With us, shape your digitization as confidentially, sustainably, and cost-effectively as possible.
We provide highly innovative cryptographically sealed hardware modules to geographically distribute computing resources to edge locations for high resilience and lowest green-house gas emissions.
With our software these modules are managed, networked and enabled for cutting edge confidential computing. Our offerings combine the advantages of private on-premises and public cloud infrastructure.
With other offerings on the market, the promised sovereignty essentially depends on the integrity of the provider's employees and the effectiveness of organizational measures and formalities.
With BetterEdge, you can cryptographically verify which software is running on which processor, and you cannot lose your sovereignty thanks to a novel, patented, resilient availability of cryptographic keys.
Book confidential-computing-encrypted virtual machines (Trusted Execution Domains, TEDs) to run your software of choice securely and with high performance.
Starting 49 €/month
(2 vCPUs, 8 GB RAM,
256 GB storage)
License our unique confidential computing control plane to protect your workloads on your own data centre hardware from unauthorized internal or external access.
Starting 9.800 €/month
(SLA, unlimited TEDs,
RAM and storage)
Renew your on-premises hardware with managed plug & play BetterEdge hardware modules. Benefit from lucrative royalties. The unique perimeter seal replaces costly physical access controls.
Starting 15.000 €
(place anywhere,
plug & play maintenance)
Maximise your sovereignty with a complete own edge computing infrastructure. You run the unique Better Edge control plane and the innovative BetterEdge hardware modules.
Contact us for offer
(full technical
support available)
Every day, companies receive numerous sensitive documents that have to be processed manually. This processes shall be automated because they take a lot of time, are prone to errors and are unnecessarily costly. Large language AI models from mainstream providers are not suited for such tasks for two reasons: (1) The error rates of generic models are too high and (2) the confidentiality relies on the effectiveness of organisational measures and procedures. Evy Solutions has developed a solution for the automated processing and analysis of documents with its own AI, which yields an exceptionally high success rate and runs on BetterEdge for confidentiality, accountability and cost reasons.
In modern manufacturing plants and companies with highly automated processes, it is essential that valuable machines operate with as little disruption as possible. Hacker attacks on these machines must be avoided at all costs. Therefore, the best isolation of these machines from the Internet is necessary. At the same time, the demand for fast and freely programmable computing power in manufacturing and automation is growing just as rapidly as in other areas. Confidential computing can deliver both, these new requirements and provide particularly good isolation of the necessary data processing steps from the internet.
Medical research, especially in light of the new possibilities offered by artificial intelligence, relies on the ability to systematically evaluate large amounts of sensitive confidential health data without violating the personal rights of the patients or the regulations intended to protect them at the federal or state level. By distributing the locations where data is collected and anonymized, combined with the new level of security provided by confidential computing, medical research projects that were previously not legally feasible are now possible.
Society's dependence on critical infrastructure requires the application of the highest security standards, especially in the field of information technology, where attackers can disrupt and sabotage operations remotely. In order to meet this requirement, great care is taken when introducing technical innovations, which, however, also means that only relatively old technology is in use. Modern concepts of “self-healing” distributed computing infrastructure can contribute to a decisive improvement in the resilience of IT in the area of critical infrastructure.
In a globalized world, new contacts between different economic actors are constantly needed. Modern identification systems such as the Global Legal Entity Identifier are useful not only for the financial world but also beyond. Our partner and co-founder esatus is developing an easy-to-use integration of these means of entity identity management into open collaboration tools executed in BetterEdge confidential computing environments, thereby opening up a simple and trustworthy networking opportunity to a broad public.
If your company or organization relies heavily on the reliability of certain sensor signals, it is worth making the usage of these sensors tamper-proof. Normally, sensor signals can be spoofed relatively easy. Within unprotected settings, savvy attackers can generate wrong values even without being at the physical location of the sensor. This is not the case if the sensors and central data processing are made tamper-proof with cryptographic sealing, confidential computing and pairing of both by auditors. Then the reliability, credibility, and evidential value of sensor data is lifted to a new level.
You are a small or medium-sized business and want to consistently avoid unilateral dependency on cloud providers who can read and potentially misuse your content. Our partner awesome information technology has years of experience with the best open source applications needed for everyday use (NEXTCLOUD, XWIKI, TAIGA, ELEMENT, JITSI, etc.). Together, we have expanded confidential computing technology so that awesome can prove to you with cryptographic strength that no one can access your software and data without your explicit authorization.
On-premises and cloud computing (without crypto, including manufacturing) generate more than 3% of greenhouse gas emissions. Since computing is inevitable to tackle the climate catastrophy, this problem needs to be solved.
Missing Digital Sovereignty
In legacy systems data sovereignty does not exist for three reasons: (1) Security gaps in technology (e.g. providers can read along), (2) missing portability between providers (i.e. missing Open Source), and (3) mismatching legal systems in the USA and Europe.
According to a 2024 bitkom survey, more than 50% of corporations in Germany worry that sensitive data will be stolen and/or misused and that the lock-in on the service they had been using will economically be disadvantageous.
Verifiable Digital Sovereignty
Verifiable digital sovereignty means (1) no privileged provider access & verifiable hardware and software integrity (2) independent backup combined with cryptographic resilience and (3) practically available provider-switching options.
Data centres with thousands of servers will no longer be the only infrastructure for cloud services.
Both through technology and business innovations, more computational capacity is now found at the edge of networks.
Benefits resulting from distribution are new levels in sustainability and extended options for resilience.
We create a “network of clusters” from hundreds of secure and sustainable edge modules.
Clusters are either built across several campus availability zones with local networking or through broad-band low latency edge-to-edge public connections.
Since servers outside of data centres are no longer protected by physical access controls, Edge modules require a new type of physical access protection with a so-called cryptographic perimeter seal. This protection thwarts even the most sophisticated attempts to attack the integrity of the servers.
The best solution for making computing sustainable is to operate the cloud servers directly where renewable electricity is available locally, so that the power grid is neither burdened nor has to be paid for.
What's more, royalties could be received for electricity consumed by external workloads. In addition, the useful life of the servers is lucratively extended, as there is no pressure, as in the data center, to replace them early.
Encryption of data during transmission and in storage are established security measures. However protecting data during processing has not been practical for many years, until the availability of chips, which support confidential computing.
BetterEdge's Trusted Execution Domains (TEDs) provide a ground-breaking high level of security against breaches of confidentiality and integrity.
According to best practices, we not only apply RAM encryption, but also secure boot, signature verification, remote attestation and automatic full disk encryption.
Distributing computing resources increases protection against physical infrastructure failure. For maximum resilience, the software must also leverage the benefits of distribution.
With BetterEdge, this is achieved through a highly trusted source for cryptographic keys and a cryptographic attestation service. Even during initial installation and commissioning, no one can gain knowledge of cryptographic secrets.
What's more, this component, known as “Better Key Service,” is freely available (open source), enabling maximum digital sovereignty.
Until now, users of cloud services have only been able to verify the trustworthiness and integrity of the service based on the cloud provider's statements and the Internet address associated with the service.
The so-called “attestation” in confidential computing gives users the opportunity to verify with cryptographic reliability that the application software known to the users and not manipulated is actually being executed on secure processors.
Since the standardized server modules are manufactured centrally and refurbished after a life cycle, no IT personnel are required on site for commissioning or replacement.
The modules automatically integrate into a network of clusters of modules. The cryptographic sealing of the modules guarantees security against manipulation.
please click for details
Purpose:
The TeleTrusT working group “IT Security made in Germany” aims to present a joint image of the companies and institutions participating in the working group to politicians, business leaders, academics, and the general public at the German, European, and global levels.
Status:
real-cis GmbH is an active member in TeleTrusT and is authorized to use the seal.
please click for details
Purpose and Situation:
EUCS is a certification scheme to formulate European minimum cybersecurity standards for cloud computing according to the European Cyber Security Act. So far only a candidate criteria catalogue has been formulated by enisa, the European Union Agency for Cyber Security. The three proposed assurance levels "basic", "substantial" and "high" are designed to allow for comparison between different cloud services with regard to security. However, the criteria for the assurance level "high" are by far not suited to characterize cloud services digitizing mission critical processes.
Therefore an extension of the criteria catalogue with assurance levels "high+1", "high+2" and high+3", actually an open-ended scheme is proposed.
Status:
BetterEdge Services categorize in the proposed assurance level "high+3". Please contact real-cis GmbH for more information.
please click for details
Purpose and Situation:
The German BSI C5 (Cloud Computing Compliance Criteria Catalogue) is a scheme to attest German minimum security standards for cloud computing.
Status:
BetterEdge's cutting edge confidential computing technology exceeds the requirements of the BSI C5. BetterEdge is run and documented according to C5. After 12 months of operation, attestation shall be applied for. The documentation is available through our sales representatives.
please click for details
Purpose and Situation:
The data protection certification framework of the Trusted Cloud e.V. competence network (AUDITOR) defines certificates, which can be used by cloud customers as a guarantee that when selecting a "processor" (cloud provider) pursuant to data protection laws, the obligations of controlling the cloud provider have been fulfilled.
Status:
real-cis personnel has been actively contributing in the standardization progress of AUDITOR and its predecessor TCDP.
The certification process for BetterEdge in the highest protection class III is ongoing. The documentation is available through sales contact.
please click for details
Purpose and Situation:
ISO/IEC 27001 is the certification framework of the International Standardization Organization for minimum information security management standards. Most of its relevant norms are integral part of EUCS, C5 and AUDITOR.
The European Norm Family EN 50600 formulate minimum security standards for data centers. These standards to not fit well to the distributed approach of BetterEdge.
Status:
The effective protection of the BetterEdge's innovative cryptographic perimeter seal significantly exceeds the requirements of these standards. Nevertheless statements of compliance are available. Please do not hesitate to contact our sales personnel.
"We are a visionary yet down-to-earth company and cultivate respect, satisfaction and a great atmosphere at work. If you want to work on most advanced and green technical solutions for true data sovereignty and informational self-determination, join the team!"
“We have more than 25 bright minds (with more than 12 full-time equivalents) working together. We have a laboratory in Munich at the MTZ, but we also work from Frankfurt, Athens, and Bordeaux.”
Dr. Hubert A. Jäger, CEO
