The Risks of Dependency on Cloud Services
Many companies rely on services such as Microsoft Teams, Google Workspace, or other large US-based cloud solutions. Such services often offer interesting features in terms of functionality and price. However, dependence on such tools is associated with a significant risk:
technical problems or even a total failure of the respective cloud platform can lead to an inability to function, production delays, a loss of sales, and, in serious cases, reputational damage for all customers.
Outages such as these, which have been occurring more frequently recently. In November 2024, for example, there was an outage of some Microsoft 365 services. Such events, typically affect thousands of companies at the same time (e.g. the CrowdStrike outage) and result in very high costs. The urgency of having alternative communication channels available is therefore very high.
The current geopolitical tensions and international crises also increase the risk of state hacking attacks on the major US cloud services and the associated infrastructures (e.g. submarine cables for broadband transmission). Outages due to such cyber security incidents may last longer and should not be underestimated by companies in the coming years.
Stricter Requirements Due to NIS-2 and DORA
In addition, strict requirements exist for certain industries, such as healthcare, finance, or critical infrastructure (see, for example, NIS-2 and DORA) about the communication tools used. In these cases, companies are bound by industry-specific standards and often also by certifications that ensure the secure handling of data and the high availability of communication solutions. US-based cloud providers generally follow international standards, but cannot always fully cover specific EU requirements. Such a failure can therefore endanger not only the ability to act but also compliance and ultimately the security of supply of these companies.