Digital Sovereignty

The concept of digital sovereignty — the ability of a government or organization to control its own digital infrastructure — has become a central policy concern in Europe. When critical government operations depend on software controlled by companies subject to foreign jurisdictions, there is an inherent risk. The US CLOUD Act, for example, can compel American companies to hand over data stored anywhere in the world. For European institutions handling sensitive citizen data, this is not a theoretical concern.

Open-source software eliminates this dependency. The code is auditable, the hosting can be local, and no single vendor holds the keys.

GDPR Compliance

The General Data Protection Regulation requires that personal data of EU citizens is handled with specific protections. When data flows through cloud services operated by non-EU companies, compliance becomes complicated. Self-hosted open-source solutions allow organizations to keep data on EU soil, under EU jurisdiction, with full visibility into how it is processed.

Cost at Scale

Public sector organizations operate at enormous scale. The German federal government alone employs over 300,000 people. At that scale, per-user licensing fees for office suites, cloud storage, and collaboration tools represent a substantial recurring cost. Open-source alternatives carry no per-seat licensing fees. The costs shift to deployment, customization, and support — areas where European IT companies can compete and where spending stays within the EU economy.

Security Through Transparency

Proprietary software operates as a black box. Users trust that the vendor has no vulnerabilities, no backdoors, and no undisclosed data collection. Open-source software allows independent security audits. Governments can — and do — inspect the code that runs on their infrastructure. This is not about distrusting vendors; it is about verifiable trust rather than assumed trust.

EU Policy: Open Source Strategy

The European Commission adopted its Open Source Software Strategy 2020-2023, explicitly encouraging the use of open-source solutions across EU institutions. The strategy set the principle of “Think Open” as a default approach for new IT solutions and committed the Commission to contributing back to the open-source ecosystem. This strategy has since been extended and reinforced, with open source becoming an integral part of EU digital policy rather than an afterthought.

Germany: The Bundescloud

The German federal administration deployed Nextcloud as the foundation of its “Bundescloud” — a secure cloud platform for over 300,000 federal employees. This is one of the largest Nextcloud deployments in the world and represents a deliberate decision at the highest level of government to move away from US cloud providers for internal collaboration and file sharing. The deployment is managed by the German Federal Information Technology Centre (ITZBund), giving the government full control over its data and infrastructure.

Source: Nextcloud — German Federal Administration

France: Government Cloud “Nubo”

The French government selected Nextcloud as the basis for its interministerial cloud platform, enabling secure file sharing and collaboration across government ministries. France has been particularly aggressive in its pursuit of digital sovereignty, with the Direction Interministérielle du Numérique (DINUM) leading efforts to reduce dependence on foreign cloud services. The choice of Nextcloud fits into a broader strategy that includes open-source messaging, identity management, and collaborative tools across the French state.

Source: Nextcloud — French Government

Sweden and the Netherlands

Several Swedish municipalities have adopted Nextcloud for internal collaboration, driven by data protection requirements and the desire to keep citizen data under local control. In the Netherlands, government agencies have similarly turned to Nextcloud as part of broader efforts to comply with privacy regulations and reduce reliance on US-based cloud services. These are not experimental pilot programs — they are production deployments serving thousands of civil servants.

Why Nextcloud Specifically

Nextcloud’s appeal in the European public sector comes down to a few factors: it is a European company, subject to EU law. It is fully self-hosted, so data residency is guaranteed. It has an active enterprise support model, so organizations are not left without professional backing. And its functionality is broad enough to replace multiple proprietary tools with a single platform.

Italy: Ministry of Defence and Municipal Governments

The Italian Ministry of Defence migrated approximately 150,000 workstations to LibreOffice, making it one of the largest single-organization migrations in Europe. The decision was driven by cost savings and the desire to adopt open standards. Beyond the national level, Italian municipalities including the City of Bari and the City of Pesaro have also migrated to LibreOffice, demonstrating that the approach scales from large ministries down to local government.

Germany: Munich and Schleswig-Holstein

The City of Munich’s LiMux project is perhaps the most studied — and most debated — open-source migration in history. Munich migrated approximately 15,000 workstations from Windows and Microsoft Office to Linux and LibreOffice in the 2000s, then controversially reversed course in 2017 under a new city administration. The reversal was widely attributed to political rather than technical factors, and Munich has since revisited its open-source strategy.

More recently, the state government of Schleswig-Holstein announced a comprehensive migration to LibreOffice and other open-source tools across its 25,000 workstations. This migration, announced in 2024, is being executed systematically with a multi-year timeline and represents a new generation of open-source adoption that has learned from Munich’s experience.

France: The Gendarmerie

The French National Gendarmerie, the military police force with over 100,000 personnel, migrated more than 70,000 workstations to Linux and LibreOffice beginning in 2005. This is one of the longest-running and most successful large-scale open-source deployments in any government worldwide. The Gendarmerie has reported significant cost savings and improved operational independence, and the migration has been sustained across multiple changes of government — a strong indicator of institutional satisfaction.

Spain: Regional Governments

The Region of Valencia and the Autonomous Community of Extremadura in Spain were early adopters of open-source software in education and government. Extremadura developed its own Linux distribution (LinEx) for schools and government offices, and Valencia has maintained a strong commitment to open-source tools including LibreOffice across its regional administration.

The ODF Standard

A key enabler of LibreOffice adoption is the Open Document Format (ODF). As an ISO/IEC standard (26300), ODF ensures that documents are not tied to any single vendor’s implementation. Several EU member states have adopted ODF as a recommended or mandatory format for government documents. This standardization is critical: it means that even if an organization does not use LibreOffice, it can still exchange documents freely with those that do.

European Commission OSPO

The European Commission established an Open Source Programme Office (OSPO) to coordinate its open-source activities, contribute to upstream projects, and advise EU institutions on open-source adoption. The OSPO represents an institutional commitment that goes beyond individual procurement decisions.

GAIA-X

GAIA-X is a European initiative to develop a federated data infrastructure based on open standards and European values. While not exclusively open-source, GAIA-X prioritizes interoperability, transparency, and data sovereignty — principles that align closely with open-source approaches. It aims to create a European alternative to hyperscale cloud providers that respects European data protection norms.

Public Money, Public Code

The Free Software Foundation Europe (FSFE) runs the Public Money, Public Code campaign, which advocates a straightforward principle: software funded by public money should be publicly available as open source. The campaign has gathered support from over 200 organizations and numerous public administrations. The logic is simple — when taxpayers fund software development, the results should benefit everyone, not be locked away as proprietary code.

National Strategies

Individual EU member states have developed their own open-source strategies. Germany’s Sovereign Tech Fund provides direct funding for critical open-source infrastructure projects. France’s DINUM coordinates digital strategy across the French state with a strong open-source mandate. These national efforts complement EU-level policy and create a multi-layered support structure for open-source adoption.

The Ecosystem Is Ready

Both Nextcloud and LibreOffice offer enterprise support options, either directly or through certified partners. Professional deployment, migration assistance, and ongoing support are available across Europe. This is not a community-only ecosystem — it is a commercial ecosystem built around open-source foundations.

Migration Is Practical

Moving from proprietary tools does not need to happen overnight. Most successful migrations follow a phased approach: start with new projects on open-source tools, maintain compatibility with existing formats during a transition period, and migrate historical data on a practical timeline. The organizations referenced in this article — from the French Gendarmerie to the German federal government — all followed this pattern.

It Is About Risk Management, Not Ideology

The European shift to open source is driven by practical risk management: reducing vendor lock-in, controlling costs, ensuring compliance, and maintaining operational independence. The same logic applies to businesses. If your organization depends on tools where a single vendor can change pricing, discontinue features, or modify terms of service unilaterally, you carry a risk. Open-source alternatives give you options.

For a detailed comparison of open-source and proprietary tools, see our comparison page. To explore what a migration might look like for your organization, visit our digital services page.

Built-In MDM and Blueprints

Apple Business includes native mobile device management (MDM) with Blueprints, a zero-touch deployment system that lets you preconfigure devices before they even reach your employees. Define security policies, install apps, configure Wi-Fi and VPN settings, and assign devices to teams — all without touching each device individually.

For SMBs that previously relied on third-party MDM solutions or manual setup, this alone can save hours per device.

Managed Apple Accounts

Every employee gets a Managed Apple Account tied to your organization. These accounts are separate from personal Apple IDs, giving your business control over corporate data while respecting employee privacy. Managed accounts integrate with identity providers via federated authentication, so you can connect them to your existing SSO infrastructure.

Business Email, Calendar, and Directory

Apple Business provides business email, shared calendars, and a company directory hosted on your custom domain. This is a meaningful alternative to third-party productivity suites for teams that want to stay fully within the Apple ecosystem.

Apple Maps, Wallet, and Mail

From the Apple Business console, you can manage your business listings on Apple Maps, create branded passes for Apple Wallet (loyalty cards, event tickets, boarding passes), and configure your verified brand identity in Apple Mail. For customer-facing businesses, this is a straightforward way to maintain a consistent brand across every Apple touchpoint.

Tap to Pay on iPhone

Tap to Pay on iPhone is integrated directly into Apple Business, allowing you to accept contactless payments without additional hardware. For retail, service, and field businesses, this eliminates the need for separate payment terminal agreements and hardware.

Ads on Apple Maps

Starting in summer 2026, businesses in the United States and Canada will be able to purchase advertising placements on Apple Maps. Details on pricing and targeting are still emerging, but this represents a new local discovery channel worth watching.

iCloud Storage for Business

Additional iCloud storage for Managed Apple Accounts starts at $0.99 per user per month. This covers cloud storage for documents, backups, and collaboration features tied to the business account. Pricing scales with storage tiers, similar to consumer iCloud+ plans.

AppleCare+ for Business

Device protection through AppleCare+ for Business ranges from $6.99 to $13.99 per device per month, depending on the device type. This covers accidental damage, battery replacement, and priority support. For organizations with significant hardware investments, the per-device monthly model can be more predictable than handling repairs ad hoc.

Document Editing and Office Tools

LibreOffice remains the standard desktop office suite, handling word processing, spreadsheets, and presentations with strong compatibility for Microsoft Office formats. For teams that need real-time collaborative editing in the browser, Collabora Online provides a LibreOffice-based web editor that integrates directly with file storage platforms.

CryptPad offers a privacy-focused alternative for collaborative documents, spreadsheets, and presentations. All content is end-to-end encrypted, meaning even the server administrator cannot read your documents. This is particularly relevant for businesses handling sensitive client data.

File Storage and Sync

Nextcloud is the centerpiece of most open-source productivity deployments. It provides file sync, shared calendars, contacts, task management, and an app ecosystem that extends its capabilities into project management, document signing, and more. Self-hosted or managed, Nextcloud replaces a significant portion of what businesses typically buy from cloud productivity vendors.

Messaging and Chat

Matrix (via the Element client) provides federated, end-to-end encrypted messaging. Federation means your organization’s chat server can communicate with other Matrix servers, making it useful for cross-organization collaboration without creating accounts on third-party platforms.

Mattermost is a strong choice for teams that prefer a Slack-like experience with self-hosted control. It supports channels, threads, integrations, and has a well-documented API for automation.

Video Conferencing

Jitsi Meet provides browser-based video conferencing with no account required for participants. It supports screen sharing, recording, and breakout rooms. For SMBs that need reliable video calls without per-user licensing, Jitsi is the most straightforward option.

Centralized Authentication

Keycloak provides enterprise-grade identity and access management, including single sign-on (SSO), multi-factor authentication, social login, and integration with SAML and OpenID Connect applications. It is the open-source equivalent of commercial identity platforms and integrates well with the rest of the stack.

FreeIPA combines LDAP directory services, Kerberos authentication, DNS management, and certificate authority functions into a single platform. It is particularly well-suited for Linux-heavy environments where you need centralized user management across servers, workstations, and applications.

OpenLDAP remains relevant for organizations that need a lightweight, flexible directory service without the full FreeIPA stack.

Linux Distributions

• NixOS uses a declarative configuration model where your entire system state is defined in configuration files. This makes deployments reproducible and rollbacks trivial. It has a steep learning curve but pays dividends in consistency across environments.
• Debian is the conservative choice: stable, well-documented, and widely supported. It is the default recommendation for organizations that want reliability without surprises.
• Red Hat Enterprise Linux (RHEL) and its community derivatives provide a supported, certified platform for businesses that need vendor backing or compliance certifications.

BSD Systems

• OpenBSD is purpose-built for security and is an excellent choice for firewalls, VPN gateways, and any network-facing role where minimizing attack surface is the priority. Its pf packet filter is among the most elegant firewall systems available.
• FreeBSD excels at storage and networking workloads. With ZFS as a first-class filesystem and the jail system for lightweight containerization, FreeBSD is a strong foundation for file servers, backup targets, and network appliances.

Multi-Factor Authentication (MFA)

Multi-factor authentication remains one of the most effective security measures to prevent unauthorized access. By requiring multiple forms of verification, MFA significantly reduces the risk of account compromise.

# Example: Implementing MFA in a Python application
def login(username, password, second_factor):
    user = authenticate_credentials(username, password)
    if user and verify_second_factor(user, second_factor):
        return generate_session(user)
    return None

Zero Trust Architecture

The traditional perimeter-based security model is no longer sufficient. Zero Trust assumes that threats exist both inside and outside the network, requiring verification from everyone trying to access resources.

Key principles of Zero Trust include:

• Verify explicitly
• Use least privilege access
• Assume breach

Regular Security Updates

Keeping systems and software up to date is crucial. Many successful attacks exploit known vulnerabilities that have already been patched.

Security Awareness Training

Human error remains a significant factor in security breaches. Regular security awareness training helps employees recognize and respond appropriately to security threats like phishing.

Data Encryption

Encrypt sensitive data both at rest and in transit. This ensures that even if data is compromised, it remains unreadable without the appropriate decryption keys.