Industrial Data Sovereignty: When Conflict Zones Put Your Data at Risk

/ Application Development, Cloud, Data Management, Enterprise IT Strategy

The Announcement

IFS CTO Kevin Miller is sounding an alarm that goes beyond typical data residency compliance. As geopolitical tensions escalate and energy costs remain volatile, manufacturers with data physically hosted in or near conflict zones face genuine disruption risk, including the possibility of permanent data loss. Miller is proposing that companies respond by forming secure, cross-border data-sharing alliances modeled on traditional military pacts, and rethinking single-tenant deployment architectures as a hedge against sovereignty failures. The core argument is that existing data sovereignty frameworks were designed for regulatory compliance, not wartime resilience, and that gap is now dangerously exposed.

Our Analysis

This is a niche-sounding topic that carries broader enterprise implications than the framing suggests. Industrial software buyers and their IT counterparts have spent the last decade optimizing for cost, latency, and compliance. The idea that physical data location could become a life-or-death operational concern, not just a regulatory one, represents a genuine shift in threat modeling for any company operating manufacturing, logistics, or critical infrastructure workloads.

The Sovereignty Gap Is Real

The phrase “data sovereignty” has been in enterprise vocabulary for years, largely framed around GDPR, data localization laws, and vendor lock-in risk. What Miller is describing is something harder to plan for: data sovereignty under conditions where the legal and physical infrastructure of a jurisdiction collapses or becomes inaccessible. Standard data residency frameworks assume stable nation-states, functioning legal systems, and predictable ISP connectivity. None of those assumptions hold in active conflict zones.

For ITDMs, this is not an abstract concern. Manufacturing operations in Eastern Europe, parts of the Middle East, and Southeast Asia face real exposure. If your ERP, MES, or supply chain data sits in a data center that becomes physically inaccessible or is destroyed, your recovery posture depends entirely on how far ahead of this scenario your backup and replication architecture was built. Most weren’t built with this in mind.

The suggestion to model data-sharing alliances on military pacts is provocative, but it points at something concrete: the need for trusted, pre-negotiated bilateral data exchange agreements between companies in stable jurisdictions, with defined handoff protocols before a crisis, not after. The legal and operational machinery for this does not yet exist in most industries.

Single-Tenant Deployments as a Defensive Move

Miller’s emphasis on single-tenant deployments is worth examining carefully. In the last five years, multi-tenant SaaS has been the dominant delivery model for industrial software, driven by cost efficiency and faster update cycles. Single-tenant architectures, which give each customer their own isolated instance, have generally been seen as legacy or as a premium option for highly regulated industries.

The conflict-zone data risk inverts this calculus. Single-tenant deployments allow companies to specify precisely where their data physically lives, often with more control over replication targets and failover destinations. In a multi-tenant environment, the vendor controls that topology, and a customer’s data may be co-located with other tenants in a region the customer would not have chosen independently.

This is relevant to developers and architects evaluating industrial SaaS platforms. If your organization operates in geopolitically sensitive regions, the deployment model is no longer just a pricing or performance question. It’s a risk management decision. Architects should be asking vendors: where exactly does our data reside, what is the replication topology, and what happens to our instance if a facility in that region becomes inaccessible?

What This Means for the Broader Enterprise Market

The energy crisis framing in Miller’s argument is worth separating from the data risk argument, because they’re related but distinct. Rising energy costs increase the operational pressure on manufacturers but don’t directly create data vulnerability. The data vulnerability comes from where infrastructure is physically sited, which corridors energy and connectivity run through, and how stable those jurisdictions are.

That said, the two trends are converging in a way that matters. Energy infrastructure is increasingly a target in geopolitical conflicts, and data infrastructure runs on energy. A data center in a region facing power grid attacks faces the same exposure as one in a conflict zone by a different path.

ECI Research’s survey data shows that 86% of organizations have significant network redesigns underway or fully planned, which suggests that infrastructure leaders are already in motion on resilience. But network redesign focused on performance or cloud connectivity is a different exercise than redesign focused on geopolitical continuity. Organizations should be auditing whether their infrastructure modernization programs have explicitly addressed what happens when a region goes dark, not just when a cloud provider has an outage.

For the industrial sector specifically, the stakes are higher than in most verticals. Manufacturing execution data, supply chain state, and equipment telemetry are not just business records. They represent operational continuity for physical production. Losing access to that data mid-operation is a different category of risk than losing a CRM or a collaboration platform.

Looking Ahead

The Policy and Vendor Landscape Will Respond

Miller’s call for data-sharing alliances is ahead of where policy and vendor capabilities currently sit, but that gap tends to close faster than expected when the business case becomes urgent. We expect industrial software vendors to begin differentiating on geographic resilience as a product feature, particularly for customers operating in high-risk regions. Expect to see terms like “conflict-aware replication,” “jurisdiction-agnostic failover,” and “sovereignty-preserving backup” enter the marketing vocabulary of ERP, MES, and supply chain software vendors over the next 18–24 months.

On the regulatory side, bodies like the EU and bodies governing critical infrastructure in NATO member states are likely to take an interest in formalizing cross-border data continuity agreements. The analogy to military pacts is rhetorical, but the underlying logic, that data resilience requires pre-negotiated trust relationships between parties in different jurisdictions, is sound and likely to attract regulatory attention.

What ITDMs Should Do Now

ITDMs in manufacturing, logistics, energy, and critical infrastructure should treat this as an active risk management issue rather than a future-looking concern. Three concrete actions are appropriate now.

First, conduct a data residency audit that maps not just where data is stored, but what the physical and connectivity dependencies of those locations are, including power sources and ISP routing.

Second, pressure test your SaaS vendor contracts on jurisdiction-specific failure scenarios. Most SaaS SLAs cover outages and define uptime, but few address what happens when a region becomes inaccessible due to geopolitical events. That’s a gap worth closing contractually before you need it.

Third, evaluate whether your current deployment model, multi-tenant or single-tenant, gives you sufficient control over replication targets. If it doesn’t, that’s a vendor conversation to have now, while you have negotiating leverage, rather than during a crisis.

The underlying message from Miller is accurate: data sovereignty frameworks built for compliance were not built for conflict. The organizations that take this seriously before an incident will be substantially better positioned than those who treat it as a theoretical concern.

Authors

  • With over 15 years of hands-on experience in operations roles across legal, financial, and technology sectors, Sam Weston brings deep expertise in the systems that power modern enterprises such as ERP, CRM, HCM, CX, and beyond. Her career has spanned the full spectrum of enterprise applications, from optimizing business processes and managing platforms to leading digital transformation initiatives.

    Sam has transitioned her expertise into the analyst arena, focusing on enterprise applications and the evolving role they play in business productivity and transformation. She provides independent insights that bridge technology capabilities with business outcomes, helping organizations and vendors alike navigate a changing enterprise software landscape.

    View all posts
  • Paul Nashawaty

    Paul Nashawaty, Practice Leader and Lead Principal Analyst, specializes in application modernization across build, release and operations. With a wealth of expertise in digital transformation initiatives spanning front-end and back-end systems, he also possesses comprehensive knowledge of the underlying infrastructure ecosystem crucial for supporting modernization endeavors. With over 25 years of experience, Paul has a proven track record in implementing effective go-to-market strategies, including the identification of new market channels, the growth and cultivation of partner ecosystems, and the successful execution of strategic plans resulting in positive business outcomes for his clients.

    View all posts