A European cloud to guarantee our digital sovereignty

By IT Nation

How can trust be guaranteed in the digital age? This is a key issue that has guided EBRC’s business for nearly 20 years. Among the given answers, there is currently a desire to guarantee digital sovereignty in Europe. And to that end, a desire to develop a trusted, secure European cloud that can function as a supplementary alternative to those of the American and Asian giants.

In the digital age, value is created from data. Therefore, this key asset must be properly protected. On the planet, the global volume of digital data was 33 zettabytes at the end of 2018 (for reference, one zettabyte is equivalent to 1 million petabytes, or 1 billion terabytes); this is a very large amount of data and the trend is only accelerating with forecasts expecting up to 175 zettabytes by 2025, according to IDC. Significant IT resources are required to store and process all this data, as well as to share it more easily. "In this context, we have witnessed a massive globalisation of the distribution of IT services through the cloud, and more particularly the global platforms that are developing worldwide," said Yves Reding, CEO of EBRC. However, in his view, this model has certain limitations. "I have often compared the emergence of the cloud to the industrialisation of agriculture. Since the late 1960s, agricultural models have evolved significantly towards the intensification of livestock and crop farming, in order to optimise yields and feed the entire planet. However, the movement has led to certain abuses, such as the misuse of pesticides and the degradation of the nutritional quality of our food. So much so that a countermovement is taking place, with consumers returning to the roots of agriculture. Today's food is data. To draw a parallel, there are also many abuses in the world of the cloud, for example in the areas of confidentiality and data security. EBRC offers local cloud services that are highly-regulated, audited and certified in much the same way as organic brands”.

Trust: a fundamental component of digitisation

An example can highlight the importance of trust, a fundamental component that guarantees the sustainability of the relationship between a service or product provider and the consumer. The industrialisation of digital services, on a global scale, also raises many questions. "Knowing that 12 zettabytes of data are currently transiting through the cloud and that this volume could reach 80 zettabytes or 45% of all global data in 2025, we quickly understand what is at stake for the economy and society. While the move to the cloud is inevitable and this way of consuming the resource provides each organisation with greater agility, the key issue to be addressed remains the trustworthiness of one’s cloud service provider," continued Yves Reding. “Today, however, most organisations have little choice but to accept the terms and conditions dictated by the major global providers.”

The move to the cloud is inevitable

Offering tailored guarantees

In this ecosystem, EBRC asserts a unique positioning, with local services and the deployment of tailored solutions. The aim is first and foremost to secure the stakeholders’ trust, by providing access to all the advantages of the cloud while providing satisfactory answers and guarantees in terms of security and governance of information systems and data. "We develop cloud services with a human face, by implementing personalised approaches for each of our customers, by drawing up contracts tailored to the companies’ specific needs", said Yves Reding. “Through our nearly 20 years of experience serving organisations operating critical transactions and managing sensitive data, we have always placed trust at the heart of our concerns. In 2011, we developed our Trusted Cloud Europe, asserting our commitment to support the digital transformation of organisations to achieve greater agility while guaranteeing information security." This trust is based on numerous certifications: ISO27001, ISO22301, ISO20000, ISO9001, PCI DSS, Tier IV, and more. "We are guided by certifications that constitute a spiral of continuous improvement in the quality of our services and that establish guarantees for our international customers", said EBRC's CEO.

Supporting stakeholders in their migration

At the heart of this trend, organisations that want to take advantage of the many opportunities offered by the cloud must therefore ask themselves the right questions and be able to plan for the future. "By working alongside these stakeholders, and mainly those who need strong guarantees with regard to their data or the continuity of their services, we support their transformation", said Yves Reding. “On the basis of a cloud assessment, in other words an analysis of risks and issues, we build a tailored solution. By identifying opportunities, organising data and system governance through the cloud, we will be able to implement an appropriate, potentially hybrid architecture."

We build a tailored solution

Guaranteeing control of the cloud environment

It is crucial that each cloud officer is able to identify the issues, understand the ins and outs of contracts and maintain control over their entire system environment. "We are on hand to help them drive the implementation of their cloud solutions and provide them with the tools to manage it over time. Thanks to the "Cloud Assessment" platform that we designed on the basis of our partner Egerie Software's solution, our customers retain control over their entire cloud environment.”
 
In terms of the cloud, EBRC is able to offer a tailored response to each context: with EBRC private or public cloud, and hyper-cloud for specific needs such as, for example, access to artificial intelligence solutions. "However, in all cases, we ensure optimal data security over time by guaranteeing the cyber-resilience of our customers and control of their data", said EBRC's CEO.

Building a sovereign European cloud

One of the ambitions, in this process of improving organisations’ cyber-resilience, is to contribute to the development of a European trusted cloud. Digital sovereignty has become a major issue. However, while there are many digital stakeholders on our continent, their size and regional nature do not enable them to compete with global hyper-clouds. In 2018, in order of importance, AWS, Microsoft Azure, Google Cloud, Alibaba Cloud and IBM Cloud accounted for 65% of the global cloud market. Thus, two thirds of the workloads of organisations worldwide use the services of American or Asian hyper-cloud providers. Business leaders and politicians must consider the constraints of such dependence. The Cloud Act, for example, still creates a feeling of uncertainty for all customers who use the cloud services of the American giants.

Since 2011, with Trusted Cloud Europe, EBRC has been offering a sovereign cloud based in its Tier IV data centres in Luxembourg in a highly-regulated environment. "Current and future European policies must help us to build a digital Europe, through different initiatives. These include the GDPR, the NIS Directive, the CyberSecurity Act which came into force on 27 June 2019, and the European Cybersecurity Certification Project. The NIS Directive aims to strengthen the cyber-resilience of Operators of Essential Services, such as healthcare providers, transport providers, and others, as well as Digital Service Providers such as Cloud Providers. For these critical stakeholders, the NIS Directive provides a framework for enhancing the security and availability of essential services. As a stakeholder regulated by the financial sector supervisory authorities, these are measures that we had already implemented in Luxembourg. However, the NIS Cybersecurity Directive also reveals the real need for a sovereign cloud in Europe to protect our key companies and their data from the many threats in the digital world.”

A European cloud to supplement hyper-clouds

In addition to developing its sovereign cloud, EBRC has also implemented hybrid cloud features with hyper-clouds. As a result, EBRC can activate connections to the entire global cloud ecosystem through its partner InterCloud, a French company, offering connections to more than 100 cloud destinations around the world. Today, while allowing the creation of tailored environments, the company offers a whole series of innovations. "Through our cloud, our customers can now access advanced DevOps services (OpenShift environments, Kubernetes as a Service, etc.)", said Yves Reding. “Not only do we bring development teams closer to operations, so that our customers can implement continuous delivery processes, but we also support them so that they better integrate the aspects of security and high availability into the core of the process.”

Capitalizing on its founding values, EBRC wishes more than ever to be a European reference operator for cloud services intended for the most sensitive stakeholders, the guarantor of cyber-resilience for organisations in finance, critical industries, the aerospace sector, defense, healthcare, international institutions and, of course, Operators of Essential Services.

HEXATRUST, to strengthen European digital sovereignty

Strengthening European digital sovereignty is a long-term process, involving the mobilisation of a wide range of stakeholders. To this end, EBRC recently joined HEXATRUST, an association of innovative companies, a real winning alliance of cloud computing and cybersecurity champions. "The association has about sixty different stakeholders, offering a multitude of services in the sector. Together, we consider the elements that should make it possible to guarantee market confidence in digital services in Europe. From this perspective, recent exchanges revealed a willingness to work towards a European trusted, efficient and secure cloud. However, other initiatives are also examined, such as how to enable European stakeholders, and in particular a cybersecurity industry, to emerge in an extremely competitive environment.”