
As digital regulatory requirements continue to evolve, particularly in Europe, organisations in highly regulated sectors are exploring ways to maintain trust, compliance, and operational control in the cloud. Many are seeking solutions that not only help them to meet existing requirements such as data residency and protection, but also anticipate emerging mandates around transparency, operational independence, and digital sovereignty.
AWS offers a broad spectrum of capabilities that address data protection and compliance needs. In addition, Thales will bring its leading cybersecurity solutions to the AWS European Sovereign Cloud for customers requiring additional controls, particularly to meet national or sector-specific expectations - the AWS European Sovereign Cloud offers an option designed to balance those requirements with the performance and agility of public cloud infrastructure.
Rather than a one-size-fits-all approach, digital sovereignty is increasingly viewed as a spectrum of requirements that organizations may face depending on their geography, sector, and risk posture. These can range from basic data residency and encryption control to more advanced expectations around operational autonomy and compliance assurance.
“AWS has been sovereign-by-design since day one, and we believe it is essential to provide customers with choice over how they manage and secure their data in the cloud," said Max Peterson, VP Sovereign Cloud at AWS. "The AWS European Sovereign Cloud is designed to help customers meet emerging national sovereignty requirements while maintaining the innovation, scale, and agility our customers expect."
Thales has worked closely with customers to understand the challenges they face in adapting to changing sovereignty requirements. Thales brings security and compliance expertise that complements the AWS European Sovereign Cloud —allowing customers to operate securely and confidently.
“What we're seeing now is growing demand for capabilities that address emerging sovereign cloud requirements across Europe,” Sebastien Cano, SVP, Cyber Security Products Business Line at Thales, said. “Thales cybersecurity solution within the AWS European Sovereign Cloud helps customers implement the necessary controls to meet regulatory needs while enabling them to operate online with confidence, agility, and a competitive edge.”
Challenge: Many organizations, particularly in highly regulated industries, need to maintain strict control over their encryption keys while still leveraging cloud services.
Solution: Thales CipherTrust Cloud Key Manager enables customers using the AWS Key Management Service feature External Key Store (XKS) to manage their encryption keys outside AWS infrastructure. This “Hold Your Own Key” (HYOK) approach gives organizations the control they need to meet stringent regulatory requirements without sacrificing the benefits of cloud computing.
Challenge: As workloads become more distributed, organizations struggle to consistently protect personally identifiable information (PII) and sensitive business data across diverse cloud environments.
Solution: Thales CipherTrust Data Security Platform offers a unified approach to data protection. By providing robust encryption, tokenization, and data masking capabilities, it helps organizations maintain data privacy and reduce compliance scope across their entire cloud ecosystem.
Challenge: Organizations need to ensure only authorized users can access cloud environments while maintaining a seamless user experience, especially for customer-facing applications.
Solution: Thales offers a comprehensive portfolio of identity verification and authentication methods. This allows organizations to implement strong, policy-based access control that aligns with local compliance expectations without creating friction for legitimate users.
For customer-facing services, Thales' Customer Identity and Access Management (CIAM) solution—available on the AWS European Sovereign Cloud—enables secure, compliant, and user-friendly access to applications and data at scale.
Challenge: Organizations need to ensure that data routing and processing adhere to sovereignty requirements, even at the application level.
Solution: When moving applications to the AWS European Sovereign Cloud, customers can use Imperva Web Application and API Protection Web Application and API Protection (WAAP) to enforce data routing and inspection within EU boundaries. This supports security assurance while maintaining adherence to sovereignty requirements at the application layer.
Digital sovereignty isn't about choosing one path—it's about having the flexibility to meet changing requirements with the right tools and partners. Whether organizations are using existing AWS Regions or looking to the AWS European Sovereign Cloud for additional controls, Thales and AWS are working together to provide the security, compliance, and confidence needed to operate successfully in today’s complex digital environment.
"Working with Thales represents a significant step forward in helping customers navigate the complex world of digital sovereignty," said Max Peterson, VP Sovereign Cloud at AWS. "With our infrastructure and Thales' advanced security solutions, customers can meet evolving regulatory requirements without compromising on innovation or performance."
Thales, as a leader in cybersecurity and data protection, acts as a trusted partner by offering highly secure tailor-made solutions for the public, private, defence or restricted cloud. Thales is an AWS Advanced Technology Partner and supports organizations across sectors as they adapt to new regulatory demands and technological opportunities.