Google carves out cloudy safe spaces for nations nervous about America’s reach – Source: go.theregister.com

Google has updated its sovereign cloud services, including an air-gapped solution for customers with strict data security and residency requirements, as customers grow uneasy over US digital dominance.

The tech giant first detailed a sovereign cloud capability some years ago, partnering with T-Systems in Germany to offer this to local customers. Similar arrangements followed where a regional provider offered sovereign cloud services powered by Google’s platform.

Mindful of growing anxiety among some customers outside the US at having data stored and processed on infrastructure controlled by American megacorps, Google is now offering a range of sovereign cloud services.

One, Google Cloud Air-Gapped, offers a fully standalone platform that does not require connectivity to other external networks, for users with the strictest data security requirements, including those in the intelligence and defense sectors.

This is designed to provide business continuity and survivability in the event of service disruptions, is built using open source components, and comes with a targeted set of AI, database, and infrastructure services. It can be deployed and operated by Google, the customer themselves, or a Google partner.

Google said this has now been given authorization to host US government Top Secret and Secret-level data – for those in the DoD who can pry themselves away from unsanctioned chat apps, that is.

Another new addition, Google Cloud Dedicated, was built to meet sovereignty requirements through local and regional partners. This was developed with Thales, which also created the Google-based Trusted Cloud by S3NS several years ago.

Currently in preview, Google Cloud Dedicated includes services with GPUs to support AI workloads, and is also operated by S3NS with the aim of meeting the security and operational resilience requirements of France’s SecNumCloud standards. Google said it has plans to expand its Cloud Dedicated footprint globally, with Germany pencilled in next.

Google Cloud Data Boundary has existed in some form for a while, and is designed to let customers control where their content is stored and their data processed.

For example, the Chocolate Factory says Google Workspace users can use the sovereign controls to limit processing of their content to the US or EU, and choose a country to locally store this data.

A newly added feature is User Data Shield, which makes use of services from Google’s Mandiant cybersecurity subsidiary to validate customer applications running on Google Cloud Data Boundary in an effort to further secure customer data.

“We’ve long been committed to enabling customers to choose the cloud provider and solution that best fit their needs, and not locking them into a single option,” said Hayete Gallot, Google Cloud’s President of Customer Experience.

“Sovereignty in the cloud is not one-size-fits-all. We offer customers a portfolio of solutions that align with their business needs, regulatory requirements, and risk profiles.”

• Microsoft gets twitchy over talk of Europe’s tech independence
• European biz calls for Euro tech for local people
• Europe’s cloud customers eyeing exit from US hyperscalers
• Delicious irony as Euro alliance pumps €1M of Microsoft’s money into open source cloud federation tech

Google isn’t alone in trying to meet demand for sovereignty when it comes to cloud services. Amazon announced its AWS European Sovereign Cloud back in 2023, which it claimed would be a completely separate infrastructure region located and operated entirely within Europe.

Microsoft said earlier this year that it had completed its EU Data Boundary for the Microsoft Cloud, which lets European customers store and process data within the EU and European Free Trade Association (EFTA) regions.

These have perhaps been given greater impetus because of the unstable political situation that has developed in Washington.

Gallot told the Financial Times today that global tensions were “creating anxiety in the world” and customers were “looking for options to manage their business.”

“Sovereignty used to be a very niche thing, that applied to very regulated industries, such as defence and intelligence,” she said. “And suddenly in the current environment, everybody is thinking about it.”

Google wants to reassure European customers about their “requirements and expectations that they have around sovereignty,” Gallot added, “and we are here to provide a layered set of options so that our customers can operate and then their customers can benefit from it.”

The cloud giant said it has “forged key partnerships” in Asia, Europe, the Middle East, and the US to help it deliver these sovereign cloud services. Partners including Schwarz Group and T-Systems in Germany, S3NS in France, Minsait in Spain, Telecom Italia in Italy, Clarence in Belgium and Luxembourg, and World Wide Technology (WWT) in the US.

Google’s move come weeks after Microsoft acknowledged that mounting “geopolitical and trade volatility” between the US and Europe was unsettling some customers.

It pledged to “uphold Europe’s digital resilience” by saying it will build more datacenters in the region, and legally fight any order by the US government to “suspend or cease cloud operations in Europe.”

Microsoft said it is also working with local partners to pursue arrangements for public cloud datacenters on the continent. “We will store backup copies of our code in a secure repository in Switzerland, and we will provide our European partners with the legal rights needed to access and use this code if needed for this purpose.”

In March, Frank Karlitschek, CEO of Germany-based Nextcloud, told us:

“The Cloud Act grants US authorities access to cloud data hosted by US companies. It does not matter if that data is located in the US, Europe, or anywhere else.” ®