The European public sector increasingly emphasizes digital sovereignty requirements in its procurements. This is particularly clear in Sweden, Germany, and other countries following in their footsteps. For European PaaS and SaaS providers to get ahead of customer demands, they must proactively seize the business opportunity digital sovereignty presents. A multi-cloud strategy that includes an entirely European IaaS lets customers choose their preferred flavour and ultimately enables them to ensure that their data is handled entirely within the EU according to the GDPR and local data legislation.
Table of contents
Secure data sovereignty amidst geopolitical shifts
A critical driver for SaaS and PaaS providers to adopt a multi-cloud strategy is to offer data sovereignty for any region. The fact that some IaaS providers are subject to laws outside the EU with extraterritorial effects, which can reach data in the EU, has become increasingly apparent. Therefore, organizations’ legal teams and procurement decision-makers across the continent seek SaaS and PaaS solutions relying on alternative IaaS providers.
The GDPR was the first significant driver to impact the data protection and privacy landscape. Since 2018, the invalidation of Privacy Shield and other geopolitical events and tension, most notably the war in Ukraine, have been influential drivers for prioritizing digital sovereignty.
Become eligible and help foster innovation
Including an entirely European IaaS into your multi-cloud strategy allows customers to run their workloads with the regulatory assurance of their choice. Therefore, a compliant IaaS provider is critical to becoming eligible for EU procurers in the public sector.
It also allows SaaS and PaaS providers to capitalize on each provider’s unique capabilities, features, and pricing structures. The result is cost efficiency and the promotion of new, innovative solutions that meet and exceed the expectations of public sector organizations in the EU.
For SaaS and PaaS providers, a multi-cloud strategy reduces vendor lock-in, providing the flexibility to switch providers or adopt new services as needed. This is particularly important in the rapidly evolving technology landscape, where adapting and adopting new solutions is crucial. By leveraging a multi-cloud approach with compliance as a pillar, SaaS and PaaS providers targeting European public sector organizations can prove capable of controlling data and applications while ensuring the flexibility needed to remain agile and competitive.
Adding a European IaaS
A multi-cloud strategy is the best way for European SaaS and PaaS companies to fulfill data processing requirements while maintaining compliance with the GDPR and local data legislation. By adding a European IaaS, organizations can:
- ensure data sovereignty
- enhance security and resilience
- encourage competition and innovation
- and promote vendor independence.
As the European public sector continues to prioritize privacy and data protection, regulatory compliance, and digital sovereignty, adding a European IaaS to a multi-cloud strategy will be essential for meeting European public sector organizations’ unique needs and challenges.
The case of boost.ai
In response to regional data legislation, industry-specific stipulations, and the unique needs of the public sector, boost.ai chose to revamp its cloud delivery approach by transitioning from a single-cloud to a multi-cloud SaaS strategy.
“Some customers in the public sector have historically used our on-prem solution to keep full control over data processing and to avoid data transfers to third countries. However, as cloud adaptation has grown in general, regions, municipalities and governmental bodies have increasingly queried for the ability to utilize our chatbots as cloud services”— Hadle Ropeid Selsås, Chief Cloud Officer at boost.ai
With this insight in mind, boost.ai initiated a project to identify and adopt an additional IaaS partner as part of their multi-cloud strategy. By doing so, the company would fulfill the needs of the European public sector and their requirements to store and process their data with an European entity that can ensure that data is processed, stored and handled within Europe according to GDPR and other regional and data legislations. Above this, the digital infrastructure also needed to comply with boost.ai’s high demand on features and technical requirements.