Gaia-X: should European companies be protected from the big bad clouds?

By Charles Parat, Strategy & Innovation Director, Micropole Group

Since the end of 2019, the media have been rather cautious in reporting on the Franco-German initiative, with a community vocation, around a new idea of rethinking the cloud in Europe. And the scarecrow of the sovereign cloud, of sad memory in France, is being revived in some chagrined minds. A bad mix: the initiative is better than that.

As an innovative technology and consulting group, specialising in Data & Digital Experience, we need to enlighten our clients who are the first potential consumers of the future results of this project.

What challenges does the Gaia-X project address?

As our Minister of the Economy and Finance said at the opening of the bilateral launch of this political and industrial project: 'We are not China, we are not the United States, we are the European countries with our own values and with our own economic interests that we want to defend'. This is one argument and it is not the only one. He could have added that data processing and storage is not only an economic issue, but also an ethical one, and that this is no longer a matter of joking around in Europe.

Addressing cloud issues in this context is a rather specific European issue. Going beyond this framework by ensuring that companies can cooperate by sharing joint cloud (and data) domains is a promise that may appeal to European sectoral approaches.

How are European companies using the cloud?

They have dared, in the case of the first; they are increasingly following suit in the case of a large number of them; they are still hesitating in the case of a large group. And usage is not homogeneous in Europe: France was not among the early adopters, but the barriers have been broken and initial fears have been considerably reduced. And in the end, the giants are gorging themselves because internal IT is expensive, very expensive, with needs exploding and budgets strangling.

Today, the vast majority of companies are well aware that the cloud has brought a new way of looking at the IT resource, both in terms of power, availability and cost. And that it has become absolutely crucial to consider how to incorporate this "innovation engine" and its incredible elasticity into information systems, in order to free themselves from the many constraints of the previous model: the famous "on premise" datacenter, which is rigid and as greedy in terms of investment as it is in terms of operation.

SaaS - or on-demand software solutions - has invaded corporate information systems, and most of the time SaaS runs in the cloud. The prodigious success of a player like Salesforce is a clear illustration of this.

Moreover, at a time when any application system must be permanently available from anywhere, from any digital companion, the cloud is an obvious facilitator of service deployment.

But at the same time, the cloud is still frightening in Europe, since it processes and stores data outside the walls of companies, the location of technical sites is often hypothetical, the circulation of flows is difficult to control, at the same time the constraints of data security have exploded under an avalanche of regulations, and the cybersecurity risks have increasingly spectacular consequences. IS security is a major risk, and the lack of control of the cloud on these aspects is even more frightening.

So how is the use of the cloud distributed in European companies today? It's quite simple: the most efficient, most widely adopted and most economically attractive offers are global in terms of availability, but mainly American or sometimes Chinese in terms of the nationality of the players. This means that the deontology of these two cultures with regard to respect for other people's data may be a cause for concern, for quite different reasons, economic or political, but in any case ethical and valid.

But are companies asking the right questions about their proper use of the cloud?

Is it a matter of choosing the hyperscaler label that causes the least concern? Choosing a "strategic" provider? To hide behind the walls of your private data centres? Trusting the movements of peers on the cloud or against the cloud? Or for or against a particular cloud player?

Of course, nothing of the sort: it is necessary to think about the needs of the cloud, to consider the "benefits vs. risks" balance and to build the logical architecture distributed over hybrid resources and representative of a need that is often complex, but which deserves to be rationalised.

In the end, and at the strategic level of the company, we should more often find a well-founded choice of a harmonious combination to satisfy all needs and obey objective constraints: the cloud, clouds, public, private, 'on prem', interconnection solutions, security, reversibility, recovery. To do this, data and usage governance will have made it possible to map needs and resources and to know what can be entrusted to whom, depending on the degree of risk, performance, convenience, cost and even urgency.

Speaking of urgency, we can see that the sudden and unforeseen acceleration in demand for the cloud during the COVID-19 period has largely benefited these same gigantic and global players. Does this mean that the game is lost and that we should resign ourselves? Not for sure.

Bruno Lemaire's statement, which could pass for a truism, makes perfect sense: we have requirements in terms of data processing in terms of confidentiality, security, continental economic value, and even nationality, which legitimises proposing a framework of standardisation and choice to companies and local authorities in our European community.

Promoting the manageable framework for doing cloud in Europe with confidence

This is precisely the advantage of the Gaia-X project: to allow European cloud consumers to build the technical architectures that serve their needs and satisfy their requirements:

By identifying and qualifying all available cloud players (global as well as local, operators as well as publishers).

By proposing open source-based solutions to build interconnected, secure, adaptive and scalable ecosystems that are constantly checked for trust and possible reversibility.

A company can rely on Gaia-X to select, build up and develop its global IT landscape, evaluate it continuously and make informed changes.

By allowing the combination of huge providers such as AWS-Azure-Google-AliBaba with local players in the same business landscape, in addition to the indispensable internal resources, all needs are met.

At the same time, this should encourage the promotion and development of European cloud players: operators and publishers, or even sectoral pooling for data processing, for example. There are places to be taken, and even local collaborations to be launched with the very large players to take advantage of their undeniable technological lead. The Gaia framework can indirectly protect these developments, whereas the current situation discourages them.

There is no longer any excuse for handing over one's I.S. to the highest bidding hyperscaler, on the pretext that one had no choice. Gaia-X is supposed to allow this choice, while respecting fair competition between all players, encouraging European technological initiatives... and perhaps showing hyperscalers that there is a European way to build trusted IT solutions.

Moreover, the giants themselves have understood that this European need will have to be addressed in order to obtain lasting market acceptance. By becoming trusted suppliers compatible with the Gaia-X prerequisites for being referenced according to the level of performance, locality... trust.

With Gaia-X, it is not a question of building a fantasised European sovereign cloud operator, but of promoting a sovereign solution for cloud computing in Europe. This is a magnificent initiative to which we can only wish a rapid and resounding success! We will now have to deliver the expected components on the published milestones very quickly. The politicians have spoken; it is now up to the industrialists involved to deliver the tangible results that will make Gaia a reality.

To be followed and encouraged.

AWS re:Invent Day 5: all about the 2023 edition

AWS re:Invent Day 5: all about...

DAY 5 Ubiquitous GenAI and the announcement of a responsible AI solution The fifth...
AWS re:Invent Days 3 & 4: all about the 2023 edition

AWS re:Invent Days 3 & 4:...

DAY 3 AI in the spotlight (again and again) The eagerly-awaited keynote...
AWS re:Invent Day 2: all about the 2023 edition

AWS re:Invent Day 2: all about...

DAY 2 Today we bring you a "short" summary of the...

Contact us