Microsoft Enhances Data Sovereignty Tracking In Security Tools

Microsoft Enhances Data Sovereignty Tracking In Security Tools

Organizations must now maintain essential data and operational control in the cloud amid new regulations, higher resilience standards, and rapid technology evolution.  

In June 2025, Microsoft CEO Satya Nadella introduced solutions through Microsoft Sovereign Cloud to address these challenges. We continually strengthen our approach to sovereignty, ensuring we meet customer needs and comply with regulations for both our sovereign public and private clouds. Today, we announce new features that enhance our security and digital sovereignty controls, offer advanced AI, and provide broader scale, supported by local partner experts. Key updates include:  

  • End-to-end AI data processing in Europe as part of the EU (European Union) data boundary, which means data processed by artificial intelligence stays completely within the borders of the European Union.  
  • Microsoft 365 Copilot now offers in-country processing for Copilot interactions in 15 countries. Details are available on the Microsoft 365 blog.  
  • Expansion of the Sovereign Landing Zones service, which are pre-configured secure cloud environments set up according to specific sovereignty requirements. Now, Microsoft Azure Local (a locally operated version of Azure) also supports disconnected operations, allowing these systems to run without an active internet connection.  
  • Microsoft 365 Local is now generally available.  
  • Azure Local, a version of Microsoft’s cloud platform operated in specific locations for greater data control, now supports a greater maximum number of servers, external SAN (storage area network, a type of shared data storage), and the latest NVIDIA GPUs (graphics processing units used for complex computing tasks like AI).  
  • Our partner digital sovereignty specialization is now available.  

Microsoft Sovereign Cloud: Continuous Innovation 

Our latest updates deliver new digital sovereignty features in AI, security, and productivity. More enhancements are coming soon to better support customers’ sovereign cloud needs.  

We know that ongoing innovation is important, and we have started putting many of our promises into action. As of this month, we have:  

  • Established a European board of directors composed of European nationals exclusively overseeing all data center operations in compliance with European law, thereby putting Europe’s cloud infrastructure into the hands of Europeans.  
  • Increased European data center capacity with recent launches in Austria and an upcoming launch in Belgium this month  
  • Expanded open source investment through funding secure open source software (OSS) projects and collaborations, as well as publishing  
  • AI access principles that widen safe, responsible access to advanced AI, helping European developers, startups, and enterprises compete more effectively across the region  
  • Advance our European security program by providing AI-powered intelligence and cybersecurity capacity-building initiatives to strengthen Europe’s digital resilience against threat actors.  

Building on our sovereign efforts, we are now launching new Sovereign Public Cloud and AI capabilities to further strengthen compliance and control. 

Organizations need comprehensive sovereignty solutions that enable compliance and control from the start of their planning.  

EU Data Boundary Includes AI Data Processing Residency 

We are keeping our promises regarding AI data processing by ensuring that data processed by AI services for EU customers remains within the European Union unless the customer asks otherwise.  

This means that all customer data, whether stored or in transit, will be kept and processed only in the EU. We use strict controls and clear processes to meet EU customer requirements.  

Expanding Microsoft 365 Copilot In-Country Data Processing To 15 Countries. 

After years of investing in global infrastructure and strong data residency, Microsoft will now provide in-country data processing for Microsoft 365 Copilot interactions in 15 countries worldwide.  

By the end of 2025, customers in Australia, India, Japan, and the United Kingdom will be able to have their Microsoft 365 Copilot interactions processed in their own country. In 2026, we will add this option for customers in 11 more countries, including Canada, Germany, Italy, Malaysia, Poland, South Africa, Spain, Sweden, Switzerland, the United Arab Emirates, and the United States.  

New Sovereign Landing Zone (SLZ) Foundation 

We are also launching an updated sovereign landing zone (SLZ) built on the trusted Azua landing zone (ALZ) foundation.  

The sovereign landing zone is our recommended setup for customers who want to use sovereign controls in the Azure private cloud.  

The refresh of the sovereign landing zone includes:  

  • Updated management group hierarchy and supporting Azure policy definitions, initiatives, and assignments to help implement the sovereign public cloud controls.  
  • We provide guidance on where to deploy Azure Key Vault managed by HSM (Hardware Security Module, a dedicated device for securely managing cryptographic keys), if needed, as part of level two sovereign controls.  
  • Deployment is easier now with the Azure Landing Zone Accelerator and Azure Landing Zone Library. For more details, see the Sovereign Landing Zone (SLZ) implementation options.  

In the coming months, we will add more built-in Azure policy definitions, initiatives, and assignments to the sovereign landing zone. This will help customers set up sovereign controls in the public cloud more quickly.  

Using sovereign landing zones gives customers a clear structure that speeds compliance with local sovereignty rules and simplifies policy management. It also helps organizations scale their workloads across Azure regions while remaining aligned with regulations and maintaining consistent operations.  

New Sovereign Private Cloud and AI Capabilities 

As organizations prioritize sovereignty, balancing compliance and innovation is crucial. Our updates merge advanced AI and scalable infrastructure across public and private clouds.  

Supporting Thousands Of AI Models On Azure Local With NVIDIA RTX GPUs. 

We are improving our sovereign private cloud with Azure Local, introducing a new Azure option that leverages the latest NVIDIA RTX PRO 6000 Blackwell Server Edition GPU for high-performance AI workloads in secure environments.  

This GPU can run over 2,000 models, including GPT, OSS, DeepSeek V3, Mistral, NeMo, and Llama 4 Maverick. It enables organizations to accelerate AI projects securely in a private cloud, supporting innovation and the adoption of advanced solutions while ensuring strong data protection and compliance.  

Customers can access thousands of ready-to-use open source AI models for tasks such as generative AI, analytics, and real-time decision-making, all with strong governance.  

Increasing Azure Local Scale to Hundreds of Servers 

Previously, Azure Local supported clusters of up to 16 servers. With our latest updates, it can now handle hundreds of servers. This change helps organizations with large or growing needs run bigger and more complex workloads, scale easily, and meet security and sovereignty requirements in Europe and worldwide.  

SAN Support On Azure Local 

One important update is that Azure Local now supports storage area networks (SANs), specialized, high-speed networks that provide access to consolidated, block-level data storage. Customers can securely connect their current on-premise storage to Azure Local, making it easier to use their existing storage while taking advantage of cloud services. This helps keep data in the right location and gives European businesses greater flexibility to comply with local data rules without sacrificing performance or control.  

Microsoft 365 Local: General Availability of Key Workloads 

Another key update is that Microsoft 365 Local is now generally available. This brings core tools like Exchange Server (for email), SharePoint Server (for document management), and Skype for Business Server (for communications) directly to Azure Local. Starting in December, customers can use these tools on Azure Local in connected mode, with a fully isolated option coming early in 2026. This setup lets organizations maintain full control while meeting strict compliance and data residency requirements.  

Disconnected Operations: General Availability 

Microsoft’s Sovereign Private Cloud brings sovereignty principles to dedicated environments for organizations with strict compliance and control needs using Azure Local. Azure Local lets government agencies, global companies, and regulated groups keep local control while still using Microsoft’s global cloud platform.  

Disconnected operations for Azure Local, available in early 2026, let customers manage multiple on-premise clusters from a single control system. Organizations can securely run private cloud operations independently, ensuring business continuity even in remote settings.  

New Partner: Digital Sovereignty Specialization Now Available 

We are launching the Digital Sovereignty Specialization in the Microsoft AI Cloud Partner Program. This specialization enables partners to demonstrate expertise in secure, compliant, and sovereign cloud solutions for Azure and Microsoft 365. Partners who earn this badge show they can meet strict data privacy and regulatory standards, supporting customer control and innovation. The specialization includes rigorous audits and offers benefits such as increased visibility, special recognition, and priority access to sovereign cloud projects.  

Looking Ahead: Advancing Sovereignty Through Greater Controls 

The Microsoft Sovereign Cloud Roadmap will introduce new capabilities to address evolving customer needs, including:  

Sovereign Private Cloud 

  • Enhanced change controls: We will introduce a set of configurable policies and approval workflows that empower organizations to exercise explicit oversight over changes propagating from the cloud to the edge, strengthening governance and compliance.  
  • Site-to-site disaster recovery: Azure site recovery in Azure local helps maintain business continuity by keeping business apps and workloads running during outages.  
  • Moving from hybrid to fully disconnected: Azure Local enables customers to transition workloads from hybrid to fully disconnected operations, providing flexibility for business continuity.  

National Partner Clouds 

National partner clouds are a key part of our sovereign cloud strategy. They offer independent cloud environments that deliver Microsoft Azure and Microsoft 365, all under local ownership and control.  

  • Delos Cloud is designed to meet the German government’s BSI cloud platform requirements.  
  • Bleu is designed to meet the French government’s ANSSI SecNumCloud requirements.  

For many public sector organizations, ERP is a critical workload that requires modernization to cloud environments. SAP is planning to deploy its RISE with SAP offering on Microsoft Azure for both Bleu and Delos cloud customers. In addition to supporting RISE with SAP for customers using Microsoft Azure public cloud deployments.  

Learn More About Microsoft’s Sovereign Solutions 

Microsoft offers leading sovereign solutions, including a flexible public cloud, a private cloud that grows with your business, and national partner clouds built for specific compliance needs. We are committed to ongoing investment and innovation so our customers can achieve sovereignty without compromise.  

Find out more about the latest in cloud innovation this November at Microsoft Ignite. Learn more and sign up today.

Source: Microsoft strengthens sovereign cloud capabilities with new services