Microsoft is reaching a major milestone in the realm of data sovereignty and digital privacy with its latest update to the EU Data Boundary for Microsoft Cloud. This initiative reinforces Microsoft’s commitment to European values and the specific needs of its commercial and public sector customers in Europe.
This update is part of a larger effort by Microsoft to empower its European customers across all sectors and countries in the region. Initiatives include the implementation of European Cloud Principles, the expansion of Microsoft Cloud for Sovereignty, collaboration with leading technology companies in Europe for sovereign solutions, and ongoing investment in global infrastructure, which already includes over 60 cloud regions, including 11 in Europe.
A significant advancement on this path is the EU Data Boundary of Microsoft Cloud. Following its first phase last year, which allowed for the storage and processing of customer data within the boundary for services such as Microsoft 365, Azure, Power Platform, and Dynamics 365, Microsoft has taken it a step further. Now, the company is expanding its commitment to local storage and processing to include all personal data, such as automated system records, positioning itself as the first large-scale cloud provider to offer this level of data residency to European customers.
The current improvements in the EU Data Boundary for Microsoft Cloud focus on three main areas:
1. Expanded Local Storage and Processing of Personal Data: The EU Data Boundary now includes pseudonymized personal data present in records generated by the system, automatically produced as part of the services’ standard operation. This allows customers to store and process even more data within the European Union, enhancing control over it.
2. Transparency and Information Resources: Microsoft provides new transparency resources, including documentation and information accessible on the EU Data Boundary Trust Center website.
3. Investments in EU-Based Technology: To further protect pseudonymized personal data within the boundary, Microsoft has made significant investments in implementing technology based in the EU. This includes the use of virtual desktop infrastructure within the EU Data Boundary to monitor systems without the need for physical data transfers or storage outside of the European Union.
Maintaining Industry-Leading Security for European Customers
In the process of implementing the EU Data Boundary, Microsoft continues its commitment to world-class cybersecurity. The company has over 8,000 global experts analyzing billions of daily signals to detect threats and provide timely and relevant cybersecurity information to mitigate malicious activities. To ensure that its European customers receive the same top-level security as other global customers, any transfer of data outside the EU for security purposes will be documented, limited to what is strictly necessary for critical cybersecurity functions, and used solely for these purposes.
Next Steps in the Evolution of the EU Data Boundary
Later this year, Microsoft will launch the next phase of its EU Data Boundary for Microsoft Cloud. This phase will transform the processing and storage capabilities of data required during technical support interactions. It will ensure that support data is stored within the boundary, and when necessary to access it from outside the EU to enable world-class support, any temporary data transfer will be limited and secured through technical approaches such as Virtual Desktop Infrastructure. Additionally, Microsoft is developing a paid support option that will offer an initial technical response from within the EU.
Microsoft’s EU Data Boundary solution goes beyond European compliance requirements and reflects its commitment to providing reliable cloud services. These services are designed to harness the power of public cloud while respecting European values and offering the most advanced sovereignty controls and features available in the industry today.
via: blog Microsoft