It doesn't seem from this post nor the source text if there is a product they particularly recommend. But I guess from the "cloud at center" issue they would be fine with normal Office (the offline only suite) and LibreOffice/OpenOffice?
There is nothing to prevent an organization from deploying office 365, and simply use the desktop apps only, never storing any data off-site. The only difference between that and installing the non-365 version of the office products is that the software updates are more seemless.
So, Microsoft will push an update to extract the data? Did you forget a "/s" tag?
I mean... Windows is also owned by Microsoft, so they should ban all use of Windows. And also ban any binary distribution of software of any kind (yup, all school teachers will build their Linux from source now). Oh wait, a third party is making the firmware in your CPUs, better build those from scratch too... go get your pickaxe - you're going mining.
</s>
If the French Government has a goal of digital sovereignty and defending against entities like the NSA taking their data, then this is what it takes to meet that threat model.
A state actor could certainly compromise a Microsoft binary signing key with or without the cooperation of Microsoft.
Whoever controls the key that signs the binaries that touch your data, controls your data.
Using reproducible builds of open/audited software and firmware is a great start to make third party exfiltration of data more expensive. Next would be removing known backdoors like Intel ME until a migration can be made to open/audited hardware as well.
The path France is on is an expensive one to be sure, but if they stop at only ceasing use of offshore cloud services they are kidding themselves.
