Sovereign Business IT Instead of US SaaS Dependency: How ayedo Strategically Uncoupled a Technical Service Provider

Standard SaaS is convenient. Until it becomes a strategic risk.

Many medium-sized companies rely on Microsoft 365, Zendesk, or DocuSign—not out of conviction for US cloud infrastructure, but because it is readily available and works without an in-house IT team. The systems run, updates are automatic, and the operational effort seems minimal.

However, once customers from regulated industries come into play, the criteria shift. It’s no longer about features, but about control. About legal jurisdiction. About traceability. And about who can enforce access to business-critical data in an emergency.

This was exactly the situation Meridian Industrieservice faced.

Initial Situation: Functionally Stable – Strategically Vulnerable

Meridian is a technical service provider for plant maintenance and repair with around 180 employees in the DACH region. A large part works in the field at industrial companies—including operators of critical infrastructure.

There was no in-house IT team. The entire IT was managed by an external service provider.

The tool landscape was typical for many medium-sized companies:

Microsoft 365 for communication and documents, Zendesk for customer service ticketing, DocuSign for contracts and maintenance protocols.

Operationally, the setup worked. But with increasing regulatory requirements, the evaluation fundamentally changed.

Several industrial customers began to specifically inquire about data processing during audits. Where are the communication data stored? Who has access? Under which legal framework do they fall? What exit strategy exists?

The answer “Microsoft Cloud, EU region” was no longer sufficient.

Regulatory Pressure: EU Region Does Not Equal Data Sovereignty

With the intensified discussion around the US CLOUD Act and the fragile political situation surrounding transatlantic data protection agreements, it became clear: Even if data is physically stored in Europe, US providers may still be subject to US law.

For customers in the KRITIS environment, this is not a theoretical problem. It is a compliance risk.

A major customer explicitly made the extension of a framework contract dependent on Meridian no longer using US cloud services for order-related data.

At the same time, the previous IT service provider announced a 25% price increase.

What initially seemed like a technical issue developed into a strategic decision:

Does Meridian want to continue being just a user of foreign platforms—or regain control over its own digital infrastructure?

This is where we, as ayedo, stepped in.

ayedo’s Approach: An Integrated, Sovereign Business Platform Instead of Isolated SaaS Tools

Our goal was not to replace individual tools.

Our goal was to provide Meridian with a consistent, integrated, and fully Germany-operated business platform—as a Managed Service on the ayedo Managed Kubernetes infrastructure.

The entire solution runs in German data centers, operated and monitored by ayedo. Meridian has no operational effort for patches, backups, or updates—but full transparency over location, access, and architecture.

The key was integration.

From Isolated SaaS Silos to Orchestrated Workflows

Instead of viewing Microsoft Teams, Zendesk, and DocuSign as separate systems, we built a platform architecture where communication, ticketing, document management, and digital signatures interlock.

Mattermost handles real-time communication. Project and location-based channels reflect the operational reality of the field service. But the real added value does not come from the chat itself, but from its integration into the processes.

Zammad maps the complete customer service workflow—including SLA tracking, escalation logic, and reporting. When a new order is created, it does not remain isolated in the ticket system. Automated interfaces create a dedicated communication channel for the deployment team and set up the associated project structure in the document system.

Nextcloud replaces SharePoint and OneDrive not only functionally but structurally. Documents are versioned, stored project-related, and editable via browser. Maintenance reports, deployment protocols, and contracts are no longer distributed across multiple platforms but within a consistent system.

With Docuseal, digital signatures are directly integrated into this workflow. A maintenance protocol is digitally signed in the field and automatically stored in the correct project folder—without media disruption, without external third-party providers, without data leakage outside Germany.

Authentik forms the identity and access layer across all applications. One login is enough. Access rights are defined based on roles and auditably documented. For employees, this means less friction. For auditors, it means traceable access control.

What was previously a patchwork of SaaS solutions is now an orchestrated platform.

Operation: Managed, but Under Own Sovereignty

A crucial difference from the previous situation lies in the operating model.

Previously, every adjustment meant coordination with the external IT service provider, waiting time, and additional costs. Today, the platform runs as a Managed Service on ayedo Managed Kubernetes.

Updates are controlled. Backups are automated. Monitoring and security patches are integral parts of the operation.

At the same time, the architecture remains open. All components used are open source and standards-based. Meridian has not fallen into another proprietary dependency—but has consciously chosen technological sovereignty.

The platform is documented, versioned, and auditable.

Meridian can demonstrate to customers at any time where data is stored and how it is processed.

Result: Compliance Secured, Costs Reduced, Control Regained

The immediate effect was the extension of the KRITIS framework contract.

Data sovereignty is no longer a claim in sales talks but technically verifiable.

At the same time, annual license and operating costs decreased by around 40%.

The linear dependency on user licenses and external price increases was eliminated.

More importantly, however, is the strategic impact: Meridian is no longer dependent on individual US providers. Workflows are adaptable, integrations freely designable, and a provider change would be technically possible without having to rethink the entire system.

Employees benefit from clear, integrated processes. Especially in the field service, the acceptance of digital workflows has noticeably increased because system changes and multiple logins are eliminated.

Why This Approach Works

Sovereignty does not arise from shutting down a US service. It arises from platform thinking.

Those who view collaboration, ticketing, and document management in isolation only replace logos. Those who integrate them create efficiency. Those who operate them on a controllable infrastructure gain strategic freedom of action.

This is exactly where the strength of our approach lies:

ayedo not only delivers Managed Kubernetes. We build the operational and integration logic that turns individual open-source components into a viable business platform.

Call to Action

If you work in regulated industries or serve KRITIS-related customers and notice that your current SaaS landscape is becoming a regulatory vulnerability, this is not an isolated case. It is a structural change.

We support companies in building their business tools to be sovereign, integrable, and future-proof—fully operated in German data centers, without operational self-effort.

Let’s talk before an audit or contract renewal forces you to do so.