Mainz University of Applied Sciences relies on IAMaaS from IAM Factory AG

secure identity management

with open source and digital sovereignty

Identity management that grows with the campus.

With Mainz University of Applied Sciences, we show what secure identity management looks like today: Open source, hosted in Europe, tailor-made for university operations.

Inhaltsverzeichnis

Digital sovereignty as a strategic necessity

Why is secure identity management becoming a key challenge for universities?

In an increasingly digitalized world, the secure management of digital identities is becoming a key challenge for organizations of all kinds. Universities face particular challenges in this regard: Not only do they have to manage thousands of students, lecturers and staff, but they also have to securely connect a large number of systems, applications and services, all on a constantly tight budget. Where this administration is still done manually, it is time-consuming, error-prone and a considerable security risk. At the same time, the threat of cyber attacks is constantly increasing – German universities are also regularly targeted by professional attackers.

As IAM Factory AG, we have made it our mission to offer public, scientific and non-profit organizations a solution that is not only technically convincing, but also complies with the principles of digital sovereignty. With over 25 years of experience in the field of Identity and Access Management (IAM), a clear commitment to open source software and European values, we offer an alternative to the offerings of international corporations.

This case study documents the successful partnership between IAM Factory AG and Mainz University of Applied Sciences – a project that shows how modern identity management can be implemented quickly, securely and confidently.

Mainz University of Applied Sciences: Portrait of a modern university

What makes a university’s IT infrastructure so complex?

Mainz University of Applied Sciences is one of the leading universities of applied sciences in Rhineland-Palatinate and combines three faculties under one roof: Engineering, Design and Business. With around 5,500 students, 160 lecturers and over 400 employees, it offers a wide range of degree programs, including innovative courses such as the new Bachelor’s degree in Cyber Security Management, and as a university prepares its students for the challenges of the digital future.

However, a university’s IT infrastructure is often very complex: students, teachers, administrative staff and external partners need access to a variety of systems – from campus management and learning platforms to email services and cloud services. Managing these accesses and authorizations is a logistical and security challenge that can hardly be mastered without professional identity and access management. This is especially true under the conditions under which German universities are trying to recruit and retain experienced staff.

The challenge: complexity, dynamics and the need for a professional IAM

Why is manual identity management reaching its limits?

Mainz University of Applied Sciences faced a challenge that many educational institutions are familiar with: an IT landscape that has grown over the years and the need for students, teachers and staff to be able to work seamlessly everywhere. The complexity of the distributed and heterogeneous infrastructure makes central, uniform management of digital identities a necessity.

Added to this is the highly dynamic nature of university operations: students change every semester due to new enrolments, exmatriculations and course changes. There is also a constant turnover of teaching staff, administrative staff and external partners. This fluctuation creates a considerable amount of work in user administration: accesses have to be set up, adjusted and withdrawn again. Preferably always reliably, promptly and across all systems.

It was precisely this structural problem that led to the collaboration with IAM Factory AG. The university was looking for a solution that would reduce the administrative workload, guarantee security and be flexible enough to keep pace with the dynamic nature of university operations.

The cyberattack on the university at the end of November 2025 acted as a catalyst in this context: the attack paralyzed all IT systems, necessitating a complete rebuild of the infrastructure and requiring immediate action. What initially began as a crisis turned into an opportunity – the university used the forced restart to fundamentally rethink its IT security architecture.

The incident also revealed weaknesses in the previous identity management system: Who had access to which systems? Had former employees been completely removed from all systems? These questions could not be answered easily. In future, a modern IAM solution should ensure that such ambiguities do not arise in the first place and that all access rights are managed transparently and comprehensibly.

The solution: IAMaaS from IAM Factory AG

Why was IAM as a Service chosen?

After careful discussion and consideration of various solutions, Mainz University of Applied Sciences opted for the IAMaaS solution from IAM Factory AG. The decision was based on several key factors:

Immediate availability: As a SaaS solution, IAMaaS was immediately ready for use. There was no need to set up a complex on-premises infrastructure, which was crucial given the urgency following the cyberattack.

Predefined processes for universities: The IAM Factory AG solution is specially tailored to the requirements of universities. Standard processes and common data models for managing students, lecturers and employees were already preconfigured.

Conserving resources: SaaS provision eliminates the need for high internal operating and maintenance costs, investments in hardware and the search for, training and continuous professional development of specialized personnel.

Flexible rental model: The cost model takes into account the special requirements and budget structures of universities, especially because the necessary identity accounts for students are exempt from the rental costs at IAM Factory AG.

The technology: midPoint as an open source basis

At the heart of the IAMaaS solution is midPoint, a leading open source platform for Identity Governance and Administration (IGA). MidPoint is developed by the European company Evolveum and combines classic identity management with modern identity governance requirements.

The platform supports all essential and advanced use cases of the identity lifecycle as well as the growing requirements for information security and data protection. The source code is subject to the European Union Public License (EUPL) – one of the most liberal open source licenses on the market.

MidPoint offers extensive functions for identity governance: The software manages roles and access rights for all business processes and offers a high level of security with various policy options. Comprehensive auditing allows all interactions to be traced in detail. A feedback mechanism also checks the appropriateness of all relevant decisions.

For Mainz University of Applied Sciences, this means maximum transparency about how the software works, no black box, and the certainty that the code is continuously tested and improved by a global community of experts. Numerous critical infrastructures – including banks, administrations and research institutions – rely on open source because it represents the most reliable basis in the long term.

Digital sovereignty: more than just a buzzword

What does digital sovereignty mean in concrete terms for the university?

A key aspect of the decision to opt for IAM Factory AG was the issue of digital sovereignty. In times of geopolitical uncertainty and increasing dependence on non-European technology companies, the question of where data is stored and who has access to it is becoming more and more important.

IAM Factory AG follows a consistent approach here: all servers are operated exclusively in Germany, in a data center run by a German operator. No cloud platforms of international HyperScalers are used. A separate system environment with complete data separation is provided for each customer.

This was a decisive argument for Mainz University of Applied Sciences: as a public educational institution, it bears particular responsibility for the data of its students and employees. The certainty that this data is processed exclusively in the European legal area and is not exposed to access by non-European authorities or companies creates trust and security.

Resilience against external influences through the use of European solutions is an important key to security – not only technically, but also strategically and politically.

Implementation: Fast, structured, accompanied

How does the introduction of the IAMaaS solution work?

The introduction of the IAMaaS solution now follows a proven process from IAM Factory AG, which is specifically designed to meet the needs of organizations with limited IT resources.

Target workshops: The university’s target image is developed in several joint technical and specialist workshops. The solution components are defined and integrated into the overall strategy and IT architecture.

Concept: The life cycle of the various identity groups is recorded and the interaction of the source and target systems is coordinated with the integration and automation using IAM.

Implementation: The IAM system is provided and set up, the connection is secured via site-to-site VPN, the source and target systems are connected, the data flow and processes are mapped and self-services and reporting are set up.

Ongoing support: IAM Factory AG offers 24/7 operation with monitoring, gradual expansion of functionality, connection of additional target systems and personal support in the event of errors or malfunctions.

Thanks to the predefined processes and interfaces, Mainz University of Applied Sciences can put the solution into operation much faster than would have been possible with a traditional on-premises implementation. In addition to the comprehensive functionality and security, this was of crucial importance given the urgency following the cyberattack.

Less effort, more security, full control

What concrete benefits does IAMaaS bring to everyday university life?

The introduction of IAMaaS will bring measurable benefits to Mainz University of Applied Sciences. The project impressively demonstrates how a well thought-out IAM strategy not only closes security gaps, but also increases operational efficiency and realizes long-term cost benefits:

Increased security: The centralized, automated management of all digital identities and access rights significantly increases the level of security. It is now always possible to see who has access to what and why.

Time saving: Manual administration tasks, which used to take a lot of time and often took a long time to complete, are now carried out automatically. Settings and personnel changes no longer require manual adjustments to authorizations.

Conservation of resources: The IT department can concentrate on strategic tasks instead of spending time maintaining a complex IAM system and on manual administrative tasks.

Compliance and audit compliance: All interactions can be traced in detail. This is not only important for internal control, but also for meeting regulatory requirements.

Future-proof: Thanks to the open source basis and continuous further development by Evolveum and IAM Factory AG, the solution is future-proof in the long term.

An approach that sets an example

Why is this project more than a stand-alone solution?

The project between IAM Factory AG and Mainz University of Applied Sciences is an example of what modern IT security solutions can look like: quickly available, resource-efficient, transparent and sovereign. The university’s decision not to simply return to the status quo after the cyberattack, but to fundamentally rethink the IT security architecture, was courageous and far-sighted.

Choosing a solution that is based on open source, operated in German data centers and from a European provider is more than a technical decision – it is a statement of digital sovereignty and resilience. At a time when dependence on non-European technology providers is increasingly recognized as a risk, this project points the way to the future.

IAM Factory AG stands for identity with integrity, for trust through technology – with attitude and responsibility. The partnership with Mainz University of Applied Sciences is proof that these values are not just words, but are put into practice.

“After the cyberattack on our university, we were faced with the task of completely rebuilding our entire identity management system under enormous time pressure. What convinced us about working with IAM Factory right from the start was the flexibility at all levels. The IAMaaS solution was immediately available and came with predefined processes for university operations – at the same time, it gave us the leeway to introduce our specific requirements step by step. The communication was exemplary: transparent coordination, short decision-making paths and a team that really understood our situation. As CISO, it was particularly important to me that we didn’t have to compromise on security despite the speed. That’s exactly what IAM Factory delivered.” – Nicolai Kuntze, CISO at Mainz University of Applied Sciences

Complex identity management, scarce resources, unanswered questions? Talk to us – together we’ll find an approach that suits your situation. Contact us now or call us with your questions.