I have private data and want to prevent others, including Microsoft, from seeing it, I have control. By setting up a landing zone for sovereignty, the data is stored in MCFS landing zones. This data is encrypted in use, at rest, and in transit. While the data is in use, no third-party user or Microsoft can view, capture, or read it. These landing zones are for specific customers. When I enter an MCFS zone, my data remains strictly confidential, and unauthorized users cannot see it. This is the basic principle. Confidential computing is used for data in use. There are three types of data: in-use, in-transit, and at-rest data. At rest means the stored data is encrypted. In-use data means when the data is in memory, it remains confidential to other users, cloud users, or hackers, preventing data leakage or hacking. None can capture my data. Confidential computing involves data in use. This serves as a reference architecture, not just a unique service. Compliance and governance are core concepts of sovereignty. Sovereignty combines compliance rules with local compliance regulations. Each country can develop its compliance rules and integrate them into Azure. Globally, countries have developed their compliance rules and sovereignty compliance packs for Azure. For example, GDPR is implemented in some countries. In Turkey, there is a regulation named Kaveh Kaka. In Italy, there are specific data classification and compliance rules. They package their computing and compliance rules for Azure, allowing access to Italian compliance rules in Azure. If I implement Microsoft Cloud for Sovereignty landing zones, I see specialized and customized computing packages.
