Tallberga
Decades of opacity
For a long time, the default was to buy infrastructure as a black box. Data and systems sat inside products and platforms you couldn't inspect, built by vendors whose interests weren't necessarily yours. You trusted — but you couldn't verify.
That model created three compounding problems: vendor lock-in that limited options and drove up costs; jurisdictional exposure that left EU organisations subject to non-EU law; and compliance fragility where adequacy decisions and regulatory frameworks could shift without warning.
"Adequacy decisions are not permanent. Infrastructure decisions can be."
Organisations that built on proprietary US-owned cloud found themselves exposed when Schrems II arrived. Those that had already moved to EU-sovereign infrastructure found themselves ahead — not because they predicted the ruling, but because they had already made control a design principle.
Transparency is a security property
Open source code is auditable code. When your hypervisor, your identity provider, and your network stack are open source, you can inspect what they do. Independent researchers can find and disclose vulnerabilities. The community can verify claims. You don't have to take anyone's word for it.
This matters most in the components closest to your data. A proprietary firewall with closed firmware is a promise. An OPNsense firewall is a verifiable fact. That distinction compounds across every layer of your infrastructure.
- Inspect the code running your hypervisor, IdP, and firewall
- Benefit from global security research and rapid vulnerability disclosure
- Avoid hidden backdoors and undocumented data collection
- Maintain an audit trail your compliance team can actually use
You own the result — not us
Most IT consultancies profit from dependency. Repeat engagements, proprietary tooling, undocumented systems — these are features of a retention model, not a delivery model.
We work differently. Our engagements are project-based and outcome-defined. We come in to design, build, and transfer knowledge. When we leave, you have:
- Infrastructure-as-code you can run, extend, or hand to another team
- Full technical documentation and runbooks
- A team that has been trained on the stack
- Zero ongoing contractual dependency on Tallberga
This isn't generosity — it's a different business model. We get paid for the quality of our delivery, not for how hard it would be to replace us. It means we're incentivised to build things that genuinely work.
Why the timing is right
The open source infrastructure ecosystem has matured. Tools like Proxmox, OPNsense, Kanidm, NetBird, and Wazuh are enterprise-grade. Automation tooling — Ansible, Terraform, OpenTofu — makes complex deployments reproducible and maintainable. The gap between open source and proprietary in terms of capability has largely closed.
At the same time, the regulatory and geopolitical environment has sharpened the cost of not having sovereignty. GDPR enforcement is active. The adequacy framework is contested. Organisations in Sweden and Germany face concrete compliance obligations that proprietary US-owned infrastructure can't reliably satisfy.
The question for most organisations isn't whether to move — it's when and how. We're here to make the how straightforward.