Pure fiction: digital sovereignty without open source

According to a new survey by Red Hat, digital sovereignty is a top priority for 80 percent of German companies surveyed. Digital sovereignty has evolved from a mere compliance task to a fundamental business requirement. There are four areas to consider: data, technology, operations and regulation. But what specific measures help companies to achieve digital sovereignty?

Thesis 1 - Use open source: Red Hat is convinced that only open source, open standards and open source platforms enable true sovereignty. After all, open source offers the transparency and verifiability that companies and supervisory authorities need. Open source technologies make it transparent how data is processed and prevent vendor lock-in. On this basis, companies can integrate their own services, close security gaps more quickly and drive innovation without dependency. In the survey conducted by Red Hat, 96 percent of respondents also stated that an open source strategy is the decisive lever for digital sovereignty.

Thesis 2 - Using sovereign cloud environments: Only a sovereign cloud that is tailored to the legal, operational and security requirements of a specific country means full control over data, workloads and processes - both technically and organizationally. Companies can decide for themselves where their data is stored, how it is processed and who has access to it. It should be possible to store data in the company's own infrastructure, with a provider or in a hybrid environment. This is where an open hybrid cloud environment comes into play. It combines in-house data centers with public cloud offerings and allows workloads to be moved as required without being tied to a single provider. This is the only way to comply with regulatory requirements and take advantage of the cloud's speed of innovation.

Thesis 3 - Driving forward European initiatives: Initiatives such as Gaia-X are also important for the development of sovereign cloud infrastructures in Europe. They set central standards for data sovereignty and interoperability. Industry-specific standardization projects such as Catena-X in the automotive industry are also important. Red Hat itself has always relied on open standards. All platforms - from Red Hat Enterprise Linux to Red Hat OpenShift and automation solutions - are designed to be open and can therefore act as a bridge between different cloud environments.

Thesis 4 - Use interoperable architectures and open interfaces: It is important that companies use modular IT architectures with standardized interfaces. This makes it easier to replace individual components and reduces dependency on monolithic complete solutions. APIs based on open standards enable the integration of different systems, prevent the creation of new silos and create scope for future technological decisions.

Thesis 5 - Expand data governance: Last but not least, companies need to define and implement clear data governance models. This means precisely defining where data is stored, how it is encrypted and how it is used throughout the company. In addition, the appropriate technical measures must be taken. These include the encryption of data at rest, data in transit and data in use, encryption key management under the company's own control and strict access concepts to ensure actual data sovereignty.

There are therefore various approaches that, in combination, can contribute to strengthening digital sovereignty. The decisive link here is open source. By using open source, companies can position themselves more independently of geopolitical influences or proprietary software providers. There are many indications that this has never been more important than it is today.

Continue to the partner entry: