Lionel Merrien | VP, Strategy and Innovation
As regulatory requirements for digital sovereignty continue to evolve, European organizations—particularly in highly regulated sectors—are seeking solutions that address emerging national sovereignty mandates. While the existing AWS Regions already help customers to meet diverse local regulatory requirements and provides comprehensive data residency controls, some organizations face additional regulatory obligations that require enhanced sovereignty capabilities.
"AWS has been sovereign-by-design since day one, and we believe it is essential to provide customers with choice over how they manage and secure their data in the cloud," said Max Peterson, VP Sovereign Cloud at AWS. "The AWS European Sovereign Cloud is designed to help customers meet emerging national sovereignty requirements while maintaining the innovation, scale, and agility our customers expect."
Understanding the Sovereignty Spectrum
It's important to distinguish between different levels of sovereignty requirements:
- Data Protection and Residency: AWS cloud services and controls
- Transparency and Independence: Built and controlled in the EU
- Enhanced Sovereignty Requirements: New national mandates requiring additional controls
The AWS European Sovereign Cloud specifically addresses enhanced sovereignty requirements, providing additional controls for organizations that must meet evolving national regulatory frameworks.
“What we're seeing now is growing demand for capabilities that address emerging sovereign cloud requirements across Europe,” Sebastien Cano, SVP, Cyber Security Products Business Line at Thales, said. “As an AWS Advanced Technology Partner, our integration with the AWS European Sovereign Cloud helps customers implement the necessary controls to meet regulatory needs while enabling them to operate online with confidence, agility, and a competitive edge.”
Addressing Customer Challenges in Sovereign Cloud Deployments
As organizations navigate the complex landscape of evolving sovereignty requirements, they face several key challenges. Thales has worked closely with customers to understand these pain points and develop targeted solutions that complement the AWS European Sovereign Cloud.
Maintaining Control Over Encryption Keys
Challenge: Many organizations, particularly in highly regulated industries, need to maintain strict control over their encryption keys while still leveraging cloud services.
Solution: Thales CipherTrust Cloud Key Manager enables customers using the AWS Key Management Service feature External Key Store (XKS) to manage their encryption keys outside AWS infrastructure. This “Hold Your Own Key” (HYOK) approach gives organizations the control they need to meet stringent regulatory requirements without sacrificing the benefits of cloud computing.
Protecting Sensitive Data Across Complex Environments
Challenge: As workloads become more distributed, organizations struggle to consistently protect personally identifiable information (PII) and sensitive business data across diverse cloud environments.
Solution: Thales CipherTrust Data Security Platform offers a unified approach to data protection. By providing robust encryption, tokenization, and data masking capabilities, it helps organizations maintain data privacy and reduce compliance scope across their entire cloud ecosystem.
Balancing Strong Security with User Experience
Challenge: Organizations need to ensure only authorized users can access cloud environments while maintaining a seamless user experience, especially for customer-facing applications.
Solution: Thales offers a comprehensive portfolio of identity verification and authentication methods. This allows organizations to implement strong, policy-based access control that aligns with local compliance expectations without creating friction for legitimate users.
For customer-facing services, Thales' Customer Identity and Access Management (CIAM) solution—available on the AWS European Sovereign Cloud—enables secure, compliant, and user-friendly access to applications and data at scale.
Enforcing Data Sovereignty at the Application Layer
Challenge: Organizations need to ensure that data routing and processing adhere to sovereignty requirements, even at the application level.
Solution: When moving applications to the AWS European Sovereign Cloud, customers can use Imperva Web Application and API Protection Web Application and API Protection (WAAP) to enforce data routing and inspection within EU boundaries. This supports security assurance while maintaining adherence to sovereignty requirements at the application layer.
"At Thales, we've listened carefully to our customers' sovereignty challenges," said Sebastien Cano, SVP, Cyber Security Products Business Line at Thales. "By addressing these specific pain points, we're helping organizations confidently move forward with their sovereign cloud strategies on the AWS European Sovereign Cloud, knowing they have the tools to meet both current and future regulatory requirements."
The Future of Cloud Sovereignty
Together, the AWS European Sovereign Cloud and Thales enable organizations to:
- Build upon existing infrastructure
- Address emerging national sovereign cloud requirements
- Implement additional controls where required by specific regulations
- Maintain operational efficiency while meeting enhanced sovereignty mandates
"Working with Thales represents a significant step forward in helping customers navigate the complex world of digital sovereignty," said Max Peterson, VP Sovereign Cloud at AWS. "With our infrastructure and Thales' advanced security solutions, customers can meet evolving regulatory requirements without compromising on innovation or performance."
Advanced Technology Partners like Thales will help organizations navigate the evolving regulatory landscape while leveraging the full benefits of cloud computing, whether using standard AWS services or implementing additional sovereign controls through the AWS European Sovereign Cloud. As data sovereignty requirements continue to evolve, AWS and Thales remain committed to providing solutions that empower businesses to thrive in the digital economy while maintaining trust and compliance.