CyberGhost VPN consists of more than 600 servers (December, 2016) in 23 countries and partners with different providers.
To get access to a server one needs a RSA key (just a user name and password are no option). That key will be generated individually and is secured on an encrypted mobile media (usually an USB stick with a TrueCrypt Volume). Furthermore the private key on that drive will be encrypted with a different password.
A direct access to our VPN servers is restricted to a small group which consists at the time being (April 2013) of four persons. Neither a worker of a computer center nor a server provider is included to this group of persons. Furthermore we have strict contracts with our partners, among them Kaia Global as our own carrier, establishing very harsh security requirements, e.g. that a system has to be wiped completely, before a server can be withdrawn.
All servers are installed and configured by CyberGhost! A computer center only provides the hardware. This too is due to our high security policy.
Please note also that we don't store any data on our VPN servers or login system that could be used to find out, who accessed which server at what time or compromise the anonymity of our users in any other manner.
CyberGhost has been certified by QSCERT with ISO 9001 and ISO 27001. ISO 9001 attributes internal work flows, ISO 27001 regulates technical work flows and security standards, both being very high ranking quality measures, only given after extensive audits.