Data residency is a key requirement for many organisations that operate across multiple regions and need to comply with local regulations and preferences regarding where their data is stored and processed. Microsoft 365 offers various solutions to help customers meet their data residency needs, such as Multi-Geo and Advanced Data Residency (ADR). In this blog post, I’ll explain what ADR is, how it differs from Multi-Geo, and the current and future availability of ADR in different geographies, particularly New Zealand. 

Advanced Data Residency 

Overview

ADR is not currently available in New Zealand. New Zealand is a Future Local Region Geography, meaning ADR will become available for New Zealand when the New Zealand data centre is launched.  

Many customers (particularly those in government, public sector, education or regulated commercial industries) are obligated to comply with laws, regulations, or industry standards with requirements for data residency, which is the geographic location where a customer’s data is stored at rest, to protect personal and sensitive data. 

Advanced Data Residency (ADR) provides eligible enterprise customers the ability to address their data residency requirements with expanded coverage of Microsoft 365 workloads and Customer Data, committed data residency for local country/region datacentre regions, and prioritised tenant migration services.  

During the process of creating a new Microsoft Entra ID tenant, you choose a country/region for the tenant’s default geography, which determines the default Geography for all Microsoft 365 services. However, this doesn’t mean that all the customers’ workloads will reside in the default geography, as not all M365 services are deployed to all the data centres globally, so a customer’s data can be stored in multiple data centres, or services can move to a new geography for operational reasons.  

For customer tenants provisioned in select countries1, Microsoft commit to storing data at rest for the core Office 365 services2 only within that geography as defined in the Product Terms. Other services, such as Exchange Online Protection and Viva Connections, will be deployed into the best/closest data centres for that service. It’s important to note here that only the EU Data Boundary provides contractual commitments for processing, all other data residency commitments are only about storage-at-rest. 

To understand the current data residency for your tenant, see Microsoft’s documentation and the Microsoft Admin Centre (Admin > Settings > Org Settings > Organisation Profile > Data Location). 

 

Advanced Data Residency

 

This is where ADR comes in, as it provides data residency commitments for an expanded set of services3 beyond what is covered by the Product Terms, to ensure the data for those services is also stored in the local region geography and doesn’t change, as defined in the Advanced Data Residency Commitments

 

Prerequisites  

Customers must meet specific prerequisites to be eligible for ADR. The customer’s Tenant Default Geography must be one of the countries or regions included in the Local Region Geography: Australia, Brazil, Canada, France, Germany, India, Israel, Italy, Japan, Poland, Qatar, South Korea, Norway, South Africa, Sweden, Switzerland, United Arab Emirates, and United Kingdom. 

The customer must have licenses for one or more of the following subscriptions: 

  • Microsoft 365 F1, F3, E3, or E5

  • Office 365 F3, E1, E3, or E5 

  • Exchange Online Plan 1 or Plan 2 

  • OneDrive Plan 1 or Plan 2 

  • SharePoint Plan 1 or Plan 2

  • Microsoft 365 Business Basic, Standard or Premium 

 

Licensing Requirements 

ADR is a per-user add-on license for enterprise customers. To receive data residency for ADR workloads, you must purchase enough licenses to cover all paid licenses in the tenant, regardless of how many licenses are assigned. For example, if you have 100 Microsoft 365 E5 licenses but only 85 licenses are allocated to users, you still need to purchase 100 ADR add-on licenses.  

If you have purchased enough ADR add-on licenses to cover 100% of paid licenses in the tenant then you have a data residency commitment for your local region geography. If you do not have enough licenses then you do not have a data residency commitment and your tenant could be moved out of the local region geography.  

Scenario: Tenants with Multi-geo licenses  

If you have multi-geo licenses in the tenant, you do not have to purchase ADR licenses for the same licenses the multi-geo ones are covering. For example, if you have multi-geo licenses assigned to 40 of your 100 Microsoft 365 E5 seats, you’d only need to purchase 60 ADR licenses. So the two add-on subscriptions combined can be used to reach the 100% coverage requirement for ADR.  


Scenario: Tenants with both commercial and education subscriptions  

If a customer has a mix of education (A3/A5 etc) and commercial/public sector licenses (E3/E5 etc), they are only required to purchase ADR licenses to cover the paid licenses, they do not have to cover any free licenses. ADR for Education products is only available to Volume Licensing / EES (Microsoft Enrollment for Education Solutions).  

Data Migration 

If a customer has any data that is not stored at rest within the customer's eligible Local Region Geography, the data must be migrated to achieve data residency compliance and to meet the tenant location requirements for ADR. 

Once ADR licenses are purchased and assigned, admins can kick off the migration process in the Microsoft Admin Centre for any ADR workloads that are not in their Local Region Geography. The migration does need to be initiated by an admin – it will not happen automatically once you assign ADR licenses. After the migration is initiated, it can take up to 12 months to complete. Microsoft takes care of the migration so there is no action required from the partner/customer. 


Multi-Geo 

Overview

Multi-geo allows customers to have their M365 services reside in multiple geographic regions within a single tenant and manage the data-at-rest locations at a granular level (user/SharePoint site/M365 Group/Team level). In a multi-geo environment, the tenant resides in the original region that the tenant was created in, but you can have additional satellite locations to host specific users’ data.  

 

Licensing Requirements 

Multi-geo is a user-level add-on license to the following base subscriptions: 

  • Microsoft 365 F1, F3, E3, or E5 

  • Office 365 F3, E1, E3, or E5 

  • Standalone Exchange Online Plan 1 or Plan 2 

  • Standalone OneDrive Plan 1 or Plan 2

  • Standalone SharePoint Plan 1 or Plan 2 


CSP customers must purchase enough multi-geo licenses to cover at least 5% of their total eligible users and a license must be assigned to every user who will be hosted in a satellite location. Whilst there aren’t specific multi-geo licenses for SharePoint Sites/M365 Groups/Teams, if you have purchased enough multi-geo user licenses you can use multi-geo with these shared resources.  

 

Configuration 

Once you’ve purchased and assigned the licenses, Microsoft will configure your tenant to support multi-geo – this is a one-time process that happens after the licenses are purchased and you need to wait until it completes before you can start using multi-geo. You’ll be notified through the Message Centre in the Microsoft Admin Centre once the configuration process is completed for each workload. How long this process takes depends on the size and complexity of the tenant, but it finishes within a month for most tenants.  

 

Then you have to configure your tenant for Multi-geo and set the users’ Preferred Data Location (PDL). The PDL determines the satellite Geography location where the users’ OneDrive site, Exchange Online mailbox, and Teams chat store will reside. When you change a user’s PDL to a new location, their Exchange mailbox and Teams chat data will be automatically migrated to the new location. OneDrive sites however are not automatically migrated, you need to add the Satellite Geography location for SharePoint and OneDrive in the SharePoint Admin Centre, which will take up to 72 hours to provision, and then you can set the users’ PDL to the added Geography location which will start the migration.  

In summary, Advanced Data Residency and Multi-geo are both powerful features that can help customers meet their data sovereignty and compliance requirements while enabling global collaboration and productivity. You can find more details and guidance on Microsoft Learn. As always, if you have any questions or need any assistance, please feel free to reach out to me or your Dicker Data Microsoft PDM.