Many companies are already relying on the cloud and have discovered that many use cases with excellent business advantages turn out to be more challenging with a second look – since hyperscaler clouds are not easily deployed. Additional time and costs for legally compliant usage delay digitalization projects – or prevent them entirely. It’s no wonder that the call for sovereign clouds is getting louder and louder. This is one of goals of Europe’s GAIA-X initiative: the sovereign and legally compliant usage of cloud resources.
The T-Systems Sovereign Cloud powered by Google Cloud is the first of its kind on the German market. As a joint product from T-Systems and Google Cloud, it offers full compliance with the requirements of German regulators – while retaining the public cloud functionality of a hyperscaler. This will enable the drastic acceleration of digitalization projects.
This scalable cloud solution meets a wide range of sovereignty requirements and allows T-Systems to offer all companies, but especially the public sector and healthcare sector, cloud usage while simultaneously fulfilling various compliance requirements. Explore the digitalization potential the Sovereign Cloud leverages in selected industries.
The Sovereign Cloud addresses all three aspects of sovereignty right from the start: data sovereignty, operational sovereignty, and software sovereignty. Adherence to these principles is continuously monitored by T-Systems. This means that companies from regulated industries such as healthcare, the public sector, and finance can use cloud services in compliance with GDPR and Schrems II.
Data sovereignty means that the owners of data have certainty that their data will not be manipulated, deleted, copied, or viewed in the cloud by unauthorized parties (this includes the cloud operator). To this end, T-Systems handles the management of the keys in an external key management system so that the cloud operator does not have access to the keys. This means that clients in regulated markets and clients working with personally identifiable data can use the Google Cloud ecosystem to successfully implement their digital transformation without any reservations.
Within the framework of operational sovereignty, users are given complete transparency and control over the provider's operations. In this particular case, T-Systems will monitor Google as the provider of the platform and ensure that adjustments to the platform do not undermine its sovereignty. This ensures the future sustainability and full performance of the platform.
The Sovereign Cloud is designed as an open platform. This prevents users from becoming dependent on the Sovereign Cloud (vendor lock-in). Applications and services can be consistently orchestrated across multi-cloud landscapes – and thus can be moved away from the Sovereign Cloud to any other IT infrastructure at any time.
Sovereignty requirements vary from industry to industry and from workload to workload. In order to meet the various requirements, Google Cloud and T-Systems will be offering a portfolio of sovereignty solutions. In addition to the basic “Sovereign Controls” variant already available today, the T-Systems Sovereign Cloud powered by Google Cloud will, in the future, be extended to include two further variants with a higher level of sovereignty: the “Supervised Cloud” and the “Hosted Cloud”.
With the sovereign controls operated by T-Systems for the most popular Google Cloud Services, requirements for access control and transparency as well as data residency are met.
This “semi-connected” version of the cloud will be physically operated by T-Systems, separate from other Google Cloud infrastructure. Updates made by Google Cloud will be carried out at agreed times and exclusively under the control of T-Systems staff.
This variant is designed for users with the highest sovereignty requirements and is based on the Google Distributed Cloud. This ensures complete operational control and independence thanks to dedicated hardware and complete separation from the Google Public Cloud (“air-gap” capability). On request, T-Systems can also operate it from a customer’s data center.