Plan and prepare for Microsoft Cloud for Sovereignty in 2024 release wave 2
Important
The 2024 release wave 2 plan covers all new functionalities planned to be delivered to market from October 2024 to March 2025. In this article, you'll find the product overview and what's new and planned for Microsoft Cloud for Sovereignty.
Overview
Microsoft Cloud for Sovereignty is designed to assist public sector and regulated industry customers build and digitally transform workloads in the Microsoft Cloud while meeting their specific compliance, security, and policy requirements. Cloud for Sovereignty uses hardware-based confidentiality, encryption controls, tooling, and automation to establish the extra protection that governments require. Further, it provides tools and guidance to simplify, standardize, and improve confidence in the digital sovereignty of the public cloud throughout the cloud implementation lifecycle.
We're pleased to announce several new features we are releasing as part of 2024 release wave 2.
We continue to invest in improving the Sovereign Landing Zone (SLZ) experience for users. We closely align the SLZ with the Azure Landing Zone (ALZ) to extend the usability of SLZ controls, increasing reliance on Azure built-in policies, and expand the infrastructure configuration options. We will also have the first version of SLZ in Terraform.
We're releasing several new policy initiatives to augment our existing portfolio library. Customers can use these policies to help customize deployments in accordance with established regulatory compliance frameworks and government requirements. In addition to Azure's built-in policies, customers have access to the updated Sovereignty Baseline Policy initiative and additional country-specific and regulation-specific policy sets.
Updates to Microsoft Cloud for Sovereignty 2024 release wave 2
Investment areas
Compliance and transparency
Governments require confidence in the security and privacy of their data and the ability to keep innovating while protecting that data. They must also be able to meet their legislative or regulatory obligations and have more insights into the cloud operator's activities.
Microsoft Cloud for Sovereignty builds on top of the compliance and transparency capabilities that Microsoft already provides. Eligible customers can also take advantage of increased transparency over their environments' operations with tools and programs such as source code review, access to technical data, audit logs, and monitoring reports.
For qualified customers and government agencies, Microsoft Cloud for Sovereignty provides additional transparency into Microsoft activities through transparency logs. Additionally, eligible government agencies can benefit from the Microsoft Government Security Program.
Sovereign control portfolio
Microsoft Cloud for Sovereignty helps customers configure and protect their data and resources in ways that comply with their specific regulatory and sovereignty requirements. It includes ensuring that parties outside the customer's control, including Microsoft, can't access customer data. With the sovereign control portfolio, customers can add extra protection over sensitive workloads to prevent operator access to their data and resources, providing them with more data sovereignty. The portfolio includes the ability to use Terraform to manage Sovereign Landing Zones to configure, deploy their landing zones and enforce compliance; new policy initiatives to address strategies for additional regions around the world that includes Belgium FISP, New Zealand ISM, NIS2, and a new policy initiative for NATO's D32 directive.
Sovereign guardrails and guidance
Microsoft Cloud for Sovereignty offers guidance to support customers in configuring and operating their environments. In addition to leveraging existing concepts and services such as Infrastructure as Code and Azure Policy as Code, it provides access to codified architectures, workload templates, and tools to help create environments that comply with sovereignty, privacy, and regulatory requirements. Additionally, Cloud for Sovereignty reduces the complexity of cloud implementations by providing automation and tooling that make the process simpler, predictable, and repeatable by design.
To learn more about the entire set of capabilities being delivered during this release wave, check out the release plan for Microsoft Cloud for Sovereignty below: