Public Clouds Federation: Swiss Federal Administration Establishes Central Cloud Governance

Meta Information

Author: Federal Chancellery FCh
Source: admin.ch - Public Clouds Federation
Publication Date: October 21, 2025
Summary Reading Time: 3-4 minutes

Executive Summary

The Swiss Federal Administration is implementing a centrally controlled multi-cloud strategy with "Public Clouds Federation," enabling controlled access to public cloud services from five hyperscalers (AWS, Microsoft Azure, Alibaba, IBM, Oracle). Through structured cloud governance and Cloud Service Brokers (CSB), the balance between digital transformation and data sovereignty is to be ensured. The publication of framework agreements creates transparency but raises critical questions about technological dependency and risks to Switzerland's digital sovereignty.

Critical Key Questions

1. How can Switzerland maintain its digital sovereignty when critical administrative data is stored with foreign tech giants?

2. What consequences would an outage or blocking of cloud services due to geopolitical tensions have on the Federal Administration's functionality?

3. Is transparency through partially redacted contracts sufficient, or are critical dependencies and risks hidden behind them?

Scenario Analysis: Future Perspectives

Short-term (1 year):

• Rapid Cloud Adoption: Federal offices increasingly migrate non-critical applications to public clouds
• First security incidents or data protection concerns lead to stricter internal guidelines
• Political pressure to strengthen digital sovereignty increases

Medium-term (5 years):

• Vendor lock-in effects become visible; migration between cloud providers proves complex and costly
• Development of a "Swiss Government Cloud" as a sovereign alternative is discussed
• Regulatory tightening at EU level (Digital Markets Act, Data Act) influences Swiss cloud strategy

Long-term (10-20 years):

• Fundamental realignment: Switzerland develops its own sovereign cloud infrastructure or participates in European alternatives (GAIA-X)
• Geopolitical fragmentation of the internet forces diversification of cloud providers
• Quantum computing and new technologies require complete reassessment of cloud security architecture

Main Summary

Core Topic & Context

The "Public Clouds Federation" project standardizes and centralizes the procurement of cloud services for the entire Swiss Federal Administration. Given the warnings from the Swiss Army Chief about Microsoft 365 and the debate about Canada's digital sovereignty, this initiative gains particular urgency.

Key Facts & Figures

• 5 cloud providers under contract: Amazon Web Services, Microsoft Azure, Alibaba, IBM, Oracle • WTO-20007 tender as legal basis • October 21, 2025: Publication of framework agreements (except AWS - court proceedings ongoing) • FOITT (Federal Office of Information Technology) as central Cloud Service Broker • ISC-FDJP responsible for Secure Private Cloud (Level IV) • Implementation according to Cyber Risk Ordinance (CyRO)

Stakeholders & Affected Parties

• Primary: All federal offices and administrative units of Switzerland
• Cloud Governance: Federal Chancellery (DTI Division)
• Operational: IT service providers, System Teams
• Indirect: Swiss citizens (data protection), IT industry, security authorities

Opportunities & Risks

Opportunities:

• ✅ Efficiency gains through standardized processes
• ✅ Cost savings through centralized contract negotiations
• ✅ Faster innovation and digitalization of administration

Risks:

• ⚠️ Data sovereignty: Dependency on foreign providers
• ⚠️ Vendor lock-in: Difficult migration between providers
• ⚠️ Geopolitical risks: Possible sanctions or access blocks
• ⚠️ Compliance challenges: Adherence to data protection and confidentiality obligations

Action Relevance

• Immediate measures: Administrative units must conduct protection requirement analyses
• Critical review: Which data may be migrated to public clouds?
• Exit strategies: Early planning of exit scenarios essential
• Monitoring: Continuous monitoring of geopolitical situation and regulatory developments

Source Index

Primary Source:

• Public Clouds Federation - Federal Chancellery

Supplementary Sources:

• Digital Sovereignty in Danger: Swiss Army Chief Warns Against Microsoft 365
• Canada's Digital Sovereignty: An Illusion in the Connected World
• GAIA-X: European Association for Data and Cloud

Verification Status: ✅ Facts verified on 04.11.2024

[⚠️ Note: The AWS contract is not yet publicly accessible due to ongoing court proceedings]