Turkcell Cloud: Bringing sovereign cloud to Turkey’s regulated industries

To serve the 3,500 customers using its cloud services, Turkcell recently made significant investments in four massive, high-performance data centers – facilities that enable the telecommunications and IT services leader to provide a robust portfolio to complement its significant Infrastructure-as-a-Service, Platform-as-a-Service, and Software-as-a-Service solutions. Now Turkey’s largest cloud services and data center provider is working to bring enterprises throughout the country a new level of data protection and peace of mind.

We recently caught up with Gurkan Arpaci, General Manager at Turkcell Digital Business Services Company, to learn what prompted the company to achieve the VMware Sovereign Cloud distinction. We also took the opportunity to see where he believes the demand for data sovereignty lies today and how he sees the market for sovereign cloud services evolving.

“Our cutting-edge data centers and prominence as a telecommunications provider reflects our commitment to continually improve our infrastructure and enhance our service offerings in order to always address the evolving needs of our customers,” says Arpaci. “They rely on us for advanced technology solutions, superior service and a secure environment. Those demands increasingly call for sovereign cloud services.”

Arpaci also stresses that the VMware Sovereign Cloud Framework provides a comprehensive set of requirements and guidelines that ensure that the most stringent security and sovereignty requirements are achieved and maintained. It’s assurance he believes is particularly crucial in today’s digital landscape, where data breaches and unauthorized access pose significant risks.

“The VMware Sovereign Cloud distinction assures customers and prospective customers not only that their data is protected in a secure environment that is underpinned by Turkcell’s adherence to industry-leading standards, but also that we have the expertise and experience delivering VMware-based solutions,” he adds. “For our customers, this distinction holds immense importance.”

Arpaci also points out that although the company’s sovereign cloud offerings are increasingly relied on by a large cross section of enterprises across industries, they are required by customers within government and financial services. Not surprisingly, organizations in both sectors have very demanding data protection needs.

“Government organizations often deal with classified information that must remain confidential and be available at all times so that agencies can perform important duties efficiently and securely,” says Arpaci. “Similarly, financial institutions handle vast amounts of sensitive financial data, including customer information, transactions, and other confidential records – all of which must be securely stored, processed, and managed. In both cases sovereign approaches to cloud are absolutely crucial.”

Turkcell Cloud also addresses the many aspects of sovereignty required to ensure that the integrity of each customer’s information is maintained at all times. This begins with an approach that differentiates between where data resides and whether it is fully sovereign.

“Data residency is really just one consideration,” says Arpaci. “It refers to the physical location where data is stored, while data sovereignty also refers to the control and jurisdiction over that data. In both cases there can be no exception at any time. That includes preventing any exposure to such data when working with the development and maintenance personnel of technology providers.”

He notes that this is also important because of other factors prompting organizations to embrace sovereign clouds. These include organizations’ overarching demands for greater security in light of geopolitical trends and increased risks for cyberattacks, the need for national control and independence, and the need to comply with regulations in Turkey.

Some of these regulations include Turkey’s Personal Data Protection Law, the data protection requirements mandated by the Banking Regulation and Supervision Agency, those required by the Central Bank of the Republic of Turkey, and the compliance requirements of the country’s Undersecretariat of Treasury. In all cases, Turkcell’s sovereign cloud allows enterprises to easily address these guidelines for the processing, storage, and transfer of data.

Not surprisingly, Arpaci believes the demand for sovereign cloud will only increase.

“A survey conducted in the EMEA region revealed that 63% of organizations have concerns about storing data in the wrong cloud,” he says. “That is a legitimate and important concern. Failing to comply with regulations can result in legal consequences, damage to an organization’s reputation, and the loss of customer trust. In contrast, our customers have the peace of mind of knowing that their data is always in Turkey, under Turkish jurisdiction, and safeguarded by Turkish citizens who receive extensive training in Turkcell’s security-first culture.” 

Learn more about Turkcell Cloud and its partnership with VMware here.