Healthcare — HIPAA private cloud
HIPAA BAAs with a cloud vendor don't eliminate the PHI-leaves-your-network problem. On-Prem puts PHI on your own hardware under your own BAA — no FastYoke subprocessor clause needed for patient data.
Early access for Channel Partners and ISVs opening soon. Learn more →
Enterprise · Air-gap compatible
A single Rust binary, a persistent volume, and your own infrastructure. Tenant databases never leave your network. No outbound traffic required. Everything the Cloud SaaS platform ships — running on your hardware.
FastYoke On-Prem is the same single-binary Rust monolith that runs the cloud platform, deployed inside your own network. The audit log, tenant databases, compiled FSM rules, and WASM scripting tier are fully contained. Nothing calls home.
Air-gap means literally no outbound — not "reduced egress," not "optional telemetry." The binary does not phone home. You can cut the network cable after deployment.
Who needs it
If any of these describes your situation, the cloud option is the wrong starting point — regardless of what the cloud vendor's BAA says.
HIPAA BAAs with a cloud vendor don't eliminate the PHI-leaves-your-network problem. On-Prem puts PHI on your own hardware under your own BAA — no FastYoke subprocessor clause needed for patient data.
Data-residency mandates, MAS TRM, SOC 2 audit scope. Per-tenant SQLite means each client's data is a discrete file under your control — no commingled multi-tenant database to scope.
OT / IT boundary requirements, ISA/IEC 62443. FastYoke runs on Linux inside the operational network. The FSM engine evaluates guards locally — no cloud API call required on state transition.
GDPR data-residency, EU/UK data-localisation requirements, India DPDP, China PIPL. On-Prem pins data to a specific jurisdiction under your control — not a multi-region cloud with contractual residency guarantees.
Your product ships inside a client's private cloud or on-premise environment. FastYoke On-Prem is the right target for ISVs who build on FastYoke Runtime locally and deploy a self-contained platform inside the client's network.
What ships
FastYoke On-Prem is not a stripped-down edition. Everything the Cloud SaaS platform ships, runs on your hardware:
Deployment shapes
Single-node (development / small teams). One Linux VM, one persistent volume. The FastYoke Runtime tier. SQLite WAL on the volume, Litestream to a local backup target. Appropriate for development environments and internal tooling teams that don't need HA.
Single-VM production (the standard shape). One VM with a persistent volume, Litestream replication to an S3-compatible backup target. The same shape the cloud platform runs on — we operate it for you in the cloud; you operate it yourself on-prem. Handles production multi-tenant loads for most regulated environments.
Private cluster with FastYoke DB (bring your own cluster). For workloads that need HA, geo, or DR inside your own network, Enterprise+ customers can point FastYoke DB at their own YugabyteDB or CockroachDB cluster — running on your own hardware or in your private cloud account. FastYoke DB defaults to managed hosting on YugabyteDB Aeon or CockroachDB Cloud; the BYOC path is the alternative for customers with private-cloud data-sovereignty requirements where FastYoke cannot operate the cluster on their behalf.
Honest tradeoffs
On-Prem procurement starts with a short technical conversation: network topology, data-classification level, tenant count, and any vertical-specific compliance posture. Email security@fastyoke.io with the subject On-Prem and we'll route you to the right conversation.
For implementation — schema authoring, FSM design, initial install, integration wiring, and the first 60-90 days of operator training — see the Strategic Partner page. iNetko handles On-Prem deployments directly.
Request early access — On-Prem
Talk to iNetko
For ISVs building on FastYoke locally before embedding inside a client network, the FastYoke Runtime page covers the development workflow.
Related reading: Sovereign git, config as code, and how we built the Vault — the sovereignty model that underpins keeping tenant data fully on your own hardware.