This article is from an interview conducted in partnership with our long-standing partner OVHcloud, as part of their series of customer testimonials on SecNumCloud-qualified sovereign solutions.
“Simply taking SecNumCloud hosting is not enough to secure the entire chain.”
The message from Cyril Bras, Cybersecurity Director at Whaller, is clear. And it resonates strongly with IT decision-makers, who are faced with the growing challenges of sovereignty and data protection.
And why is that? Because the gap is widening between solutions that claim to be “sovereign”… and those that really are.
The issues facing CIOs / CISOs today
- Extra-territorial laws: non-European cloud giants remain subject to the Cloud Act or FISA. It’s impossible to guarantee that your organisations’ sensitive data won’t be exposed.
- Incomplete chain of trust: many offerings only include a SecNumCloud qualified hosting provider (IaaS)… but unqualified software (SasS ). This creates a grey area where data is no longer protected end-to-end.
- Complex compliance: faced with increasingly stringent regulatory requirements (RGPD, SecNumCloud, NIS2, HDS…), IT departments need simple, clear, ready-to-use and compliant solutions.
- Lack of transparency: difficult for a CIO or CISO to check the real level of protection when the technological chain is fragmented or opaque.
Whaller DONJON: the sovereign, truly SecNumCloud-qualified alternative
Cyril Bras reminds us of a key point: Whaller DONJON is not just hosted on a qualified cloud, it’s the entire solution – infrastructure + software – that is SecNumCloud qualified.
What this means in practical terms for IT departments/IS departments:
- No lawless zones: the entire chain is certified, no partial “trickle down”. Your data is immune to extraterritorial laws from end to end.
- Dedicated infrastructure per customer: no fuzzy pooling. Each customer benefits from its own secure environment.
- Sovereignty guarantee validated by ANSSI (via SecNumCloud qualification). This is a requirement increasingly demanded in public contracts and sensitive sectors (defence, healthcare, local authorities, etc.).
- Partnership approach with OVHcloud: Whaller’s historical hosting provider, OVHcloud enables optimum responsiveness (rapid creation of customer environments), essential for deployments in project mode.
[eBook] Qualification SecNumCloud : tout comprendre sur l’enjeu numérique clé du moment
Why is this level of qualification so demanding?
SecNumCloud qualification requires :
- over 100 concrete security measures
- a comprehensive, regular third-party audit
- a robust PSSI, formalised risk analyses
- strict controls on data flows
- guarantees of sovereignty right down to the publisher’s business model and sources of funding
This is not a marketing label: it’s a qualification in its own right, verifiable and supervised by ANSSI.
Why this concerns more and more CIOs/CIOs
The context is changing fast:
- Directive NIS2 will strengthen cybersecurity obligations on many sectors (OIV, OSE, local authorities, healthcare, energy…)
- The movement by European cities (e.g. Copenhagen, Aarhus) to move away from American solutions is gathering pace.
- Public tenders now systematically include SecNumCloud requirements.
Choosing a truly qualified solution is becoming a criterion for risk control and legal compliance.
Why IT/IS departments choose Whaller DONJON
- 100% sovereign: SecNumCloud-qualified hosting + software
- Dedicated infrastructure per customer
- Compliant with the requirements of public contracts and sensitive sectors
- No dependence on GAFAM
- Interoperable with other upcoming certifications (HDS for healthcare, etc.)
“Ce qui fait vraiment la différence pour nos clients, c’est cette garantie de bout en bout. At Whaller DONJON, there are no grey areas. Your data is sovereign, from the infrastructure to the software. It’s demanding, but it’s the only way if we want to offer a real alternative to the GAFAMs.” Cyril Bras (Cybersecurity Director, Whaller).
Adopt sovereign collaboration now with Whaller DONJON
- Are you ready to move to real digital sovereignty?
- You’re a CISO, CIO or CEO of a government department, hospital, local authority or sensitive private group?
- You want to do away with legal and technological risk zones?
Whaller DONJON is there for that!
📅 Register for free | 👉 Request a demo | 📩 Contact us !
0 Comments