industrialized cloud solution, could be
great to get going quickly. Still, it is potentially a considerable concern for
compliance and security. Whereas building a solution to meet your needs offers
the opportunity to consider compliance and security from the get-go (which
should be a best practice). With data compliance, regulation and governance of
data privacy and industrialized data still evolving, it is better to innovate
and involve all lines of business to build the right solution. VMware Sovereign
Cloud providers offer GPU, AI, ML, Kubernetes, App marketplaces, secure app
portfolios, integrated pipeline solutions, and much more to ensure your needs to
innovate are covered but, most importantly, secure.
Overall, a VMware Sovereign Cloud can provide greater control, security, and
flexibility for governments and verticalized organizations that require unique
or specialized cloud computing services. Many Sovereign Cloud partners are
multi-cloud brokers, promoting the “right cloud for the application” aligned to
data classification and security requirements. They can be a one-stop shop for
customers who need multiple clouds and hybrid operating models. Get Cloud piece
of mind and find out more about Sovereign Cloud;
https://www.vmware.com/cloud-solutions/sovereign-cloud.html
VMWARE EMEA
RELATED ARTICLES
Virtual Cloud Network
THE REAL RISK OF AVOIDING CLOUD SOVEREIGNTY
VMware EMEA
March 23, 2023
Success Stories
OCUCO PROVIDES CUSTOMERS WITH EFFICIENCY AND SECURITY THANKS TO VMWARE CLOUD
DIRECTOR
VMware EMEA
March 8, 2023
Multi-Cloud
THE POWER OF APPS IN A MULTI-CLOUD WORLD
VMware EMEA
February 14, 2023
Multi-Cloud
WHAT DOES YOUR DATA JOURNEY LOOK LIKE?
VMware EMEA
February 7, 2023
Intrinsic Security
WHY SECURITY SHOULD BE AN ASSET IN YOUR INNOVATION TOOLBOX
VMware EMEA
January 31, 2023
Intrinsic Security
EMPLOYEE SURVEILLANCE: MONITORING OR SPYING?
VMware EMEA
January 27, 2023
Intrinsic Security
ARE SECURITY FEARS GOING TO DRIVE WORKERS BACK TO THE OFFICE FIVE DAYS A WEEK?
VMware EMEA
January 25, 2023
App Modernization
WELCOME TO THE WONDERFUL WORKSHOP OF HEALTHCARE
VMware EMEA
January 24, 2023
App Modernization
THE FUTURE OF HEALTHCARE WAS YESTERDAY
VMware EMEA
January 17, 2023
Intrinsic Security
WHY DISASTER RECOVERY IS NOW A C-SUITE CONVERSATION
VMware EMEA
January 16, 2023
Virtual Cloud Network
PUTTING THE POS INTO POSITIVE RETAIL EXPERIENCES
VMware EMEA
December 12, 2022
News & Highlights
DELIVERING HIGH-VALUE CLOUD SERVICES TO ON-PREMISES WORKLOADS WITH VMWARE
VSPHERE+
VMware EMEA
December 1, 2022
COMMENTS
LEAVE A REPLY CANCEL REPLY
Your email address will not be published. Required fields are marked *
Comment
Name
Email
Website
Save my name, email, and website in this browser for the next time I comment
Company
About Us Executive Leadership News & Stories Investor Relations Customer Stories
Diversity, Equity & Inclusion Environment, Social & Governance
Careers Blogs Communities Acquisitions Office Locations VMware Cloud Trust
Center COVID-19 Resources
Support
VMware Customer Connect Support Policies Product Documentation Compatibility
Guide Terms & Conditions California Transparency Act Statement
Twitter YouTube Facebook LinkedIn Contact Sales
--------------------------------------------------------------------------------
© 2023 VMware, Inc. Terms of Use Your California Privacy Rights Privacy
Accessibility Site Map Trademarks Glossary Help Feedback
Cookies Settings
WE CARE ABOUT YOUR PRIVACY
We use cookies to provide you with the best experience on our website, to
improve usability and performance and thereby improve what we offer to you. Our
website may also use third-party cookies to display advertising that is more
relevant to you. By clicking on the “Accept All” button you agree to the storing
of cookies on your device. If you close the cookie banner, only strictly
necessary cookies will be stored on your device. If you want to know more about
how we use cookies, please see our Cookie Policy.
Cookies Settings Accept All Cookies
COOKIE PREFERENCE CENTER
* GENERAL INFORMATION ON COOKIES
* STRICTLY NECESSARY
* PERFORMANCE
* FUNCTIONAL
* ADVERTISING
* SOCIAL MEDIA
GENERAL INFORMATION ON COOKIES
When you visit our website, we use cookies to ensure that we give you the best
experience. This information does not usually directly identify you, but it can
give you a more personalized web experience. Because we respect your right to
privacy, you can choose not to allow some types of cookies by clicking on the
different category headings to find out more and change your settings. However,
blocking some types of cookies may impact your experience on the site and the
services we are able to offer. Further information can be found in our
Cookie Policy.
STRICTLY NECESSARY
Always Active
Strictly necessary cookies are always enabled since they are essential for our
website to function. They enable core functionality such as security, network
management, and website accessibility. You can set your browser to block or
alert you about these cookies, but this may affect how the website functions.
For more information please visit www.aboutcookies.org or
www.allaboutcookies.org.
Cookies Details
PERFORMANCE
Performance
Performance cookies are used to analyze the user experience to improve our
website by collecting and reporting information on how you use it. They allow us
to know which pages are the most and least popular, see how visitors move around
the site, optimize our website and make it easier to navigate.
Cookies Details
FUNCTIONAL
Functional
Functional cookies help us keep track of your past browsing choices so we can
improve usability and customize your experience. These cookies enable the
website to remember your preferred settings, language preferences, location and
other customizable elements such as font or text size. If you do not allow these
cookies, then some or all of these services may not function properly.
Cookies Details
ADVERTISING
Advertising
Advertising cookies are used to send you relevant advertising and promotional
information. They may be set through our site by third parties to build a
profile of your interests and show you relevant advertisements on other sites.
These cookies do not directly store personal information, but their function is
based on uniquely identifying your browser and internet device.
Cookies Details
SOCIAL MEDIA
Social Media
Social media cookies are intended to facilitate the sharing of content and to
improve the user experience. These cookies can sometimes track your activities.
We do not control social media cookies and they do not allow us to gain access
to your social media accounts. Please refer to the relevant social media
platform’s privacy policies for more information.
Cookies Details
Back Button
COOKIE LIST
Filter Button
Consent Leg.Interest
checkbox label label
checkbox label label
checkbox label label
* View Third Party Cookies
* Name
cookie name
Clear
checkbox label label
Apply Cancel
Confirm My Choices
Allow All
word word word word word word word word word word word word word word word word
word word word word word word word word word word word word word word word word
word word word word word word word word word word word word word word word word
word word word word word word word word word word word word word word word word
word word word word word word word word word word word word word word word word
word word word word word word word word word word word word word word word word
word word word word word word word word word word word word word word word word
word word word word word word word word word word word word word word word word
word word word word word word word word word word word word word word word word
word word word word word word word word word word word word word word word word
word word word word word word word word word word word word word word word word
word word word word word word word word word word word word word word word word
word word word word word word word word
mmMwWLliI0fiflO&1
mmMwWLliI0fiflO&1
mmMwWLliI0fiflO&1
mmMwWLliI0fiflO&1
mmMwWLliI0fiflO&1
mmMwWLliI0fiflO&1
mmMwWLliI0fiflO&1