How Cloud Computing Brought the Data Sovereignty, Information Security, and Data Localization Debates Front and Center

Tom Keane
4 min readJun 8, 2023

There are entire generations — the millennials, Generation Z, and Generation Alpha, who are just turning 20 — who don’t remember a time when you looked at paper maps for driving directions or had to memorize a phone number if it wasn’t in your little black book. As a tech exec on the front lines of cloud computing, I can assure you, the generations that follow will consider a smartphone an antique. That’s how quickly the information age moves.

I’ve spent decades in the tech sector and played a pivotal role in bringing Azure, Microsoft’s cloud computing platform, to new markets and industries worldwide. Over the years, I’ve gained a unique perspective on the evolution of cloud services and the essential components within the data, privacy, and cybersecurity spaces. The rapid expansion of cloud services has helped shine a light on these concepts, including data sovereignty, information security, data protection, and data localization.

For the uninitiated (and really, the average consumer has little appetite for these details), data sovereignty is the concept that a government or nation has the right and authority to control the data and information stored, used, and transferred within its borders. Information security and data protection are practices used to protect information from unauthorized access, use, disclosure, destruction, or modification. Data localization is the practice of storing data within the borders of a specific nation or region, ensuring that data is stored and processed within the jurisdiction of a particular country so that it is subject to the laws and regulations of that country.

These are real issues that need to be constantly addressed and accessed in the real world.

With the right privacy, security, and storage safeguards in place, cloud providers can supply customers with unprecedented levels of efficiency, access, transparency, speed, and performance — all at competitive costs. Cloud providers have developed new offerings, such as infrastructure, software, and platforms provided “as a service,” niche offerings such as cloud security and automation in the cloud, cloud storage solutions, edge computing, and cloud-based Internet of Things (or IoT). These offerings can help businesses build, maintain, and deliver tech products and services without making heavy up-front capital investments or spending exorbitant amounts on hardware, software, security, or infrastructure maintenance. As the cloud continually evolves and expands into more spaces of everyday life, services, security, and sovereignty will become more complex — and more necessary.

Cloud Security Strategy

Cloud security is a critical component of any organization’s security strategy, as cloud-based services are increasingly used to store and process sensitive data. Cloud security involves authentication, authorization, access control, encryption, and other security measures to protect data and applications from unauthorized access, misuse, and data loss. Automation in the cloud involves the use of cloud-based tools and services to automate tasks such as provisioning, configuration, deployment, and management of cloud-based applications and services.

Cloud-based storage solutions are integral to cloud-based application development, analytics, mobile applications, and IoT solutions. Edge computing reduces latency and improves performance, and is ideal for applications that require real-time data processing and analysis. Cloud-based IoT can help to reduce costs by eliminating the need for on-premise infrastructure, and can improve scalability and flexibility by providing access to a larger pool of resources and services.

As with any technology, there are challenges associated with cloud services. Security is a major challenge for edge, IoT, and cloud computing, since data must be securely transferred and stored in the cloud. Additionally, IoT and cloud computing can be difficult to manage due to the complexity of the process. Cloud providers and customers must ensure that their data is secure and protected from cyber threats. Providers must ensure that their services are reliable and can handle high levels of traffic, and companies must be able to scale their cloud services as their needs change. Eventually, governments will catch up with technology and pass laws about cybersecurity. But until that time — and the legal process can be sluggish — it’s up to cloud providers to ensure best practices are followed.

Protecting Sensitive Data

Another vital consideration is data sprawl. Governments, national security and defense agencies, and international corporations and institutions that deal with sensitive data are rightfully concerned about the difficulties of controlling data that’s spread across multiple cloud regions. Providers must address concerns around data stored and managed outside of a nation’s borders, as well as using cloud computing services hosted by providers outside of a nation, since this may conflict with a nation’s data sovereignty and/or data privacy regulations.

Cloud computing has helped businesses reduce costs by allowing them to scale up and down their IT resources as needed. This flexibility can help companies reduce their IT costs and make them more resilient in the face of economic variability. It can also provide a much-needed competitive edge in a world of reduced margins and stagnating growth.

As someone who has been at the forefront of the cloud computing revolution, I have seen firsthand the benefits that cloud services can bring to businesses of all sizes. However, I am also acutely aware of the potential risks and challenges that come with this technology, especially regarding data sovereignty, privacy, and security. That’s why I have always emphasized the importance of taking a proactive approach to building and deploying cloud services that are both performant and compliant with relevant laws and best practices. By doing so, we can ensure that the cloud remains a safe and reliable tool.



Tom Keane

21-year Microsoft Developer and Manager | Seattle, Washington