For government entities and critical infrastructure in Saudi Arabia, AI adoption isn't just about performance—it's about data residency and control. The Saudi Data & Artificial Intelligence Authority (SDAIA) and NDMO have set clear frameworks that render most public cloud LLMs unusable for sensitive data.
Understanding Data Classifications
Before choosing an AI strategy, you must classify your data. The NDMO framework dictates the infrastructure requirements based on the data's sensitivity.
| Classification | Public Cloud AI | Sovereign Cloud | Air-Gapped (Atlas) |
|---|---|---|---|
| Public (Level 1) | Allowed | Allowed | Allowed |
| Restricted (Level 2) | Conditional | Allowed | Allowed |
| Confidential (Level 3) | Prohibited | Strict Controls | Recommended |
| Top Secret (Level 4) | Prohibited | Prohibited | Mandatory |
The "Bring AI to Data" Approach
The traditional approach of "moving data to the cloud" is obsolete for Level 3 and 4 data. The new paradigm, which MX4 Atlas champions, is In-Situ Computation.
By deploying the inference engine (Atlas Runtime) inside your existing secure perimeter, you eliminate the "Data Gravity" problem. Your 50TB of patient records or financial logs don't need to move. The model—which is only a few gigabytes—moves to them.
Sovereignty Readiness Checklist
- Is the model running on hardware you physically control?
- Is there a physical or logical air-gap from the public internet?
- Do you maintain an infrastructure activity journal for critical requests?
- Can you wipe the model memory instantly if required?