The sovereign cloud is widely supported by the public sector but still under-used.

A recent survey of 250 french public sector officials and decision-makers indicates that the majority of respondents prefer to choose a sovereign cloud offering when using the public cloud. While data security and non-exposure to extraterritorial laws remain key criteria, hybrid cloud remains the preferred architecture.

With the start of the 2025 academic year, not a day goes by without the issue of sovereign cloud computing being discussed in France and Europe. The current geopolitical context plays a major role in this.

Numspot, a french cloud provider in partnership with Ifop-Acteurs Publics, conducted a study of a sample of 257 digital agents in the civil service and public decision-makers.

The results of this study provide valuable insights.

We learn that one-third of respondents (34%) say they use a hybrid approach to cloud strategy, and that one-third of respondents (34%) say they do not have a defined strategy.

When using the public cloud (only 17% of respondents), 81% of them say they opt for the sovereign cloud.

Regarding the proportion of workloads hosted in the cloud, it appears that only 26% of respondents host more than 50% of their workloads in cloud mode.

Regarding the level of use of the sovereign cloud, the majority of respondents (61%) say they use it less than 50% of the time..

Choosing a Cloud provider: What are the criteria?

When choosing their cloud providers, agents prioritize data security (71%), well ahead of data not being subject to non-European laws (43%) or SecNumCloud certification (40%).

This result is very interesting. First, it shows that there is no correlation or perception between data security and data exposure.

It also shows that the french SecNumCloud certification is not entirely perceived as the ultimate guarantee of data security.

This semantic cloud may have been fueled by the SecNumCloud certification being obtained by players who have co-developed offerings with US players, that are considered non-sovereign in terms of the risk of data exposure to extraterritorial laws.

In fact, the study reveals that 70% of respondents would prefer to choose a cloud provider that is 100% French-owned, with no risk of data exposure. This trend is particularly pronounced among hospitals and government agencies.

The cloud's elasticity vs. open source

It is interesting to note in the results of this study that cloud elasticity is only a factor in 21% of cloud provider choices, whereas it was a key requirement 10 years ago.

Another interesting finding is that 61% of respondents consider open source to be very important in choosing a cloud strategy. This trend is also very pronounced in the public sector across the Rhine.

In summary, what we learn from this study

• Hybrid cloud is now the preferred strategy in the French public sector

• Data security is one of the key criteria for choosing a cloud provider.

• The non-exposure of data to extraterritorial laws is perceived as fundamental, along with a 100% French capitalization of the provider.

• French SecNumCloud qualification is not the primary criteria for selecting a provider

• Cloud elasticity is not a must-have, but access to the latest technologies and innovations is equally essential with the use of open source

• The use of sovereign AI models remains crucial.