Gaia-X: Fresh cell treatment for SMEs and channels
In 2019 the Federal Ministry for Economic Affairs and Energy (BMWi) took the initiative Gaia-X came into being – ultimately as a reaction to the global system competition between Europe, the USA and China in the field of technology. It should not only enforce European data protection standards, but also reduce the dependency on American and Chinese cloud providers and build an ecosystem for digital innovations based on open source. The project is now supported by over 500 organizations worldwide, but according to a survey carried out by the Institute of German Economy on behalf of the Federation of German Industries (BDI), it is hardly known by a large number of smaller companies in particular.
However, the initiative brings many advantages to SMEs in particular: They have to master the challenges of digitization and are faced with the task of generating more added value from their data. Against this background, cloud computing has long since found its way into them. However, especially among the SMEs there are many highly specialized technology-driven companies that have to protect their know-how and their data in order to remain competitive – or retailers with sensitive customer data. It is therefore essential for them to keep control over their data.
In view of increasing networking, companies must not only keep an eye on themselves, but also their entire ecosystem if they want to act in compliance with data protection regulations and effectively protect their business secrets. The current legal situation – keyword US CLOUD Act or Schrems II judgment – brings companies that use cloud solutions from non-European providers into a legal gray area.
The concept of Gaia-X In contrast, it is geared towards reconciling innovation and data security. For this purpose, various decentralized infrastructures are to be networked with one another via nodes in order to create an interoperable infrastructure in which data and applications can be easily ported. In the future, SMEs will be able to select standardized and certified services according to their criteria via a global catalog and combine them flexibly – in compliance with data protection regulations and without vendor lock-in. They can also access data pools and use them for AI and machine learning applications. SMEs develop new business models and implement innovations without having to build the necessary infrastructures themselves – or fail due to a lack of data.
The structures of Gaia-X are now established; Since the beginning of June, so-called federated services have also been defined, which are intended to make services usable for all organizations. In addition, a few weeks ago the funding competition announced by the Federal Ministry of Economics and Technology ended. Ten to 15 projects are to be funded with a budget of 180 million euros.
In addition, there are already many ideas and activities for further applications. The automotive industry, which is strongly promoting its digital transformation, is particularly active, but also, for example, the energy industry and the public sector. Because this is also sensitized to the topic of data sovereignty and at the same time relies on digital innovations in order to be able to provide its services more efficiently: a municipality in northern Germany, for example, has equipped its street lamps with sensors to obtain information on the microclimate in the area – noise or pollution level . Data that has already aroused the desire of the real estate industry, which could more easily determine the value of objects on this basis.
So a lot is already in motion; In view of the legal “imbalance”, companies should tackle the issue of data security and sovereignty immediately. At the beginning there is certainly a well-founded inventory of your own IT infrastructures, which shows the degree of flexibility, interoperability and GDPR conformity of your own IT. In addition, you should (have) checked what legal obligations your cloud provider may have towards third parties (and above all foreign governments) – and whether he can implement the European data protection directive GDPR without compromise.
For companies that use cloud solutions from non-European providers, there are various alternatives: You can either influence that your provider operates within the European legal framework in terms of data protection and that its services will also be provided via Gaia-X Federated in the future Catalog can be called up – or “lobbying” through your channel partner. An alternative is to choose a European cloud provider for processing sensitive data – as part of a multi-cloud concept.
This makes Gaia-X – and thus also the topic of data sovereignty, which is ultimately behind the initiative – an exciting topic for the channel as a multiplier. With infrastructures and products based on open standards and clearly described datasets, the channel also has instruments at its disposal that it can bundle into “product or solution bundles” and offer its customers. Services that are currently provided by providers can in future be obtained via the Gaia-X Federated Catalog – in compliance with data protection regulations and without vendor lock-in.
In future, the channel will therefore have the option of flexibly combining services from different providers – and can reinvent itself from being a pure reseller to a provider of customized services. in the German Hub der Gaia-X-Organisation some players from the channel are already represented – so the potential has apparently already been recognized.
More about Gaia-X:
“German market is now ready for a European cloud”
Interest in Gaia-X grows
Over 80 companies from Germany
Bitkom is enthusiastic about the strengths and weaknesses of Gaia-X