• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
Media Log in
Instagram Twitter Linkedin-in
  • DE
  • EN
Cube5 Logo

Cube 5

Creating IT Security Startups

  • About us
    • The Team
    • Ecosystem
    • Podcast Nachgehackt
  • Our services
  • StartUpSecure
  • News
    • Dates
  • Contact

13. October 2022 | Startup News

Shielded Data Processing in the Cloud

The following interview with Felix Schuster was conducted as part of the special IT security issue of the science magazine Rubin 2022/23.

Using cloud services without running into trouble with the GDPR – the company Edgeless Systems makes it possible. Founder Dr. Felix Schuster reflects on the somewhat difficult entry into a new market.

It was just the two of them on a park bench – this is how Felix Schuster and Thomas Tendyck celebrated the launch of their company Edgeless Systems in the spring of 2020 during the coronavirus lockdown. A good two years later, they have a team of 15, high-profile customers and a prestigious company headquarters in Bochum. Still, the start was not always easy, as Felix Schuster recounts in an interview.

rubin edgeless 2
The company programs software for secure cloud computing. Copyright: Michael Schwettmann

Mr. Schuster, you understand how to use cloud applications, for example in the USA, without coming into conflict with the General Data Protection Regulation (GDPR). What exactly do you offer your customers?

We programme software for secure cloud computing – the marketing term is confidential computing. The fundamental problem with cloud computing is that data is usually processed in plain text. This means that employees of cloud providers or authorities may be able to access it. As a result, companies from the EU can’t use these cloud services, which are mostly based in the USA. We make sure that you can use the cloud like your own computer. The reason why this is possible is that, for almost ten years now, processor manufacturers have been building functions into the hardware that allow data to be processed in encrypted form. Prior to that, data could be encrypted during transport and on the hard disk, but had to be decrypted for processing. With our software, we ensure that the data remains encrypted at all times, and that this fact can be verified. The processor issues a certificate confirming what has been done with the data and that it hasn’t been decrypted at any time.

For which type of applications is this significant?

A typical scenario is that a company has an application running locally, but wants to move it to the cloud in order to save resources. An example of this would be personnel management software. This involves personal data that requires high levels of protection. Or an example from our practice: our partner Bosch collects data from smart cars. Here, we are talking about intellectual property, and pictures of passers-by can also be involved. The cloud hardware facilitates the shielding and encrypted processing of this data, so to speak. But since that doesn’t work on its own, it needs software like ours.

Can every customer then use these functions quite easily or do you need to bring in people with IT expertise?

Our programme is based on Kubernetes, a very common application in clouds, which is usually already in use at the customer’s organisation. The basic features are therefore often known to the users. But there has to be someone on site who knows the ropes.

rubin edgeless 3
The team currently consists of 15 employees. More are being sought. Copyright: Michael Schwettmann

You started out by offering your software free of charge and as an open source. How can you finance yourself on that basis?

Currently, it’s pretty much common practice to offer a kind of extended free trial version to begin with. Obviously, you run the risk that users will be satisfied with it and stick with it, or that the competition will copy the programme. But the advantage is that you have a very low-threshold offer for potential customers. The first step has already been taken, and maybe the customer will come back to us to purchase an enterprise version. In a market as new as ours, this is a good way to see where customers stand. It also helps to identify and acquire new clients. A year after the first free offer, we received many attractive requests. Unlike in the US, however, this business model is rather uncommon here, and you’re met with incomprehension. But we’ve been much better received by investors.

Seeing that the market is still so young, is there any competition to speak of?

Yes, there’s a lot of competition actually, especially in the USA. But our product is the most mature. The market just has to figure that out. Currently, very few customers know what secure cloud computing is – they may be aware of their problem, but they don’t know the solution. There’s still a lot of explaining to do.

Doesn’t the GDPR play into your hands?

It can definitely be a driving factor. With this in mind, we would also like to cooperate more with European cloud providers. We would then be able to develop a service on the provider’s side, and the customers wouldn’t have to do anything themselves, but could simply be sure that their data is protected.

Let’s go back to the beginnings of Edgeless Systems: was it always your wish to start your own business?

I already wanted to start a software company when I was still at school. During my studies, I worked in a small company, and that’s when the wish solidified. One of my main reasons to pursue a PhD was to search for exciting technologies as a basis for starting up a company.

What does your typical workday look like today?

Well, I’m no longer involved in the technical side of things. They are the domain of my co-founder Thomas Tendyck. I still take care of the product vision and parts of the architecture. Other core tasks include public relations, customer acquisition, staff recruitment and the acquisition of investor funds. In addition, there are many other minor tasks relating to human resources, operations and finances.

Have you ever regretted the start-up?

I have at times – there are always ups and downs. But in general it was a good decision. It’s a lot of fun, though very stressful. I have learned to handle it.

If you could look into the crystal ball and get a glimpse of the next five years, what would you like to see?

As an enterprise, we’re still in the phase of optimising the product market fit – which is perfect if, for example, you can offer a vaccine during a pandemic, so you have exactly the product that the market is demanding at the moment. We’re currently trying to achieve this fit. We’re learning a lot. We want to become the platform for highly secure cloud computing.

In five years, we should have scaled our business model and have over 100 employees. Looking still further into the future, we should be ready for an IPO or a sale of the company. These are the two goals for venture-backed companies like us.

Which advice would you give yourself if you could go back two years?

We started out with a fairly engineering mindset and got bogged down in some areas in order to minimise the risk. Looking back, I’d say we should have taken more risks at an earlier stage and accepted the possibility of failure. And: this is an exciting but also a difficult market. Next time, I’d choose a market that is already somewhat more developed.

That sounds like you’d consider another start-up after a possible sale of your company?

Definitely. But maybe after taking some time off first.

Edgeless Systems
The two founders of
Edgeless Systems met while studying at RUB. They laid the groundwork for their start-up with the support of the business incubator Cube 5. Cube 5 is based at the Horst Görtz Institute for IT Security and the Faculty of Computer Science at Ruhr-Universität and is part of the Worldfactory Start-up Centre. The company currently has 15 employees, ten of them full-time. The founders are looking to recruit new staff, preferably from RUB, where most of the current members of staff had studied.


The article is published as part of the IT security special issue of the science magazine Rubin 2022/23.

To the Outreach Website


  • tweet 
  • share  
  • share 
  • share 
  • share 

Primary Sidebar

Latest News

Foundation, team expansion and new funding - an eventful time lies behind the AI startup ai.dopt. In an interview with … Read More about AI startup ai.dopt receives StartUpSecure funding

The following interview with Felix Schuster was conducted as part of the special IT security issue of the science … Read More about Shielded Data Processing in the Cloud

The Cube 5 team from Bochum is sending its Next Gen Startup Incubator inCUBE into the next round. Early-stage … Read More about Cube 5 seeks startups for cybersecurity incubator inCUBE Batch #2

Our lives are becoming increasingly digital – and the topic of IT security is thus becoming more and more important. The … Read More about Podcast “Nachgehackt” is on the air

Ten particularly innovative startups from all over Germany qualified for the "SpeedUpSecure" accelerator program for … Read More about Accelerator SpeedUpSecure 2022: Closing event and award ceremony

Cube 5 and the Horst Görtz Institute for IT Security invite all HGI alumni, students and young founders* to the Alumni … Read More about Alumni Angel Meetup 2022

From the winter semester 2021/22 our office hours to establishment in the IT security takes place on Wednesdays. The … Read More about Open office hours from now on Wednesdays

With the reestablishment of the Faculty of Computer Science, the CCS and HGI offices, the May, Kiltz, Leander, Acosta, … Read More about Horst Görtz Institute for IT Security moves into building MC

The Entrepreneurship Explorer Ruhr 2021 offers international and entrepreneurial-minded early career researchers in … Read More about Entrepreneurship Explorer Ruhr starts application phase

Latest News

AI startup ai.dopt receives StartUpSecure funding
14. November 2022 StartUpSecure

AI startup ai.dopt receives StartUpSecure funding

Foundation, team expansion and new funding - an eventful time lies behind the AI startup ai.dopt. In an interview with ... Weiterlesen …
Shielded Data Processing in the Cloud
13. October 2022 Startup News

Shielded Data Processing in the Cloud

It was just the two of them on a park bench – this is how Felix Schuster and Thomas Tendyck ... Weiterlesen …
incube Inkubator Cube 5
6. September 2022 Startup News

Cube 5 seeks startups for cybersecurity incubator inCUBE Batch #2

The Cube 5 team from Bochum is sending its Next Gen Startup Incubator inCUBE into the next round. Early-stage cybersecurity ... Weiterlesen …
nachgehackt news
1. August 2022 An der RUB

Podcast “Nachgehackt” is on the air

Our lives are becoming increasingly digital – and the topic of IT security is thus becoming more and more important ... Weiterlesen …

Footer

Contact

+49 (0) 234 32-29822
info@cube-five.de

  • Imprint
  • Privacy Notice

Address

Ruhr-Universität Bochum

Horst-Görtz-Institut für IT-Sicherheit
Cube 5
Gebäude MC 0/70
Universitätsstraße 150
44780 Bochum

sitemap

  • Frontpage
  • About us
  • Ecosystem
  • Our Services
  • News
  • Dates
  • Contact
  • Podcast Nachgehackt
  • Podcast Nachgehackt
Logo Horst-Görtz-Institut