Major Russian corporations could face limitations in employing overseas cloud services.
Russia is taking significant steps towards the adoption of domestic cloud services and software, particularly for critical infrastructure, as the government aims to reduce dependency on foreign providers.
In April 2025, Russia updated its critical infrastructure legislation, empowering the government to designate specific software categories as "critical information infrastructure." Enterprise Resource Planning (ERP) software was identified as the first such category, with a deadline of September 2025 set for operators of critical infrastructure to migrate from Western-made software to Russian domestic alternatives [3].
Roskomnadzor, the Russian federal communications watchdog, has been applying pressure on foreign hosting and cloud providers for non-compliance with Russian laws since late 2024. In 2025, Russia blocked access to key foreign services such as Cloudflare, further constraining access to global cloud infrastructure [1][2].
These moves are part of Russia’s broader efforts to control and isolate its internet, including implementing "sovereign internet" laws requiring ISPs to install state censorship and surveillance equipment, blocking foreign social media and communication platforms deemed “extremist,” and penalizing circumvention tools like VPNs [1][2][4].
New laws signed in 2025 impose fines on citizens who search for “extremist” content and on VPN service providers who enable access to blocked material, reflecting heightened legal enforcement connected to online censorship [2][4].
While a total ban on foreign corporate cloud services specifically for systems processing personal data has not been explicitly confirmed as fully implemented nationwide, the trajectory heavily favors curtailing foreign cloud service dependency, especially for critical sectors and personal data systems.
Russian President Vladimir Putin has expressed the need to "strangle" foreign services because they are trying to "strangle" Russia. Minister Maksut Shadaev has proposed a ban on the use of foreign corporate cloud services and software for information systems storing and processing personal data from September 1, 2027 [5].
The Ministry of Industry and Trade is also monitoring the origin of components in Russian tech and electronics to ensure their domestic production [6]. The new restriction is expected to accelerate the transition and increase demand for Russian solutions.
According to the "Economy of Data" national project, at least 80% of Russian organizations in key sectors should fully switch to domestic software by 2030 [7]. The ban will apply to critical information infrastructure objects but not to small and medium-sized enterprises, individual entrepreneurs, and physical persons [2].
As of mid-2025, Russia has not instituted a full, outright ban on all foreign corporate cloud services and software for information systems handling personal data, but the regulatory push towards restricting and replacing them, especially for critical infrastructure, is clear.
The Russian Ministry of Industry and Trade, aiming to boost domestic production, is monitoring the origin of components in tech and electronics. This move is anticipated to accelerate the transition and increase demand for Russian solutions in the technology industry.
In line with the "Economy of Data" national project, at least 80% of Russian organizations in critical sectors are expected to fully switch to domestic software by 2030, indicating a significant shift in the financial landscape, as the government endeavors to reduce dependency on foreign providers in the finance sector as well.
