With many government organisations now storing at least two thirds of their infrastructure and services in the cloud, data demonstrates the current reliance on the market’s duopoly of US players
All departments surveyed in a review of government technology use indicated that they used one or both of the cloud market’s two dominant providers.
Published a year ago, the State of digital government review provided a snapshot of the use of technology throughout the public sector; among the report’s headline statistics was the finding that more than half – 55% – of government bodies indicated that over 60% of their IT estate is now hosted in the cloud.
Moreover, “all survey participants indicated that they use one of two leading cloud providers, both of whom are US-based”, according to recent comments made by digital government minister Ian Murray.
The minister – whose remarks allude to the public cloud market’s dominant duo: Amazon Web Services and Microsoft – was answering a parliamentary question from Liberal Democrat MP Victoria Collins, asking about the extent to which “critical public services and critical national infrastructure rely on US-owned cloud infrastructure”, and whether this poses risks to “UK data sovereignty”.
“Critical public services, including those delivered by arm’s length bodies and local authorities, operate under a range of governance and assurance arrangements,” Murray responded. “Responsibility for digital infrastructure decisions rests with the relevant accountable bodies, and there is no centralised record of the proportion of such services that use US-owned cloud infrastructure. The government works closely with critical national infrastructure operators alongside our national technical authorities and industry partners. The government does not generally comment on national security or commercial matters related to CNI, including the use of individual suppliers.”
Related content
- AWS and Microsoft refute CMA competition concerns – but smaller players endorse watchdog’s findings
- Budget 2025: DSIT to deliver datacentre plan to focus on ‘most strategic and credible projects’
- Secret clouds, returnship schemes and machine-readable spend data – what’s in government’s digital roadmap?
The issue of government’s reliance on major cloud providers has come under increased scrutiny in recent months, following a series of high-profile outages late last year, including incidents affecting AWS, Microsoft, and Cloudflare. All three service shutdowns had at least some impact on government websites and services.
Speaking at a event hosted in December by the Open Cloud Coalition, David Knott – who, at the time, was in his final weeks as government chief technology officer – described the outages as a “wake-up call to know your clouds… [and] then make a judgment: did we build those things right in the first place so they could survive those kind of incidents?”.
Meanwhile, concerns around government’s data sovereignty – a term referring to the location and control of data – have emerged in light of a recent Ministry of Defence deal with controversial US tech firm Palantir, which also runs the NHS’s Federated Data Platform.
Addressing the issue of data sovereignty, Murray said that the concept “could cover numerous UK interests, including but not limited to economic, security, resilience, privacy, and diplomatic considerations”.
“We will continue to seek to balance these objectives in our approach, to ensure the robustness of our digital services,” he said. “UK public sector buyers of cloud services are advised to review their technology requirements against the Technology Code of Practice and consider the specific risk management and controls they need when procuring those services.”
