top of page

The Cloud Core – Telecoms Infrastructure Moves to Public Clouds

  • Writer: Bridge Connect
    Bridge Connect
  • Aug 3
  • 4 min read

Introduction: Telecom's Great Cloud Migration

Telecom operators once guarded their infrastructure like state secrets—racks of servers housed in hardened data centres, running proprietary software on private networks.

No longer.

Driven by cost efficiency, scalability, and the demands of 5G, operators are now migrating core network functions to the public cloud—partnering with AWS, Microsoft Azure, Google Cloud, and other hyperscalers to run the most critical pieces of their infrastructure.

But in moving the telecom brain to the cloud, operators are also handing over partial control of the very systems that manage voice, data, identity, and security across national borders.

This blog explores the benefits, risks, and governance blind spots that come with putting your telecom core into someone else’s data centre.


What Is the “Cloud Core” in Telecom?

The 5G core—unlike previous generations—is designed to be cloud-native from the outset. Key components include:

  • AMF (Access and Mobility Management Function)

  • SMF (Session Management Function)

  • UPF (User Plane Function)

  • AUSF (Authentication Server Function)

  • UDM (Unified Data Management)

  • NEF (Network Exposure Function)


These are deployed as containerised network functions (CNFs) using orchestration tools like Kubernetes, managed either:

  • On private clouds hosted by the operator

  • In hybrid models

  • Or entirely in public cloud environments offered by hyperscalers

This shift transforms the telecom network into software running on someone else’s infrastructure.


The Business Case: Why Operators Are Going Cloud

  1. CapEx to OpEx ConversionCloud reduces the need for upfront infrastructure investment.

  2. Elastic ScalingAutomatically handles traffic spikes without overprovisioning.

  3. Faster Time to MarketNew services and upgrades can be deployed rapidly using DevOps and CI/CD pipelines.

  4. Vendor Ecosystem IntegrationEasier to onboard third-party service providers, AI tools, analytics, and edge applications.

  5. 5G ReadinessNetwork slicing, low-latency compute, and real-time orchestration all benefit from cloud-native designs.

From a CTO or CFO perspective, the logic is sound.

But who controls your core when it runs in someone else’s domain?


The Strategic Risks of Public Cloud in Telecom


1. Loss of Infrastructure Sovereignty

  • Core functions may be hosted in data centres outside national jurisdiction

  • Cloud providers may be subject to foreign laws (e.g. US CLOUD Act)


2. Shared Responsibility Model

  • Hyperscalers manage the underlying infrastructure, but security of workloads is the operator’s job

  • Misconfigurations (e.g. open S3 buckets, permissive IAM roles) are common failure points


3. Data Residency and Compliance

  • Subscriber data, logs, and session information may be stored or processed outside regulatory boundaries

  • GDPR, NIS2, and sector-specific mandates require strict controls on location and access


4. Backdoor Risk in Shared Services

  • Infrastructure monitoring, AI optimisation, and telemetry platforms offered by hyperscalers may access sensitive metadata

  • Insider threats within cloud providers could introduce covert access paths


5. Vendor Lock-in and Platform Dependency

  • CNFs optimised for one cloud may not be portable to others

  • Operators risk being trapped in proprietary orchestration ecosystems


6. Hyperscaler as Competitor

  • Big cloud providers are also entering the telecom space as direct competitors (e.g. AWS Wavelength, Azure Operator Nexus)

  • You may be running your business on a rival's infrastructure


Real-World Examples and Trends


Vodafone + AWS

  • Vodafone uses AWS to deploy parts of its cloud-native 5G core

  • Joint initiatives include orchestration and automation tools hosted on public cloud infrastructure


Dish Network + AWS

  • Dish is building an entire 5G network in the US using AWS infrastructure

  • Questions have been raised about lawful intercept, data localisation, and infrastructure visibility


Telefónica + Microsoft Azure

  • Azure is being used to host elements of Telefónica’s core network functions and OSS/BSS platforms

  • Moves suggest an increasing convergence between telecom networks and hyperscaler platforms


The Regulatory Challenge

Governments and regulators are still catching up. Key concerns include:

  • Visibility: Can the regulator inspect or audit infrastructure in public cloud?

  • Jurisdiction: Who controls data flows when multi-cloud architectures span countries?

  • Resilience: What happens if the cloud provider is attacked or politically pressured?

In 2023, the European Union Agency for Cybersecurity (ENISA) warned about concentration risk from reliance on a small number of hyperscalers, and urged telecoms to maintain multi-vendor, multi-cloud resilience.


Mitigation Strategies for Telecom Operators


1. Data Sovereignty Controls

  • Ensure critical functions (e.g. AUSF, UDM) run in national or sovereign clouds

  • Use encryption-at-rest with operator-controlled keys


2. Cloud Security Posture Management (CSPM)

  • Automate the detection and remediation of misconfigurations

  • Continuously monitor IAM policies, API exposure, and network access settings


3. Service Segmentation

  • Separate user-plane functions (UPF) from control-plane logic to limit exposure

  • Isolate traffic-sensitive CNFs from shared analytics and management platforms


4. Interoperability Planning

  • Build infrastructure with open standards and portability in mind

  • Avoid proprietary CNF dependencies that restrict vendor flexibility


5. Incident Response Integration

  • Ensure cloud providers are part of the operator’s broader SIEM/SOC framework

  • Pre-negotiate support response SLAs and forensic data access rights


6. Government Engagement

  • Work with national regulators to define cloud-hosting policies for critical telecom infrastructure

  • Participate in sovereign cloud initiatives or public-private cybersecurity coalitions


A Board-Level Risk and Strategic Decision

Boards must not assume that cloud strategy is “just” a technical or cost optimisation issue. It touches:

  • Regulatory compliance

  • National security

  • Business continuity

  • Vendor governance

  • Long-term competitive positioning

Ask these questions:

  • Where are your most critical network functions running?

  • Can you inspect and control them?

  • Are you dependent on infrastructure you do not own or understand?

If the answer to any of these is unclear, the cloud may already control your core more than you do.


Conclusion: Cloud-Native Must Still Mean Operator-Sovereign

Cloud-native telecom architecture isn’t going away. It’s efficient, modern, and necessary for scaling 5G, edge computing, and future services.

But cloud-native doesn’t mean cloud-reliant. And public cloud doesn’t mean public interest-aligned.

Telecom operators must architect their futures with security, sovereignty, and strategic control at the centre. The goal is not to avoid the cloud—but to ensure that the core of your network doesn’t become the property of someone else’s platform.

In telecoms, control is everything. And it’s time to ask—who controls your core?

Related Posts

See All

Subscribe for more Insights

Thanks for submitting!

bottom of page