Thales Blog

What is Digital Sovereignty and Why is it Important in a Cloud Environment?

May 26, 2022

Blake Wood Blake Wood | Director of Business Development More About This Author >

Last week, I had the opportunity to attend the Google Cloud Security Summit digital event and share how Thales and Google are working together to accelerate cloud migration safely and efficiently. There are many factors driving the need for customers to move their data to the cloud and explosive data growth is one those factors. The total amount of data on earth exceeded 1 zettabyte in 2010 and it has continued to grow exponentially since then. We are expecting 181 zettabytes of data by 2025 and it will continue to grow from there.

Once data is in the cloud, another major factor to contend with is the 1,800 + compliance laws around the globe. Here in the U.S., many of our states have their own unique privacy laws as well. Managing the privacy landscape and being compliant is becoming more challenging by the day. The best thing for companies looking to maintain privacy compliance is to design their data systems for the strictest privacy requirements.

We are seeing a demand for customers to have control over their encryption keys as they go into the cloud. By 2024, we estimate that 40% of customers will be using external keys in some form such as BYOK and HYOK. External keys is an area very near and dear to Thales and one of the areas that we are a leader in. We have a great product that addresses this concern directly called CipherTrust Cloud Key Manager which is integrated with Google Cloud’s Key Management System and External Key Manager APIs.

Digital sovereignty and cloud adoption are interlinked and this is where Google Cloud excels and is leading the field. The concept of digital sovereignty is described in three distinct areas.

First is data sovereignty, which is about protecting your data from subpoena and keeping your data private and compliant with regulations like GDPR (EU) and CCPA (California). Thales gives you the ability to control the encryption keys and the encryption process for your data in the Google Cloud.

Second is operational sovereignty, which gives you the ability to have visibility and control over the cloud provider’s access in order to prevent leakage of your data or your credentials that would allow access to your systems. The Thales CipherTrust Transparent Encryption product can also help protect against ransomware because it can control access down to the process-level and ensures that rogue or unauthorized processes cannot decrypt your sensitive data.

Third, is software sovereignty, which provides for resilience in the hybrid multi-cloud and prevents vendor lock-in with the CSP. This is where Thales CipherTrust Key Manager can help by providing a single pane of glass to manage your encryption keys across all of your Cloud environments.

Thales and Google together can help accelerate cloud migration. At Thales, we protect everything from big data, intellectual property, financial data, IOT, payments, enterprise data (such as structured data in relational databases and unstructured data like those files you save on file servers or file storage that can reside all over the place with sensitive data in it).

In our eBook Achieve Digital Sovereignty with Thales, we describe how Thales can help organizations achieve data, software and operational sovereignty with automated risk assessment and the centralized protection and control of sensitive data across cloud and on-premises systems.