Microsoft is empowering customers by bringing significant enhancements and new features to the EU Data Boundary for the Microsoft Cloud. With today’s update, Microsoft takes another decisive step in expanding its suite of trusted cloud services that respect European values and meet the specific requirements of our commercial and public sector customers in Europe.
Today’s announcement is part of a larger initiative aimed at enabling our European customers to thrive in every sector and every country in the region – from implementing our European Cloud Principles, to our ongoing work expanding our Microsoft Cloud for Sovereignty, to our sovereign solutions that we will deliver in partnership with leading European technology companies, to our continued global infrastructure investments now spanning over 60 cloud regions, including 11 cloud regions in Europe.
To continue to offer our customers a spectrum of solutions that best meet their needs, we are proud to announce a significant step forward in delivering Microsoft’s EU Data Boundary for the Microsoft Cloud. Last year, as the first step in our phased approach to the rollout of the EU Data Boundary, we delivered the ability to store and process customer data within the boundary for Microsoft 365, Azure, Power Platform and Dynamics 365 services.
Building on that initial release, today Microsoft further expands our local storage and processing to include all personal data, such as automated system logs, making Microsoft the first large scale cloud provider to deliver this level of data residency to European customers.
Today’s enhancements to the EU Data Boundary for the Microsoft Cloud focus on three areas:
First, we are going beyond customer data and are further expanding our local storage and processing commitments to now include all personal data within the boundary. Through significant investments and dedicated efforts by thousands of engineers, our EU Data Boundary now enables the processing and storage of all data in the EU across Microsoft core cloud services – Azure, Microsoft 365, Power Platform and Dynamics 365. This means the EU Data Boundary now includes pseudonymized personal data. This data is found in system-generated logs, produced automatically as part of the standard operation of the services. With this expansion, the EU Data Boundary allows our customers to store and process even more of their data within the European Union and enriches customer control.
Second, we know that our customers need a clear and comprehensive view of the data handling, limited transfers, and data protection processes we are deploying in the EU Data Boundary. Today we are providing new transparency resources, including documentation and other information, that customers can access on the EU Data Boundary Trust Center webpage.
Third, we have made deep investments to deploy EU-based technology to further protect pseudonymized personal data in the boundary when it is accessed remotely for monitoring activity and system health. For example, we avoid the need for physical data transfers or storage outside the EU by deploying virtual desktop infrastructure in the EU Data Boundary, which allows for remote viewing of data snippets.
Maintaining industry-leading security for our European customers
In implementing the EU Data Boundary, we are also maintaining our commitment to world-class cybersecurity. Microsoft has more than 8,000 global experts analyzing trillions of daily signals to discover threats and deliver timely and hyper-relevant cybersecurity insights to detect and mitigate malicious activity. To ensure our EU customers receive the same world-class security as other global customers, any data transfers outside the EU for security purposes will be documented, limited to what is required for crucial cybersecurity functions, and used only for these cybersecurity purposes.
Next steps
Later this year, we will launch the next phase of our EU Data Boundary for the Microsoft Cloud by transforming the processing and storage capabilities for data received during technical support interactions. We will ensure that support data is stored within the boundary and when access from outside the EU is required to enable world class support, we will limit and secure any temporary data transfer required through technical approaches such as Virtual Desktop Infrastructure. Subsequently, Microsoft is also planning to offer a paid support option which will provide initial technical response from within the EU and allow customers to provide consent before additional technical expertise outside the EU is engaged.
Our EU Data Boundary solution goes beyond European compliance requirements and reflects our commitment to provide trusted cloud services that are designed to take advantage of the full power of the public cloud while respecting European values and providing the most advanced sovereignty controls and features available in the industry today.