This paper is written to guide organizations looking to adopt or expand their use of cloud computing services. Here we offer a detailed look at the data residency, data sovereignty, and compliance aspects of the three main Microsoft cloud services: Microsoft Azure, Microsoft Dynamics 365 and Power Platform, and Microsoft 365. The paper is divided into five main sections:
· Understanding data residency, data sovereignty, and compliance gives an overview of each of these core concepts, including regulatory and technical issues.
· Microsoft Cloud infrastructure describes the infrastructure and the geographic options for storing data for each of the main services in the Microsoft Cloud and those of specialized clouds.
· Data residency in the Microsoft Cloud gives an overview of data residency options for each of the main Microsoft cloud services, for US government clouds, and for hybrid and multicloud services.
· Data sovereignty in the Microsoft Cloud discusses how Microsoft manages and restricts access to customer data including our legal policies for government and law enforcement requests for data.
· Compliance in the Microsoft Cloud provides an overview of the over 100 compliance offerings supported by Microsoft, along with tools we offer to help manage compliance.