Modern AI, without giving up control.

A-Team

A-Team combines proven open building blocks with controlled AI and stays under direct control: for organisations whose mandate demands confidentiality.

Your data, your knowledge, your AI

A-Team grows out of a simple conviction: anyone accountable for confidentiality should be able to use modern AI without giving up sovereignty over data, knowledge, and operations. Professional secrecy, client and patient confidentiality, and the protection of donor and member data form the basis of the work. That is exactly where control matters most.

Sovereignty is an asset here, not a brake. Data sovereignty, local anchoring, and the absence of vendor lock-in can be represented openly towards clients, patients, and members. Confidentiality becomes an advantage rather than an obstacle, and open building blocks suit organisations whose mandate demands independence.

le dot runs its own work on exactly this framework. A-Team is therefore used in-house and proven, not merely offered.

Open building blocks, controlled AI, clear traceability

A-Team combines proven open components with the latest controlled AI: open and secure at once. Every building block stays replaceable. Existing tools such as Microsoft 365 or specialist applications stay where they make sense, without forced migration.

Every AI request runs through clear approvals, and every action stays tied to a named human role. Agents act as attributable identities with limited rights. The permission model applies to agents just as it does to people, and where that is enough, their access can be limited to read-only. Traceability therefore stays a property of operations rather than an after-the-fact report: model choice, data flow, and sources stay visible, and auditability is enforced technically instead of merely documented.

Hosting stays under direct control, up to fully isolated operation.

Want to see how this looks in a concrete setup? Request an A-Team demo.

The building blocks and their value

Each building block solves a concrete task, and the value comes before the mechanics:

  • One sign-on for all services, with clear rights and less friction in everyday work.
  • Collaboration and files in one place, working together without scattering data.
  • Knowledge base: answers from the organisation's own sources, with a traceable reference instead of repeated searching.
  • Controlled AI, with model choice and data flow kept under direct control.
  • Controlled agents that take on recurring work, carry out research, or merge and analyse data, while every action stays attributable.
  • Familiar foundation, new leverage: A-Team builds on IT tools that have been in use for years and adds RAG, language models, agents, and automation.

The system at a glance

The framework is built in layers, from a load-bearing foundation up to value creation, with a governance bracket spanning all layers. Each box stands for a function; the tools in brackets are interchangeable examples.

flowchart BT
    accTitle: A-Team as a layered container diagram
    accDescr: The A-Team framework in four layers that build on each other, enclosed by a dashed governance bracket across all layers. The foundation carries infrastructure under direct control, identity and access, and secure network access and operations. Above it sits collaboration and knowledge with collaboration and files and knowledge management. Above that the controlled AI with knowledge retrieval with source binding, model gateway, and data classification and approvals. At the top is value creation with agents and automation and interfaces and integration. The dashed governance bracket encloses all layers and bundles machine and agent identities, approvals, and traceability across all layers.
    subgraph GOV["Governance and accountability — across all layers (identities, approvals, traceability)"]
        direction BT
        subgraph L1["1 Foundation"]
            HOST["Infrastructure under direct control<br/>(own servers, CH data centre, containers)"]
            IDENT["Identity and access<br/>(Authentik, Keycloak, Entra ID)"]
            NETOPS["Secure network access and operations<br/>(NetBird, Tailscale; Grafana, Prometheus)"]
        end
        subgraph L2["2 Collaboration and knowledge"]
            COLLAB["Collaboration and files<br/>(M365 and Nextcloud)"]
            KNOW["Knowledge management<br/>(Wiki.js, BookStack)"]
        end
        subgraph L3["3 Controlled AI"]
            RAG["Knowledge retrieval with source binding<br/>(Open WebUI, own RAG pipeline)"]
            GATE["Model gateway<br/>(own gateway, LiteLLM)"]
            CLASS["Data classification and approvals<br/>(policies, tagging, approvals)"]
        end
        subgraph L4["4 Value creation"]
            AGENT["Agents and automation<br/>(own workflows, n8n, GitLab CI)"]
            API["Interfaces and integration<br/>(APIs, webhooks, connectors)"]
        end
        NHI["Machine and agent identities<br/>(token and secrets management, Vault)"]
    end
    L1 --> L2 --> L3 --> L4
    style GOV stroke:#c1121f,stroke-width:2px,stroke-dasharray:6 4

Legend

  • Layers from bottom to top: the foundation carries, above it sit collaboration and knowledge, then the controlled AI, and at the top value creation.
  • Each box stands for a function, not for a fixed product. Tools in brackets are interchangeable examples.
  • An "and" in brackets means combinable; an "or" means selectable.
  • Solid arrows show the data flow over open standards and clear approvals.
  • The governance bracket acts as a dashed line across all layers: identities, approvals, and traceability apply everywhere.

Building blocks in depth

Background on the notation: C4 model and docs-as-code. The way of working behind the framework is described in the A-Team framework.

Operating frame

A-Team is not rolled out as a one-size-fits-all solution. The first scope follows the organisation profile, the confidentiality requirement, and the existing infrastructure. Typical profiles map to the following segments:

  • Law firms, trustees, and practices bound by professional secrecy: usually the SME with Microsoft 365 profile, and for the highest protection needs the air-gapped operation.
  • NGOs and associations: depending on size, the association segment or the SME with Microsoft 365 profile.
  • Teams with their own IT and development: the lab and development segment.
  • Highest isolation requirements: the air-gapped operation.

The path to A-Team

From introduction through integration to enablement, le dot accompanies the path to A-Team, without vendor lock-in.

Introduction and pilot

A working first step on the organisation's own data, with a clear result within the Swiss legal framework.

Integration with existing systems

A-Team connects to the existing systems, without disruption and without vendor lock-in.

Governance and security

Traceable AI that holds up to data protection and the EU AI Act, verified rather than claimed.

Enablement and coaching

The organisation's own team becomes capable in its own right; le dot accompanies and does not lock in.

See A-Team in action

A demo shows A-Team through the functions that matter: from sign-on and knowledge search to controlled AI. The first scope follows the organisation type, the existing infrastructure, and the prioritised use case.

Select functions and request a demo

Related topics