Let’s be honest, for many companies, sticking with AWS, Azure or Google Cloud remains the pragmatic choice. The hyperscalers didn’t become dominant by accident. They offer unmatched scale and reliability that most companies can’t replicate and a feature velocity that keeps you competitive. The question is: are you Netflix and do you need it? Most companies aren’t, and most are running infrastructure that’s wildly overprovisioned for their actual needs.

If you’re a startup trying to move fast, or you operate globally and need infrastructure on every continent, or frankly, if you lack the internal expertise to run infrastructure yourself, the hyperscalers make sense. The key is doing it consciously, not by default.

Bert Hubert, Dutch technologist and founder of PowerDNS, makes this point sharply in his Europe’s executives need to skill up to solve our total US cloud dependency: leadership has been indoctrinated that nothing other than US clouds is possible, while the IT people who ran perfectly fine local infrastructure haven’t gone anywhere. Their skills are still around.

The smart play here isn’t pretending sovereignty doesn’t matter. It’s mitigation. Implement strict data residency controls. Negotiate contractual protections where possible. And critically, maintain architectural portability and avoid the deepest lock-in traps even if you’re staying put. Think of it as keeping your options open for a future you can’t predict.

There’s a growing constellation of European cloud providers that deserve serious consideration. OVHcloud in France, Hetzner in Germany, TransIP and Cyso here in the Netherlands, and emerging sovereign cloud initiatives like Gaia-X that promise GDPR-native infrastructure from the ground up. For a comprehensive overview of European alternatives across many categories, check out European Alternatives.

These providers shine when your data is genuinely sensitive and your scale doesn’t demand a global footprint. You’d be surprised how far well-architected infrastructure on European providers will take you. They’re often 30-50% cheaper than hyperscalers, which isn’t trivial when cloud bills run into six or seven figures. And there’s something to be said for supporting European digital infrastructure, every company that chooses European clouds makes the ecosystem stronger.

But let’s not romanticize it. European providers offer fewer managed services, which means more operational burden on your teams. Their global footprint is smaller, so if you need low latency in Singapore, you’re out of luck. Their AI and ML offerings lag behind what you get from AWS SageMaker or Google Vertex AI. And the talent pool is smaller, finding engineers who know OVHcloud is harder than finding AWS experts.

The European cloud path works best when sovereignty is a genuine requirement, not just a nice-to-have, and when you have the engineering maturity to handle more infrastructure yourself.

One more thing. Moving from one cloud provider to another doesn’t eliminate lock-in risk, it just shifts it. If you’re migrating to a European provider to escape hyperscaler dependency, build portability into your architecture from day one. Use standard technologies, containerize your workloads, avoid provider-specific services where possible. You need an exit strategy even for your sovereignty solution. The goal isn’t to trade one lock-in for another, it’s to maintain the flexibility to move if circumstances change.

What if you didn’t have to choose? The hybrid sovereignty model says: put different workloads where they make the most sense. Keep your sensitive customer data and core systems on European infrastructure. Run your commodity workloads, development environments, testing, public-facing content on hyperscalers where they’re convenient.

This is the sophisticated choice, but it requires sophistication to execute. You need clear policies about what goes where. You need the operational maturity to manage multiple cloud providers without drowning in complexity. Kubernetes becomes your abstraction layer, giving you portability across environments.

The hybrid approach works beautifully when you have complex regulatory requirements that demand sovereignty for some data or workloads but not all. Financial services companies often land here, customer transactions on European infrastructure, their marketing website on a global CDN. Healthcare companies put patient records in sovereign clouds but run their research analytics wherever the compute is cheapest.

The risk is ending up with the worst of both worlds, the complexity of multi-cloud without the benefits. You need strong engineering leadership and clear architectural principles to make this work. And be honest with yourself: hybrid can become a way to avoid making a real choice, letting the problem linger rather than solving it.

On-premises infrastructure and private clouds sound like a relic from 2010, but they’re alive and well in certain sectors. Financial services, healthcare, and government contractors often find that regulatory requirements simply mandate it. If you already have data center investments and your workloads are stable and predictable, a private cloud can make economic sense.

The modern approach doesn’t mean buying servers and racking them yourself. It means OpenStack or Kubernetes-based private clouds in Dutch data centers like Equinix or NorthC. Using tools like Terraform and Ansible, you get the same self-service agility as AWS, you can spin up infrastructure in minutes instead of weeks, but everything runs on hardware you control.

This path requires deep infrastructure expertise. You need 24/7 operations capability. You need to match hyperscaler SLAs with your own team. It’s not for everyone, but for organizations with the right profile, large enterprises, regulated industries, governments it’s a viable sovereignty strategy that also happens to offer complete control.

Not all data is created equal. Map everything you have by sensitivity. If you’re GDPR-compliant, you’ve already done this. Your records of processing activities are exactly that map. Your critical sovereign data, customer PII, health records, financial transactions, anything touching state secrets, that’s your first priority. Then, sensitive business data, like proprietary algorithms and strategic plans. Finally, commodity data that doesn’t matter much, public content, anonymized analytics, development environments.

The critical sovereign data needs to leave hyperscalers first, or at minimum needs the strongest protections. Everything else can wait.

Some companies face existential regulatory risk, others face minor compliance headaches. If you’re a government supplier, you’re high priority. Governments are asking harder questions about where their data lives. Healthcare and financial services companies handling regulated data are high priority. Critical infrastructure operators are high priority. If you process any personal data, you’re also high priority. The CLOUD Act means you may simply be unable to meet your GDPR obligations while staying on US hyperscalers.

How deep is your lock-in? If you’re using only IaaS, virtual machines, block storage, networking, you can migrate relatively easily. Managed databases add moderate complexity but are still portable. Serverless and proprietary services like AWS Lambda or Azure Cognitive Services create high complexity. Deep AI/ML platform integration creates very high complexity.

Start your sovereignty journey with the loosely coupled workloads. Don’t begin by trying to migrate your most hyperscaler-dependent application, you’ll fail and give up. Start with something achievable.

Build a real cost-benefit analysis. Calculate your current hyperscaler spend. Estimate migration costs honestly, engineering time, tooling, risk, opportunity cost. Project ongoing operational costs of alternatives. Factor in risk costs like potential regulatory fines or business disruption. Don’t forget strategic value, customer trust, competitive advantage, negotiating leverage.

Build a three-year total cost of ownership model. Sometimes sovereignty is more expensive. Sometimes it’s cheaper. Basecamp’s cloud exit is a useful reality check: they saved $3.2M annually by moving off AWS and Google Cloud onto their own hardware. At least you’ll know.

Be brutally honest about your team’s capabilities. Do you have infrastructure engineering talent who can run production systems? Can you operate Kubernetes reliably? Do you have 24/7 operations capability, or are you a 9-to-5 shop? Can you realistically match hyperscaler SLAs, and do you need to?

If your capabilities are low, don’t try to build a private cloud. Start with managed European providers who handle the operational burden. You don’t need to suffer for sovereignty.