Yobitel UK Sovereign Stack

Overview#

Public-sector and regulated buyers in the UK do not need another generic cloud option. They need a clear answer to four questions: does the workload stay in the UK, is it operated under NCSC control, can it be procured through the Crown Commercial Service framework that the buyer already uses, and is the staffing accountable under UK employment and clearance terms. The Yobitel UK Sovereign Stack is the packaged offering that answers all four affirmatively across the Yobitel platform — Yobibyte, Omniscient Compute, AI Applications, NeoCloud, and Managed Operations — without bolt-ons or escape hatches.

Sovereignty here is enforced rather than promised. Workspaces and resources bound to UK NCSC OFFICIAL refuse to place workloads, replicate data, or stream telemetry outside the UK control envelope; the refusal happens at admission time and is not a per-customer policy that can drift. The same posture extends to support and operations: administrative access to customer data is limited to UK-resident, security-cleared staff, and the audit stream records the boundary every time it is touched.

Compared with running Yobitel on a standard region, the UK Sovereign Stack is the same platform with a tightened operational envelope and an audited control set. Compared with the UK national-sovereign offerings from incumbent providers (UKCloud, Microsoft Azure UK Sovereign Cloud, AWS Local Zones), the differentiator is that the AI platform is the product: Yobibyte and the AI Applications Suite are first-class inside the sovereign envelope, not an afterthought layered on top of generic IaaS. Compared with running an in-house regulated stack, the difference is operational scope: Yobitel runs the platform end-to-end while keeping data, identity, and audit under the customer's control.

Yobitel Communications — a UK-headquartered AI infrastructure company and NVIDIA Inception partner — operates the UK Sovereign Stack from UK regions with UK staffing. The offering is procurable through G-Cloud Lots 2, 3, and 9; pricing is published in USD throughout (a deliberate choice that aligns with how cloud and AI pricing is universally compared); and the audited control set is published on the Yobitel sovereignty register.

Quick start#

Procurement comes first. UK public-sector buyers procure through the Crown Commercial Service G-Cloud catalogue: search for 'Yobitel', shortlist the relevant Lot 9 (Cloud Software for AI) and Lot 2 (Cloud Software) services, and place the call-off through the standard G-Cloud framework process. Yobitel publishes the framework-required documents — Service Definition, Terms and Conditions, Pricing — in the catalogue; the call-off contract activates the sovereign schedule alongside the standard master agreement.

Once the call-off is in place, workspace creation is the operational step. Sign in to the Yobibyte console with your UK organisation's identity provider — OIDC federation is configured once per workspace and the SSO bounce works against Microsoft Entra ID, Okta, and other UK-deployed IdPs. Create the workspace and pick UK NCSC OFFICIAL as the sovereignty pin at creation; the binding is admission-enforced and cannot be silently widened.

From that point the workspace is operationally the same as any Yobibyte workspace, with the sovereign control set applied. Deploy models from the marketplace's sovereignty-filtered shopfront, deploy AI Applications like MediQuery with the same workspace identity, and consume the OpenAI-compatible inference endpoint from your application code with the standard `openai` SDK pointed at the UK-resident workspace URL.

Concepts#

The UK Sovereign Stack introduces a small set of concepts on top of the Yobitel platform's standard primitives. The mental model is: sovereignty is a workspace-level pin; the pin is enforced at admission, audit, and operations; framework procurement is the path in; classification handling and clearance scale the envelope.

• Sovereignty Pin — the workspace's bound sovereignty region (`uk-ncsc-official`). Set at workspace creation, immutable thereafter, and enforced at every admission decision the platform makes.
• OFFICIAL Classification — the default workload classification supported end-to-end with the standard sovereign control set. Covers the bulk of central-government, devolved-administration, and NHS workloads.
• OFFICIAL-SENSITIVE Handling — additional controls layered on top of OFFICIAL: enhanced clearance for administrative staff, restricted egress, in-region logging only, optional air-gapped variant. Negotiated and audited per call-off.
• NCSC Cloud Security Principles — the 14-principle reference framework the sovereign stack maps controls against. Every principle has a documented Yobitel control with an audit pointer.
• G-Cloud Framework — the Crown Commercial Service catalogue UK public-sector buyers procure through. Yobitel publishes services in Lots 2, 3, and 9; the call-off activates the sovereign schedule.
• Crown Servant Clearance — staff with administrative access to customer data are UK-resident and security-cleared (BPSS as default; SC and DV available where the customer requires).
• DSP Toolkit — the NHS Data Security and Protection Toolkit annual return. Yobitel publishes its DSP Toolkit responses to support NHS trust onboarding.
• Sovereignty Audit Stream — the workspace-scoped immutable audit log that records every admission decision touching the sovereignty boundary; available for the customer's SIEM and for framework auditors.
• Air-Gapped Variant — a fully disconnected deployment available where classification or contractual terms require it; provisioned per call-off rather than as a standard tier.

Reference — NCSC Cloud Security Principles mapping#

The 14 NCSC Cloud Security Principles are the reference framework the UK Sovereign Stack is audited against. The table below summarises Yobitel's mapped control for each principle; the detailed mapping (control narrative, evidence pointer, audit history) is published in the Yobitel sovereignty register and shared with customers and framework auditors on request.

Workload patterns#

Three workload shapes cover most of what UK customers do with the sovereign stack — an NHS OFFICIAL-SENSITIVE deployment with MediQuery, a defence-adjacent OFFICIAL deployment for an MoD supplier, and an FCA-regulated finance customer running advisor copilots against the sovereign workspace.

• NHS OFFICIAL-SENSITIVE deployment — a trust's workspace is bound to UK NCSC OFFICIAL with the OFFICIAL-SENSITIVE handling option enabled (in-region logging only, restricted egress, SC-cleared admins). The trust deploys MediQuery from the sovereignty-filtered marketplace; the configuration wizard binds the EHR via Epic FHIR, the imaging archive via DICOM, and the formulary feed; RBAC roles map to Microsoft Entra clinician / pharmacist / auditor groups; audit destination is the trust's existing SIEM. The trust's DSP Toolkit return references Yobitel's published DSP responses for the relevant standards.
• MoD OFFICIAL deployment — a defence-adjacent supplier's workspace is bound to UK NCSC OFFICIAL with the air-gapped variant; the workspace is provisioned in a Yobitel UK region without a public-internet egress path. The supplier deploys an open-weight model for in-house technical-knowledge query, with model weights cached in the air-gapped store and an audit feed to the supplier's internal SIEM. Procurement is through G-Cloud Lot 3 (Cloud Support) for the operational wrap.
• FCA-regulated finance deployment — an FCA-supervised bank's workspace is bound to UK NCSC OFFICIAL with operational-resilience controls inherited from the bank's DORA programme. The bank deploys a commercial-licence model for advisor copilots, with usage analytics and audit shipping to the bank's regulatory reporting pipeline. Spend caps are set at the workspace and per-Inference level; the FOCUS billing export feeds the bank's FinOps platform with attribution by trading desk.

# PREVIEW - the SovereignWorkspace declarative shape is in active
# development; this is the planned shape and is not runnable today.
# UK sovereign workspaces are created today through the Yobibyte
# console with the sovereignty pin chosen at creation.
#
# apiVersion: yobibyte.yobitel.com/v1
# kind: SovereignWorkspace
# metadata:
#   name: trust-london-uk
# spec:
#   sovereignty:
#     pin: uk-ncsc-official
#     handling: official-sensitive
#     airGapped: false
#   procurement:
#     framework: g-cloud
#     lots: [9]
#     callOffReference: CCS-2026-XXXX
#   staffing:
#     adminClearance: sc
#   audit:
#     destination: splunk-trust-prod
#     retention: 7y
#   compliance:
#     attestations:
#       - ncsc-official
#       - dsp-toolkit
#       - iso-27001
#   spendCap:
#     amount: 250000
#     currency: USD
#     window: monthly

Sovereign region capacity#

Capacity is published per UK region with GPU SKUs, sub-processor list, and the documented sovereignty controls. The table below summarises baseline coverage; specific call-offs may reserve capacity beyond the steady-state envelope.

Limits and quotas#

Default workspace limits inherit from Yobibyte; sovereign-specific limits and ceilings are listed below. Almost every limit is raisable on call-off.

Observability#

Sovereign workspaces emit the same `yobitel_*` metric stream as standard workspaces, with an additional set of sovereignty-specific signals: every admission decision that touched the sovereignty boundary, every cross-region attempt that was refused, every administrative access event, and the completeness of the audit stream. Customers ship these to their own SIEM via the workspace's OpenTelemetry collector; framework auditors can request a UK-resident export.

Three signals matter most for the sovereign envelope: sovereignty admission integrity (are refusals being recorded?), administrative-access integrity (is just-in-time access being approved and logged?), and audit-stream completeness (is every event landing in the configured destination?).

The PromQL block below is the alert most platform teams add first: it catches the 'audit stream is silently empty' failure mode, which is the most damaging sovereignty regression because it removes the evidence trail that the framework relies on.

groups:
- name: yobitel-sovereign
  interval: 30s
  rules:
  - alert: SovereignAuditStreamEmpty
    expr: |
      sum by (workspace) (
        rate(yobitel_sovereign_audit_events_total[15m])
      ) == 0
      and
      sum by (workspace) (
        rate(yobitel_workspace_user_requests_total[15m])
      ) > 0.5
    for: 30m
    labels: { severity: page }
    annotations:
      summary: "{{ $labels.workspace }} sovereign audit stream is empty under load"
      runbook: https://docs.yobitel.com/runbooks/sovereign-audit-stream

  - alert: SovereignBoundaryRefusalAnomaly
    expr: |
      sum by (workspace) (
        rate(yobitel_sovereign_admission_refused_total[5m])
      ) > 5
    for: 10m
    labels: { severity: warn }

Cost and FinOps#

Pricing is published in USD through the G-Cloud catalogue alongside the framework-required commercials. Sovereign workspaces consume the same per-GPU-hour, per-million-tokens, and per-tier pricing as standard workspaces, with the sovereign envelope (UK regions, UK staff, OFFICIAL-tier control set) bundled into the base rate. The FOCUS 1.1 billing export ships to a UK-resident bucket; pivots cleanly by workspace, by call-off, or by business unit.

Security and compliance#

The UK Sovereign Stack is audited against the NCSC Cloud Security Principles as the reference framework, with ISO 27001:2022 and SOC 2 Type II as the supporting audit set. Cyber Essentials Plus is maintained annually. For NHS workloads, the DSP Toolkit responses are published and refreshed annually; for finance workloads, operational-resilience controls align with DORA where applicable.

OFFICIAL is the default workload classification supported end-to-end. OFFICIAL-SENSITIVE is supported with the documented additional controls (enhanced clearance, restricted egress, in-region logging only) negotiated per call-off. The air-gapped variant supports workloads that must not have any internet egress.

• NCSC Cloud Security Principles — full 14-principle mapping audited annually; gap analyses provided to customers on request.
• G-Cloud framework — Yobitel published in Lot 2 (Cloud Software), Lot 3 (Cloud Support), and Lot 9 (Cloud Software for AI).
• OFFICIAL / OFFICIAL-SENSITIVE — supported per the documented control set.
• Cyber Essentials Plus — annual third-party assessment maintained.
• ISO 27001:2022 — current certificate; surveillance audits annual, recertification triennial.
• ISO 27017 / 27018 — current certificates; cloud and PII addenda audited.
• SOC 2 Type II — annual third-party audit covering security, availability, confidentiality.
• DSP Toolkit — annual responses published for NHS trust onboarding.
• DORA — operational-resilience controls aligned for FCA/PRA-supervised customers.
• EU AI Act and UK AI regulation — risk classification published per AI Application; alignment to UK AI Safety Institute guidance documented.
• CSA STAR Level 2 — published self-assessment plus third-party attestation.

Alternatives and customer-owned baseline#

Public-sector and regulated UK buyers without the Yobitel UK Sovereign Stack run the equivalent envelope themselves — typically by running generic IaaS in a UK-named region, layering their own NCSC mapping, audit pipeline, and staff clearance, and assembling AI on top via in-house engineering. The comparison below positions the Yobitel offering against the closest alternatives.

Troubleshooting#

The errors below cover the failure modes seen most often during sovereign onboarding and call-off execution. The full runbook library is at docs.yobitel.com/runbooks.

Where the UK Sovereign Stack fits in the Yobitel stack#

The UK Sovereign Stack is the reference profile for the rest of the Yobitel stack's regional configurations. The EU Data Boundary and US FedRAMP-equivalent profiles follow the same pattern adapted to local frameworks — workspace-bound sovereignty, admission-enforced placement, audit completeness, framework-aligned procurement, and locally-resident staffing. Because Yobitel is UK-headquartered, the UK profile is built first and held to the highest discipline; the others inherit from it.

Within the stack, the UK Sovereign Stack is a configuration of Yobibyte rather than a separate platform; the same Yobibyte workspace, the same OpenAI-compatible inference surface, the same marketplace, and the same AI Applications operate inside the sovereign envelope. Omniscient Compute's sovereignty filter is the discovery-time manifestation: a sovereign workspace sees only UK-eligible providers in the index, and the provisioning layer refuses to spill workloads across borders regardless of capacity or price. NeoCloud Operations and Managed Operations services deliver the sovereign envelope under partnership terms when a customer's regional capacity is partner-operated.

Practically, a customer can adopt the sovereign stack at any layer. A central-government department can use the entire stack inside the sovereign envelope; an NHS trust can use only the AI Applications layer (with MediQuery as the headline); an FCA-supervised bank can use raw Inferences inside the sovereign envelope without touching the application layer. The contract is consistent: UK regions, UK staff, NCSC controls, G-Cloud procurement, USD pricing, customer-owned data.