Sovereignty with Delos Cloud

Introduction

In episode 265 of our SAP on Azure video podcast we talk about Delos Cloud.

For some countries sovereignty in the context of running applications in the cloud becoms more and more important. There are lots of aspects when it comes to this and different countries look at their own sovereig implementation. In Germany the Delos cloud is such a sovereign and secure cloud platform and I am happy to have Marc Böhnke with us today.

Find all the links mentioned here: https://www.saponazurepodcast.de/episode265

Reach out to us for any feedback / questions:

• Goran Condric: https://www.linkedin.com/in/gorancondric/
• Holger Bruchelt: https://www.linkedin.com/in/holger-bruchelt/

#Microsoft #SAP #Azure #SAPonAzure #Delos #Sovereignty

Summary created by AI

• Delos Cloud Sovereignty and Compliance:
• Marc Bundke explained to Holger and Goran the concept of Delos Cloud as a sovereign cloud platform for Germany, detailing its compliance with German regulations, data localization, operational independence from Microsoft, and the legal, technical, and personnel requirements set by the BSI for public sector use.
  • Sovereignty Requirements: Marc described how Delos Cloud was designed from the outset to meet strict sovereignty requirements, including data localization, operational independence, and compliance with German law. The platform is physically and legally separated from Microsoft, with all operations and data management performed by Delos Cloud personnel who are security-checked and based in Germany.
  • BSI Regulatory Involvement: Marc explained that the German federal regulator (BSI) was involved from the beginning in defining nine key cloud platform requirements, such as local operations, physical separation, data flow control, update management, and legal jurisdiction, ensuring Delos Cloud meets all necessary standards for public sector use.
  • Operational and Legal Independence: Marc clarified that Delos Cloud operates independently from Microsoft, with Microsoft acting only as a technology provider. Delos Cloud is responsible for all operations, support, and contractual relationships with government entities, and is legally registered as a German GmbH, ensuring exclusive jurisdiction under German law.
  • Data and Technical Sovereignty: Marc highlighted that all data is stored and processed exclusively in Germany, with Delos Cloud owning and managing all encryption keys, including those for inter-service and hardware-level communication, ensuring that even Microsoft cannot access or decrypt customer data.
• Delos Cloud Architecture and Microsoft Technology Integration:
• Marc provided an overview to Holger and Goran of the Delos Cloud architecture, emphasizing its foundation on Microsoft Azure technology, the technical similarities and differences with public Azure, and the implementation of sovereign boundary services for secure operations and data flow.
  • Azure Technology Foundation: Marc explained that Delos Cloud is built entirely on Microsoft Azure technology, offering the same virtual machine types, services, and APIs as public Azure, but with separate DNS domains and endpoints to maintain sovereignty and isolation.
  • Sovereign Boundary Services: Marc described the implementation of special sovereign boundary services, developed by Microsoft specifically for sovereign cloud environments, which control and audit data flow and human account activities, including escorted and fully audited support access for Microsoft engineers.
  • Operational Model and Updates: Marc detailed how Microsoft continues to provide platform updates, feature enhancements, and bug fixes to Delos Cloud, but all updates are controlled, validated, and implemented by Delos Cloud under the supervision of German authorities, with full transparency and auditability.
  • Service Consistency and Onboarding: Marc and Goran discussed how existing Azure users and ISVs can easily onboard to Delos Cloud, as the APIs, tools (ARM, Bicep, Terraform, PowerShell, CLI), and portal experience remain consistent, lowering the barrier for migration and adoption.
• Delos Cloud Service Portfolio for Public Sector:
• Marc outlined to Holger and Goran the range of services available on Delos Cloud, including Microsoft Office 365, Azure IaaS and PaaS, SAP solutions, and support for ISVs and open source, all delivered in a sovereign, compliant environment for German federal, state, and municipal authorities.
  • Microsoft Productivity Suite: Marc emphasized that Delos Cloud uniquely offers the full Microsoft Office 365 productivity suite (Teams, Exchange Online, SharePoint Online, Power BI, etc.) in a sovereign fashion, meeting all BSI requirements and enabling secure, compliant collaboration for public sector customers.
  • Azure Cloud Services: Marc confirmed that Delos Cloud provides the same Azure services (VMs, storage, databases, analytics, etc.) as public Azure, allowing government entities and partners to build and deploy solutions with familiar tools and scalability.
  • SAP and ISV Solutions: Marc explained that SAP will act as an ISV on Delos Cloud, offering its portfolio (PCE, SuccessFactors, BTP, etc.) for public sector use, and that other ISVs and solution partners can also deploy specialized applications, including open source and custom developments, on the platform.
  • Use Cases for Government Entities: Marc described practical use cases, such as municipalities deploying digital processes (e.g., parking voucher portals) and integrating sensitive personal data securely, as well as leveraging SAP ERP and HR solutions, all within the sovereign Delos Cloud environment.
• AI and Future Service Expansion in Delos Cloud:
• Marc responded to Holger’s questions about AI, confirming ongoing negotiations and technical planning for integrating AI services, including Azure AI Foundry and GPU-based infrastructure, into Delos Cloud to support future innovation and ISV solutions.
  • AI Service Planning: Marc shared that SAP, OpenAI, Microsoft, and Delos are working on bringing AI capabilities to Delos Cloud, with discussions focused on operational, technical, and contractual requirements for GPU-based infrastructure and AI Foundry services.
  • Operational and Resource Considerations: Marc noted that deploying AI services requires significant investment in hardware, energy, and operational resources, and that Delos Cloud is evaluating the necessary skills and processes to support these advanced workloads in a sovereign context.

• Delos Cloud
• OpenAI and SAP

• 0:00 Intro
• 1:20 Introducing Marc Böhnke
• 5:00 What is Delos Cloud
• 6:50 Offerings for the digitization of Germany in the context of Digital sovereignty
• 12:40 Target of SAP Cloud infrastructure for Germany
• 13:30 Cloud Platform Requirements from the BSI
• 17:20 All BSI requirements are fullfilled
• 23:50 Delos Cloud - receiving updates
• 30:30 Microsoft Tech Stack for public sector
• 32:30 Delos Cloud - Open Infrastructure