GTC LOGO

Join Fortanix at NVIDIA GTC 2026, San Jose.

Know More

Why physical locality is a risk to resilience and how confidential computing can help

Savvas-Savvides
Savvas Savvides
Mar 12, 2026
3mins
Share this post:
confidential-computing-to-help-in-risk-to-resilience

Introduction

Recent events in the Middle East have exposed a big problem in how we think about securing national data [source]. Many countries and organizations therein require data sovereignty which is the idea that data should remain under the laws and governance of the country where it is collected or processed.

In practice, this goal is often implemented through physical locality, meaning that the data must be stored on servers located inside national borders. This approach might feel natural since if the data stays within the country, it remains under national control.

But in reality, recent attacks on cloud infrastructure gave rise to a problem with that assumption: when data is tied to a specific geographic location, that location can become a target. This raises a broader question about resilience, i.e., the ability of digital systems to remain operational during crises such as natural disasters, infrastructure failures, or, as we’ve seen in recent months, military conflict.

If national data can only exist in one place, resilience is difficult to achieve. As cloud infrastructure is affecting our everyday lives, being a crucial component of infrastructures and services relating to government, finance, and other critical services, we need a solution for data sovereignty that protects data without making it physically vulnerable.

The Problem

In early 2026, drone strikes hit AWS data centers in the UAE and Bahrain, leading to structural damage, and power disruptions. As per experts’ note, as governments use cloud and AI for military operations, these facilities become targets for adversaries [source].

And since physical damage can take a lot of time to repair, this can lead to long outages. For instance, AWS recommended customers migrate workloads to the other locations of their datacenters around the world in order to stay online.

However, if a customer’s data sovereignty laws strictly require physical locality, they are trapped in a fixed location that might be militarily active and have no path to improve their system resilience. Generalizing from this example, requiring data to stay in one region makes it vulnerable to warfare activities or natural disasters.

The very data sovereignty through locality principle, which is meant to protect data, ends up making that data more vulnerable by preventing it from being moved to safer jurisdictions during a crisis.

The Solution

To fix the problem outlined above, a more resilient model of data sovereignty is needed that separates control over data from the physical location of the servers where it runs. This is where Confidential Computing shines.

Confidential Computing uses hardware-based Trusted Execution Environments (TEEs) to protect data while it is being processed. Data remains encrypted not only when stored or transmitted, but also when it is being used. In this model, encryption becomes the real boundary.

Instead of relying on the physical location of the servers that hold and process the data, the protection comes from cryptographic guarantees that ensure only the data owner can access the information.

Because the cloud provider cannot access the plaintext data, the risks associated with running workloads outside a specific jurisdiction are reduced. This approach can reduce the need for physical locality because if a country can guarantee that its data remains protected from external access even when processed abroad, the requirement to keep the data on national borders is addressed.

And beyond achieving data sovereignty, this model also achieves resilience. This is because during a crisis, organizations could move workloads to safer cloud regions around the world while maintaining control over their data. The infrastructure may move, but data sovereignty is still achieved.

Conclusion – Resilient Sovereignty

Data sovereignty that relies only on keeping data in a specific place does not work well in the presence of conflicts or natural disasters. As recent attacks on cloud infrastructure show, data centers are still physical buildings that can be damaged or destroyed. A better approach is to focus on protecting the data itself, not just where it is stored.

The Fortanix Confidential Computing Platform achieves exactly that! It keeps data encrypted and ensures that only the data owner can access it. This allows organizations to maintain control over their data while still using the global resilience of cloud infrastructure.  

Instead of requiring data to stay within national borders, regulations should focus on technical protections that guarantee control and privacy of data regardless of where the infrastructure runs. This will enable moving from location-based data sovereignty to a resilient data sovereignty and will help nations/enterprises keep their digital systems running (and secure) even during uncertain times.

CCM
Share this post:

Platform

Fortanix Platform

Confidential AI

Data Security Manager

Confidential Computing Manager

Armet AI

NEW

Key Insight

Open Source Platform

Enclave Development Platform®

Solutions

Use Cases

Legacy to Cloud Infrastructure Migration

Regulatory Compliance

Post-Quantum Readiness

Secure, Data-Driven Innovation

Company

About Us

Partners

Careers

Confidential Computing

University

Blog

FAQ

Contact Us

Awards

Events

Webinars

Press

News

Services

Media Kit

Newsletters

Customers

Resources

Support

Fortanix-logo

4.6

star-ratingsgartner-logo

As of January 2026

SOCISOPCI DSS CompliantFIPSGartner Logo

US

Europe

India

Singapore

4500 Great America Parkway, Ste. 270
Santa Clara, CA 95054

+1 408-214 - 4760|info@fortanix.com

High Tech Campus 5,
5656 AE Eindhoven, The Netherlands

+31850608282

UrbanVault 460,First Floor,C S TOWERS,17th Cross Rd, 4th Sector,HSR Layout, Bengaluru,Karnataka 560102

+91 080-41749241

T30 Cecil St. #19-08 Prudential Tower,Singapore 049712