A new tender for Azure maintenance and migrations shows how cloud outsourcing is now central to cyber resilience and security of supply.
Follow Tenderlake on LinkedIn for concise insights on public-sector tenders and emerging procurement signals.
Finland’s State Financial and Human Resources Service Centre (Palkeet) is looking for a long‑term cloud maintenance and expert partner to keep its systems running around the clock. The new cloud services maintenance partnership, published on 14th November 2025, covers Azure operations, cloud migration projects and 24/7 service capability – and is explicitly framed as critical to Finland’s security of supply.
Palkeet, formally Valtion talous- ja henkilöstöhallinnon palvelukeskus, provides the state with financial and human resources administration services. Its IT environment underpins core back‑office functions across government, so keeping its systems available has become a question of national resilience rather than simple IT housekeeping.
The contract notice seeks a partner to handle maintenance and expert services across Palkeet’s cloud environment. The scope includes:
The notice stresses “the critical role of these services in Finland's security of supply”. In practice, that links the resilience of Palkeet’s cloud platforms directly to the continuity of payroll, accounting and HR processes for the state. If the cloud fails, core administrative functions risk disruption.
While the summary available does not specify contract value, duration or detailed performance metrics, the combination of Azure expertise, migration work and round‑the‑clock coverage points to a strategic partnership rather than a narrow technical support contract.
The timing of this procurement sits squarely within the wider shift driven by the EU’s NIS 2 Directive, which raises expectations on cybersecurity and incident readiness for public bodies and other operators of critical services.
Three elements in the Palkeet notice stand out in that context:
The notice does not spell out specific security controls, incident response times or logging requirements. Those are likely defined in underlying technical documents rather than the short public summary. Even so, the language around security of supply signals that Palkeet expects its partner to support robust cyber and continuity measures, not just basic system upkeep.
For potential suppliers, this implies demonstrating more than routine Azure administration. The selected partner will need credible capabilities in secure cloud architecture, monitoring and rapid fault resolution across a multi‑service environment that is operationally critical to the Finnish state.
The Palkeet tender is one of a series of Nordic and wider European procurements that show public administrations pushing further into managed cloud and software‑as‑a‑service models, often with similar themes of resilience and expert support.
In October 2025, Business Finland launched a Cloud Maintenance Services competition for the development, management and maintenance of its Microsoft‑based cloud platform, explicitly bundling in user training. That points to a model where external partners not only run the platform but also help build internal capability.
Similarly, in September 2025 housing company Espoon Asunnot Oy sought a provider for ICT support and maintenance services, covering technical management, day‑to‑day user support and the transfer of existing servers into Azure. The package closely mirrors Palkeet’s needs: steady‑state operations plus migration expertise.
Other Finnish bodies are moving core processes into SaaS. In August 2025, the City of Vantaa went to market for a SaaS‑based case and meeting management system, including interfaces, programmes and support. The National Institute for Health and Welfare followed in October 2025 with a tender for a billing operations management system delivered as SaaS, covering customer data, billing processes and training.
At the same time, the KEHA Centre – the development and administration centre for Finland’s ELY and TE offices – flagged its intent in June 2025 to procure expert services for digital solutions through a framework that will allow multiple service providers. Its focus on shared platforms, integrations, data management and modern application development underlines how cloud and digital services are now treated as long‑term ecosystems.
Beyond Finland, the Dutch province of Utrecht published a Cloud Platform Services tender in August 2025, covering transition, management, maintenance and the eventual exit of cloud services. The authority plans to keep overall IT service management in‑house while relying on a provider for day‑to‑day operations, a division of responsibilities that echoes Palkeet’s search for an expert partner rather than a full outsourcing.
Continuous service capability is becoming a standard requirement as public bodies recognise how dependent they have become on cloud‑hosted systems. Palkeet’s insistence on 24/7 cover fits with a broader pattern across Europe.
In August 2025, Norwegian foundation Stiftelsen Design og arkitektur Norge tendered an ICT services management contract focused on stable operations, a good user experience and “high uptime”, with a requirement for expertise in Microsoft 365. High availability is now framed as a core outcome of ICT procurements rather than a technical detail.
A few months later, in November 2025, Dutch organisation Sociaal Ontwikkelbedrijf Dokwurk sought a certified ICT partner for an ICT migration to Azure, emphasising a secure solution, compliance and support after migration. The parallels with Palkeet’s plan – move into or deepen use of Azure, secure the environment and ensure ongoing support – are clear.
Other procurements point to a diversified cloud landscape that still needs strong operational management. Kallio Software Oy issued a notice in November 2025 for application platform management services, including the provision of AWS capacity. Different public bodies are standardising on different cloud stacks, but almost all are looking for partners who can manage platforms, ensure continuity and navigate vendor‑specific complexities.
The emerging model is one of shared responsibility. Public authorities retain accountability for their data, processes and overall architectures, while specialised suppliers provide round‑the‑clock operational capability and cloud expertise. Palkeet’s procurement fits that model: it is not handing over ownership of its services, but it is seeking a partner that can guarantee availability and support continuous change.
The Palkeet notice underlines how cloud infrastructure for finance and HR has moved into the category of services that states view as critical to security of supply. It also shows how cybersecurity regulation and operational risk concerns now shape mainstream ICT tenders, not just niche security contracts.
Several questions remain open from the public summary: the eventual contract value, duration, precise service levels and the extent of any on‑premise‑to‑cloud migration yet to be done. Those details will determine how far the winning supplier becomes embedded in the Finnish state’s administrative backbone.
Across Finland and the wider EU, forthcoming notices are likely to continue this pattern: more cloud and SaaS procurements; stronger emphasis on uptime, continuity and compliance; and increasing use of expert frameworks to support digital platforms over many years. As Palkeet selects its cloud services maintenance partner, the outcome will be one more marker of how public administrations balance control, risk and expertise in the age of regulated, always‑on cloud services.
Follow Tenderlake on LinkedIn for concise insights on public-sector tenders and emerging procurement signals.