Compliant Cloud explained

Mikael Nerde Compliant Cloud Leave a Comment

The cloud is not a physical entity, but instead a vast network of remote servers around the globe which are connected to operate as a single eco-system.  Even though we talk about the cloud in its singular form, there are a multitude of clouds on the market, offered by different providers.  The basis of the cloud concept is to gather all of the computing power of many individual, physical, servers and letting others rent smaller parts of the combined computing power according to their needs.

These clouds are designed to store and manage data, run applications, or for content delivery such as video streaming, web mail, office productivity software, or social media.  Instead of accessing files and data from a local or personal computer, you are accessing them online from any Internet-capable device — the information will be available anywhere you go and anytime you need it.

Three main types of clouds

Generally you may be accustomed to three different methods to deploy cloud resources. There are Public Clouds that share resources and offers services to the public over the Internet, Private Clouds that offer services over a private, internal network typically hosted on-premise, and Hybrid Clouds that share services between public and private clouds depending on their purpose.

Privacy concerns

As the use of cloud computing is increasing, so are the security and privacy concerns.  Government, bank and finance, health care and other data sensitive industries, and their ability to take advantage of the cloud, are constantly questioned.  Not only in terms of physical and logical security, but also in terms of regulatory compliance, international data transfers, GDPR and other laws.

Download our free white paper

Compliant Cloud

To combat the increasing security and privacy concerns surrounding data processing on a global scale, City Network has developed a specific cloud with all of these concerns in mind. Compliant Cloud, as we call it, adheres to all regulations pertaining to security and information integrity stipulated by the Swedish government and the EU. Compliant Cloud is a unique offering for EU-based organisations and companies that take these matters seriously and who wants to ensure their data is neither transferable or accessible by foreign powers. The full technology stack can be automated via OpenStack and can be complemented with a more traditional VM environment, if desired. Our goal with Compliant Cloud was to design, develop and deliver a fully elastic and Cloud Native platform that is built using only open source technologies and services.  A platform suitable for a cutting edge way of work in an agile DevOps environment.


Today, we provide a cloud platform that can stand with the IT giants’ offerings on a very competitive level — a platform that adheres to EU organisations’ needs, but can scale and deliver for generations. We offer all the benefits of a Public Cloud platform with full automation features while at the same time complying with all regulations. It is our conviction that this provides a sought after alternative that very few cloud providers can offer.


Learn how our customers leverage Compliant Cloud to increase speed and customer value while maintaining regulatory compliance.

How we do it

Ensuring that our customers’ information is both secure and handled in accordance with all applicable laws, regulations and directives is our primary design criteria.  It permeates everything from how we build our data centers and design our hardware configurations to our extensive training and hiring processes.  It shapes our day-to-day operations, our disaster planning, how we manage potential threats and assess risks.  We encourage you or any customer to visit us and see how we build to meet all the requirements.  With Compliant Cloud you will not only meet all the regulations one must comply with, but you will also be able to effectively control the cost by using only the resources you require at any given time;  Public Cloud when you need, and Compliant Cloud when it is a must.  In this way, you guarantee that IT and infrastructure will never become a bottleneck for whatever new services you develop and City Network continues to support.

See how we build each of our Compliant Cloud zones

There are a number of data protection laws and regulations in the world today that affect an organisation’s ability to use international cloud services and IT services in general.  One of the challenges lies in the fact that both providers and users of cloud services want the data to be available from all over the world around the clock.  At the same time, these services are provided in a world where data transfer and data protection laws still vary widely between countries and continents, and some are directly contradictory.

Download our free white paper

Choosing your cloud provider

Here are some points that you should consider before choosing your future cloud provider:

  • Where the data is stored geographically is not as important as who has access to it.
  • International administrative access to data stored, for example in Sweden, is considered an international data transfer.
  • The supplier’s legal residence determines which country’s laws the supplier must comply with.
  • EU companies have no choice but to comply with EU rules and the General Data Protection Regulation (GDPR).
  • US suppliers must comply with US laws, including the CLOUD Act, even though they have offices and data centers in Europe.

Download our free white paper