Navigating Data Sovereignty and Choosing the Right RISE with SAP Infrastructure With T-Systems
Key Takeaways
-
Data sovereignty is now a core consideration for European SAP customers, influencing their cloud ERP design to ensure GDPR compliance and mitigate risks from US laws like the CLOUD Act.
-
The partnership between SAP and T-Systems provides a sovereign cloud solution that combines innovation with strict European control, allowing organizations to run mission-critical workloads securely within EU frameworks.
-
Organizations are encouraged to adopt a multi-cloud strategy, leveraging T-Systems' capabilities to blend sovereign and public cloud resources while ensuring compliance and security are integral to their SAP transformations.
European SAP customers are no longer treating data sovereignty as a niche legal issue; it is now central to how they design their SAP Cloud ERP landscapes. As organizations modernize with SAP Cloud ERP Private, the partnership between SAP and T-Systems offers a way to combine cloud innovation with GDPR aligned control and sovereignty on European terms.
Why Hyperscalers Are Being Reevaluated
In a recent SAPinsider webinar titled “Navigating Data Sovereignty – Choosing the Right RISE with SAP Infrastructure,” most attendees indicated that they either preferred or required a European sovereign cloud option over running SAP solely on US-owned cloud providers.
The concern is straightforward: while GDPR requires strict protection of EU personal data, US headquartered providers can still be subject to extraterritorial access demands under laws such as the CLOUD Act, complicating assurances about who can ultimately access the data stored in these systems.
Explore related questions
How T-Systems and SAP Respond to Sovereignty
SAP has articulated a broader sovereign cloud strategy that keeps data, operations, and legal control within Europe while still delivering continuous innovation, including AI. T-Systems extends this into the RISE with SAP context as a RISE with SAP Premium Supplier, delivering SAP Cloud ERP Private on  its private cloud in German and EU data centers. These centers meet strict GDPR, ISO, SOC, BaFin, GxP, and zero outage quality standards.
In the webinar, T-Systems presented RISE with SAP as a guided transformation journey that integrates SAP and non-SAP systems across a secure private cloud and leading hyperscalers. Customers can run mission-critical SAP workloads on T-Systems’ sovereign private cloud, while still leveraging hyperscalers, where appropriate, via a managed multicloud architecture. This model underpins projects like Deutsche Telekom’s migration of hundreds of ERP systems, where roughly two-thirds of SAP instances are operated in T-Systems’ private cloud and one-third on a hyperscaler platform, combining sovereignty with flexibility.
Sovereignty As A Design Choice
For RISE with SAP and SAP Cloud ERP Private, T-Systems offers more than hosting; it provides an end-to-end, RISE with SAP-certified private cloud platform tailored to Cloud ERP, from assessment and roadmap design through migration, implementation, and managed operations.
Germany-based data centers, German/EU legal entities, and EU-based operations staff ensure that data residency, operator access, and key management all sit within European jurisdiction. Combined with SAP’s security and sovereignty capabilities, this creates a target infrastructure that addresses GDPR requirements, supports sector-specific regulations, and reduces sovereignty risks associated with purely hyperscaler-centric deployments.
What This Means for SAPinsiders
Organizations must design their SAP architecture for sovereignty, not just availability. For organizations concerned about data exposure, sovereignty should be used as a core architectural criterion alongside performance and cost, explicitly deciding which SAP workloads must run on EU-owned and operated infrastructure and which can run on other cloud providers. For regulated industries or highly sensitive ERP data, prioritize SAP Cloud ERP Private on environments like T-Systems’ EU/German data centers to align with GDPR and reduce exposure to non-EU legal regimes.
Leverage SAP Cloud ERP Private as a guided sovereign journey. Organizations should treat RISE with SAP as a structured transformation journey, rather than a simple infrastructure switch, using T-Systems’ RISE with SAP Premium Supplier role to combine roadmap design, process intelligence, and clean-core principles with a sovereign private cloud foundation. This helps SAPinsiders modernize ERP while ensuring that security, compliance, and sovereignty are embedded from day one, not added later.
Adopt a managed multi-cloud strategy with clear guardrails. SAPinsiders should take advantage of T-Systems’ multi-cloud for SAP services to blend sovereign private cloud and public cloud infrastructure, placing sensitive SAP S/4HANA and core ERP systems on T-Systems infrastructure and using public cloud selectively for analytics, innovation, or less regulated workloads. Define clear policies for data flows, external connections, and monitoring, in line with SAPinsider’s findings that expanding cloud attack surfaces and data exfiltration risks are now top cybersecurity concerns for SAP customers.
