According to a study1, the gross value added could increase by 330 billion euros annually if every second German company used AI. Those who want to get started with Artificial Intelligence (AI) often use the public cloud. But what to do when compliance gets in the way? Then the sovereign cloud is here to help. Read here about the benefits it offers and why self-determination is becoming increasingly important.
On average, it takes 13 years to bring a new drug onto the market in Germany2. Many studies fail, dashing the hopes of the pharmaceutical industry and patients every time. AI, or more precisely an algorithm called HINT3, is now set to speed up the process. It does so by predicting whether a study will be successful. Pharmaceutical companies can thus adapt their study design more quickly, using the drug molecule, the target disease, and the patient criteria as a basis. This means that large volumes of data have to be processed quickly. Without the cloud, this would be very expensive. However, as personal patient data is also involved, the security and integrity requirements for the cloud are particularly high.
According to the Foundry study “Cloud Transformation 2024”4, 43% of respondents still find it difficult to move their workloads to the cloud due to data protection and compliance as well as the issue of data security (37%). The University Medical Center Schleswig-Holstein opted for the T-Systems Sovereign Cloud powered by Google Cloud so as not to cut any corners. The advantage: the clinic benefits from the innovative power of the hyperscalers, but still enjoys a high degree of sovereignty and can protect its sensitive data in particular. The solution meets the high German requirements for data protection, data residency, and security, and offers sufficient flexibility regarding the use of future technologies. After all, the hospital wants to use AI to better evaluate its MRIs and detect tumors more quickly, for example.
These are the use cases for which the sovereign cloud is suitable. Not every company needs it, not every workload requires so much self-determination and protection. For others, however, this is essential. The sovereign cloud is the ideal solution for companies and organizations that need to manage and process their data and services securely and in compliance with regulatory requirements – and still want to benefit from the computing power, scalability, and cost efficiency of a public cloud. Sovereign clouds understand the art of retaining a strategic advantage, while at the same time granting data sovereignty, operational independence, and technological autonomy.
The sovereign cloud is based on three important principles:
Customers have control over data access.
Customers benefit from an open source approach and are therefore flexible in their choice of platform. Thanks to the open standard, you have the option of migrating workloads to other platforms (including in-house) at any time.
Customers receive complete transparency and control over the provider’s operating activities. When working with Google Cloud, for example, we ensure that adjustments to the cloud platform do not undermine the principle of sovereignty. This guarantees the future viability and full performance of the platform.
I like to think of the sovereign cloud as a security hinge for digital transformation. Companies need this to ensure the independence of their applications and sovereignty over their data, in short: they need it to maintain their self-determination. They also need it for certain workloads, for example in regulated industries where the bar for protecting data and services is set very high. The healthcare, public, and financial sectors, for example, must ensure that sensitive data is processed within the EU. This means that while companies from highly regulated industries do not want to miss out on innovative services from hyperscalers, they are not allowed to grant them access to their own data. This is why they prefer to conclude contracts with a European company like us. We offer them a long-term perspective and ensure transparency. This is where I see our primary function: as a managed services partner, we ensure that our customers benefit from the dynamics of hyperscalers. This only works if we offer them off-the-shelf sovereignty.
Compliance requirements vary depending on the industry and the specific task. To make things easier for our customers, we ensure that the sovereignty of their data and services on our cloud platforms is maintained at all times. This is a very important feature of our solutions. For example, the Open Telekom Cloud is suitable for the financial sector, which uses a lot of sensitive data, such as when providers use biometric parameters to prevent fraud. The Open Telekom Cloud is particularly suitable here because it is an OpenStack-based alternative that is subject to European law. If, on the other hand, companies want to use the functionalities of the “normal” Google Public Cloud as a sovereign solution, they use the T-Systems Sovereign Cloud powered by Google Cloud. This makes it possible to use cloud resources in a legally compliant manner.
Our healthcare customers also have high demands on sovereignty. They want to use digital tools and the cloud to speed up examination processes, for example, or need secure data rooms to exchange hospital data. Because they have to meet Gematik's (the German national agency for the digitalization of the healthcare system) strict security standards, I recommend that these customers move their workloads to an open source cloud that is delivered entirely from Germany. BARMER, for example, manages the digital identities of its policyholders securely and confidently in our Open Sovereign Cloud.
IDC5 estimates that global spending on sovereign clouds will rise to more than 250 billion U.S. dollars in 2027. After all, it is not only regulated industries that call for sovereignty. In general, companies are taking digital self-determination more and more seriously. They are looking closely at the future topic of AI in particular. According to a study6, 70 percent of the organizations surveyed consider sustainability and digital sovereignty to be the most important criteria when choosing GenAI services from the public cloud. It is, therefore, no coincidence that Amazon recently announced that it is pumping eight billion euros into a European cloud. Especially as geopolitical tensions are likely to further increase the importance of cloud and data sovereignty, as companies are not the only ones that increasingly see their own sovereignty as business critical. Governments and the public sector in general will also use sovereign clouds to protect national data and infrastructures from potential threats.
I am convinced that companies – depending on the industry and the respective application – can only use innovative technologies securely and reliably with the sovereign cloud. If you would like to talk to me about this, please write to me, or we can also meet in person, for example, at this year’s DIGITAL X in Cologne. Make sure to pencil in September 18 and 19 in your diary. Because the sovereign cloud is a future trend, we will, of course, be presenting it in September alongside many other innovation topics. You can look forward to exciting discussions, inspiration, and new perspectives. And there will be plenty of opportunity to exchange ideas with me and our teams. We are already looking forward to it.
1 Der digitale Faktor – Wie Deutschland von intelligenten Technologien profitiert, Bolwin, Lennart et al., 2023, www.iwkoeln.de
2 Phasen der Medikamentenentwicklung, 2024, www.cimd.fraunhofer.de
3 How AI is being used to accelerate clinical trials, Matthew Hutson, 2024, nature.com
4 Cloud Transformation 2024, Georg Holzwart, Munich, 2024
5 IDC Forecasts Worldwide Sovereign Cloud Spending to Reach More Than $250 Billion in 2027, 2023, idc.com
6 Gartner predicts 70% of enterprises adopting GenAI will cite sustainability and digital sovereignty as top criteria for selecting between different public cloud GenAI services by 2027, 2024, gartner.com