Home About Me Solutions Projects Certifications Book a Meeting
Philipp Schmidt – M365 Solution Architect & Founder easym365

Philipp Schmidt

M365 Security Specialist
Zero Trust. Zero Drama. Zero Bullshit.

BOOK A MEETING View Freelancermap Profile Connect in LinkedIn WhatsApp Chat

Opens WhatsApp (Meta). WhatsApp Privacy Policy applies.

Certifications

Languages

DeutschNative
EnglishFluent
© 2026 Philipp Schmidt | easym365.de

Your Microsoft 365
Security Specialist

Secure Tenants. TISAX-ready. Compliant from Day 1.

Zero-Trust. Zero Drama. Zero Bullshit.

Day rate from 980 €/day  |  Remote & on-site
Microsoft Solutions Partner
Hornet Security Partner
AWS Certified

Over 50 projects. 10 Microsoft certifications. 21 years of experience — exclusively Microsoft infrastructure. I make your M365 tenant secure, compliant, and maintainable. For SMEs that don't leave IT security to chance.

21+
Years Experience
50+
M365 Projects
100%
TISAX Success Rate
⭐⭐⭐⭐⭐
Freelancermap Rating

Customer Reviews

Freelancermap Profile
Allgäu Batterie GmbH & Co.KG
IT Coordinator (Tobias Kinert)

"Philipp joined us as a subcontractor and first had to 'put out fires.' I found Philipp to be a competent and incredibly composed service provider. His main task was to bring Intune (iOS) up to standard. That worked out great. He also supported us in the M365 area and implemented several new Conditional Access policies."

Resilient Communicative Eager to Learn Level-headed Conditional Access iOS Implementation
HMNC Holding GmbH
Executive Assistant / HR & Office Manager (Katharina Schwabe)

"Under Mr. Schmidt's leadership, we transformed into a future-oriented cloud-first company. He successfully implemented MS 365 and introduced MFA with Yubikeys and Conditional Access. Through MDM, he ensured policy compliance for Windows 10/11 and iOS. He also deployed Atlassian products for our projects and documentation. His commitment and solution-oriented approach deserve special mention."

Cloud-First Compliance & Governance MFA Conditional Access
Christian Dörr Headhunting GmbH
Head of IT Infrastructure (Marcel Becker)

"Thank you, Philipp, for your outstanding support in implementing macOS with Microsoft Intune and hardening and risk mitigation of our IT environment. Your persistence with complex topics and your pragmatic approach made all the difference. I recommend everyone to run a project with you. Your expertise truly convinced me."

macOS Intune IT Hardening Risk Mitigation Pragmatic Expertise
Corsol GmbH
Managing Director (Andreas Brunner)

"Dear Mr. Schmidt, through your work as a Microsoft 365 Solution Architect and Consultant, you have significantly contributed to strategically improving and future-proofing our IT infrastructure. Your comprehensive approach to Security, Governance and Compliance deserves special recognition. I am happy to recommend you."

Strategic Future-proof Security Expert Compliance
Corsol GmbH
IT Administrator (Roman Wagner)

"Dear Mr. Schmidt, we sincerely thank you for your outstanding work as a Microsoft 365 Consultant. Your expertise and dedication have significantly improved our IT infrastructure. We were particularly impressed by your support with TISAX, ISO 27001, the security audit, and the implementation of MFA, MAM and Conditional Access. Your work has left a lasting positive impact on our company."

TISAX Expert ISO 27001 Security Audit MFA/MAM Conditional Access

Core Competencies

Zero Trust Security Architecture
Microsoft 365 Tenant Management
Modern Device Management
Compliance & Governance
Identity & Access Management
Solution Architecture

Industry Focus

Automotive Pharma Consulting Manufacturing IT Services Healthcare

📝 Latest Articles

Loading articles…
All articles on endlesstech.blog →

In 30 days, you'll know exactly where your tenant stands.

Nexus365 Scan or discovery call — you decide how we start.

Book a Meeting View Freelancermap Profile Connect on LinkedIn

Recent Achievements

Microsoft Cybersecurity Architect Expert

Latest certification for advanced security architectures

Microsoft 365 Administrator Expert

Expert-level certification for M365 administration and management

Global Intune Rollout

Successful implementation for international company

TISAX-compliant Implementation

Automotive client successfully certified

About Me

I'm Philipp Schmidt — Microsoft 365 Security Specialist with over 21 years focused exclusively on Microsoft infrastructure. My job: secure your M365 tenant, establish TISAX and NIS2 compliance, and automate device management. No generalist fluff, no half measures.

As an expert in Zero Trust Security architectures and Modern Workplace solutions, I bring a proven track record in tenant hardening, compliance certifications, and endpoint management across automotive, pharma, healthcare, and consulting.

What sets me apart: I'm not a generalist. I do exclusively Microsoft 365, security, and device management — and I do it right. Personal, direct, no overhead.

My Story

My IT career began over two decades ago with an apprenticeship as an IT Specialist for System Integration. Early on, I recognized the importance of security in IT infrastructure and continuously specialized in the latest Microsoft technologies.

The shift to the cloud and the growing complexity of cyber threats led me to specialize in Zero Trust Security architectures. Today, I help organizations navigate their digital transformation securely and efficiently.

My Philosophy

"Security is not a product, but a process." This conviction shapes my work approach. I believe in tailored solutions that are not only technically excellent but also practical and user-friendly in their implementation.

Every business is unique, and so should its IT solutions be. My approach is based on thorough analysis, strategic planning and phased implementation – always with a focus on maximum security with minimal complexity for end users.

  • LocationMunich, Germany
  • Email[email protected]
  • Phone0171/3502951
  • Websiteeasym365.de
  • Work StyleRemote & On-site
  • LanguagesGerman, English

My Values

Trust & Transparency
Security First
Innovation & Pragmatism
Collaborative Partnership
Continuous Learning

Microsoft Certifications

Cybersecurity Architect Expert
ID: 2EAJ29-50D81C · Valid until Sep 2026
M365 Administrator Expert
ID: EK2882-BD5E2B · Valid until Aug 2027
Endpoint Administrator Associate
ID: 1C5063-61A1AO · Valid until Aug 2026
Information Security Administrator Associate
ID: 92BC2C-A43E8C · Valid until Mar 2027
Identity & Access Administrator Associate
ID: AH6FB0-48FE14 · Valid until Aug 2027
M365 Fundamentals
ID: B91O5C-474C7C · Does not expire
Azure Fundamentals
ID: AF32BE-65D4E5 · Does not expire
Security, Compliance & Identity Fundamentals
ID: 49BEE3-1B3A74 · Does not expire
Power Platform Fundamentals
ID: 862409-FC9E4I · Does not expire

Verify all certifications on Microsoft Learn →

My Work Style

01

Analysis & Assessment

Comprehensive assessment of your current IT infrastructure, identification of security gaps and optimization potential.

02

Strategic Planning

Development of a tailored roadmap with clear milestones, timelines and budget framework for your digitalization.

03

Secure Implementation

Step-by-step implementation with continuous monitoring, training and support for a smooth transition.

What I Do

Zero Trust Security

Implementation of Zero Trust architectures, security audits and system hardening as well as compliance support for TISAX, NIS2 and ISO 27001. Development of security policies and incident response plans.

Solution Architecture

Design and implementation of scalable M365 and cybersecurity architectures. Strategic IT consulting, security-by-design and holistic solution concepts for sustainable digitalization.

Modern Workplace & Device Management

Microsoft 365 Tenant Management, Intune Device Management, Windows Autopilot and hybrid workplace implementation. Mobile Device Management for iOS, macOS and Android Enterprise. BYOD strategies and corporate device policies.

Identity & Access Management

Entra ID implementations with focus on MFA, Conditional Access Policies, Privileged Identity Management (PIM) and Identity Lifecycle Management. Building secure identity structures as the foundation of every Zero Trust strategy.

Microsoft Defender Suite

Implementation and configuration of the entire Defender product family: Defender for Endpoint, Defender for Office 365, Defender for Identity, Defender for Cloud Apps and Defender Vulnerability Management. Comprehensive protection across all attack vectors.

Professional Experience

2024 - Present

Freelance Microsoft 365 Solution Architect

Self-employed

Specializing in Zero Trust Security and Modern Workplace solutions for SMEs. Focus on TISAX compliance and NIS2 preparation.

2022 - 2024

Senior Microsoft 365 Consultant

Businessoft Consulting

Implementation of Zero Trust infrastructures and ITSM Service Desk solutions. Focus on pharmaceutical start-ups and enterprise customers.

2018 - 2022

Microsoft Senior Consultant

Enterprise Consulting

Design and implementation of Microsoft on-premise and cloud architectures. Leading migration projects and compliance initiatives for government agencies and private enterprises.

2010 - 2018

Senior IT Administrator

Various Companies

Building and managing IT infrastructures. Specialization in Microsoft technologies and network security.

2003 - 2010

IT Administrator & Support

Various Companies

First professional experience in IT support and system administration. Fundamentals in network technology and server management.

Services

Tailored Solutions for SMEs

Specialized in medium-sized enterprises with security focus and NIS2 compliance requirements

Our Solutions

Choose the solution that fits your challenges

Your Path to Success

1. Clarity About Your IT Situation

You receive: A complete overview of your IT landscape, concrete action recommendations and prioritization by risk & business impact.

2. Planning Reliability & Transparency

You receive: Clear roadmap with fixed milestones, transparent budget planning and realistic timelines - no surprises.

3. Secure Transformation Without Disruptions

You receive: Smooth implementation without productivity loss, trained employees and continuous support throughout the entire transition.

4. Optimization & Support

Continuous monitoring, performance optimization and long-term support for your Microsoft 365 environment.

Microsoft 365 Consulting

Complete tenant configuration, license optimization and strategic migration to Microsoft 365 with minimal downtime. From planning to implementation, I guide you through the entire transformation process.

Scope of Services:
  • Tenant setup and configuration
  • License management and optimization
  • Migration and rollout strategies
  • Hybrid cloud implementation
  • SharePoint Online architecture
  • Teams governance and policies
  • Exchange Online configuration
  • Power Platform Integration
Your Benefits:

Reduced IT costs, improved productivity, seamless collaboration and future-proof cloud infrastructure.

Zero Trust Security & Compliance

Implementation of Zero Trust architectures and compliance certifications for the highest security standards. Protection against modern cyber threats through multi-layered security concepts.

Scope of Services:
  • Zero Trust architecture design
  • Conditional Access Policies
  • TISAX and ISO 27001 support
  • NIS2 compliance consulting
  • Security audits and penetration tests
  • Incident response planning
  • Security Awareness Training
  • Vulnerability Management
Your Benefits:

Maximum protection against cyber threats, compliance conformity and risk minimization for your business.

Modern Device Management

Intune-based device management with automated deployment and comprehensive endpoint security. Central management of all company devices regardless of location and platform.

Scope of Services:
  • Microsoft Intune setup and configuration
  • Windows Autopilot deployment
  • iOS and Android Enterprise management
  • Endpoint security and compliance
  • Application management and deployment
  • BYOD strategies and policies
  • Remote wipe and device encryption
  • Conditional Access Integration
Your Benefits:

Central device management, automated provisioning and enhanced security for all endpoints.

Identity & Access Management

Secure identity management with Entra ID, SSO implementation and privileged access. Central management of user identities and access rights for maximum security.

Scope of Services:
  • Entra ID design and setup
  • Single Sign-On (SSO) Integration
  • Privileged Identity Management (PIM)
  • Multi-Factor Authentication (MFA)
  • Role-Based Access Control (RBAC)
  • Identity governance and lifecycle
  • External Identities Management
  • Password protection and policies
Your Benefits:

Secure identity management, simplified sign-in and granular access control.

Specialized Service Packages

Domain & Email Security Package

Comprehensive analysis of the Office 365 configuration with the goal of increasing the security score to at least 95%.

  • DMARC, SPF and DKIM configuration
  • Advanced Threat Protection Setup
  • Safe Attachments and Safe Links
  • Anti-phishing policies
  • Mail Flow Rules optimization

NIS2 Compliance Package

Preparation and implementation of all required measures for the NIS2 directive.

  • Gap analysis and compliance assessment
  • Incident response plan development
  • Risk Management Framework
  • Security monitoring and logging
  • Documentation and reporting

TISAX Certification

Specialized consulting for automotive companies to achieve TISAX certification.

  • VDA ISA catalog implementation
  • Information Security Assessment
  • Prototype protection measures
  • Data Protection Compliance
  • Audit preparation and guidance

Benefits for Your Clients

Time Savings Through Automation

Zero-touch deployments with Autopilot and Intune – devices are immediately ready to use, without any manual intervention or IT support.

Secure Access with Conditional Access

Maximum security and control at minimal cost – through intelligent access controls and optimal use of existing licenses.

Seamless Apple Rollout

macOS devices are deployed without local admins and without user interaction – ideal for Apple-first companies and modern teams.

Compliance by Design

Compliant IT from the start – no retrospective adjustments needed, less risk during audits and certifications.

Scalable Architecture

Microsoft 365 environments that grow with your business – from small teams to complex structures, flexible and future-proof.

My Target Audience

Small and Medium-sized Enterprises (SMEs)

With approximately one internal IT support person who need an experienced external consultant for Microsoft 365 and security topics.

Security-focused Companies

Organizations with elevated security requirements or regulatory obligations such as NIS2 compliance or TISAX certification.

Industry Specialization

Automotive, pharma, consulting, manufacturing, IT services and healthcare with specific compliance requirements.

My Approach

01

Collaborative Consulting

I act as your external IT consultant and complement your internal team with specialized Microsoft 365 expertise.

02

Practical Solutions

Focus on actionable, cost-effective solutions that fit your company size and requirements.

03

Security First

Security is at the forefront of all implementations without compromising user-friendliness.

Projects

Current Projects

02/2026 - Present
Healthcare

Entra ID & Tenant Security Hardening

Comprehensive overhaul of the identity and security architecture of a Microsoft 365 tenant in the healthcare sector. Focus on establishing a consistent Entra ID naming convention, redesigning access controls, and hardening all security-relevant components.

  • Introduction of an Entra ID naming concept with complete RBAC overhaul
  • Redesign and implementation of 39 Conditional Access policies
  • Implementation of Privileged Identity Management (PIM)
  • Hardening of MFA methods and restructuring of admin user management
  • Comprehensive overhaul of device management
  • General tenant security optimization
Customer Benefits
  • Consistent naming convention significantly reduces administrative overhead and error sources
  • 39 Conditional Access policies ensure granular access control for all scenarios
  • PIM eliminates standing admin privileges and minimizes the attack surface
  • Hardened MFA methods protect against phishing and credential theft attacks
  • Industry-specific compliance requirements in healthcare are verifiably met
08/2024 - Present
Automotive SME

Modern Workplace for SME with Focus on TISAX and Zero-Touch Deployment

Design and implementation of a modern workplace environment for a mid-market automotive company. Consideration of TISAX requirements, automated device management and cross-platform compliance.

  • Windows Autopilot for zero-touch deployment of new endpoints
  • TISAX-compliant compliance policies for Windows 11, iOS and Android
  • Rollout of COBE iPhones with central management and app control
  • BYOD strategy with strict separation of private and business data
  • Regular technical support and user consulting
Customer Benefits
  • TISAX compliance automatically ensured through preconfigured automotive standards
  • Zero-touch deployment reduces IT effort by up to 80% for new devices
  • Strict BYOD separation protects company data without privacy intrusion
  • Automotive-specific security for prototype protection and supplier data
  • Central device management for Windows, iOS and Android from one console
04/2024 - 04/2026
Multi-Country Company

Global Intune Rollout - Modern Workplace & TISAX/ISO 27001

Strategic planning and implementation of a global Intune infrastructure for international company locations with cross-country device management strategies, including TISAX and ISO 27001 certification support.

  • Design and rollout of a scalable modern workplace architecture
  • Implementation of Conditional Access policies and Autopilot deployment
  • Cross-platform device management (Windows, macOS, iOS)
  • Country-specific security baselines and compliance policies
  • TISAX certification: implementation of VDA ISA requirements for information security in the automotive industry
  • ISO 27001 certification: ISMS setup and implementation incl. risk management and documentation
Customer Benefits
  • Unified IT standards across all international locations
  • Local compliance conformity automatically per country and region
  • Scalable architecture grows with international expansion
  • Central management significantly reduces local IT resources
  • Cross-border security with unified access controls
  • TISAX and ISO 27001 certification as competitive advantage for clients and tenders
06/2024 - 01/2026
HR Consulting

Apple-based Modern Workplace with CIS-compliant Security Strategy

Support of an HR consulting firm with fully Apple-based infrastructure (macOS and iOS). Focus on implementing secure, standardized policies according to CIS Benchmark as well as continuous security monitoring, backup strategies and user support.

  • Introduction of Multi-Factor Authentication (MFA) and extension of Conditional Access policies
  • Implementation of CIS-compliant policy baselines for macOS and iOS
  • Regular monitoring of the Microsoft 365 tenant for security-relevant events
  • Implementation of technical security measures incl. advanced Microsoft Defender ATP
  • Setup and provisioning of backup solutions incl. email backup
  • Conducting user awareness training to improve IT security
  • Continuous user support and technical assistance
Customer Benefits
  • Seamless Apple integration without user disruption or local admin rights
  • CIS-compliant security standards for macOS and iOS with automatic policy enforcement
  • Zero-touch deployment for all Apple devices via Apple Business Manager
  • Unified security policies for macOS and iOS from a central console
  • Continuous compliance monitoring with automated security reports
04/2024 - 12/2024
Tech-Startup

Complete Tenant Setup for Tech Startup

Complete setup of an M365 tenant including MFA, Conditional Access and cross-platform device management (Windows, macOS, iOS) according to CIS guidelines. Configuration of Apple Business Manager (ABM) with Intune synchronization, Hornet Security (Backup, Archive, Awareness) and Shadow IT Discovery with Defender for Cloud Apps.

  • Complete M365 tenant setup with MFA and Conditional Access
  • Cross-platform device management according to CIS guidelines
  • Apple Business Manager configuration with Intune synchronization
  • Hornet Security integration (Backup, Archive, Awareness)
  • Shadow IT Discovery with Defender for Cloud Apps
Customer Benefits
  • Zero-touch setup for all device types reduces onboarding time by 90%
  • CIS-compliant security from day one without retrospective adjustments
  • Cross-platform management for Windows, macOS and iOS from one console
  • Automatic Shadow IT detection protects against unauthorized cloud services
  • Enterprise-grade backup and archiving optimized for startup budget
08/2024 - 02/2025
German Mid-Market

iOS Rollout & Conditional Access Implementation

iOS rollout and CA implementation in a German mid-market company with implementation of necessary iOS policies focusing on compliance and security.

  • Implementation of Microsoft Copilot with focus on compliance
  • iOS rollout and user support
  • Extension of Conditional Access policies
  • Compliance-compliant iOS device management strategies
Customer Benefits
  • Microsoft Copilot usable in a compliance-conformant manner without data privacy risks
  • Seamless iOS integration into existing Microsoft 365 environment
  • Enhanced security through intelligent access controls
  • User-friendly rollout with comprehensive training and support
  • German compliance standards automatically met
10/2024 - 11/2024
Mid-Market Company

Microsoft Defender Implementation with Advanced Threat Protection Strategies

Comprehensive implementation and configuration of Microsoft Defender for a mid-market company. Focus on implementing advanced threat detection and response strategies as well as integration into existing Intune infrastructure.

  • Configuration of Microsoft Defender for Endpoint policies and Attack Surface Reduction rules
  • Integration of Defender policies into the existing Intune device management system
  • Setup of comprehensive security monitoring and compliance oversight
  • Training IT administrators for independent threat hunting and incident management
  • Conducting security awareness training to improve IT security
Customer Benefits
  • 95% fewer successful malware attacks through advanced endpoint protection
  • Automatic threat detection with immediate device isolation
  • Central security overview of all endpoints from one console
  • Reduced downtime through proactive threat detection
  • Compliance conformity with current security standards
10/2022 - 02/2024
Modern Workplace Project

Strategic Introduction of a Cloud-based Infrastructure

Strategic planning and implementation of a Microsoft 365 environment in a hybrid identity landscape with focus on cloud-native device management, security standards and modern collaboration. Migration of classic file servers to SharePoint as well as introduction of Teams and SharePoint with compliance and governance structures.

  • Setup of a hybrid Azure AD tenant with cloud-native device management
  • Migration from file servers to SharePoint Online incl. permissions and compliance concept
  • Introduction of Microsoft Teams and SharePoint with governance structures
  • Rollout of Windows devices via Autopilot and Intune
  • Integration of iOS devices into ABM with supervision (fully managed)
  • Implementation of MFA and Conditional Access policies
  • Setup and provisioning of backup solutions incl. email backup
  • Implementation of advanced security measures (e.g. Microsoft Defender ATP)
  • Conducting user awareness training to strengthen IT security culture
  • Documentation of the environment and comprehensive user support
Customer Benefits
  • Complete cloud transformation without operational disruptions
  • Modern collaboration with Teams and SharePoint increases productivity
  • Automated security through MFA and Conditional Access
  • Scalable backup strategy protects all company data
  • Zero-touch device management for Windows and iOS reduces IT effort
11/2022 - 02/2024
Businessoft Consulting

Zero Trust Infrastructure & ITSM Solutions for Pharmaceutical Start-ups

Strategic implementation of modern security architectures and service desk solutions for various clients with focus on the requirements of growing companies in the pharmaceutical sector and HR consulting. Emphasis on Zero Trust, ISMS and automated device management.

  • Building a Zero Trust security structure incl. ISMS implementation
  • Implementation of multi-factor authentication through to passwordless sign-in
  • Mobile device management with Autopilot on Entra ID Joined basis
  • Integration of Microsoft Defender options and Azure Information Protection
  • Setup of an ITSM service desk for structured support processing

Additional References

IT Service Provider (SME)

Setup and configuration of an M365 tenant on hybrid basis with SSO integration, license consulting, Entra ID basic configuration and Intune setup.

Manufacturing Company (Mid-Market)

Security audit, iPhone AES rollout on COBE, integration of external clients with advanced security and "cloud first" strategy consulting.

Automotive Supplier (International)

Support for TISAX and ISO27001 certifications, Entra ID security audit, Intune setup and M365 backup with Veeam.

HR Services (SME)

Security audit, Conditional Access and MFA passwordless implementation, BSI security audit according to DIN SPEC 2707.

Certifications

Microsoft Expert Certifications

Microsoft Certified: Cybersecurity Architect Expert
Microsoft 365 Certified: Administrator Expert

Microsoft Associate Certifications

Microsoft 365 Certified: Endpoint Administrator Associate
Microsoft Certified: Identity and Access Administrator Associate

Microsoft Fundamentals Certifications

Microsoft Certified: Power Platform Fundamentals
Microsoft Certified: Security, Compliance, and Identity Fundamentals
Microsoft Certified: Azure Fundamentals

Additional Qualifications

AWS Certified Solution Architect - Associate
IT Specialist for System Integration (IHK)

Certification Overview

  • EducationIT Specialist for System Integration
  • Secondary EducationAdvanced Technical College Certificate
  • InternationalHigh School Diploma, USA
  • ITILITIL V3 Foundation
  • Project ManagementProject Manager Certification (IHK)
  • Experience21+ Years IT Expertise
Book a Meeting