Services for enterprise IT, security and AI
Independent consulting, architecture reviews and security assessments for companies, KRITIS operators and public authorities.
I support companies with the decisions that are hard to reverse later. The following services cover the most frequent mandates. Each begins with a free, no-obligation initial consultation where we clarify whether working together makes sense for you.
For management
Strategy, governance and architecture decisions that are hard to reverse. A neutral second opinion before major investments.
For CISOs and IT leads
Technical audit and hardening. Active Directory, Zero Trust, cyber resilience and migration architecture before the next audit.

AI strategy for enterprises
From the first idea to a robust AI architecture
Starting point
AI projects often start as pilots and fail on data protection, missing data foundations or unclear governance.
My approach
I classify your projects along the AI Act, NIS2 and GDPR, weigh local models against cloud services and define the data foundation for enterprise AI. On request I support piloting through to production.
What you receive
- Architecture concept for AI workloads
- Data flow and governance analysis
- Assessment of local models and data sovereignty
- Roadmap from pilot to production
For whom
Mid-sized companies and corporations introducing AI in a legally sound, vendor-independent way.

Security assessment and cyber resilience
Check the security posture and survive the worst case
Starting point
Before audits, after incidents or facing NIS2 and DORA deadlines, the clear view of the actual security posture is missing. And even well-protected companies often underestimate how long their operations stand still after a ransomware attack.
My approach
I examine your architecture for critical weaknesses and assess the hardening against current threats. Then I go one step further and clarify whether your company survives an attack. I look at immutable backups, separated recovery paths and realistic recovery times, so that after an incident it is clear how you become operational again in hours rather than weeks.
What you receive
- Structured findings with prioritisation
- Hardening recommendations for AD, cloud and endpoints
- Resilience check, including immutable backups and recovery
- Classification under NIS2, DORA and KRITIS
For whom
Companies and KRITIS operators before audits, after incidents or under regulatory pressure.

Active Directory and Entra ID
Secure identities, on-premises and in the cloud
Starting point
Grown Active Directory environments and their connection to Entra ID carry risks that only become visible during an incident.
My approach
I analyse your AD structures and the hybrid connection to Entra ID and Microsoft 365, assess permissions and attack paths and show the way to a resilient identity fabric. I support the hardening on request.
What you receive
- Analysis of AD and Entra ID combined
- Assessment of permissions and attack paths
- Concept for a hybrid identity fabric
- Hardening in the post-NTLM era
For whom
Companies with a hybrid Microsoft landscape and high protection needs.
Grown domain, group policies, file services
Cloud identities, conditional access, Microsoft 365

Microsoft 365 security
Secure the productive environment your business runs on
Starting point
Microsoft 365 grows fast, while the security configuration often lags behind what sensitive data and regulations require.
My approach
I review your Microsoft 365 configuration for weaknesses in identity, email and data access, assess compliance against GDPR and Schrems-II and develop a coherent security concept. I support the implementation on request.
What you receive
- Security review of the Microsoft 365 configuration
- Concept for identity, email and data access
- Compliance classification under GDPR and Schrems-II
- Support for implementation on request
For whom
Companies using Microsoft 365 productively and needing to protect sensitive data.

IT strategy and architecture review
An independent second opinion for the right direction
Starting point
Before major investments or architecture decisions, an independent assessment that does not depend on a vendor is often missing.
My approach
I review your planned or existing architecture, classify technology options along your requirements and provide a vendor-independent assessment for management and IT leadership. On request I support the implementation as a sparring partner.
What you receive
- Architecture review with written findings
- Technology classification and decision basis
- Strategy sparring with IT leadership and management
- Support beyond the decision
For whom
IT leadership and management before strategic decisions.
How working together works
Getting started is straightforward and without obligation for you.
Initial consultation
You describe your situation. In a free, non-binding conversation we clarify whether and how I can help.
Analysis and findings
I review architecture, risks or plans and deliver structured, prioritised findings.
Implementation on request
On request I support the technical implementation as a sparring partner or hands-on.
Considering a project?
Briefly describe your situation. The first conversation is free and non-binding.
