Data
Sovereignty
With Microsoft Sentinel deployed in your Azure environment, you retain ownership and complete control of your security data. Your data stays in the Azure region linked to your Microsoft account, without ever leaving it.
Your Company
Data owner
Your Azure region
The Azure Region Concept
Understanding how Microsoft protects the location of your data
When you subscribe to a Microsoft 365 or Azure account, it is linked to a specific geographic region. This region corresponds to a physical datacenter located near your company.
How does it work?
Region linked to your account
Your Microsoft tenant is attached to the Azure region closest to your headquarters. This region is defined when the account is created.
Data that doesn't travel
All your logs, configurations and security data are stored exclusively in the datacenters of your region. They never cross the borders of this zone.
Automatic compliance
By staying in your region, your data automatically complies with local data protection regulations (GDPR, national laws, etc.).
Proximity and performance
The Azure region also ensures minimal latency and optimal performance for your security monitoring.
Whether your company is based in Europe, Asia or elsewhere, the principle is the same: your data stays in the region of your Microsoft account. You keep control.
Understanding the Difference
Why our approach guarantees your digital sovereignty
Traditional SOC
Your data at the provider:
- Logs stored on their infrastructure, in their region
- Proprietary non-exportable format
- Strong technical dependency
- Data loss in case of contract termination
Limited visibility on your own data
DMC DEFENSE Sovereign
Your data with you:
- Logs in your Azure tenant, in your region
- Standard exportable format (KQL)
- Total independence
- History preserved forever
Total control and transparency
Sovereignty Architecture
Visualize how your data stays under your control, in your region
Your Sources
Your Azure Tenant
Your Azure Region
DMC DEFENSE Access
- Data ownership
- Log copy
- Admin access
- Encryption keys
You can revoke our access
In 1 click
6 Sovereignty Guarantees
Concrete commitments for your peace of mind
Complete Ownership
Data is stored in your Azure tenant, under your total control. You are the sole owner.
Localized in Your Region
Your data stays in the Azure region of your Microsoft account. It never leaves this geographic zone.
Personal Encryption
Data encrypted at rest and in transit with your own encryption keys via Azure Key Vault.
Controlled Access
You define who has access to what via Azure AD / Entra ID and RBAC. We only have read access.
Complete Audit
Traceability of all accesses and modifications in Azure logs. Every action is recorded.
Regulatory Compliance
By staying in your Azure region, your data complies with applicable local regulations (GDPR, national laws, etc.).
Legal and Contractual Framework
Legal protection in addition to technical protection
Subcontracting Agreement
We act as a subcontractor under local regulations. You remain the data controller. Our obligations are strictly governed by contract.
Guaranteed Geographic Location
Data stays in the Azure region of your Microsoft account. It never leaves this zone except by your explicit configuration.
Clear Intellectual Property
All logs, data, configurations, playbooks created in your tenant belong 100% to you.
Transparent Access Management
You control our access via Azure AD / Entra ID. Audit of every connection, every action, instant revocation possible.
Keep Control of Your Data
Let's discuss your architecture and sovereignty requirements