Let’s talk about Multi Cloud adoption with the focus on VMware Sovereign Cloud.
It is becoming increasingly important for organizations to know exactly where and when what data resides. Not only to get new business insights from that data faster, but also because compliance and other regulations are becoming more stringent.
Of course, VMware can support you with this business requirements and that is with the VMware Sovereign Cloud framework.
VMware Sovereign Cloud helps organizations future-proof their cloud infrastructure with data independence, interoperability and mobility. Data can be shared and migrated as needed to respond to changes in technology or geopolitics. A sovereign cloud is compatible with Multi-Cloud or Hybrid Cloud strategies and is separate from the underlying infrastructure, preventing vendor lock-in. Workload migrations into or out of a sovereign cloud are secure, allowing organizations to deploy and move data anywhere as needed.
Acceleration of Cloud adoption:
Let’s have a look at a typical Cloud adoption strategy over the past years.
VMware customers have experienced that adopting the public Cloud offers many advantages, but practice has also shown that it is often not realistic to move all the virtual workload from an On-Premises Data Center to a public Cloud. On top of that, there are many Public Clouds available, and they all stand out with different native advantages (financial and functional). A Multi Cloud strategy often introduces additional tooling and management, which can have a huge impact on managing all these environments. This is also known as Cloud Chaos.
The VMware vision is to go forward and move from Cloud Chaos to Cloud Smart approach.
I can imagine that these new insights raise some questions.
So let’s focus on Cloud Smart, the vision of VMware.
Cloud Smart means doing the due diligence of evaluating your governance and security requirements first, and then identify which workloads should be moved to public, private or hybrid cloud. So keep in mind, Sovereign Cloud is part of the Cloud Smart strategy.
So which workload is perfectly suited for in the Sovereign Cloud?
To answer this question, it is useful starting with classify your data. Based on this classification, it becomes possible to determine in which Cloud your data belongs to.
We distinguish Data classification with 4 gradations, C1 Public Cloud, C2 Protected Data, C3 Restricted Data (Highly Confidential) and C4 Secret Data (Extremely confidential).
The impact of data exposes.
Most business data (which often represents the greatest volume), has relatively little impact on the business operations. This is particularly applicable to C1 and C2 data classification. For data classification level C3 and C4 the volume is often relatively low but the impact business impact extreme high.
With the introduction of all these different classification levels, there are still many use cases for migration specific workload/data to a Trusted Cloud (Hyperscaler platform).
Data Residency vs Data Sovereignty
Both terms are often mixed up. Hopefully this will provide more insight.
Data Residency refers where the data is physically and geographically stored.
This provides little guidance. You cannot determine from the location whether the data may have been replicated to another region. Another example is who manages the data. Is your data run and operated in a U.S.-based hyperscale organization with non-national operators?
Data Sovereignty: Is not just about where the data is stored, but also about the laws and regulations that govern the data at the location where it is physically stored. Data stored in a Sovereign Cloud is within a Sovereign Nation and under their jurisdictional control – not subject to CLOUD Act or any foreign legal authorities.
Data localization: The process of storing and processing data where it is first collected and to persistently maintain its resident and sovereign status.
Security domains: A security domain is a conceptual grouping of systems, network connections, supporting infrastructure, people, and operation processes that fall within a common security boundary.
Find the right Service Provider
An important aspect of finding a suitable Sovereign Cloud provider is transparency. You want to ensure that you have access to log files at all times, so that you as an organization can hand over information in case of an audit.
VMware Sovereign Cloud providers meet applicable geographic-specific sovereign cloud requirements, regulations, or standards where their Sovereign Cloud is made available. Benefit from a secure, legally compliant cloud to innovate and drive better decision-making in your organization.
*Currently there are 17 VMware Sovereign Cloud Service Providers in Europe and 38 worldwide, for current numbers, please check this site.
Tip: Use the filter functionality and filter on criteria to find the the most appropriate Service Provider, This could be based on on specific governance and compliancy requirements.
Prevention of Cloud Vendor Lock-in
When creating a Cloud strategy, it is also important to consider an exit strategy. Ask yourself what your organization will do if it turns out that a particular Cloud is no longer sufficient or if costs suddenly skyrocket
VMware Sovereign Cloud provides the ability to migrate workloads in and out of the VMware Sovereign Cloud. This is key, which prevents Cloud Vendor Lock-in. This is a scenario where a workload has been provisioned at one site and then due to incompatibility with any other supporting infrastructure is not unable to move out of its current location. This could result in the application/service being stuck and unable to take advantage of other useful features that another Cloud Provider may offer.
Organizations expect to keep data safe. They must often comply with one or more regulations from government standards to private standards such as:
Summary of VMware Sovereign Cloud Solution
VMware Sovereign Cloud is all about ‘Choice and Control’
End of this post.
Soon I will provide a brand-new post “Cloud Smart with the focus on Sovereign Cloud part 2” This blog will cover a number of technical aspects including: Data & Security & Compliance, Security Controls, Data Centers, Backup & Disaster Recovery and Immutable storage, so stay tuned!
Disclaimer: This blog is based on my personal title and assumptions. No rights can be derived from this blog.