A few months ago, Airbus put out to tender the migration of its critical applications—ERP, aircraft designs, customer data—to a “sovereign cloud” located in the European Union. With this move, the aeronautical giant seeks to ensure its most sensitive assets do not depend on external infrastructures, prioritizing strategic control over the inertia of resorting to large US providers solely for “prestige”. Catherine Jestin, Digital Officer at Airbus, summarizes it as follows: “Some information is too sensitive to be left in the hands of foreign laws.”
Digital sovereignty: Who is in charge of your servers when problems arise?
For years, many companies have settled for the promise that their data “is in Europe,” but this is a half-truth. If your provider is American, it is subject to the CLOUD Act. This means that, under certain conditions, the US government could demand access to your technical or commercial information, even if the servers are physically in Madrid or Frankfurt.
Digital sovereignty consists of preventing a change in tariffs or geopolitical tension on the other side of the world from disconnecting your operations or compromising your intellectual property.
Edorteam and the ‘Cybersecurity Made in Europe’ label
In view of this situation, the European Cyber Security Organisation (ECSO) has launched the Cybersecurity Made in Europe label. This distinction identifies companies that operate under a framework of transparency and European capital. To obtain it, three non-negotiable conditions must be met:
- Headquarters in Europe: the organization must have its registered office and at least one headquarters in the European Union.
- Local R&D: more than 50% of development and staff must be on European soil. In the case of Edorteam, this percentage rises to 100%, with our entire team and development located in Spain.
- Integrity and trust: it is necessary to demonstrate that the software does not include hidden access for foreign intelligence services and that it complies with cybersecurity standards, something we at Edorteam endorse through our ISO 27001 certifications and the National Security Scheme (ENS).
At Edorteam, we have just received this label, which represents a validation of a work philosophy that we have been applying for years out of our own conviction. While most software companies depend on external infrastructures or outsourcing in other continents, we operate under a policy of absolute control. We do not depend on any tech giant: for better or worse (and given the trend of recent years, time is proving us right that the good far outweighs the bad).
- 100% proprietary and Spanish code: every line of software we develop has been written by Edorteam professionals. We do not outsource development. This allows us to audit our own code and guarantee the absence of “backdoors.”
- Own infrastructure in Spain: our solutions run on our own servers located in national territory, ensuring that data never leaves the Spanish legal and judicial umbrella.
Data governance versus paper compliance
GDPR compliance has often become an exercise in documentary bureaucracy that has little to do with real data security. Airbus has understood that the risk of industrial espionage and global economic uncertainty require bold actions. Investing in European technology is the only way to guarantee that you hold the key to your own house.
At Edorteam, we have always shared this vision and we encourage the rest of the business community to commit to real technological autonomy. If you want to shield the sovereignty of your infrastructure with technology developed and hosted in Spain, let’s talk.
0 Comments