Robust Security Measures

Implement industry-leading firewalls, intrusion detection systems, and data encryption technologies to safeguard our network and infrastructure.

Regularly assess and patch vulnerabilities in systems and software to prevent unauthorized access and data breaches.

Replace outdated systems and update services to prevent security breaches and

Conduct security awareness and ethics training for all university community members to promote responsible online behavior and mitigate social engineering risks.

TUM digitalization strategy, Security, Martin Friebe


Martin Friebe
TUM digitalization strategy, Security, Moritz Göppl


Moritz Göppl

Together, we want to embrace this digitalization journey, empowering each member of our university’s administration and science management to work more efficiently, collaborate seamlessly, and contribute to a sustainable future. The dedication and active participation of each member of our TUM community will be vital in realizing this vision.


Dr.-Ing. Alexander Braun

Senior Vice President, CIO

Certification and Access Control

Certify IT processes at TUM according to current ISO standards to achieve more professional service levels and internal and external trust.

Classify data based on sensitivity and define access levels accordingly to ensure that only authorized personnel can access and handle sensitive information.

Implement multi-factor authentication and strong password policies to strengthen user access controls. Single Sign On (SSO) methods are enforced wherever possible.

Regularly review and audit user access privileges to minimize the risk of data exposure or unauthorized access.

Privacy by Design

Embed privacy considerations throughout the entire lifecycle of systems and services, ensuring that privacy is prioritized from the design phase.

Conduct privacy impact assessments to identify and mitigate potential privacy risks associated with new technologies or processes.

Implement privacy-enhancing technologies such as data anonymization and pseudonymization to protect personal information while maintaining utility.

Cloud-based Systems

Leverage cloud-based systems to enhance agility, scalability, and cost-efficiency while mitigating risks.

Conduct thorough due diligence when selecting cloud service providers, ensuring they have robust security measures and comply with data protection regulations.

Implement encryption and access controls to protect data stored and processed in the cloud and monitor cloud environments for anomalies or breaches.


Establish a data protection framework aligned with the General Data Protection Regulation (GDPR) requirements.

Regularly review data processing activities, update privacy policies, and implement data subject rights procedures to fulfill GDPR obligations.

Establish a Governance, Risk, and Compliance (GRC) system that includes a Data Protection Management System (DSMS) and addresses relevant security and project requirements.

Topics: Information Security and Data Privacy

Abbildung zeigt einen Serverraum

IT security task force established

As of August 1, 2023, TUM has appointed a new task force for IT security, which will handle all IT security issues.
Abbildung zeigt ein Netzwerk aus elektrischen Bahnen

TUM Guideline for the use of AI

The use of AI-supported processes / algorithms and AI-supported tools is steadily increasing. Ki and data protection are not mutually exclusive.

Vulnerability scans on all IT systems

Our IT security team has started to scan all of TUM networks for security vulnerabilities within our systems using the Greenbone Security Assitant.

Generate your user certificate on your own

As a student or employee/guest of TUM, you can easily generate a user certificate for your TUM email address(es) via TUMonline.