Host Microsoft Defender data locally in Switzerland
We are pleased to announce that local data residency support in Switzerland is now generally available for Microsoft Defender for Endpoint and Microsoft Defender for Identity.
This announcement demonstrates our commitment to providing customers with the highest levels of security and compliance by offering services that are aligned to local data sovereignty requirements. Swiss customers can now confidently onboard to Defender for Endpoint and Defender for Identity in Switzerland, knowing that their data at rest will remain within Swiss boundaries, which ensures that customers in Switzerland can meet their regulatory obligations and maintain control over their data.
In addition to Switzerland, Defender data can also be hosted in other regions including the United States, European Union, the United Kingdom, and Australia.
Configure Microsoft Defender for Endpoint with local data hosted in Switzerland.
Prerequisites
Your EntraID tenant needs to be set to Switzerland, so the Microsoft Defender for Endpoint tenant will also be provisioned in this geo.
To access the GoLocal Geo instance in Switzerland, you need to ensure each device is onboarded using Streamlined Connectivity for devices on their network (see Enable access to Microsoft Defender for Endpoint service URLs in the Proxy Server for further details).
I am a new Defender for Endpoint customer
Once the EntraID tenant is created, access the Security Portal (https://security.microsoft.com) and continue with the onboarding in the GoLocal geo.
Once that process is completed, the Microsoft Defender for Endpoint / Microsoft Defender XDR tenant should be located in the GoLocal geo.
Confirmation: In the portal, go to Settings -> Microsoft Defender XDR-> Account; and see where the service is storing your data at rest.
For example: in the image below, the service location for this Microsoft Defender XDR demo tenant is Switzerland.
However, if the location of the data at rest is in one of the current service locations of US/UK/EU/AU, then a tenant reset needs to be requested via Customer Service and Support (CSS) (see next section).
I am a Defender for Endpoint customer with existing tenants in geographies different from the Swiss GoLocal Geo and want to move to the local Geo in Switzerland.
Existing customers have to request a tenant reset by contacting the Microsoft Customer Support. Support can be reached by clicking on the “?” top right in the portal when signed in as an Admin. If you are a Microsoft Unified support customer, please reach out to your Customer Success Account Manager to support you in the process.
Microsoft Defender for Endpoint will store and process data in the same location as used by Microsoft Defender XDR. If Microsoft Defender XDR has not been turned on yet, onboarding to Microsoft Defender for Endpoint will also turn on Microsoft Defender XDR and a new data center location is automatically selected based on the location of active Microsoft 365 security services. https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/production-deployment?view=o365-worldwide#data-center-location
Streamlined connectivity
Configure Microsoft Defender for Identity data to be hosted in Switzerland
Prerequisites
EntraID tenant needs to be set to Switzerland, so the Microsoft Defender for Identity workspace would be provisioned in this geo as well.
I am a new Microsoft Defender for Identity customer
Once the EntraID tenant is created, access the Security Portal (https://security.microsoft.com) and continue with the Microsoft Defender for Identity workspace onboarding in the GoLocal geo.
The previous point is required because when a Microsoft Defender for Identity workspace is created, it is created in the Azure region closest to the customer’s EntraID tenant location. See Microsoft Defender for Identity frequently asked questions – Microsoft Defender for Identity | Microsoft Learn.
I am a Defender for Identity customer with existing tenants in geographies different from the Swiss GoLocal Geo and want to move to the local Geo in Switzerland.
Existing customers have to request a workspace reset by contacting the Microsoft Customer Support. Support can be reached by clicking on the “?” top right in the portal when signed in as an Admin. If you are a Microsoft Unified support customer, please reach out to your Customer Success Account Manager to support you in the process.
With both our Endpoint Detection and Response, as well as our Identity Threat Detection and Response (ITDR) products now available for local data residency in Switzerland, we are giving more organizations the ability to meet local data sovereignty requirements, while deploying the best security solutions for their estate.
More information:
Ready to go local? Read our documentation for more information on how to get started.
Not yet a customer? Start a 90-day trial for Defender for Endpoint
Check out our website to learn more about our industry leading Endpoint protection platform
Discover why ITDR is critical to keep your organization safe against rising identity threats
Microsoft Tech Community – Latest Blogs –Read More