When Core42 launched at GITEX two years ago, its mission was ambitious: to put digital sovereignty at the center of the UAE’s technological future.

Today, that vision has shifted from aspiration to reality.

By introducing sovereign cloud solutions and driving secure AI adoption in highly regulated sectors, Core42 has become a central force in the country’s effort to balance innovation with control. This is enabled through G42’s landmark strategic partnership with Microsoft, which combines local trust with global technology, setting a new benchmark for how nations can advance sovereignty without sacrificing scale or speed.

At the core of this approach is the Core42 Sovereign Public Cloud, built on top of Microsoft Azure and governed by Core42’s sovereign control platform – Insight. The platform enforces data residency, enables regulatory alignment, and maintains continuous compliance, empowering organizations to modernize confidently and securely.

“With this offering, our focus is on the public sector and regulated entities,” says Mohammed Retmi, Vice President of Sovereign Public Cloud at Core42.

“Some customers were impressed with the innovation and scalability of Azure, but they were missing the sovereignty layer–mainly around data–to make the move confidently. That’s really where we come in. Through our work  with Microsoft, we can offer them the best of both worlds: the scale and innovation of a hyperscaler with the sovereignty guarantees that national regulations demand.”

Digital sovereignty is often seen as restrictive, a necessary trade-off that limits innovation. Core42 and Microsoft take a different view.

“Sovereignty on its own doesn’t mean constraint,” says Sherif Tawfik, Chief Partnership Officer, G42 at Microsoft. “It’s a catalyst.”

Tawfik explains that the UAE’s ambition to become the world’s first fully AI-native government by 2027 depends on trust, which in turn is rooted in sovereignty. Questions of who controls data, operates infrastructure, and holds authority to intervene are not just technical issues but matters of national importance.

“Microsoft has invested billions globally to ensure that customer data is secure at rest, in transit, and even in use, through technologies such as confidential computing and customer-managed keys. But when you bring that together with Core42’s local governance and compliance frameworks, you get something truly powerful: innovation without compromise,” Tawfik says.

Cloud adoption has long involved a tension between global reach and local assurance.

Retmi says, “Customers want assurance that their data never leaves the country, and they want control over managing their encryption keys themselves. At the same time, they don’t want to lose out on the innovation of a hyperscaler. We give them exactly that by building this hybrid model–where the hyperscale services are available locally but wrapped in national guardrails.”

Retmi describes the benefits for clients as countless.

“For many public sector organizations, this is the first time they’ve felt comfortable moving sensitive workloads to the public cloud. Before, they were stuck either on outdated on-premises systems or in a limbo where they couldn’t fully benefit from cloud services. Now they have the trust and the flexibility to modernize.”

INNOVATIVE BY DESIGN

Sovereignty at Core42 is not an add-on; it is embedded into the architecture from the start. This principle is what defines the partnership with Microsoft and sets it apart in the market.

The Core42 sovereign public cloud offering is designed differently from simply replicating Azure in a local data center,” Tawfik says. “It’s a blueprint of how an innovative hyperscale infrastructure can be tailored to national needs. We’re talking about embedding sovereignty into every layer, using external managed keys, Azure confidential compute, hardware security modules, and Core42’s Insight policy engine. When you design it this way, sovereignty stops being a limitation and becomes an accelerator.”

Tawfik highlights the impact of this approach: “Imagine a world where every regulated entity, whether in healthcare, finance, or government, can use the full power of AI while still meeting sovereignty and compliance requirements. That’s the future we’re building here in the UAE.”

OVERCOMING CHALLENGES

Designing sovereign cloud solutions is not just a technical task; it also requires reshaping mindsets.

“When you talk about sovereignty, there’s data sovereignty, operational sovereignty, technology sovereignty, and even financial sovereignty. Educating customers on these layers was critical. Otherwise, they would look at cloud migration purely as a compliance checklist instead of a strategic enabler,” Retmi says.

He explains that many organizations still overestimate the sensitivity of their data, often labelling everything as top secret. This tendency creates unnecessary caution and slows down modernization. The real challenge, and opportunity, has been guiding clients to distinguish which workloads truly require sovereign treatment and which can safely benefit from the flexibility and elasticity of the cloud.

Tawfik agrees. “Beyond sovereignty concerns, the challenges are the familiar ones: data fragmentation, poor data quality, and legacy applications not designed for the cloud. Sovereignty is often the headline issue, but beneath that, the harder work lies in getting organizations ready to use their data in smarter and more innovative ways,” he says.

If education is one-half of the challenge, enforcement is the other. That is where Core42’s Insight platform comes in.

“It continuously maps national and sector-specific regulations into the cloud environment,” Retmi says. “Customers can log in and see, in real time, whether they are compliant, where the gaps are, and even how to fix them. We’ve automated remediation recommendations leveraging AI for reported issues.  This shifts compliance from being a once-a-year audit exercise into something continuous and transparent.”

He stresses that Insight is not a one-size-fits-all solution. “Healthcare customers have very different requirements than financial institutions or energy companies. Insight translates those differences into sector-specific compliance frameworks, layered on top of national mandates. That flexibility is what gives regulators confidence and customers peace of mind,” Retmi says.

TOWARD THE FUTURE OF THE SOVEREIGN CLOUD

The sovereign cloud is no longer a niche but is rapidly becoming the default. Both Core42 and Microsoft see this shift as inevitable.

“I hope to see a future where sovereign public cloud becomes the norm,” says Tawfik. “Because once that happens, the conversation shifts from ‘Can I move to the cloud?’ to ‘What can I build in the cloud?’ That will accelerate AI transformation to an entirely new level. And in the UAE, where the ambition is to be an AI-native government by 2027, you can imagine how transformative that will be.”

Looking beyond the UAE, Retmi emphasizes that sovereignty is no longer a regional discussion but a global one. From Europe to Asia, governments are increasingly focused on who controls their digital infrastructure and data. “Every government is thinking about it,” he says. “The G42 partnership with Microsoft is one of the most strategic at the group level. It is multi-year, multi-market, and designed to scale beyond the UAE. At Core42, we want to take the know-how we are building here and share it with other regions, while continuing to position the UAE as a leader in digital sovereignty.”

The partnership reflects an emerging reality: sovereignty and scale are not opposing forces but complementary ones. With the right architecture, partnerships, and policies, they form an ecosystem for innovation, enabling nations to safeguard trust and security while allowing enterprises to thrive in a digital-first economy.