CHENNAI: Recent developments, such as Nayara Energy’s legal action against Microsoft for suspending access to essential services following EU and US sanctions, have highlighted the vulnerability of Indian companies and institutions to unilateral service disruptions by foreign technology providers. In an increasingly digital and cloud-dependent economy, these incidents raise concerns about data sovereignty, business continuity, and national security.

Tech giants like Microsoft, Amazon (AWS), and Google dominate cloud infrastructure and productivity services in India. However, these entities are subject to their home country’s regulatory frameworks, such as US sanctions laws, which can override contracts and lead to sudden suspension of services. For Indian enterprises, particularly those with strategic or geopolitical sensitivity, this risk is non-trivial.

The New Indian Express spoke to information technology experts asking the key alternatives for Indian companies and government agencies. Here's a look at what India can do:

1. Adoption of Indian Cloud providers

Indian companies can shift to local cloud service providers that operate under Indian jurisdiction and are not subject to foreign sanctions regimes. In this context, some emerging options in the private sector include CtrlS Datacenters, ESDS Software, NxtGen, and Netmagic.

These providers offer cloud infrastructure, managed hosting, disaster recovery, and private cloud services tailored to Indian regulatory and business needs.

2. MeghRaj -- a government-led Cloud infrastructure

The Government of India has already initiated MeghRaj, a national cloud project under the Ministry of Electronics and Information Technology (MeitY), aimed at providing secure, scalable cloud solutions for public sector entities. Expanding and integrating this further across sensitive sectors could help reduce reliance on foreign players.

3. Open-source and self-hosted solutions

For productivity, communication, and collaboration tools like email, document storage, and conferencing, companies can explore open-source alternatives. These solutions primarily include Nextcloud (for file storage and collaboration), Zimbra or ProtonMail (for email), Jitsi or BigBlueButton (for video conferencing), and LibreOffice or OnlyOffice (for document editing).
While these may require greater technical support and customisation, they allow full control over data and infrastructure.

4. Hybrid and multi-cloud strategies

Adopting a multi-cloud or hybrid cloud approach reduces reliance on a single provider. Indian firms can distribute workloads across multiple platforms—e.g., combining Microsoft Azure for some services with local providers or private cloud deployments for sensitive data.

5. Data localisation and edge computing

By storing data locally or closer to the point of use via edge computing, companies can reduce dependency on international data transfers. Compliance with India’s evolving data protection laws (such as the Digital Personal Data Protection Act, 2023) will also require local storage and processing of certain categories of data.

6. Strategic partnerships with non-US tech providers

India can explore partnerships with technology firms based in countries less likely to impose unilateral restrictions. Cloud and enterprise solution providers from the EU, Middle East, or Southeast Asia may offer viable alternatives, subject to compatibility and compliance.

7. Strengthening domestic tech ecosystem

Long-term resilience depends on investing in domestic R&D, encouraging Indian startups in enterprise tech, and developing homegrown alternatives to SaaS, PaaS, and IaaS solutions currently dominated by global giants. Public funding and procurement support can accelerate this shift.

Policy and Legal Interventions

The Indian government may need to enforce stricter guidelines on hosting sensitive or critical data within India using the data sovereignty mandates.

A refreshed national cloud strategy that mandates or incentivises use of local providers for certain sectors could improve resilience.

All enterprises should be mandated to maintain alternative access protocols and disaster recovery frameworks in case of service cutoffs.

"While tech giants like Microsoft offer world-class services, the geopolitical and legal risks they carry are very real for Indian enterprises and institutions," said a senior corporate executive whose company currently partners with a global tech major for enterprise data management. "We foresee emerging geopolitical tensions as a significant threat to the long-term sustainability of such models."

A strategic shift toward digital self-reliance, diversification of technology partners, and greater support for local cloud infrastructure is essential. "The Nayara-Microsoft case should serve as a wake-up call for India Inc. and policymakers to reimagine the country’s digital dependencies," added another executive who heads one of India’s leading technology companies.